summaryrefslogtreecommitdiffstats
path: root/tests/test_content_types.py
Commit message (Collapse)AuthorAgeFilesLines
* Scipped tests don't render as ERROR'sVictor Sergeyev2013-07-261-2/+1
| | | | | | | | | Replaced `raise nose.exc.SkipTest()` statement to self.skipTest(). Removed unused nose.exc imports. Fixes bug 1172794 Change-Id: Ieb353864acadef43508d185156c7fa1667baa845
* Register ExtensionsAdam Young2013-07-121-21/+27
| | | | | | | | | | Extensions register themselves with keystone/common/extension.py as either public, admin, or both, and they show up in the extensions collection on http://<hostname>:<port>/v2.0/extensions/ Bug 1177531 Change-Id: Ic0b5c84e28342e96c3197c1b46f8b1656e2d7050
* Rationalize how we get roles after authentication in the controllersHenry Nash2013-07-101-6/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently there is a mixture of strategies in the v2 and v3 controllers for how to get the roles assigned for the scope of the requested authentication. This duplicates code, is hard to maintain and in at least once case (where your only roles on a project are due to a group membership) is not actually correct (for v2 tokens). This change does the following: - Standardizes on using the 'get_roles_for_user_and_project()', and its domain equivalent, for how roles are obtained to build a token. This was already the case for v3 tokens. The controllers no longer need to get metadata and extract the roles. - Removes the driver level function to 'authorize_for_project' - this is now handled wihin the controller. The driver simply supports the user authentication. A nice (and planned for) sideffect of the above is that we now hide the schema of how we store roles within the driver layer - i.e. nothing outside of the driver (other than any specific-to-implementation tests) have to know about how roles are stored in the metadata. This paves the way for a re-implementation of the grant tables in IceHouse. This change also fills in missing function definitons in the assignment driver. Implements bp authenticate-role-rationalization Change-Id: I75fc7f5f728649d40ab1c696b33bbcd88ea6edee
* Isolate eventlet code into environment.Jamie Lennox2013-06-181-1/+2
| | | | | | | | | | | | | | | | | | The environment module will be configured once, during code initialization. Subsequently all other possibly-evented modules will retrieve from environment and transparently obtain either the eventlet or standard library modules. If eventlet, httplib, subprocess or other environment dependant module is referenced outside of the environment module it should be considered a bug. The changes to tests are required to ensure that test is imported first to setup the environment. Hopefully these can all be replaced with an __init__.py in a post-nose keystone. Implements: blueprint extract-eventlet Change-Id: Icacd6f2ee0906ac5d303777c1f87a184f38283bf
* Http 400 when project enabled is not a booleanWu Wenxiang2013-06-161-0/+39
| | | | | | | | | | | | | | | | | | | | | | Having enabled="true" in json data when updating tenant will produce 500 When updating a project, no type check was performed on the enabled attribute. Therefore, if enabled value in JSON/XML is not a boolean but a string, keystone responds with an incorrect Http 500 error code and the stacktrace. The change introduces a type validation of the enabled attribute at identity manager. If the type is not a boolean, keystone now returns an appropriate Http 400 error code with a message pointing a bad format for the attribute. Test cases have been added to file test_backend and test_content_types for testing the case when enabled attribute is a string or int when updating project. Fixes bug #1191384 Change-Id: I86dd7e71d4bac1e3fd6fcabaa1a2136a47722e5f
* Add checks to test if enabled is boolgalstrom212013-06-121-1/+1
| | | | | | fixes: bug #1167593 Change-Id: Ie18fa17f16383f31d8aa083e69fa501d80eb4553
* Maintain tokens after role assignments (bug 1170186)Dolph Mathews2013-06-031-12/+24
