aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py
diff options
context:
space:
mode:
authorasteroide <thomas.duval@orange.com>2015-09-24 16:27:16 +0200
committerasteroide <thomas.duval@orange.com>2015-09-24 16:27:16 +0200
commit92d11d139e9f76d4fd76859aea78643fc32ef36b (patch)
treebd5a2e7b50853498074ab55bdaee4452c460010b /keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py
parent49325d99acfadaadfad99c596c4ada6b5ec849de (diff)
Update Keystone code from repository.
Change-Id: Ib3d0a06b10902fcc6d520f58e85aa617bc326d00
Diffstat (limited to 'keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py')
-rw-r--r--keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py23
1 files changed, 23 insertions, 0 deletions
diff --git a/keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py b/keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py
index a8b4ae76..5804f1c0 100644
--- a/keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py
+++ b/keystone-moon/keystone/tests/unit/contrib/federation/test_utils.py
@@ -10,6 +10,7 @@
# License for the specific language governing permissions and limitations
# under the License.
+import uuid
from keystone.auth.plugins import mapped
from keystone.contrib.federation import utils as mapping_utils
@@ -609,3 +610,25 @@ class MappingRuleEngineTests(unit.BaseTestCase):
self.assertEqual(exp_user_name, mapped_properties['user']['name'])
self.assertEqual('abc123%40example.com',
mapped_properties['user']['id'])
+
+ def test_whitelist_pass_through(self):
+ mapping = mapping_fixtures.MAPPING_GROUPS_WHITELIST_PASS_THROUGH
+ rp = mapping_utils.RuleProcessor(mapping['rules'])
+ assertion = mapping_fixtures.DEVELOPER_ASSERTION
+ mapped_properties = rp.process(assertion)
+ self.assertValidMappedUserObject(mapped_properties)
+
+ self.assertEqual('developacct', mapped_properties['user']['name'])
+ self.assertEqual('Developer',
+ mapped_properties['group_names'][0]['name'])
+
+ def test_type_not_in_assertion(self):
+ """Test that if the remote "type" is not in the assertion it fails."""
+ mapping = mapping_fixtures.MAPPING_GROUPS_WHITELIST_PASS_THROUGH
+ rp = mapping_utils.RuleProcessor(mapping['rules'])
+ assertion = {uuid.uuid4().hex: uuid.uuid4().hex}
+ mapped_properties = rp.process(assertion)
+ self.assertValidMappedUserObject(mapped_properties)
+
+ self.assertNotIn('id', mapped_properties['user'])
+ self.assertNotIn('name', mapped_properties['user'])