From 7b4c26d603d3dc03578f7e2043d20660054e8a05 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 17 Jan 2012 21:03:27 -0800 Subject: add (failing) tests for scoping ec2 crud --- tests/default_fixtures.py | 1 + tests/test_keystoneclient.py | 55 ++++++++++++++++++++++++++------------------ 2 files changed, 34 insertions(+), 22 deletions(-) diff --git a/tests/default_fixtures.py b/tests/default_fixtures.py index 786becd1..82a0d968 100644 --- a/tests/default_fixtures.py +++ b/tests/default_fixtures.py @@ -5,6 +5,7 @@ TENANTS = [ USERS = [ {'id': 'foo', 'name': 'FOO', 'password': 'foo2', 'tenants': ['bar',]}, + {'id': 'boo', 'name': 'BOO', 'password': 'boo2', 'tenants': ['baz',]}, ] METADATA = [ diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index 3eeed6f6..caab57ef 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -65,13 +65,17 @@ class KcMasterTestCase(CompatTestCase): CONF(config_files=[test.etcdir('keystone.conf'), test.testsdir('test_overrides.conf')]) - def foo_client(self): - return self._client(username='FOO', - password='foo2', - tenant_name='BAR') + def get_client(self, username='FOO'): + users = [u for u in default_fixtures.USERS if u['name'] == username] + self.assertEquals(1, len(users)) + user = users[0] + + return self._client(username=user['name'], + password=user['password'], + tenant_id=user['tenants'][0]) def test_authenticate_tenant_name_and_tenants(self): - client = self.foo_client() + client = self.get_client() tenants = client.tenants.list() self.assertEquals(tenants[0].id, self.tenant_bar['id']) @@ -84,21 +88,21 @@ class KcMasterTestCase(CompatTestCase): self.assertEquals(tenants[0].id, self.tenant_bar['id']) def test_authenticate_token_no_tenant(self): - client = self.foo_client() + client = self.get_client() token = client.auth_token token_client = self._client(token=token) tenants = client.tenants.list() self.assertEquals(tenants[0].id, self.tenant_bar['id']) def test_authenticate_token_tenant_id(self): - client = self.foo_client() + client = self.get_client() token = client.auth_token token_client = self._client(token=token, tenant_id='bar') tenants = client.tenants.list() self.assertEquals(tenants[0].id, self.tenant_bar['id']) def test_authenticate_token_tenant_name(self): - client = self.foo_client() + client = self.get_client() token = client.auth_token token_client = self._client(token=token, tenant_name='BAR') tenants = client.tenants.list() @@ -106,7 +110,7 @@ class KcMasterTestCase(CompatTestCase): # TODO(termie): I'm not really sure that this is testing much def test_endpoints(self): - client = self.foo_client() + client = self.get_client() token = client.auth_token endpoints = client.tokens.endpoints(token) @@ -119,7 +123,7 @@ class KcMasterTestCase(CompatTestCase): from keystoneclient import exceptions as client_exceptions test_tenant = 'new_tenant' - client = self.foo_client() + client = self.get_client() tenant = client.tenants.create(test_tenant, description="My new tenant!", enabled=True) @@ -142,12 +146,12 @@ class KcMasterTestCase(CompatTestCase): tenant.id) def test_tenant_list(self): - client = self.foo_client() + client = self.get_client() tenants = client.tenants.list() self.assertEquals(len(tenants), 1) def test_tenant_add_and_remove_user(self): - client = self.foo_client() + client = self.get_client() client.roles.add_user_to_tenant(self.tenant_baz['id'], self.user_foo['id'], self.role_useless['id']) @@ -177,7 +181,7 @@ class KcMasterTestCase(CompatTestCase): from keystoneclient import exceptions as client_exceptions test_user = 'new_user' - client = self.foo_client() + client = self.get_client() user = client.users.create(test_user, 'password', 