From 29a87a82d9a7aba74117ef82ec44ce752fed0bbd Mon Sep 17 00:00:00 2001 From: Yogeshwar Srikrishnan Date: Tue, 18 Oct 2011 13:56:27 -0500 Subject: Adding calls to get roles for user as per new format.Cleaning references to old code. Change-Id: I996ce187fd5319591ac9e49ac398d525c038da99 --- keystone/backends/api.py | 4 +- keystone/backends/ldap/api/role.py | 22 ++- keystone/backends/sqlalchemy/api/role.py | 38 +++-- keystone/content/admin/OS-KSADM-admin.wadl | 52 ------ .../extensions/admin/osksadm/extension_handler.py | 8 +- keystone/controllers/roles.py | 9 +- keystone/logic/service.py | 78 +++------ keystone/logic/types/role.py | 177 +-------------------- keystone/routers/admin.py | 8 + keystone/test/functional/common.py | 18 +-- keystone/test/functional/test_roles.py | 24 +-- 11 files changed, 103 insertions(+), 335 deletions(-) diff --git a/keystone/backends/api.py b/keystone/backends/api.py index 96254aff..7f48cc20 100755 --- a/keystone/backends/api.py +++ b/keystone/backends/api.py @@ -166,7 +166,7 @@ class BaseRoleAPI(object): def get_page(self, marker, limit): raise NotImplementedError - def ref_get_page(self, marker, limit, user_id): + def ref_get_page(self, marker, limit, user_id, tenant_id): raise NotImplementedError def ref_get_all_global_roles(self, user_id): @@ -187,7 +187,7 @@ class BaseRoleAPI(object): def get_page_markers(self, marker, limit): raise NotImplementedError - def ref_get_page_markers(self, user_id, marker, limit): + def ref_get_page_markers(self, user_id, tenant_id, marker, limit): raise NotImplementedError def ref_get_by_user(self, user_id, role_id, tenant_id): diff --git a/keystone/backends/ldap/api/role.py b/keystone/backends/ldap/api/role.py index d2cd7463..9f45d376 100644 --- a/keystone/backends/ldap/api/role.py +++ b/keystone/backends/ldap/api/role.py @@ -196,16 +196,22 @@ class RoleAPI(BaseLdapAPI, BaseTenantAPI): except ldap.NO_SUCH_ATTRIBUTE: raise exception.NotFound("No such user in role") - def ref_get_page(self, marker, limit, user_id): - all_roles = self.ref_get_all_global_roles(user_id) - for tenant in self.api.tenant.get_all(): - all_roles += self.ref_get_all_tenant_roles(user_id, tenant.id) + def ref_get_page(self, marker, limit, user_id, tenant_id): + all_roles = [] + if tenant_id is None: + all_roles += self.ref_get_all_global_roles(user_id) + else: + for tenant in self.api.tenant.get_all(): + all_roles += self.ref_get_all_tenant_roles(user_id, tenant.id) return self._get_page(marker, limit, all_roles) - def ref_get_page_markers(self, user_id, marker, limit): - all_roles = self.ref_get_all_global_roles(user_id) - for tenant in self.api.tenant.get_all(): - all_roles += self.ref_get_all_tenant_roles(user_id, tenant.id) + def ref_get_page_markers(self, user_id, tenant_id, marker, limit): + all_roles = [] + if tenant_id is None: + all_roles = self.ref_get_all_global_roles(user_id) + else: + for tenant in self.api.tenant.get_all(): + all_roles += self.ref_get_all_tenant_roles(user_id, tenant.id) return self._get_page_markers(marker, limit, all_roles) def ref_get_by_role(self, id): diff --git a/keystone/backends/sqlalchemy/api/role.py b/keystone/backends/sqlalchemy/api/role.py index