When deleting a subject, check if the authz/admin intra-extension exists in order to not try to delete a subject in a non-existent intra-extension.

Change-Id: Ief26dccc856ab565b3ba610cf6c7a95c20fab297
author: asteroide <thomas.duval@orange.com> 2015-11-24 15:01:11 +0100
committer: asteroide <thomas.duval@orange.com> 2015-11-24 15:01:11 +0100
commit: 84ca8cc5a94b29eb13b300be1adaa390284e1866 (patch)
tree: 8c3ce6fc85972267751ec1baf5bb028da144b5a5
parent: fca74d4bc3569506a6659880a89aa009dc11f552 (diff)
2 files changed, 13 insertions, 9 deletions
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index a227174c..0560d464 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -1883,13 +1883,15 @@ class IntraExtensionAuthzManager(IntraExtensionManager):
         super(IntraExtensionAuthzManager, self).del_subject(user_id, intra_extension_id, subject_id)
         tenants_dict = self.tenant_api.get_tenants_dict(self.root_api.get_root_admin_id())
         for tenant_id in tenants_dict:
-            if tenants_dict[tenant_id]["intra_authz_extension_id"] == intra_extension_id:
+            if tenants_dict[tenant_id]["intra_authz_extension_id"] == intra_extension_id and \
+                tenants_dict[tenant_id]["intra_admin_extension_id"]:
                 subject_id = self.driver.get_uuid_from_name(tenants_dict[tenant_id]["intra_admin_extension_id"],
                                                             subject_name,
                                                             self.driver.SUBJECT)
                 self.driver.del_subject(tenants_dict[tenant_id]["intra_admin_extension_id"], subject_id)
                 break
-            if tenants_dict[tenant_id]["intra_admin_extension_id"] == intra_extension_id:
+            if tenants_dict[tenant_id]["intra_admin_extension_id"] == intra_extension_id and \
+                tenants_dict[tenant_id]["intra_authz_extension_id"]:
                 subject_id = self.driver.get_uuid_from_name(tenants_dict[tenant_id]["intra_authz_extension_id"],
                                                             subject_name,
                                                             self.driver.SUBJECT)
@@ -2046,13 +2048,15 @@ class IntraExtensionAdminManager(IntraExtensionManager):
         super(IntraExtensionAdminManager, self).del_subject(user_id, intra_extension_id, subject_id)
         tenants_dict = self.tenant_api.get_tenants_dict(self.root_api.get_root_admin_id())
         for tenant_id in tenants_dict:
-            if tenants_dict[tenant_id]["intra_authz_extension_id"] == intra_extension_id:
+            if tenants_dict[tenant_id]["intra_authz_extension_id"] == intra_extension_id and \
+                tenants_dict[tenant_id]["intra_admin_extension_id"]:
                 subject_id = self.driver.get_uuid_from_name(tenants_dict[tenant_id]["intra_admin_extension_id"],
                                                             subject_name,
                                                             self.driver.SUBJECT)
                 self.driver.del_subject(tenants_dict[tenant_id]["intra_admin_extension_id"], subject_id)
                 break
-            if tenants_dict[tenant_id]["intra_admin_extension_id"] == intra_extension_id:
+            if tenants_dict[tenant_id]["intra_admin_extension_id"] == intra_extension_id and \
+                tenants_dict[tenant_id]["intra_authz_extension_id"]:
                 subject_id = self.driver.get_uuid_from_name(tenants_dict[tenant_id]["intra_authz_extension_id"],
                                                             subject_name,
                                                             self.driver.SUBJECT)
diff --git a/moonclient/moonclient/tests/tests_subjects.json b/moonclient/moonclient/tests/tests_subjects.json
index 7001e227..37d37f42 100644
--- a/moonclient/moonclient/tests/tests_subjects.json
+++ b/moonclient/moonclient/tests/tests_subjects.json
@@ -36,7 +36,7 @@
       },
       {
         "name": "set_tenant_authz",
-        "command": "tenant set --authz $uuid_authz alt_demo",
+        "command": "tenant set --authz $uuid_authz $uuid",
         "result": "",
         "description": "Connect the authz intra extension to the tenant alt_demo",
         "command_options": ""
@@ -57,9 +57,9 @@
       },
       {
         "name": "add_subject",
-        "command": "subject add alt_demo",
+        "command": "subject add alt_demo --password nomoresecrete",
         "result": "",
-        "description": "Connect the authz intra extension to the tenant demo",
+        "description": "Add the alt_demo subject",
         "command_options": ""
       },
       {
@@ -186,9 +186,9 @@
       },
       {
         "name": "add_subject",
-        "command": "subject add alt_demo",
+        "command": "subject add alt_demo --password nomoresecrete",
         "result": "",
-        "description": "Connect the authz intra extension to the tenant alt_demo",
+        "description": "Add the alt_demo subject",
         "command_options": ""
       },
       {
author	asteroide <thomas.duval@orange.com>	2015-11-24 15:01:11 +0100
committer	asteroide <thomas.duval@orange.com>	2015-11-24 15:01:11 +0100
commit	84ca8cc5a94b29eb13b300be1adaa390284e1866 (patch)
tree	8c3ce6fc85972267751ec1baf5bb028da144b5a5
parent	fca74d4bc3569506a6659880a89aa009dc11f552 (diff)