| | | | Change-Id: Iacd2d9e09be4ab3d6a3c5acf4074e4af7e300602
* Merge "Move auth_token middleware from admin user to an RBAC policy"Jenkins2013-05-301-2/+16
|\
| * Move auth_token middleware from admin user to an RBAC policyJoe Gordon2013-05-161-2/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this patch auth_token middleware required admin user credentials stored in assorted config files. With this patch only non-admin user credentials are needed. The revocation_list and validate_token commands use an policy.json rule, to only allow these commands if you are in have the service role. Rule used: "service_role": [["role:service"]], "service_or_admin": [["rule:admin_required"], ["rule:service_role"]], Added the policy wrapper on the validate functions. Fixes bug 1153789 Change-Id: I43986e26b16aa5213ad2536a0d07d942bf3dbbbb
* | Cleanup docstrings (flake8 H401, H402, H403, H404)Dolph Mathews2013-05-241-6/+2
| | | | | | | | | | | | | | | | | | - docstring should not start with a space (flake8 H401) - one line docstring needs punctuation (flake8 H402) - multi line docstring end on new line (flake8 H403) - multi line docstring should start with a summary (flake8 H404) Change-Id: I69b414395930bda739aa01b785ac619fa8bb7d9b
* | Use webtest for v2 and v3 API testing.Jamie Lennox2013-05-221-135/+116
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The intention is to remain as close as possible to the original implementation and so leaves a number of easy cleanups and optimisations until a later patch. In writing tests their are a number of changes for API tests that are a result of webob/webtest restrictions: * response.body is now the string body and response.result is the parsed dictionary. * response.status is now a string eg. '200 OK', use response.status_code to get the integer * response.getheader no longer exists. response.headers is a dictionary like object that can be accessed (case independently) with [] or .get() Working towards: blueprint extract-eventlet Change-Id: I393b4bad2fd6eacc0b8ae98fc204d1323014b5e4
* | Add assertNotEmpty to tests and use it.Jamie Lennox2013-05-211-22/+22
| | | | | | | | | | | | | | | | Extract the use of assertTrue(len(...)) into a method. The docs for assertTrue say that it equates to bool(expr) is True and so the format is correct however it reads inconsistently. Change-Id: I75acf75f6eaac9b7f92fd452cc60ab0cfd447c7f
* | Http 400 when user enabled is not a booleanBruno Semperlotti2013-05-161-0/+102
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When creating or updating a user, no type check was performed on the enabled attribute. Therefore, if enabled value in JSON/XML is not a boolean buta string or an int, keystone responds with an incorrect Http 500 error code and the stacktrace. The change introduces a type validation of the enabled attribute at backend and api layer. If the type is not a boolean, keystone now returns an appropriate Http 400 error code with a message pointing a bad format for the attribute. Test cases have been added to file test_backend and test_content_types for testing the case when enabled attribute is a string or int when creating or updating user. The same correction can be done for create/update projects, domains. Change-Id: I7d2fe3acf0c4dbd3ce5bdf9f4d059df085853b84 Fixes: bug #1110435
* | Fix pyflakes and pep8 in prep for flake8.Monty Taylor2013-05-131-2/+2
|/ | | | Change-Id: Ifc8c876760f8402fc3293326972b9286fb1635c9
* Set empty element to ""gengjh2013-04-131-0/+50
| | | | | | | | | When serializer xml formatter response need set empty element to "" to align with JSON formatter. Fix bug 1168317 Change-Id: I4985791095f43eac88fe42ec16f6a78bbf77ec07
* Fix test coverage for v2 scoped auth xml response (bug 1160504)Dolph Mathews2013-03-271-9/+27
| | | | Change-Id: Ida82b8e607ba940efdad9e764d26408d3aaae7a8
* xml_body returns backtrace on XMLSyntaxErrorDavid Höppner2013-03-141-0/+18