b43a9437..05073e76 100755 --- a/keystone/backends/sqlalchemy/api/role.py +++ b/keystone/backends/sqlalchemy/api/role.py @@ -67,18 +67,21 @@ class RoleAPI(BaseRoleAPI): return session.query(models.Role).order_by(\ models.Role.id.desc()).limit(limit).all() - def ref_get_page(self, marker, limit, user_id, session=None): + def ref_get_page(self, marker, limit, user_id, tenant_id, session=None): if not session: session = get_session() - + query = session.query(models.UserRoleAssociation).\ + filter_by(user_id=user_id) + if tenant_id: + query = query.filter_by(tenant_id=tenant_id) + else: + query = query.filter("tenant_id is null") if marker: - return session.query(models.UserRoleAssociation).\ - filter("id>:marker").params(\ - marker='%s' % marker).filter_by(user_id=user_id).order_by(\ + return query.filter("id>:marker").params(\ + marker='%s' % marker).order_by(\ models.UserRoleAssociation.id.desc()).limit(limit).all() else: - return session.query(models.UserRoleAssociation).\ - filter_by(user_id=user_id).order_by(\ + return query.order_by(\ models.UserRoleAssociation.id.desc()).limit(limit).all() def ref_get_all_global_roles(self, user_id, session=None): @@ -144,28 +147,31 @@ class RoleAPI(BaseRoleAPI): next_page = next_page.id return (prev_page, next_page) - def ref_get_page_markers(self, user_id, marker, limit, session=None): + def ref_get_page_markers(self, user_id, tenant_id, marker, + limit, session=None): if not session: session = get_session() - first = session.query(models.UserRoleAssociation).filter_by(\ - user_id=user_id).order_by(\ + query = session.query(models.UserRoleAssociation).filter_by(\ + user_id=user_id) + if tenant_id: + query = query.filter_by(tenant_id=tenant_id) + else: + query = query.filter("tenant_id is null") + first = query.order_by(\ models.UserRoleAssociation.id).first() - last = session.query(models.UserRoleAssociation).filter_by(\ - user_id=user_id).order_by(\ + last = query.order_by(\ models.UserRoleAssociation.id.desc()).first() if first is None: return (None, None) if marker is None: marker = first.id - next_page = session.query(models.UserRoleAssociation).\ - filter_by(user_id=user_id).\ + next_page = query.\ filter("id > :marker").\ params(marker='%s' % marker).\ order_by(models.UserRoleAssociation.id).\ limit(limit).\ all() - prev_page = session.query(models.UserRoleAssociation).\ - filter_by(user_id=user_id).\ + prev_page = query.\ filter("id < :marker").\ params(marker='%s' % marker).\ order_by(models.UserRoleAssociation.id.desc()).\ diff --git a/keystone/content/admin/OS-KSADM-admin.wadl b/keystone/content/admin/OS-KSADM-admin.wadl index 24e5d2bf..9295337e 100644 --- a/keystone/content/admin/OS-KSADM-admin.wadl +++ b/keystone/content/admin/OS-KSADM-admin.wadl @@ -49,7 +49,6 @@ - @@ -92,7 +91,6 @@ - @@ -272,32 +270,6 @@ &getFaults; - - -

Lists all the users with a specific role for a tenant.

- - - - - - - - - - - - - - - - - - - - &commonFaults; - &getFaults; - -

Adds a specific role to a user for a tenant.

@@ -454,30 +426,6 @@ - - -

List all the global roles for a user.

- - - - - - - - - - - - - - - - - - &commonFaults; - &getFaults; - -

Adds a specific global role to a user.

