From a0c43a05126d9cca83b58b788fbc8e24f004fb66 Mon Sep 17 00:00:00 2001
From: "sirish.bitra" <sirish.bitra@gmail.com>
Date: Thu, 12 May 2011 16:31:26 +0530
Subject: optimization of test cases and handling multi token

---
 keystone/db/sqlalchemy/api.py |  7 +++++++
 keystone/logic/service.py     | 23 +++++++++++++++++++----
 2 files changed, 26 insertions(+), 4 deletions(-)

(limited to 'keystone')

diff --git a/keystone/db/sqlalchemy/api.py b/keystone/db/sqlalchemy/api.py
index f1817a24..9fd9a734 100644
--- a/keystone/db/sqlalchemy/api.py
+++ b/keystone/db/sqlalchemy/api.py
@@ -471,6 +471,13 @@ def token_for_user(user_id, session=None):
     return result
 
 
+def token_for_user_tenant(user_id, tenant_id, session=None):
+    if not session:
+        session = get_session()
+    result = session.query(models.Token).filter_by(
+        user_id=user_id, tenant_id=tenant_id).order_by("expires desc").first()
+    return result
+
 def user_tenant_create(values):
     user_tenant_ref = models.UserTenantAssociation()
     user_tenant_ref.update(values)
diff --git a/keystone/logic/service.py b/keystone/logic/service.py
index a51e3959..44d0b173 100644
--- a/keystone/logic/service.py
+++ b/keystone/logic/service.py
@@ -51,17 +51,26 @@ class IDMService(object):
         # Look for an existing token, or create one,
         # TODO: Handle tenant/token search
         #
-        dtoken = db_api.token_for_user(duser.id)
+        if not credentials.tenant_id:
+            dtoken = db_api.token_for_user(duser.id)
+        else:
+            dtoken = db_api.token_for_user_tenant(duser.id, credentials.tenant_id)
         if not dtoken or dtoken.expires < datetime.now():
             dtoken = db_models.Token()
             dtoken.token_id = str(uuid.uuid4())
             dtoken.user_id = duser.id
+            
             if not duser.tenants:
                 raise fault.IDMFault("Strange: user %s is not associated "
                                      "with a tenant!" % duser.id)
-            dtoken.tenant_id = duser.tenants[0].tenant_id
+            if not credentials.tenant_id and db_api.user_get_by_tenant(duser.id, credentials.tenant_id):
+                raise fault.IDMFault("Error: user %s is not associated "
+                                     "with a tenant! %s" % (duser.id, 
+                                                    credentials.tenant_id))
+                dtoken.tenant_id = credentials.tenant_id
+            else:
+                dtoken.tenant_id = duser.tenants[0].tenant_id
             dtoken.expires = datetime.now() + timedelta(days=1)
-
             db_api.token_create(dtoken)
 
         return self.__get_auth_data(dtoken, duser)
@@ -849,7 +858,13 @@ class IDMService(object):
         if len(duser.tenants) == 0:
             raise fault.IDMFault("Strange: user %s is not associated "
                                  "with a tenant!" % duser.id)
-        user = auth.User(duser.id, duser.tenants[0].tenant_id, groups)
+        if not dtoken.tenant_id and \
+            db_api.user_get_by_tenant(duser.id, dtoken.tenant_id):
+            raise fault.IDMFault("Error: user %s is not associated "
+                                 "with a tenant! %s" % (duser.id, 
+                                                dtoken.tenant_id))
+        
+        user = auth.User(duser.id, dtoken.tenant_id, groups)
         return auth.AuthData(token, user)
 
     def __validate_token(self, token_id, admin=True):
-- 
cgit