'user1@test.com') self.assertEquals(user.name, test_user) @@ -203,12 +207,12 @@ class KcMasterTestCase(CompatTestCase): user.id) def test_user_list(self): - client = self.foo_client() + client = self.get_client() users = client.users.list() self.assertTrue(len(users) > 0) def test_role_get(self): - client = self.foo_client() + client = self.get_client() role = client.roles.get('keystone_admin') self.assertEquals(role.id, 'keystone_admin') @@ -216,7 +220,7 @@ class KcMasterTestCase(CompatTestCase): from keystoneclient import exceptions as client_exceptions test_role = 'new_role' - client = self.foo_client() + client = self.get_client() role = client.roles.create(test_role) self.assertEquals(role.name, test_role) @@ -229,20 +233,20 @@ class KcMasterTestCase(CompatTestCase): test_role) def test_role_list(self): - client = self.foo_client() + client = self.get_client() roles = client.roles.list() # TODO(devcamcar): This assert should be more specific. self.assertTrue(len(roles) > 0) def test_roles_get_by_user(self): - client = self.foo_client() + client = self.get_client() roles = client.roles.get_user_role_refs('foo') self.assertTrue(len(roles) > 0) - def test_ec2_credential_creation(self): + def test_ec2_credential_crud(self): from keystoneclient import exceptions as client_exceptions - client = self.foo_client() + client = self.get_client() creds = client.ec2.list(self.user_foo['id']) self.assertEquals(creds, []) @@ -259,11 +263,18 @@ class KcMasterTestCase(CompatTestCase): creds = client.ec2.list(self.user_foo['id']) self.assertEquals(creds, []) + def test_ec2_credentials_scoping(self): + from keystoneclient import exceptions as client_exceptions + + boo = self.get_client('BOO') + self.assertRaises(client_exceptions.Unauthorized, boo.ec2.list, + self.user_foo['id']) + def test_service_create_and_delete(self): from keystoneclient import exceptions as client_exceptions test_service = 'new_service' - client = self.foo_client() + client = self.get_client() service = client.services.create(test_service, 'test', 'test') self.assertEquals(service.name, test_service) @@ -275,7 +286,7 @@ class KcMasterTestCase(CompatTestCase): service.id) def test_service_list(self): - client = self.foo_client() + client = self.get_client() test_service = 'new_service' service = client.services.create(test_service, 'test', 'test') services = client.services.list() -- cgit From f28a03cf2094d8ba5b64dfea7554afce3ec309a3 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 17 Jan 2012 21:39:01 -0800 Subject: add METADATA for boo --- tests/default_fixtures.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/default_fixtures.py b/tests/default_fixtures.py index 82a0d968..990e241a 100644 --- a/tests/default_fixtures.py +++ b/tests/default_fixtures.py @@ -10,6 +10,7 @@ USERS = [ METADATA = [ {'user_id': 'foo', 'tenant_id': 'bar', 'extra': 'extra'}, + {'user_id': 'boo', 'tenant_id': 'baz', 'extra': 'extra'}, ] ROLES = [ -- cgit From 88b0a4bbd1353933614270b90477901a18d6ce7b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 17 Jan 2012 21:48:31 -0800 Subject: more failing ec2 tests --- tests/test_keystoneclient.py | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index caab57ef..217bb2a7 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -263,13 +263,37 @@ class KcMasterTestCase(CompatTestCase): creds = client.ec2.list(self.user_foo['id']) self.assertEquals(creds, []) - def test_ec2_credentials_scoping(self): + def test_ec2_credentials_scoping_list(self): from keystoneclient import exceptions as client_exceptions boo = self.get_client('BOO') self.assertRaises(client_exceptions.Unauthorized, boo.ec2.list, self.user_foo['id']) + def test_ec2_credentials_scoping_get(self): + from