From dd35d2afbfc7bcd41cd5c68b440f5c502d32d656 Mon Sep 17 00:00:00 2001
From: termie <github@anarkystic.com>
Date: Thu, 1 Mar 2012 11:27:06 -0800
Subject: standardize ldap and related tests

ldap was accidentally supplying some of its own values rather than using
the built-in fixtures, so it was providing the incorrect interface for a
couple calls.

also adds a test for get_user_by_name (skipped for ldap) and
standardizes the kvs and ldap authenticate calls

fix user authentication live ldap tests
Change-Id: If1ccce1fd9c84622bb89344bc5d5c59b059d03ae
---
 keystone/identity/backends/kvs.py       |  4 +++-
 keystone/identity/backends/ldap/core.py | 18 ++++--------------
 keystone/identity/backends/sql.py       |  2 --
 3 files changed, 7 insertions(+), 17 deletions(-)

(limited to 'keystone')

diff --git a/keystone/identity/backends/kvs.py b/keystone/identity/backends/kvs.py
index 35ac476d..1e1c6ad6 100644
--- a/keystone/identity/backends/kvs.py
+++ b/keystone/identity/backends/kvs.py
@@ -49,7 +49,9 @@ class Identity(kvs.Base, identity.Driver):
         if (not user_ref
             or not utils.check_password(password, user_ref.get('password'))):
             raise AssertionError('Invalid user / password')
-        if tenant_id and tenant_id not in user_ref['tenants']:
+
+        tenants = self.get_tenants_for_user(user_id)
+        if tenant_id and tenant_id not in tenants:
             raise AssertionError('Invalid tenant')
 
         tenant_ref = self.get_tenant(tenant_id)
diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py
index 409a384a..3138720f 100644
--- a/keystone/identity/backends/ldap/core.py
+++ b/keystone/identity/backends/ldap/core.py
@@ -74,17 +74,11 @@ class Identity(identity.Driver):
         except Exception:
             raise AssertionError('Invalid user / password')
 
-        if tenant_id:
-            found = False
-            for tenant in user_ref['tenants']:
-                if tenant == tenant_id:
-                    found = True
-                    break
+        tenants = self.get_tenants_for_user(user_id)
+        if tenant_id and tenant_id not in tenants:
+            raise AssertionError('Invalid tenant')
 
-            if not found:
-                raise AssertionError('Invalid tenant')
-
-        tenant_ref = self.tenant.get(tenant_id)
+        tenant_ref = self.get_tenant(tenant_id)
         metadata_ref = {}
         # TODO(termie): this should probably be made into a get roles call
         #if tenant_ref:
@@ -103,10 +97,6 @@ class Identity(identity.Driver):
         user_ref = self.user.get(user_id)
         if not user_ref:
             return None
-        tenants = self.tenant.get_user_tenants(user_id)
-        user_ref['tenants'] = []
-        for tenant in tenants:
-            user_ref['tenants'].append(tenant['id'])
         return user_ref
 
     def get_user(self, user_id):
diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py
index adc33b12..cf1f70e2 100644
--- a/keystone/identity/backends/sql.py
+++ b/keystone/identity/backends/sql.py
@@ -128,8 +128,6 @@ class Identity(sql.Base, identity.Driver):
 
         """
         user_ref = self._get_user(user_id)
-        tenant_ref = None
-        metadata_ref = None
         if (not user_ref
             or not utils.check_password(password, user_ref.get('password'))):
             raise AssertionError('Invalid user / password')
-- 
cgit