diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-05-30 05:05:48 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-05-30 05:05:48 +0000 |
commit | 6d33805d0fe7fd7bd75765ee4167eb64fbdd324b (patch) | |
tree | 109952b6569d4aa3e7db02af3eb60f7de2516713 /tests/test_content_types.py | |
parent | d67e31b70ca648c8ca0a3cb76f421b3be257d4c5 (diff) | |
parent | 3c3f5dc8973a28fcded50bdb65b7cd77cd772cc6 (diff) | |
download | keystone-6d33805d0fe7fd7bd75765ee4167eb64fbdd324b.tar.gz keystone-6d33805d0fe7fd7bd75765ee4167eb64fbdd324b.tar.xz keystone-6d33805d0fe7fd7bd75765ee4167eb64fbdd324b.zip |
Merge "Move auth_token middleware from admin user to an RBAC policy"
Diffstat (limited to 'tests/test_content_types.py')
-rw-r--r-- | tests/test_content_types.py | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/tests/test_content_types.py b/tests/test_content_types.py index 95a78ab0..e5bdc56a 100644 --- a/tests/test_content_types.py +++ b/tests/test_content_types.py @@ -214,8 +214,10 @@ class RestfulTestCase(test.TestCase): def admin_request(self, **kwargs): return self._request(app=self.admin_app, **kwargs) - def get_scoped_token(self): + def get_scoped_token(self, tenant_id=None): """Convenience method so that we can test authenticated requests.""" + if not tenant_id: + tenant_id = self.tenant_bar['id'] r = self.public_request( method='POST', path='/v2.0/tokens', @@ -225,7 +227,7 @@ class RestfulTestCase(test.TestCase): 'username': self.user_foo['name'], 'password': self.user_foo['password'], }, - 'tenantId': self.tenant_bar['id'], + 'tenantId': tenant_id, }, }) return self._get_token_id(r) @@ -387,6 +389,18 @@ class CoreApiTests(object): token=token) self.assertValidAuthenticationResponse(r) + def test_validate_token_service_role(self): + self.metadata_foobar = self.identity_api.update_metadata( + self.user_foo['id'], + self.tenant_service['id'], + dict(roles=[self.role_service['id']])) + + token = self.get_scoped_token(tenant_id='service') + r = self.admin_request( + path='/v2.0/tokens/%s' % token, + token=token) + self.assertValidAuthenticationResponse(r) + def test_validate_token_belongs_to(self): token = self.get_scoped_token() path = ('/v2.0/tokens/%s?belongsTo=%s' % (token, |