keystoneclient import exceptions as client_exceptions + + foo = self.get_client() + cred = foo.ec2.create(self.user_foo['id'], self.tenant_bar['id']) + + boo = self.get_client('BOO') + self.assertRaises(client_exceptions.Unauthorized, boo.ec2.get, + self.user_foo['id'], cred.access) + + foo.ec2.delete(self.user_foo['id'], cred.access) + + def test_ec2_credentials_scoping_delete(self): + from keystoneclient import exceptions as client_exceptions + + foo = self.get_client() + cred = foo.ec2.create(self.user_foo['id'], self.tenant_bar['id']) + + boo = self.get_client('BOO') + self.assertRaises(client_exceptions.Unauthorized, boo.ec2.delete, + self.user_foo['id'], cred.access) + + foo.ec2.delete(self.user_foo['id'], cred.access) + def test_service_create_and_delete(self): from keystoneclient import exceptions as client_exceptions -- cgit From e567fb91464798d11005dc9a7c53e8dce5726ac3 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 18 Jan 2012 11:23:22 -0800 Subject: use the sql backend for ec2 tests --- tests/backend_sql.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/backend_sql.conf b/tests/backend_sql.conf index 30e8f6f5..a2987487 100644 --- a/tests/backend_sql.conf +++ b/tests/backend_sql.conf @@ -7,3 +7,6 @@ pool_timeout = 200 [identity] driver = keystone.identity.backends.sql.Identity + +[ec2] +driver = keystone.contrib.ec2.backends.SqlEc2 -- cgit From c1fe99854c4a4082d377de07d1c925abcddb01a9 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 18 Jan 2012 11:23:43 -0800 Subject: rename ec2 tests to be more explicit --- tests/test_keystoneclient.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index 217bb2a7..024edcb1 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -263,14 +263,14 @@ class KcMasterTestCase(CompatTestCase): creds = client.ec2.list(self.user_foo['id']) self.assertEquals(creds, []) - def test_ec2_credentials_scoping_list(self): + def test_ec2_credentials_list_unauthorized_user(self): from keystoneclient import exceptions as client_exceptions boo = self.get_client('BOO') self.assertRaises(client_exceptions.Unauthorized, boo.ec2.list, self.user_foo['id']) - def test_ec2_credentials_scoping_get(self): + def test_ec2_credentials_get_unauthorized_user(self): from keystoneclient import exceptions as client_exceptions foo = self.get_client() @@ -282,7 +282,7 @@ class KcMasterTestCase(CompatTestCase): foo.ec2.delete(self.user_foo['id'], cred.access) - def test_ec2_credentials_scoping_delete(self): + def test_ec2_credentials_delete_unauthorized_user(self): from keystoneclient import exceptions as client_exceptions foo = self.get_client() -- cgit From cbc1558ea676456f163b3e060a781cfe21f9932b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 19 Jan 2012 15:44:48 -0800 Subject: update how user is specified in tests --- tests/default_fixtures.py | 4 ++-- tests/test_keystoneclient.py | 27 +++++++++++++-------------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/tests/default_fixtures.py b/tests/default_fixtures.py index 990e241a..22ac95f0 100644 --- a/tests/default_fixtures.py +++ b/tests/default_fixtures.py @@ -5,12 +5,12 @@ TENANTS = [ USERS = [ {'id': 'foo', 'name': 'FOO', 'password': 'foo2', 'tenants': ['bar',]}, - {'id': 'boo', 'name': 'BOO', 'password': 'boo2', 'tenants': ['baz',]}, + {'id': 'two', 'name': 'TWO', 'password': 'two2', 'tenants': ['baz',]}, ] METADATA = [ {'user_id': 'foo', 'tenant_id': 'bar', 'extra': 'extra'}, - {'user_id': 'boo', 'tenant_id': 'baz', 'extra': 'extra'}, + {'user_id': 'two', 'tenant_id': 'baz', 'extra': 'extra'}, ] ROLES = [ diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index 024edcb1..fb1e25d9 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -65,14 +65,13 @@ class KcMasterTestCase(CompatTestCase): CONF(config_files=[test.etcdir('keystone.conf'), test.testsdir('test_overrides.conf')]) - def get_client(self, username='FOO'): - users = [u for u in default_fixtures.USERS if u['name'] == username] - self.assertEquals(1, len(users)) - user = users[0] + def get_client(self, user_ref=None): + if user_ref is None: + user_ref = self.user_foo - return self._client(username=user['name'], - password=user['password'], - tenant_id=user['tenants'][0]) + return self._client(username=user_ref['name'], + password=user_ref['password'], + tenant_id=user_ref['tenants'][0]) def test_authenticate_tenant_name_and_tenants(self): client = self.get_client() @@ -266,8 +265,8 @@ class KcMasterTestCase(CompatTestCase): def test_ec2_credentials_list_unauthorized_user(self): from keystoneclient import exceptions as client_exceptions - boo = self.get_client('BOO') - self.assertRaises(client_exceptions.Unauthorized, boo.ec2.list, + two = self.get_client(self.user_two) + self.assertRaises(client_exceptions.Unauthorized, two.ec2.list, self.user_foo['id']) def test_ec2_credentials_get_unauthorized_user(self): @@ -276,10 +275,10 @@ class KcMasterTestCase(CompatTestCase): foo = self.get_client() cred = foo.ec2.create(self.user_foo['id'], self.tenant_bar['id']) - boo = self.get_client('BOO') - self.assertRaises(client_exceptions.Unauthorized, boo.ec2.get, + two = self.get_client(self.user_two) + self.assertRaises(client_exceptions.Unauthorized, two.ec2.get, self.user_foo['id'], cred.access) - + foo.ec2.delete(self.user_foo['id'], cred.access) def test_ec2_credentials_delete_unauthorized_user(self): @@ -288,8 +287,8 @@ class KcMasterTestCase(CompatTestCase): foo = self.get_client() cred = foo.ec2.create(self.user_foo['id'], self.tenant_bar['id']) - boo = self.get_client('BOO') - self.assertRaises(client_exceptions.Unauthorized, boo.ec2.delete, + two = self.get_client(self.user_two) + self.assertRaises(client_exceptions.Unauthorized, two.ec2.delete, self.user_foo['id'], cred.access) foo.ec2.delete(self.user_foo['id'], cred.access) -- cgit From 21cfcfc38e0e605197405cff73d37b0fb5924a64 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 19 Jan 2012 15:48:28 -0800 Subject: get_client lets you send user and tenant --- tests/test_keystoneclient.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index fb1e25d9..a31d8adb 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -65,13 +65,19 @@ class KcMasterTestCase(CompatTestCase): CONF(config_files=[test.etcdir('keystone.conf'), test.testsdir('test_overrides.conf')]) - def get_client(self, user_ref=None): + def get_client(self, user_ref=None, tenant_ref=None): if user_ref is None: user_ref = self.user_foo + if tenant_ref is None: + for user in default_fixtures.USERS: + if user['id'] == user_ref['id']: + tenant_id = user['tenants'][0] + else: + tenant_id = tenant_ref['id'] return self._client(username=user_ref['name'], password=user_ref['password'], - tenant_id=user_ref['tenants'][0]) + tenant_id=tenant_id) def test_authenticate_tenant_name_and_tenants(self): client = self.get_client() -- cgit From ecabdd1a7068dadb5603ddbaa3bb38615916d103 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 19 Jan 2012 15:58:30 -0800 Subject: fix ec2 sql config --- tests/backend_sql.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/backend_sql.conf b/tests/backend_sql.conf index a2987487..0fec0488 100644 --- a/tests/backend_sql.conf +++ b/tests/backend_sql.conf @@ -9,4 +9,4 @@ pool_timeout = 200 driver = keystone.identity.backends.sql.Identity [ec2] -driver = keystone.contrib.ec2.backends.SqlEc2 +driver = keystone.contrib.ec2.backends.sql.Ec2 -- cgit