diff options
| author | Gordon Chung <chungg@ca.ibm.com> | 2013-02-14 19:55:00 -0500 |
|---|---|---|
| committer | Gordon Chung <chungg@ca.ibm.com> | 2013-03-04 19:32:22 -0500 |
| commit | e16742bdf2f1fa7386f2983b037a78fde4a576c3 (patch) | |
| tree | 16c35e0a36fa386aacbb36611f1e83839c3295a2 /tests/test_backend.py | |
| parent | 2505662bba813224ef72a2dcd3a3f1cd32215175 (diff) | |
| download | keystone-e16742bdf2f1fa7386f2983b037a78fde4a576c3.tar.gz keystone-e16742bdf2f1fa7386f2983b037a78fde4a576c3.tar.xz keystone-e16742bdf2f1fa7386f2983b037a78fde4a576c3.zip | |
residual grants after delete action (bug1125637)
remove all applicable grants when role is deleted
(sql/kvs solution only)
Fixes: bug #1125637
Change-Id: I3a958c6d56739e37a95f6c713fab154827e9ceca
Diffstat (limited to 'tests/test_backend.py')
| -rw-r--r-- | tests/test_backend.py | 33 |
1 files changed, 16 insertions, 17 deletions
diff --git a/tests/test_backend.py b/tests/test_backend.py index 029901eb..a1d88c16 100644 --- a/tests/test_backend.py +++ b/tests/test_backend.py @@ -1055,7 +1055,6 @@ class IdentityTests(object): self.assertIn(role_list[7], roles_ref) def test_delete_role_with_user_and_group_grants(self): - raise nose.exc.SkipTest('Blocked by bug 1097472') role1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} self.identity_api.create_role(role1['id'], role1) domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} @@ -1099,22 +1098,22 @@ class IdentityTests(object): domain_id=domain1['id']) self.assertEquals(len(roles_ref), 1) self.identity_api.delete_role(role1['id']) - self.assertRaises(exception.RoleNotFound, - self.identity_api.list_grants, - user_id=user1['id'], - project_id=project1['id']) - self.assertRaises(exception.RoleNotFound, - self.identity_api.list_grants, - group_id=group1['id'], - project_id=project1['id']) - self.assertRaises(exception.RoleNotFound, - self.identity_api.list_grants, - user_id=user1['id'], - domain_id=domain1['id']) - self.assertRaises(exception.RoleNotFound, - self.identity_api.list_grants, - group_id=group1['id'], - domain_id=domain1['id']) + roles_ref = self.identity_api.list_grants( + user_id=user1['id'], + project_id=project1['id']) + self.assertEquals(len(roles_ref), 0) + roles_ref = self.identity_api.list_grants( + group_id=group1['id'], + project_id=project1['id']) + self.assertEquals(len(roles_ref), 0) + roles_ref = self.identity_api.list_grants( + user_id=user1['id'], + domain_id=domain1['id']) + self.assertEquals(len(roles_ref), 0) + roles_ref = self.identity_api.list_grants( + group_id=group1['id'], + domain_id=domain1['id']) + self.assertEquals(len(roles_ref), 0) def test_delete_user_with_group_project_domain_links(self): role1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} |