summaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/keystone')
-rw-r--r--keystone-moon/keystone/contrib/moon/backends/sql.py5
-rw-r--r--keystone-moon/keystone/contrib/moon/core.py8
-rw-r--r--keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py4
-rw-r--r--keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py4
4 files changed, 12 insertions, 9 deletions
diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py
index a2c8f5bc..2b7258ea 100644
--- a/keystone-moon/keystone/contrib/moon/backends/sql.py
+++ b/keystone-moon/keystone/contrib/moon/backends/sql.py
@@ -936,7 +936,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
query = query.filter_by(id=intra_extension_id)
ref = query.first()
try:
- return ref.intra_extension["aggregation_algorithm"]
+ return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]}
except KeyError:
return ""
@@ -949,8 +949,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
intra_extension_dict["aggregation_algorithm"] = aggregation_algorithm_id
setattr(ref, "intra_extension", intra_extension_dict)
session.flush()
- LOG.debug("set_aggregation_algorithm_id {}-{} {}".format(intra_extension_id, aggregation_algorithm_id, self.get_aggregation_algorithm_id(intra_extension_id)))
- return self.get_aggregation_algorithm_id(intra_extension_id)
+ return {"aggregation_algorithm": ref.intra_extension["aggregation_algorithm"]}
def del_aggregation_algorithm(self, intra_extension_id):
with sql.transaction() as session:
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index 0560d464..8e56f135 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -496,7 +496,8 @@ class IntraExtensionManager(manager.Manager):
try:
self.root_extension_id = self.root_api.get_root_extension_id()
self.aggregation_algorithm_dict = self.configuration_api.get_aggregation_algorithms_dict(self.root_extension_id)
- except AttributeError:
+ except AttributeError as e:
+ LOG.warning("Error on init_aggregation_algorithm ({})".format(e))
self.root_extension_id = None
self.aggregation_algorithm_dict = {}
@@ -588,7 +589,7 @@ class IntraExtensionManager(manager.Manager):
if not self.root_extension_id:
self.__init_aggregation_algorithm()
- aggregation_algorithm_id = self.driver.get_aggregation_algorithm_id(intra_extension_id)
+ aggregation_algorithm_id = self.driver.get_aggregation_algorithm_id(intra_extension_id)['aggregation_algorithm']
if self.aggregation_algorithm_dict[aggregation_algorithm_id]['name'] == 'all_true':
decision = all_true(decision_buffer)
elif self.aggregation_algorithm_dict[aggregation_algorithm_id]['name'] == 'one_true':
@@ -813,6 +814,9 @@ class IntraExtensionManager(manager.Manager):
for _id, _value in self.configuration_api.driver.get_aggregation_algorithms_dict().iteritems():
if _value["name"] == json_metarule["aggregation"]:
self.driver.set_aggregation_algorithm_id(intra_extension_dict["id"], _id)
+ break
+ else:
+ LOG.warning("No aggregation_algorithm found for '{}'".format(json_metarule["aggregation"]))
def __load_rule_file(self, intra_extension_dict, policy_dir):
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
index 00e9e09f..424e4cbb 100644
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
@@ -852,7 +852,7 @@ class TestIntraExtensionAdminManagerOK(tests.TestCase):
self.admin_api.get_subject_dict_from_keystone_name(tenant['id'], admin_ie_dict['id'], 'demo').iteritems().next()
aggregation_algorithm = self.admin_manager.get_aggregation_algorithm_id(admin_subject_id, authz_ie_dict["id"])
- self.assertIsInstance(aggregation_algorithm, basestring)
+ self.assertIsInstance(aggregation_algorithm, dict)
# TODO: need more tests on aggregation_algorithms (set and del)
@@ -1999,7 +1999,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
self.admin_api.get_subject_dict_from_keystone_name(tenant['id'], admin_ie_dict['id'], 'demo').iteritems().next()
aggregation_algorithm = self.admin_manager.get_aggregation_algorithm_id(admin_subject_id, authz_ie_dict["id"])
- self.assertIsInstance(aggregation_algorithm, basestring)
+ self.assertIsInstance(aggregation_algorithm, dict)
# TODO: need more tests on aggregation_algorithms (set and del)
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
index 51654227..afe0e7f2 100644
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
@@ -836,7 +836,7 @@ class TestIntraExtensionAuthzManagerAuthzOK(tests.TestCase):
self.admin_api.get_subject_dict_from_keystone_name(tenant['id'], admin_ie_dict['id'], 'demo').iteritems().next()
aggregation_algorithm = self.admin_manager.get_aggregation_algorithm_id(admin_subject_id, authz_ie_dict["id"])
- self.assertIsInstance(aggregation_algorithm, basestring)
+ self.assertIsInstance(aggregation_algorithm, dict)
# TODO: need more tests on aggregation_algorithms (set and del)
@@ -2216,7 +2216,7 @@ class TestIntraExtensionAuthzManagerAuthzKO(tests.TestCase):
self.admin_api.get_subject_dict_from_keystone_name(tenant['id'], admin_ie_dict['id'], 'demo').iteritems().next()
aggregation_algorithm = self.admin_manager.get_aggregation_algorithm_id(admin_subject_id, authz_ie_dict["id"])
- self.assertIsInstance(aggregation_algorithm, basestring)
+ self.assertIsInstance(aggregation_algorithm, dict)
# TODO: need more tests on aggregation_algorithms (set and del)