diff options
| author | termie <github@anarkystic.com> | 2012-03-01 11:27:06 -0800 |
|---|---|---|
| committer | Adam Young <ayoung@redhat.com> | 2012-03-01 15:39:22 -0500 |
| commit | dd35d2afbfc7bcd41cd5c68b440f5c502d32d656 (patch) | |
| tree | 94e88a260e57bcc1d52cd559083b48cfa8a7edd7 /keystone | |
| parent | f8ba5af130b7ec2d2ec8c0abcadbc27275467ab8 (diff) | |
| download | keystone-dd35d2afbfc7bcd41cd5c68b440f5c502d32d656.tar.gz keystone-dd35d2afbfc7bcd41cd5c68b440f5c502d32d656.tar.xz keystone-dd35d2afbfc7bcd41cd5c68b440f5c502d32d656.zip | |
standardize ldap and related tests
ldap was accidentally supplying some of its own values rather than using
the built-in fixtures, so it was providing the incorrect interface for a
couple calls.
also adds a test for get_user_by_name (skipped for ldap) and
standardizes the kvs and ldap authenticate calls
fix user authentication live ldap tests
Change-Id: If1ccce1fd9c84622bb89344bc5d5c59b059d03ae
Diffstat (limited to 'keystone')
| -rw-r--r-- | keystone/identity/backends/kvs.py | 4 | ||||
| -rw-r--r-- | keystone/identity/backends/ldap/core.py | 18 | ||||
| -rw-r--r-- | keystone/identity/backends/sql.py | 2 |
3 files changed, 7 insertions, 17 deletions
diff --git a/keystone/identity/backends/kvs.py b/keystone/identity/backends/kvs.py index 35ac476d..1e1c6ad6 100644 --- a/keystone/identity/backends/kvs.py +++ b/keystone/identity/backends/kvs.py @@ -49,7 +49,9 @@ class Identity(kvs.Base, identity.Driver): if (not user_ref or not utils.check_password(password, user_ref.get('password'))): raise AssertionError('Invalid user / password') - if tenant_id and tenant_id not in user_ref['tenants']: + + tenants = self.get_tenants_for_user(user_id) + if tenant_id and tenant_id not in tenants: raise AssertionError('Invalid tenant') tenant_ref = self.get_tenant(tenant_id) diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py index 409a384a..3138720f 100644 --- a/keystone/identity/backends/ldap/core.py +++ b/keystone/identity/backends/ldap/core.py @@ -74,17 +74,11 @@ class Identity(identity.Driver): except Exception: raise AssertionError('Invalid user / password') - if tenant_id: - found = False - for tenant in user_ref['tenants']: - if tenant == tenant_id: - found = True - break + tenants = self.get_tenants_for_user(user_id) + if tenant_id and tenant_id not in tenants: + raise AssertionError('Invalid tenant') - if not found: - raise AssertionError('Invalid tenant') - - tenant_ref = self.tenant.get(tenant_id) + tenant_ref = self.get_tenant(tenant_id) metadata_ref = {} # TODO(termie): this should probably be made into a get roles call #if tenant_ref: @@ -103,10 +97,6 @@ class Identity(identity.Driver): user_ref = self.user.get(user_id) if not user_ref: return None - tenants = self.tenant.get_user_tenants(user_id) - user_ref['tenants'] = [] - for tenant in tenants: - user_ref['tenants'].append(tenant['id']) return user_ref def get_user(self, user_id): diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py index adc33b12..cf1f70e2 100644 --- a/keystone/identity/backends/sql.py +++ b/keystone/identity/backends/sql.py @@ -128,8 +128,6 @@ class Identity(sql.Base, identity.Driver): """ user_ref = self._get_user(user_id) - tenant_ref = None - metadata_ref = None if (not user_ref or not utils.check_password(password, user_ref.get('password'))): raise AssertionError('Invalid user / password') |