diff options
author | Adam Young <ayoung@redhat.com> | 2013-03-08 21:19:25 -0500 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2013-03-15 15:21:36 -0400 |
commit | eb4dd4afbffaa15be0af70a317da7034ae28dfd6 (patch) | |
tree | 89f3b2b71b34b3627fe1d7893ad51578032f5afd /tests/test_v3_auth.py | |
parent | a79a7c1ddb6c7e3f71cc9791b318bdefbc1abeb8 (diff) | |
download | keystone-eb4dd4afbffaa15be0af70a317da7034ae28dfd6.tar.gz keystone-eb4dd4afbffaa15be0af70a317da7034ae28dfd6.tar.xz keystone-eb4dd4afbffaa15be0af70a317da7034ae28dfd6.zip |
extracting user and trust ids into normalized fields
These fields are used for queries, and may need to be indexed
Also moves the delete token for... functions into the base class
for controllers.
Removed the token API revoke token call as that needed access to other
APIs. Logic was moved into the controller.
Bug 1152801
Change-Id: I59c360fe5aef905dfa30cb55ee54ff1fbe64dc58
Diffstat (limited to 'tests/test_v3_auth.py')
-rw-r--r-- | tests/test_v3_auth.py | 48 |
1 files changed, 44 insertions, 4 deletions
diff --git a/tests/test_v3_auth.py b/tests/test_v3_auth.py index f1fb1222..dea677c2 100644 --- a/tests/test_v3_auth.py +++ b/tests/test_v3_auth.py @@ -35,8 +35,8 @@ class TestAuthInfo(test_v3.RestfulTestCase): # building helper functions, they cause backend databases and fixtures # to be loaded unnecessarily. Separating out the helper functions from # this base class would improve efficiency (Bug #1134836) - def setUp(self): - super(TestAuthInfo, self).setUp(load_sample_data=False) + def setUp(self, load_sample_data=False): + super(TestAuthInfo, self).setUp(load_sample_data=load_sample_data) def test_missing_auth_methods(self): auth_data = {'identity': {}} @@ -815,9 +815,9 @@ class TestAuthXML(TestAuthJSON): content_type = 'xml' -class TestTrustAuth(test_v3.RestfulTestCase): +class TestTrustAuth(TestAuthInfo): def setUp(self): - super(TestTrustAuth, self).setUp() + super(TestTrustAuth, self).setUp(load_sample_data=True) # create a trustee to delegate stuff to self.trustee_user_id = uuid.uuid4().hex @@ -1065,3 +1065,43 @@ class TestTrustAuth(test_v3.RestfulTestCase): self.user_id, expected_status=200) trusts = r.body['trusts'] self.assertEqual(len(trusts), 0) + + def test_change_password_invalidates_trust_tokens(self): + ref = self.new_trust_ref( + trustor_user_id=self.user_id, + trustee_user_id=self.trustee_user_id, + project_id=self.project_id, + impersonation=True, + expires=dict(minutes=1), + role_ids=[self.role_id]) + del ref['id'] + + r = self.post('/trusts', body={'trust': ref}) + trust = self.assertValidTrustResponse(r) + + auth_data = self.build_authentication_request( + user_id=self.trustee_user['id'], + password=self.trustee_user['password'], + trust_id=trust['id']) + r = self.post('/auth/tokens', body=auth_data) + + self.assertValidProjectTrustScopedTokenResponse(r, self.user) + trust_token = r.getheader('X-Subject-Token') + + self.get('/trusts?trustor_user_id=%s' % + self.user_id, expected_status=200, + token=trust_token) + + auth_data = self.build_authentication_request( + user_id=self.trustee_user['id'], + password=self.trustee_user['password']) + + self.assertValidUserResponse( + self.patch('/users/%s' % self.trustee_user['id'], + body={'user': {'password': uuid.uuid4().hex}}, + auth=auth_data, + expected_status=200)) + + self.get('/trusts?trustor_user_id=%s' % + self.user_id, expected_status=401, + token=trust_token) |