diff --git a/keystone/contrib/extensions/admin/osksadm/extension_handler.py b/keystone/contrib/extensions/admin/osksadm/extension_handler.py index 5b34c188..0e16f8e8 100644 --- a/keystone/contrib/extensions/admin/osksadm/extension_handler.py +++ b/keystone/contrib/extensions/admin/osksadm/extension_handler.py @@ -58,7 +58,7 @@ class ExtensionHandler(BaseExtensionHandler): #Add/Delete Global role. mapper.connect("/users/{user_id}/roles/OS-KSADM/{role_id}", controller=roles_controller, action="add_role_to_user", - conditions=dict(method=["POST"])) + conditions=dict(method=["PUT"])) mapper.connect("/users/{user_id}/roles/OS-KSADM/{role_id}", controller=roles_controller, action="delete_role_from_user", conditions=dict(method=["DELETE"])) @@ -67,12 +67,8 @@ class ExtensionHandler(BaseExtensionHandler): mapper.connect( "/tenants/{tenant_id}/users/{user_id}/roles/OS-KSADM/{role_id}", controller=roles_controller, action="add_role_to_user", - conditions=dict(method=["POST"])) + conditions=dict(method=["PUT"])) mapper.connect( "/tenants/{tenant_id}/users/{user_id}/roles/OS-KSADM/{role_id}", controller=roles_controller, action="delete_role_from_user", conditions=dict(method=["DELETE"])) - - mapper.connect("/users/{user_id}/roleRefs", - controller=roles_controller, action="get_role_refs", - conditions=dict(method=["GET"])) diff --git a/keystone/controllers/roles.py b/keystone/controllers/roles.py index 1bf500bd..82cce1a2 100644 --- a/keystone/controllers/roles.py +++ b/keystone/controllers/roles.py @@ -48,9 +48,8 @@ class RolesController(wsgi.Controller): return utils.send_result(204, req, None) @utils.wrap_error - def get_role_refs(self, req, user_id): + def get_user_roles(self, req, user_id, tenant_id=None): marker, limit, url = get_marker_limit_and_url(req) - roleRefs = config.SERVICE.get_user_roles( - utils.get_auth_token(req), marker, limit, url, user_id) - - return utils.send_result(200, req, roleRefs) + roles = config.SERVICE.get_user_roles( + utils.get_auth_token(req), marker, limit, url, user_id, tenant_id) + return utils.send_result(200, req, roles) diff --git a/keystone/logic/service.py b/keystone/logic/service.py index ec0993eb..6eb260e3 100755 --- a/keystone/logic/service.py +++ b/keystone/logic/service.py @@ -24,8 +24,7 @@ import keystone.backends.api as api import keystone.backends.models as models from keystone.logic.types import fault from keystone.logic.types.tenant import Tenant, Tenants -from keystone.logic.types.role import Role, RoleRef, RoleRefs, Roles, \ - UserRole, UserRoles +from keystone.logic.types.role import Role, Roles from keystone.logic.types.service import Service, Services from keystone.logic.types.user import User, User_Update, Users from keystone.logic.types.endpoint import Endpoint, Endpoints, \ @@ -518,15 +517,15 @@ class IdentityService(object): dtoken.tenant_id) for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) - ts.append(UserRole(drole_ref.role_id, drole.name, - drole_ref.tenant_id)) + ts.append(Role(drole_ref.role_id, drole.name, + None, drole_ref.tenant_id)) drole_refs = api.ROLE.ref_get_all_global_roles(duser.id) for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) - ts.append(UserRole(drole_ref.role_id, drole.name, - drole_ref.tenant_id)) + ts.append(Role(drole_ref.role_id, drole.name, + None, drole_ref.tenant_id)) - user = auth.User(duser.id, duser.name, None, None, UserRoles(ts, [])) + user = auth.User(duser.id, duser.name, None, None, Roles(ts, [])) return auth.AuthData(token, user, endpoints) @@ -545,13 +544,13 @@ class IdentityService(object): dtoken.tenant_id) for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) - ts.append(UserRole(drole_ref.role_id, drole.name, - drole_ref.tenant_id)) + ts.append(Role(drole_ref.role_id, drole.name, + None, drole_ref.tenant_id)) drole_refs = api.ROLE.ref_get_all_global_roles(duser.id) for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) - ts.append(UserRole(drole_ref.role_id, drole.name, - drole_ref.tenant_id)) + ts.append(Role(drole_ref.role_id, drole.name, + None, drole_ref.tenant_id)) # Also get the user's tenant's name tenant_name = None @@ -560,7 +559,7 @@ class IdentityService(object): tenant_name = utenant.name user = auth.User(duser.id, duser.name, duser.tenant_id, - tenant_name, UserRoles(ts, [])) + tenant_name, Roles(ts, [])) return auth.ValidateData(token, user) @@ -734,42 +733,6 @@ class IdentityService(object): api.ROLE.ref_delete(role_ref.id) api.ROLE.delete(role_id) - def create_role_ref(self, admin_token, user_id, role_ref): - self.__validate_service_or_keystone_admin_token(admin_token) - duser = api.USER.get(user_id) - - if not duser: - raise fault.ItemNotFoundFault("The user could not be found") - - if not isinstance(role_ref, RoleRef): - raise fault.BadRequestFault("Expecting a Role Ref") - - if role_ref.role_id == None: - raise fault.BadRequestFault("Expecting a Role Id") - - drole = api.ROLE.get(role_ref.role_id) - if drole == None: - raise fault.ItemNotFoundFault("The role not found") - - if role_ref.tenant_id != None: - dtenant = api.TENANT.get(role_ref.tenant_id) - if dtenant == None: - raise fault.ItemNotFoundFault("The tenant not found") - - drole_ref = models.UserRoleAssociation() - drole_ref.user_id = duser.id - drole_ref.role_id = drole.id - if role_ref.tenant_id != None: - drole_ref.tenant_id = dtenant.id - user_role_ref = api.USER.user_role_add(drole_ref) - role_ref.role_ref_id = user_role_ref.id - return role_ref - - def delete_role_ref(self, admin_token, role_ref_id): - self.__validate_service_or_keystone_admin_token(admin_token) - api.ROLE.ref_delete(role_ref_id) - return None - def add_role_to_user(self, admin_token, user_id, role_id, tenant_id=None): self.__validate_service_or_keystone_admin_token(admin_token) @@ -806,19 +769,26 @@ class IdentityService(object): "This role is not mapped to the user.") api.ROLE.ref_delete(drole_ref.id) - def get_user_roles(self, admin_token, marker, limit, url, user_id): + def get_user_roles(self, admin_token, marker, + limit, url, user_id, tenant_id): self.__validate_service_or_keystone_admin_token(admin_token) duser = api.USER.get(user_id) if not duser: raise fault.ItemNotFoundFault("The user could not be found") + if tenant_id is not None: + dtenant = api.TENANT.get(tenant_id) + if not dtenant: + raise fault.ItemNotFoundFault("The tenant could not be found.") ts = [] - drole_refs = api.ROLE.ref_get_page(marker, limit, user_id) + drole_refs = api.ROLE.ref_get_page(marker, limit, user_id, tenant_id) for drole_ref in drole_refs: - ts.append(RoleRef(drole_ref.id, drole_ref.role_id, - drole_ref.tenant_id)) - prev, next = api.ROLE.ref_get_page_markers(user_id, marker, limit) + drole = api.ROLE.get(drole_ref.role_id) + ts.append(Role(drole.id, drole.name, + drole.desc, drole.service_id)) + prev, next = api.ROLE.ref_get_page_markers( + user_id, tenant_id, marker, limit) links = [] if prev: links.append(atom.Link('prev', @@ -826,7 +796,7 @@ class IdentityService(object): if next: links.append(atom.Link('next', "%s?'marker=%s&limit=%s'" % (url, next, limit))) - return RoleRefs(ts, links) + return Roles(ts, links) def add_endpoint_template(self, admin_token, endpoint_template): self.