| | | | | | | | Protected against XMLSyntaxError that can occur in from_xml. Return a validation error (400) instead of an internal server error (500). Change-Id: Ic5160f4f6c810e96b74dbf9563547ac739a54c5e Fixes: bug #1101043
* Revert "from tests import"Adam Young2013-03-111-1/+1
| | | | | | This reverts commit d8599dcda06514a9687af3f714e55ff7580af9db. Change-Id: Iddb881070a91b9761a567a7d3b6d906e228af9f6
* from tests importAdam Young2013-03-081-1/+1
| | | | | | | | | Makes the resolution of local imports work when running individual tests. Bug 1152326 Change-Id: I72f54bdbb60a6d7acf32bdbdc02d7bce69add84e
* return 201 Created on POST request (bug1131119)Gordon Chung2013-03-071-2/+0
| | | | | | | correct status code from 200 Ok to 201 Created for v3 POST requests. Fixes: bug #1131119 Change-Id: Iabeb6daf677e0f34defdef5e58d87229fc90346f
* TrustsAdam Young2013-03-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Blueprint trusts creates a trust. Using a trust, one user (the trustee), can then create tokens with a subset of another user's (the trustor) roles and projects. If the impersonate flag in the trust is set, the token user_id is set to the trustor's user ID If the impersonate flag is not set, the token's user_is is set to the trustee's user ID check that both trustor and trustee are enabled prior to creating the trust token. sql and kvs backends sql upgrade scripts unit tests for backends, auth and v3 api modifications to the trust controller for creating tokens Authenticates that only user can be trustor in create Deleting a trust invalidates all tokens created from that trust Adds the trust id and the id of the trustee to the header of the token policy rules for trust This version has a workaround for testing against the KVS version of the Service catalog Change-Id: I5745f4d9a4180b59671a143a55ed87019e98ec76
* bug 1131840: fix auth and token data for XML translationGuang Yee2013-02-261-10/+13
| | | | Change-Id: I4408b3e6e0752ca75bc36399f5148890820e9a89
* v3 token APIGuang Yee2013-02-201-4/+6
| | | | | | | | | | | | | | Also implemented the following: blueprint pluggable-identity-authentication-handlers blueprint stop-ids-in-uris blueprint multi-factor-authn (just the plumbing) What's missing? * domain scoping (will be implemented by Henry?) Change-Id: I191c0b2cb3367b2a5f8a2dc674c284bb13ea97e3
* add missing kvs functionality (bug1119770)Gordon Chung2013-02-141-1/+1
| | | | | | | | | | | add list_projects mod list_groups, list_domains, get_project_users to match sql response not adding list_user_projects fix list_projects to return refs drop get_projects and get_all_projects Change-Id: Ifa1433918b8770cd7d59f36f71f2e6b935625ae5
* Fix spelling mistakesJoe Gordon2013-02-121-2/+2
| | | | | | | git ls-files | misspellings -f - Source: https://github.com/lyda/misspell-check Change-Id: Icbd2412aa65bc8135e5dcd83ee69e94f5a42f7a2
* return 400 Bad Request if invalid params supplied (bug1061738)Gordon Chung2013-02-071-0/+21
| | | | | | return a 400 Bad Request if there are invalid arguments params supplied Change-Id: I82da8a6db4a2847c8407cd0917b2d71ac9f9ba7a
* Test for content-type appropriate 404 (bug 1089987)Dolph Mathews2012-12-141-0/+12
| | | | Change-Id: Idfba75f90e38de315ec50e660932beb8243f76f8
* Ensure serviceCatalog is list when empty, not dictBrian Waldon2012-12-061-2/+17
| | | | | | Fixes bug 1087405. Change-Id: I152c7f418a66ccfe541e26efe75b59bffa6c3849
* HACKING compliance: consistent use of 'except'Dolph Mathews2012-11-051-4/+0
| | | | Change-Id: I8301043965e08ffdec63441e612628d9a60876b7
* Adding handling for get user/tenant by namegalstrom212012-10-231-0/+18
| | | | | | | | | | | * /v2.0/tenants?name=<tenant_name> * /v2.0/user?name=<user_name> * added get_tenant_by_name() to tests/test_content_types.py * added get_user_by_name() to tests/test_content_types.py bug 1055763 Change-Id: Id30dc853db12e155238fbb39cef6a081284cb86c
* Implement token endpoint list (bug 1006777)Dolph Mathews2012-09-061-5/+19
| | | | Change-Id: Ia7dad06ec763994ce0beb171c481ab01c20af6cb
* Removed/fixed unused variable referencesDolph Mathews2012-08-301-1/+1
