From 7348b8effd253c355e998875877a3135817d6eb0 Mon Sep 17 00:00:00 2001 From: asteroide Date: Fri, 24 Jul 2015 12:36:12 +0200 Subject: add_tenant function in controllers.py nox check if tenant name exist in Keystone fix some bugs in enforce function and SQL functions Change-Id: Ie760aad146d249fa6d98edbbb64dae732724e756 --- .../unit/test_unit_core_intra_extension_admin.py | 4 +- .../unit/test_unit_core_intra_extension_authz.py | 4 +- .../keystone/tests/moon/unit/test_unit_core_log.py | 2 +- .../tests/moon/unit/test_unit_core_tenant.py | 291 ++++++++++++++------- 4 files changed, 198 insertions(+), 103 deletions(-) (limited to 'keystone-moon/keystone/tests') diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py index 5a1f71e6..97442228 100644 --- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py +++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py @@ -66,7 +66,7 @@ class TestIntraExtensionAdminManagerOK(tests.TestCase): #self.admin = self.identity_api.create_user(USER) IE["policymodel"] = policy_model IE["name"] = uuid.uuid4().hex - self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, IE) + self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, intra_extension_dict=IE) self.assertIsInstance(self.ref, dict) self.create_tenant(self.ref["id"]) @@ -1311,7 +1311,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase): IE["policymodel"] = policy_model IE["name"] = uuid.uuid4().hex - ref = self.admin_manager.load_intra_extension_dict(DEFAULT_USER_ID, IE) + ref = self.admin_manager.load_intra_extension_dict(DEFAULT_USER_ID, intra_extension_dict=IE) self.assertIsInstance(ref, dict) return ref diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py index e397157f..0e22a1b4 100644 --- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py +++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py @@ -15,7 +15,7 @@ from keystone.tests.unit.ksfixtures import database from keystone import resource from keystone.contrib.moon.exception import * from keystone.tests.unit import default_fixtures -from keystone.contrib.moon.core import LogManager, TenantManager +from keystone.contrib.moon.core import LogManager, TenantManager, ADMIN_ID CONF = cfg.CONF @@ -89,7 +89,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase): IE["model"] = policy_model IE["name"] = uuid.uuid4().hex - ref = self.admin_manager.load_intra_extension_dict(DEFAULT_USER_ID, IE) + ref = self.admin_manager.load_intra_extension_dict(ADMIN_ID, intra_extension_dict=IE) self.assertIsInstance(ref, dict) return ref diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py index b2fb131f..aa584a65 100644 --- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py +++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py @@ -68,7 +68,7 @@ class TestIntraExtensionAdminManager(tests.TestCase): # Create the admin user because IntraExtension needs it self.admin = self.identity_api.create_user(USER_ADMIN) IE["policymodel"] = policy_model - self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, IE) + self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, intra_extension_dict=IE) self.assertIsInstance(self.ref, dict) self.create_tenant(self.ref["id"]) diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py index dda1cac8..a0bf9392 100644 --- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py +++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py @@ -13,10 +13,23 @@ from keystone.tests.unit.ksfixtures import database from keystone.contrib.moon.exception import * from keystone.tests.unit import default_fixtures from keystone.contrib.moon.core import LogManager +from keystone.contrib.moon.core import ADMIN_ID +from keystone.common import dependency -CONF = cfg.CONF +CONF = cfg.CONF +USER = { + 'name': 'admin', + 'domain_id': "default", + 'password': 'admin' +} +IE = { + "name": "test IE", + "policymodel": "policy_authz", + "description": "a simple description." +} +@dependency.requires('admin_api') class TestTenantManager(tests.TestCase): def setUp(self): @@ -24,7 +37,10 @@ class TestTenantManager(tests.TestCase): super(TestTenantManager, self).setUp() self.load_backends() self.load_fixtures(default_fixtures) + self.admin = self.create_user(username="admin") + self.demo = self.create_user(username="demo") self.manager = TenantManager() + self.root_intra_extension = self.create_intra_extension(policy_model="policy_root") def load_extra_backends(self): return { @@ -36,129 +52,208 @@ class TestTenantManager(tests.TestCase): self.config_fixture.config( group='moon', tenant_driver='keystone.contrib.moon.backends.sql.TenantConnector') + self.policy_directory = 'examples/moon/policies' + self.config_fixture.config( + group='moon', + intraextension_driver='keystone.contrib.moon.backends.sql.IntraExtensionConnector') + self.config_fixture.config( + group='moon', + policy_directory=self.policy_directory) + + def create_user(self, username="admin"): + + _USER = dict(USER) + _USER["name"] = username + return self.identity_api.create_user(_USER) + + def create_intra_extension(self, policy_model="policy_authz"): + + IE["model"] = policy_model + IE["name"] = uuid.uuid4().hex + genre = "admin" + if "authz" in policy_model: + genre = "authz" + IE["genre"] = genre + ref = self.admin_api.load_intra_extension_dict(ADMIN_ID, intra_extension_dict=IE) + self.assertIsInstance(ref, dict) + return ref def test_add_tenant(self): - _uuid = uuid.uuid4().hex + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") new_mapping = { - _uuid: { - "name": uuid.uuid4().hex, - "authz": uuid.uuid4().hex, - "admin": uuid.uuid4().hex, - } + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], } - data = self.manager.set_tenant_dict( - tenant_id=_uuid, - tenant_name=new_mapping[_uuid]["name"], - intra_authz_ext_id=new_mapping[_uuid]["authz"], - intra_admin_ext_id=new_mapping[_uuid]["admin"] + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping ) - self.assertEquals(_uuid, data["id"]) - self.assertEquals(data["name"], new_mapping[_uuid]["name"]) - self.assertEquals(data["authz"], new_mapping[_uuid]["authz"]) - self.assertEquals(data["admin"], new_mapping[_uuid]["admin"]) - data = self.manager.get_tenants_dict() + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) self.assertNotEqual(data, {}) - data = self.manager.get_tenant_uuid(new_mapping[_uuid]["authz"]) - self.assertEquals(_uuid, data) - data = self.manager.get_tenant_uuid(new_mapping[_uuid]["admin"]) - self.assertEquals(_uuid, data) - data = self.manager.get_admin_extension_uuid(new_mapping[_uuid]["authz"]) - self.assertEquals(new_mapping[_uuid]["admin"], data) + data = self.admin_api.get_intra_extension_dict(ADMIN_ID, new_mapping["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_authz_extension"], data["id"]) + data = self.admin_api.get_intra_extension_dict(ADMIN_ID, new_mapping["intra_admin_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data["id"]) def test_del_tenant(self): - _uuid = uuid.uuid4().hex + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") new_mapping = { - _uuid: { - "name": uuid.uuid4().hex, - "authz": uuid.uuid4().hex, - "admin": uuid.uuid4().hex, - } + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], } - data = self.manager.set_tenant_dict( - tenant_id=_uuid, - tenant_name=new_mapping[_uuid]["name"], - intra_authz_ext_id=new_mapping[_uuid]["authz"], - intra_admin_ext_id=new_mapping[_uuid]["admin"] + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping ) - self.assertEquals(_uuid, data["id"]) - self.assertEquals(data["name"], new_mapping[_uuid]["name"]) - self.assertEquals(data["authz"], new_mapping[_uuid]["authz"]) - self.assertEquals(data["admin"], new_mapping[_uuid]["admin"]) - data = self.manager.get_tenants_dict() + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) self.assertNotEqual(data, {}) - self.manager.delete(new_mapping[_uuid]["authz"]) - data = self.manager.get_tenants_dict() + self.manager.del_tenant(ADMIN_ID, new_mapping["id"]) + data = self.manager.get_tenants_dict(ADMIN_ID) self.assertEqual(data, {}) def test_set_tenant_name(self): - _uuid = uuid.uuid4().hex + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") new_mapping = { - _uuid: { - "name": uuid.uuid4().hex, - "authz": uuid.uuid4().hex, - "admin": uuid.uuid4().hex, - } + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], } + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping + ) + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) + self.assertNotEqual(data, {}) + + new_mapping["name"] = "demo2" data = self.manager.set_tenant_dict( - tenant_id=_uuid, - tenant_name=new_mapping[_uuid]["name"], - intra_authz_ext_id=new_mapping[_uuid]["authz"], - intra_admin_ext_id=new_mapping[_uuid]["admin"] + user_id=ADMIN_ID, + tenant_id=new_mapping["id"], + tenant_dict=new_mapping ) - self.assertEquals(_uuid, data["id"]) - self.assertEquals(data["name"], new_mapping[_uuid]["name"]) - data = self.manager.set_tenant_name(_uuid, "new name") - self.assertEquals(_uuid, data["id"]) - self.assertEquals(data["name"], "new name") - data = self.manager.get_tenant_name_from_id(_uuid) - self.assertEquals(data, "new name") + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) def test_get_tenant_intra_extension_id(self): - _uuid = uuid.uuid4().hex + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") new_mapping = { - _uuid: { - "name": uuid.uuid4().hex, - "authz": uuid.uuid4().hex, - "admin": uuid.uuid4().hex, - } + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], } - data = self.manager.set_tenant_dict( - tenant_id=_uuid, - tenant_name=new_mapping[_uuid]["name"], - intra_authz_ext_id=new_mapping[_uuid]["authz"], - intra_admin_ext_id=new_mapping[_uuid]["admin"] + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping ) - self.assertEquals(_uuid, data["id"]) - data = self.manager.get_extension_id(_uuid) - self.assertEqual(data, new_mapping[_uuid]["authz"]) - data = self.manager.get_extension_id(_uuid, "admin") - self.assertEqual(data, new_mapping[_uuid]["admin"]) - - def test_exception_tenantunknown(self): - self.assertRaises(TenantNotFound, self.manager.get_tenant_name_from_id, uuid.uuid4().hex) - self.assertRaises(TenantNotFound, self.manager.set_tenant_name, uuid.uuid4().hex, "new name") - self.assertRaises(TenantNotFound, self.manager.get_extension_id, uuid.uuid4().hex) - _uuid = uuid.uuid4().hex + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) + self.assertNotEqual(data, {}) + + def test_exception_tenant_unknown(self): + self.assertRaises(TenantUnknown, self.manager.get_tenant_dict, ADMIN_ID, uuid.uuid4().hex) + self.assertRaises(TenantUnknown, self.manager.del_tenant, ADMIN_ID, uuid.uuid4().hex) + self.assertRaises(TenantUnknown, self.manager.set_tenant_dict, ADMIN_ID, uuid.uuid4().hex, {}) + + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") new_mapping = { - _uuid: { - "name": uuid.uuid4().hex, - "authz": uuid.uuid4().hex, - "admin": uuid.uuid4().hex, - } + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], } - data = self.manager.set_tenant_dict( - tenant_id=_uuid, - tenant_name=new_mapping[_uuid]["name"], - intra_authz_ext_id=new_mapping[_uuid]["authz"], - intra_admin_ext_id="" + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping + ) + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) + self.assertNotEqual(data, {}) + + self.assertRaises(TenantUnknown, self.manager.get_tenant_dict, ADMIN_ID, uuid.uuid4().hex) + + def test_exception_tenant_added_name_existing(self): + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") + new_mapping = { + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], + } + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping ) - self.assertEquals(_uuid, data["id"]) - self.assertRaises(IntraExtensionUnknown, self.manager.get_extension_id, _uuid, "admin") - self.assertRaises(TenantNotFound, self.manager.get_tenant_uuid, uuid.uuid4().hex) - # self.assertRaises(AdminIntraExtensionNotFound, self.manager.get_admin_extension_uuid, uuid.uuid4().hex) + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) + self.assertNotEqual(data, {}) + + self.assertRaises(TenantAddedNameExisting, self.manager.add_tenant_dict, ADMIN_ID, new_mapping) - def test_exception_tenantaddednameexisting(self): - pass + def test_exception_tenant_no_intra_extension(self): + authz_intra_extension = self.create_intra_extension(policy_model="policy_authz") + admin_intra_extension = self.create_intra_extension(policy_model="policy_admin") + new_mapping = { + "id": uuid.uuid4().hex, + "name": "demo", + "description": uuid.uuid4().hex, + "intra_authz_extension": authz_intra_extension['id'], + "intra_admin_extension": admin_intra_extension['id'], + } + new_mapping['intra_authz_extension'] = None + self.assertRaises(TenantNoIntraAuthzExtension, self.manager.add_tenant_dict, ADMIN_ID, new_mapping) + new_mapping['intra_authz_extension'] = authz_intra_extension['id'] + data = self.manager.add_tenant_dict( + user_id=ADMIN_ID, + tenant_dict=new_mapping + ) + self.assertEquals(new_mapping["id"], data["id"]) + self.assertEquals(new_mapping["name"], data['tenant']["name"]) + self.assertEquals(new_mapping["intra_authz_extension"], data['tenant']["intra_authz_extension"]) + self.assertEquals(new_mapping["intra_admin_extension"], data['tenant']["intra_admin_extension"]) + data = self.manager.get_tenants_dict(ADMIN_ID) + self.assertNotEqual(data, {}) - def test_exception_tenantnointraextension(self): - pass \ No newline at end of file + new_mapping['intra_authz_extension'] = None + new_mapping['name'] = "demo2" + self.assertRaises(TenantNoIntraAuthzExtension, self.manager.set_tenant_dict, ADMIN_ID, new_mapping["id"], new_mapping) -- cgit 1.2.3-korg