__validate_service_or_keystone_admin_token(admin_token) diff --git a/keystone/logic/types/role.py b/keystone/logic/types/role.py index f542553a..c74b7eb9 100644 --- a/keystone/logic/types/role.py +++ b/keystone/logic/types/role.py @@ -20,11 +20,12 @@ from keystone.logic.types import fault class Role(object): - def __init__(self, id, name, description, service_id=None): + def __init__(self, id, name, description, service_id=None, tenant_id=None): self.id = id self.name = name self.description = description self.service_id = service_id + self.tenant_id = tenant_id @staticmethod def from_xml(xml_str): @@ -57,7 +58,6 @@ class Role(object): name = role.get('name') description = role.get('description') service_id = role.get('serviceId') - if name is None: raise fault.BadRequestFault("Expecting Role name") @@ -76,6 +76,8 @@ class Role(object): dom.set("description", unicode(self.description)) if self.service_id: dom.set("serviceId", unicode(self.service_id)) + if self.tenant_id: + dom.set("tenantId", unicode(self.tenant_id)) return dom def to_xml(self): @@ -91,6 +93,8 @@ class Role(object): role["description"] = unicode(self.description) if self.service_id: role["serviceId"] = unicode(self.service_id) + if self.tenant_id: + role["tenantId"] = unicode(self.tenant_id) return {'role': role} def to_json(self): @@ -116,94 +120,6 @@ class Roles(object): return etree.tostring(dom) - def to_json(self): - values = [t.to_dict()["role"] for t in self.values] - links = [t.to_dict()["links"] for t in self.links] - return json.dumps({"roles": {"values": values, "links": links}}) - - -class RoleRef(object): - def __init__(self, role_ref_id, role_id, tenant_id): - self.role_ref_id = role_ref_id - self.role_id = role_id - self.tenant_id = tenant_id - - @staticmethod - def from_xml(xml_str): - try: - dom = etree.Element("root") - dom.append(etree.fromstring(xml_str)) - root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ - "role") - if root == None: - raise fault.BadRequestFault("Expecting Role") - role_id = root.get("roleId") - tenant_id = root.get("tenantId") - if role_id == None: - raise fault.BadRequestFault("Expecting Role") - return RoleRef('', role_id, tenant_id) - except etree.LxmlError as e: - raise fault.BadRequestFault("Cannot parse Role", str(e)) - - @staticmethod - def from_json(json_str): - try: - obj = json.loads(json_str) - if not "role" in obj: - raise fault.BadRequestFault("Expecting Role") - role_ref = obj["role"] - - role_id = role_ref.get('roleId') - tenant_id = role_ref.get('tenantId') - - if role_id == None: - raise fault.BadRequestFault("Expecting Role ID") - if tenant_id == None: - raise fault.BadRequestFault("Expecting Tenant ID") - - return RoleRef('', role_id, tenant_id) - except (ValueError, TypeError) as e: - raise fault.BadRequestFault("Cannot parse Role", str(e)) - - def to_dom(self): - dom = etree.Element("role", - xmlns="http://docs.openstack.org/identity/api/v2.0") - if self.role_ref_id: - dom.set("id", unicode(self.role_ref_id)) - if self.role_id: - dom.set("roleId", unicode(self.role_id)) - if self.tenant_id: - dom.set("tenantId", unicode(self.tenant_id)) - return dom - - def to_xml(self): - return etree.tostring(self.to_dom()) - - def to_dict(self): - role_ref = {} - if self.role_ref_id: - role_ref["id"] = unicode(self.role_ref_id) - if self.role_id: - role_ref["roleId"] = unicode(self.role_id) - if self.tenant_id: - role_ref["tenantId"] = unicode(self.tenant_id) - return {'role': role_ref} - - def to_json(self): - return json.dumps(self.to_dict()) - - -class RoleRefs(object): - "A collection of role refs." - - def __init__(self, values, links): - self.values = values - self.links = links - - def to_xml(self): - dom = self.to_dom() - return etree.tostring(dom) - def to_dom(self): dom = etree.Element("roles") dom.set(u"xmlns", "http://docs.openstack.org/identity/api/v2.0") @@ -224,84 +140,3 @@ class RoleRefs(object): def to_json_values(self): values = [t.to_dict()["role"] for t in self.values] return values - - -class UserRole(object): - """A role granted to a user""" - - def __init__(self, role_id, role_name, tenant_id): - self.role_id = role_id - self.role_name = role_name - self.tenant_id = tenant_id - - @staticmethod - def from_xml(xml_str): - try: - dom = etree.Element("root") - dom.append(etree.fromstring(xml_str)) - - root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ - "role") - if root == None: - raise