aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone/tests/unit/test_revoke.py
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/keystone/tests/unit/test_revoke.py')
-rw-r--r--keystone-moon/keystone/tests/unit/test_revoke.py76
1 files changed, 31 insertions, 45 deletions
diff --git a/keystone-moon/keystone/tests/unit/test_revoke.py b/keystone-moon/keystone/tests/unit/test_revoke.py
index 9062981f..82c0125a 100644
--- a/keystone-moon/keystone/tests/unit/test_revoke.py
+++ b/keystone-moon/keystone/tests/unit/test_revoke.py
@@ -20,8 +20,8 @@ from six.moves import range
from testtools import matchers
from keystone.common import utils
-from keystone.contrib.revoke import model
from keystone import exception
+from keystone.models import revoke_model
from keystone.tests import unit
from keystone.tests.unit import test_backend_sql
from keystone.token import provider
@@ -46,7 +46,7 @@ def _past_time():
def _sample_blank_token():
issued_delta = datetime.timedelta(minutes=-2)
issued_at = timeutils.utcnow() + issued_delta
- token_data = model.blank_token_data(issued_at)
+ token_data = revoke_model.blank_token_data(issued_at)
return token_data
@@ -61,13 +61,12 @@ def _matches(event, token_values):
value for the attribute, and it does not match the token, no match
is possible, so skip the remaining checks.
- :param event one revocation event to match
- :param token_values dictionary with set of values taken from the
+ :param event: one revocation event to match
+ :param token_values: dictionary with set of values taken from the
token
- :returns if the token matches the revocation event, indicating the
+ :returns: True if the token matches the revocation event, indicating the
token has been revoked
"""
-
# The token has three attributes that can match the user_id
if event.user_id is not None:
for attribute_name in ['user_id', 'trustor_id', 'trustee_id']:
@@ -126,15 +125,16 @@ class RevokeTests(object):
self.revoke_api.revoke_by_user(user_id=1)
self.revoke_api.revoke_by_user(user_id=2)
past = timeutils.utcnow() - datetime.timedelta(seconds=1000)
- self.assertEqual(2, len(self.revoke_api.list_events(past)))
+ self.assertEqual(2, len(self.revoke_api.list_events(last_fetch=past)))
future = timeutils.utcnow() + datetime.timedelta(seconds=1000)
- self.assertEqual(0, len(self.revoke_api.list_events(future)))
+ self.assertEqual(0,
+ len(self.revoke_api.list_events(last_fetch=future)))
def test_past_expiry_are_removed(self):
user_id = 1
self.revoke_api.revoke_by_expiration(user_id, _future_time())
self.assertEqual(1, len(self.revoke_api.list_events()))
- event = model.RevokeEvent()
+ event = revoke_model.RevokeEvent()
event.revoked_at = _past_time()
self.revoke_api.revoke(event)
self.assertEqual(1, len(self.revoke_api.list_events()))
@@ -184,32 +184,17 @@ class RevokeTests(object):
class SqlRevokeTests(test_backend_sql.SqlTests, RevokeTests):
def config_overrides(self):
super(SqlRevokeTests, self).config_overrides()
- self.config_fixture.config(group='revoke', driver='sql')
self.config_fixture.config(
group='token',
provider='pki',
revoke_by_id=False)
-class KvsRevokeTests(unit.TestCase, RevokeTests):
- def config_overrides(self):
- super(KvsRevokeTests, self).config_overrides()
- self.config_fixture.config(group='revoke', driver='kvs')
- self.config_fixture.config(
- group='token',
- provider='pki',
- revoke_by_id=False)
-
- def setUp(self):
- super(KvsRevokeTests, self).setUp()
- self.load_backends()
-
-
class RevokeTreeTests(unit.TestCase):
def setUp(self):
super(RevokeTreeTests, self).setUp()
self.events = []
- self.tree = model.RevokeTree()
+ self.tree = revoke_model.RevokeTree()
self._sample_data()
def _sample_data(self):
@@ -263,20 +248,20 @@ class RevokeTreeTests(unit.TestCase):
def _revoke_by_user(self, user_id):
return self.tree.add_event(
- model.RevokeEvent(user_id=user_id))
+ revoke_model.RevokeEvent(user_id=user_id))
def _revoke_by_audit_id(self, audit_id):
event = self.tree.add_event(
- model.RevokeEvent(audit_id=audit_id))
+ revoke_model.RevokeEvent(audit_id=audit_id))
self.events.append(event)
return event
def _revoke_by_audit_chain_id(self, audit_chain_id, project_id=None,
domain_id=None):
event = self.tree.add_event(
- model.RevokeEvent(audit_chain_id=audit_chain_id,
- project_id=project_id,
- domain_id=domain_id)
+ revoke_model.RevokeEvent(audit_chain_id=audit_chain_id,
+ project_id=project_id,
+ domain_id=domain_id)
)
self.events.append(event)
return event
@@ -284,46 +269,47 @@ class RevokeTreeTests(unit.TestCase):
def _revoke_by_expiration(self, user_id, expires_at, project_id=None,
domain_id=None):
event = self.tree.add_event(
- model.RevokeEvent(user_id=user_id,
- expires_at=expires_at,
- project_id=project_id,
- domain_id=domain_id))
+ revoke_model.RevokeEvent(user_id=user_id,
+ expires_at=expires_at,
+ project_id=project_id,
+ domain_id=domain_id))
self.events.append(event)
return event
def _revoke_by_grant(self, role_id, user_id=None,
domain_id=None, project_id=None):
event = self.tree.add_event(
- model.RevokeEvent(user_id=user_id,
- role_id=role_id,
- domain_id=domain_id,
- project_id=project_id))
+ revoke_model.RevokeEvent(user_id=user_id,
+ role_id=role_id,
+ domain_id=domain_id,
+ project_id=project_id))
self.events.append(event)
return event
def _revoke_by_user_and_project(self, user_id, project_id):
event = self.tree.add_event(
- model.RevokeEvent(project_id=project_id,
- user_id=user_id))
+ revoke_model.RevokeEvent(project_id=project_id,
+ user_id=user_id))
self.events.append(event)
return event
def _revoke_by_project_role_assignment(self, project_id, role_id):
event = self.tree.add_event(
- model.RevokeEvent(project_id=project_id,
- role_id=role_id))
+ revoke_model.RevokeEvent(project_id=project_id,
+ role_id=role_id))
self.events.append(event)
return event
def _revoke_by_domain_role_assignment(self, domain_id, role_id):
event = self.tree.add_event(
- model.RevokeEvent(domain_id=domain_id,
- role_id=role_id))
+ revoke_model.RevokeEvent(domain_id=domain_id,
+ role_id=role_id))
self.events.append(event)
return event
def _revoke_by_domain(self, domain_id):
- event = self.tree.add_event(model.RevokeEvent(domain_id=domain_id))
+ event = self.tree.add_event(
+ revoke_model.RevokeEvent(domain_id=domain_id))
self.events.append(event)
def _user_field_test(self, field_name):