3 files changed, 71 insertions, 2 deletions

diff --git a/tests/test_backend.py b/tests/test_backend.py
index 9e506928..e8042ab1 100644
--- a/tests/test_backend.py
+++ b/tests/test_backend.py
@@ -1553,6 +1553,25 @@ class IdentityTests(object):
                           'fake1',
                           user)
 
+    def test_update_project_invalid_enabled_type_string(self):
+            project = {'id': uuid.uuid4().hex,
+                       'name': uuid.uuid4().hex,
+                       'enabled': True,
+                       'domain_id': DEFAULT_DOMAIN_ID}
+            self.identity_man.create_project(EMPTY_CONTEXT,
+                                             project['id'],
+                                             project)
+            project_ref = self.identity_api.get_project(project['id'])
+            self.assertEqual(project_ref['enabled'], True)
+
+            # Strings are not valid boolean values
+            project['enabled'] = "false"
+            self.assertRaises(exception.ValidationError,
+                              self.identity_man.update_project,
+                              EMPTY_CONTEXT,
+                              project['id'],
+                              project)
+
     def test_create_project_invalid_enabled_type_string(self):
         project = {'id': uuid.uuid4().hex,
                    'name': uuid.uuid4().hex,
@@ -1773,11 +1792,22 @@ class IdentityTests(object):
         tenant_ref = self.identity_api.get_project('fake1')
         self.assertEqual(tenant_ref['enabled'], tenant['enabled'])
 
+        # If not present, enabled field should not be updated
+        del tenant['enabled']
+        self.identity_api.update_project('fake1', tenant)
+        tenant_ref = self.identity_api.get_project('fake1')
+        self.assertEqual(tenant_ref['enabled'], False)
+
         tenant['enabled'] = True
         self.identity_api.update_project('fake1', tenant)
         tenant_ref = self.identity_api.get_project('fake1')
         self.assertEqual(tenant_ref['enabled'], tenant['enabled'])
 
+        del tenant['enabled']
+        self.identity_api.update_project('fake1', tenant)
+        tenant_ref = self.identity_api.get_project('fake1')
+        self.assertEqual(tenant_ref['enabled'], True)
+
     def test_add_user_to_group(self):
         domain = self._get_domain_fixture()
         new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'],
diff --git a/tests/test_backend_ldap.py b/tests/test_backend_ldap.py
index 60b9f4ba..ecdc7465 100644
--- a/tests/test_backend_ldap.py
+++ b/tests/test_backend_ldap.py
@@ -113,7 +113,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
         tenant_ref = self.identity_api.get_project('fake1')
         self.assertEqual(tenant_ref['id'], 'fake1')
 
-        tenant['enabled'] = 'False'
+        tenant['enabled'] = False
         self.identity_api.update_project('fake1', tenant)
 
         self.identity_api.delete_project('fake1')
@@ -133,7 +133,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
                           'fake1',
                           tenant)
 
-        self.tenant_bar['enabled'] = 'False'
+        self.tenant_bar['enabled'] = False
         self.assertRaises(exception.ForbiddenAction,
                           self.identity_api.update_project,
                           self.tenant_bar['id'],
diff --git a/tests/test_content_types.py b/tests/test_content_types.py
index c3b804a7..fd99eae8 100644
--- a/tests/test_content_types.py
+++ b/tests/test_content_types.py
@@ -1059,3 +1059,42 @@ class XmlTestCase(RestfulTestCase, CoreApiTests):
         self.assertIsNotNone(r.result.get('tenant'))
         self.assertValidTenant(r.result['tenant'])
         self.assertEqual(r.result['tenant'].get('description'), "")
+
+    def test_create_project_invalid_enabled_type_string(self):
+        # Forbidden usage of string for 'enabled' field in JSON and XML
+        token = self.get_scoped_token()
+
+        r = self.admin_request(
+            method='POST',
+            path='/v2.0/tenants',
+            body={
+                'tenant': {
+                    'name': uuid.uuid4().hex,
+                    # In XML, only "true|false" are converted to boolean.
+                    'enabled': "False",
+                },
+            },
+            token=token,
+            expected_status=400)
+        self.assertValidErrorResponse(r)
+
+    def test_update_project_invalid_enabled_type_string(self):
+        # Forbidden usage of string for 'enabled' field in JSON and XML
+        token = self.get_scoped_token()
+
+        path = '/v2.0/tenants/%(tenant_id)s' % {
+               'tenant_id': self.tenant_bar['id'],
+        }
+
+        r = self.admin_request(
+            method='PUT',
+            path=path,
+            body={
+                'tenant': {
+                    # In XML, only "true|false" are converted to boolean.
+                    'enabled': "False",
+                },
+            },
+            token=token,
+            expected_status=400)
+        self.assertValidErrorResponse(r)