fault.BadRequestFault("Expecting Role") - - role_id = root.get("id") - role_name = root.get("name") - tenant_id = root.get("tenantId") - - if role_id is None: - raise fault.BadRequestFault("Expecting Role ID") - - return UserRole(role_id, role_name, tenant_id) - except etree.LxmlError as e: - raise fault.BadRequestFault("Cannot parse Role", str(e)) - - @staticmethod - def from_json(json_str): - try: - obj = json.loads(json_str) - if not "role" in obj: - raise fault.BadRequestFault("Expecting Role") - role = obj["role"] - - role_id = role.get('id') - role_name = role.get('name') - tenant_id = role.get('tenantId') - - if role_id is None: - raise fault.BadRequestFault("Expecting Role ID") - - return RoleRef(role_id, role_name, tenant_id) - except (ValueError, TypeError) as e: - raise fault.BadRequestFault("Cannot parse Role", str(e)) - - def to_dom(self): - dom = etree.Element("role", - xmlns="http://docs.openstack.org/identity/api/v2.0") - if self.role_id: - dom.set("id", unicode(self.role_id)) - if self.role_name: - dom.set("name", unicode(self.role_name)) - if self.tenant_id: - dom.set("tenantId", unicode(self.tenant_id)) - return dom - - def to_xml(self): - return etree.tostring(self.to_dom()) - - def to_dict(self): - role = {} - if self.role_id: - role["id"] = unicode(self.role_id) - if self.role_name: - role["name"] = unicode(self.role_name) - if self.tenant_id: - role["tenantId"] = unicode(self.tenant_id) - return {'role': role} - - def to_json(self): - return json.dumps(self.to_dict()) - - -class UserRoles(RoleRefs): - "A collection of roles granted to a user." diff --git a/keystone/routers/admin.py b/keystone/routers/admin.py index c80def2c..17f5ce52 100755 --- a/keystone/routers/admin.py +++ b/keystone/routers/admin.py @@ -21,6 +21,7 @@ from keystone.common import wsgi import keystone.backends as db from keystone.controllers.auth import AuthController from keystone.controllers.endpointtemplates import EndpointTemplatesController +from keystone.controllers.roles import RolesController from keystone.controllers.staticfiles import StaticFilesController from keystone.controllers.tenant import TenantController from keystone.controllers.user import UserController @@ -112,6 +113,13 @@ class AdminApi(wsgi.Router): controller=user_controller, action="get_tenant_users", conditions=dict(method=["GET"])) + roles_controller = RolesController(options) + mapper.connect("/users/{user_id}/roles", + controller=roles_controller, action="get_user_roles", + conditions=dict(method=["GET"])) + mapper.connect("/tenants/{tenant_id}/users/{user_id}/roles", + controller=roles_controller, action="get_user_roles", + conditions=dict(method=["GET"])) #EndpointTemplatesControllers and Endpoints endpoint_templates_controller = EndpointTemplatesController(options) diff --git a/keystone/test/functional/common.py b/keystone/test/functional/common.py index c0edefa0..cd448496 100644 --- a/keystone/test/functional/common.py +++ b/keystone/test/functional/common.py @@ -279,20 +279,20 @@ class ApiTestCase(RestfulTestCase): path='/users/%s' % (user_id,), **kwargs) def get_user_roles(self, user_id, **kwargs): - """GET /users/{user_id}/roleRefs""" + """GET /users/{user_id}/roles""" return self.admin_request(method='GET', - path='/users/%s/roleRefs' % (user_id,), **kwargs) + path='/users/%s/roles' % (user_id,), **kwargs) - def post_user_role(self, user_id, role_id, tenant_id, **kwargs): + def put_user_role(self, user_id, role_id, tenant_id, **kwargs): if tenant_id is None: - """POST /users/{user_id}/roles/OS-KSADM/{role_id}""" - return self.admin_request(method='POST', + """PUT /users/{user_id}/roles/OS-KSADM/{role_id}""" + return self.admin_request(method='PUT', path='/users/%s/roles/OS-KSADM/%s' % (user_id, role_id), **kwargs) else: - """POST /tenants/{tenant_id}/users/{user_id}/ + """PUT /tenants/{tenant_id}/users/{user_id}/ roles/OS-KSADM/{role_id}""" - return self.admin_request(method='POST', + return self.admin_request(method='PUT', path='/tenants/%s/users/%s/roles/OS-KSADM/%s' % (tenant_id, user_id, role_id,), **kwargs) @@ -653,13 +653,13 @@ class FunctionalTestCase(ApiTestCase): user_id = optional_str(user_id) role_id = optional_str(role_id) tenant_id = optional_str(tenant_id) - return self.post_user_role(user_id, role_id, tenant_id, **kwargs) + return self.put_user_role(user_id, role_id, tenant_id, **kwargs) def grant_global_role_to_user(self, user_id=None, role_id=None, **kwargs): user_id = optional_str(user_id) role_id = optional_str(role_id) - return self.post_user_role(user_id, role_id, None, **kwargs) + return self.put_user_role(user_id, role_id, None, **kwargs) def revoke_global_role_from_user(self, user_id=None, role_id=None, **kwargs): diff --git a/keystone/test/functional/test_roles.py b/keystone/test/functional/test_roles.py index 43631939..54bcf019 100755 --- a/keystone/test/functional/test_roles.py +++ b/keystone/test/functional/test_roles.py @@ -280,9 +280,9 @@ class CreateRoleAssignmentTest(RolesTest): self.user['id'], self.role['id'], assert_status=201) -class GetRoleRefsTest(RolesTest): +class GetRoleAssignmentsTest(RolesTest): def setUp(self, *args, **kwargs): - super(GetRoleRefsTest, self).setUp(*args, **kwargs) + super(GetRoleAssignmentsTest, self).setUp(*args, **kwargs) self.tenant = self.create_tenant().json['tenant'] self.user = self.create_user_with_known_password( @@ -291,47 +291,47 @@ class GetRoleRefsTest(RolesTest): self.grant_role_to_user(self.user['id'], self.role['id'], self.tenant['id']) - def test_get_rolerefs(self): + def test_get_role_assignments(self): r = self.get_user_roles(self.user['id'], assert_status=200) self.assertIsNotNone(r.json['roles']['values']) - def test_get_rolerefs_xml(self): + def test_get_roler_assignments_xml(self): r = self.get_user_roles(self.user['id'], assert_status=200, headers={'Accept': 'application/xml'}) self.assertEqual(r.xml.tag, "{%s}roles" % self.xmlns) - def test_get_rolerefs_using_expired_token(self): + def test_get_role_assignments_using_expired_token(self): self.admin_token = self.expired_admin_token self.get_user_roles(self.user['id'], assert_status=403) - def test_get_rolerefs_xml_using_expired_token(self): + def test_get_role_assignments_xml_using_expired_token(self): self.admin_token = self.expired_admin_token self.get_user_roles(self.user['id'], assert_status=403, headers={ 'Accept': 'application/xml'}) - def test_get_rolerefs_using_disabled_token(self): + def test_get_role_assignments_using_disabled_token(self): self.admin_token = self.disabled_admin_token self.get_user_roles(self.user['id'], assert_status=403) - def test_get_rolerefs_xml_using_disabled_token(self): + def test_get_role_assignments_xml_using_disabled_token(self): self.admin_token = self.disabled_admin_token self.get_user_roles(self.user['id'], assert_status=403, headers={ 'Accept': 'application/xml'}) - def test_get_rolerefs_using_missing_token(self): + def test_get_role_assignments_using_missing_token(self): self.admin_token = '' self.get_user_roles(self.user['id'], assert_status=401) - def test_get_rolerefs_xml_using_missing_token(self): + def test_get_role_assignments_xml_using_missing_token(self): self.admin_token = '' self.get_user_roles(self.user['id'], assert_status=401, headers={ 'Accept': 'application/xml'}) - def test_get_rolerefs_json_using_invalid_token(self): + def test_get_role_assignments_json_using_invalid_token(self): self.admin_token = common.unique_str() self.get_user_roles(self.user['id'], assert_status=404) - def test_get_rolerefs_xml_using_invalid_token(self): + def test_get_role_assignments_xml_using_invalid_token(self): self.admin_token = common.unique_str() self.get_user_roles(self.user['id'], assert_status=404, headers={ 'Accept': 'application/xml'}) -- cgit