diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-08-15 20:45:50 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-08-15 20:45:50 +0000 |
commit | 1b4f0a5ec848af94e322a8f55deb52223c94b62a (patch) | |
tree | b7ba6edd958027060980f3c05a79eda01bc43bdd /keystone/tests/test_keystoneclient.py | |
parent | 116897786dbb8473154ec85a01b019af8106a1f4 (diff) | |
parent | 74f788aa9da0dabf54bd1f4718f9c0e0b9726757 (diff) | |
download | keystone-1b4f0a5ec848af94e322a8f55deb52223c94b62a.tar.gz keystone-1b4f0a5ec848af94e322a8f55deb52223c94b62a.tar.xz keystone-1b4f0a5ec848af94e322a8f55deb52223c94b62a.zip |
Merge "Revoke user tokens when disabling/delete a project"
Diffstat (limited to 'keystone/tests/test_keystoneclient.py')
-rw-r--r-- | keystone/tests/test_keystoneclient.py | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/keystone/tests/test_keystoneclient.py b/keystone/tests/test_keystoneclient.py index 7e59885d..0c323ddd 100644 --- a/keystone/tests/test_keystoneclient.py +++ b/keystone/tests/test_keystoneclient.py @@ -378,6 +378,46 @@ class KeystoneClientTests(object): client.tokens.authenticate, token=token_id) + def test_disable_tenant_invalidates_token(self): + from keystoneclient import exceptions as client_exceptions + + admin_client = self.get_client(admin=True) + foo_client = self.get_client(self.user_foo) + tenant_bar = admin_client.tenants.get(self.tenant_bar['id']) + + # Disable the tenant. + tenant_bar.update(enabled=False) + + # Test that the token has been removed. + self.assertRaises(client_exceptions.Unauthorized, + foo_client.tokens.authenticate, + token=foo_client.auth_token) + + # Test that the user access has been disabled. + self.assertRaises(client_exceptions.Unauthorized, + self.get_client, + self.user_foo) + + def test_delete_tenant_invalidates_token(self): + from keystoneclient import exceptions as client_exceptions + + admin_client = self.get_client(admin=True) + foo_client = self.get_client(self.user_foo) + tenant_bar = admin_client.tenants.get(self.tenant_bar['id']) + + # Delete the tenant. + tenant_bar.delete() + + # Test that the token has been removed. + self.assertRaises(client_exceptions.Unauthorized, + foo_client.tokens.authenticate, + token=foo_client.auth_token) + + # Test that the user access has been disabled. + self.assertRaises(client_exceptions.Unauthorized, + self.get_client, + self.user_foo) + def test_disable_user_invalidates_token(self): from keystoneclient import exceptions as client_exceptions @@ -1165,6 +1205,12 @@ class KcEssex3TestCase(CompatTestCase, KeystoneClientTests): def test_policy_crud(self): self.skipTest('N/A due to lack of endpoint CRUD') + def test_disable_tenant_invalidates_token(self): + self.skipTest('N/A') + + def test_delete_tenant_invalidates_token(self): + self.skipTest('N/A') + class Kc11TestCase(CompatTestCase, KeystoneClientTests): def get_checkout(self): |