| | | | Change-Id: Ifed4fc2158e9eb003561620504d2d35e07cdd3bd
* Fix auth_token middleware to fetch revocation list as admin.Adam Young2012-08-231-2/+25
| | | | | | | | | | | | Make the revocation list into a JSON document and get the Vary header. This will also allow the revocation list to carry additional information in the future, to include sufficient information for the calling application to figure out how to get the certificates it requires. Bug 1038309 Change-Id: I4a41cbd8a7352e5b5f951027d6f2063b169bce89
* Fixing pep8 errors in tests/*pyDerek Higgins2012-07-091-21/+37
| | | | | | | | | | | Fixes bug 1022575 Making change to tests/*py to pass pep8 tests. pep8 tests started failing following 39b20acc933cb0fdf73075ddb9a9d82665b84b23 update pep8 to 1.3.3 04df79b64e5f2296df03579700535774e158f623 include tests dir in pep8 tests Change-Id: I2d7dec0a87f1ae9b5f828d7f321b65bf8c06a421
* Keystone should use openstack.common.jsonutilsZhongyue Luo2012-06-281-4/+4
| | | | | | | | | | | Implements blueprint use-common-jsonutils 1. Edit openstack-common.conf and import keystone/openstack/common/jsonutils.py 2. Remove json package imports and replace with jsonutils Client code in vendor/ hasn't been changed Change-Id: I57c670fde9f2c2241eddab1b012e8d5e6a72deb7
* Pass serviceCatalog in auth_token middlewareAnthony Young2012-06-191-0/+7
| | | | | | | * This will allow for chained requests (novaclient -> nova -> cinder) * Fixes bug 1010237 Change-Id: Iab126cb1f2fb01ca7da24fa9fe97ec81ee96e455
* Require authz for user role list (bug 1006815)Dolph Mathews2012-06-031-0/+11
| | | | Change-Id: I65f25dcca3e265f44746930917434b45e64de15e
* Require authz for service CRUD (bug 1006822)Dolph Mathews2012-06-031-0/+33
| | | | Change-Id: Ia90f0aa2b856b9a9874d4865fb92ee913e8125c5
* Spring cleaning, fix PEP8 violations.Chmouel Boudjnah2012-03-201-3/+3
| | | | Change-Id: Ide832cd64c9b285213e23901eaf81946d504e726
* Changing belongsTo validation back to IDMichael Basnight2012-03-201-1/+1
| | | | | | * Fixes lp#960218 Change-Id: I6296413c211da92a4d0e07a544ca812d3544cb73
* Added license header (bug 929663)Dolph Mathews2012-03-091-0/+14
| | | | Change-Id: Ia36a22f2d6bba411e4fad81ea2d6fa1f0465a733
* rename belongs_to to belongsTo as per the API spec.Michael Basnight2012-03-081-1/+1
| | | | | | fixes lp#949554 Change-Id: Ia24dda7e9aa8e075861029dd5edeafd01c9d89c2
* fixes lp#949648 change belongsTo validate to nameMichael Basnight2012-03-071-1/+1
| | | | Change-Id: I3d36290ad95a0440c006e2daff5b831be62957ae
* fixes bug lp#948439 belongs_to and serviceCatalog behaviorMichael Basnight2012-03-071-3/+19
| | | | | | | | * removing belongs_to as a kwarg and getting from the context * adding a serviceCatalog for belongs_to calls to tokens * adding test to validate belongs_to behavior in tokens Change-Id: If6f6a7007a6830c57a5ac71aef0090e57a064232
* GET /v2.0 (bug 930321)Dolph Mathews2012-02-281-35/+49
| | | | Change-Id: Ide2a6073a0a54e017d1fcb8d9065ec6f348e07cd
* Add Vary header (bug 928057)Dolph Mathews2012-02-271-1/+8
| | | | Change-Id: I0db0d64725824fb27cb1f9418203d962f82b00ab
* Merge "Add HEAD /tokens/{token_id} (bug 933587)"Jenkins2012-02-271-3/+2
|\
| * Add HEAD /tokens/{token_id} (bug 933587)Dolph Mathews2012-02-271-3/+2
| | | | | | | | | | | | | | Also addresses bug 928045 by returning 204 No Content for null content bodies. Change-Id: Icd4b8b5f6c29c074cb014c301fe86cd917f6663e
* | Implements extension discovery (bug 928054)Dolph Mathews2012-02-271-4/+77
|/ | | | | | | | Public & admin specific variations of: - GET /extensions - GET /extensions/{extension_alias} Change-Id: I9f8424667f1a8a10d2a7301d42d60800ba207f3e
* XML de/serialization (bug 928058)Dolph Mathews2012-02-271-0/+578
Middleware rewrites incoming XML requests as JSON, and outgoing JSON as XML, per Accept and Content-Type headers. Tests assert that core API methods support WADL/XSD specs, and cover JSON content as well. Change-Id: I6897971dd745766cbc472fd6e5346b1b34d933b0
generated by cgit (git 2.34.1) at 2024-06-28 03:10:02 +0000