From 431cecb81d4ae76255dfac9dc6eb8b9fbda97037 Mon Sep 17 00:00:00 2001 From: Adam Young Date: Mon, 24 Jun 2013 12:27:50 -0400 Subject: [PATCH] Manager instead of direct driver Make calls via the manager as opposed to the drivers in order to support refactoring of common code Bug 1193420 Change-Id: I69117ea755ed7ef3f7d3732fee83cc758927d296 --- keystone/test.py | 19 +-- tests/test_backend.py | 290 ++++++++++++++++---------------- tests/test_backend_kvs.py | 40 ++--- tests/test_backend_ldap.py | 72 ++++---- tests/test_backend_memcache.py | 22 +-- tests/test_backend_sql.py | 35 +--- tests/test_backend_templated.py | 8 +- tests/test_migrate_nova_auth.py | 6 +- 8 files changed, 228 insertions(+), 264 deletions(-) diff --git a/keystone/test.py b/keystone/test.py index d0570ca7c7..e68676ca1e 100644 --- a/keystone/test.py +++ b/keystone/test.py @@ -56,8 +56,6 @@ TESTSDIR = os.path.join(ROOTDIR, 'tests') ETCDIR = os.path.join(ROOTDIR, 'etc') CONF = config.CONF -DRIVERS = {} - cd = os.chdir @@ -77,16 +75,6 @@ def testsdir(*p): return os.path.join(TESTSDIR, *p) -def initialize_drivers(): - DRIVERS['catalog_api'] = catalog.Manager() - DRIVERS['credential_api'] = credential.Manager() - DRIVERS['identity_api'] = identity.Manager() - DRIVERS['policy_api'] = policy.Manager() - DRIVERS['token_api'] = token.Manager() - DRIVERS['trust_api'] = trust.Manager() - return DRIVERS - - def checkout_vendor(repo, rev): # TODO(termie): this function is a good target for some optimizations :PERF name = repo.split('/')[-1] @@ -234,9 +222,10 @@ def opt(self, **kw): CONF.set_override(k, v) def load_backends(self): - """Create shortcut references to each driver for data manipulation.""" - for name, manager in initialize_drivers().iteritems(): - setattr(self, name, manager.driver) + """Initializes each manager and assigns them to an attribute.""" + for manager in [catalog, credential, identity, policy, token, trust]: + manager_name = '%s_api' % manager.__name__.split('.')[-1] + setattr(self, manager_name, manager.Manager()) def load_fixtures(self, fixtures): """Hacky basic and naive fixture loading based on a python module. diff --git a/tests/test_backend.py b/tests/test_backend.py index 9a2a3fbfa9..ea40cd8b1a 100644 --- a/tests/test_backend.py +++ b/tests/test_backend.py @@ -60,27 +60,27 @@ def test_project_add_and_remove_user_role(self): def test_authenticate_bad_user(self): self.assertRaises(AssertionError, - self.identity_man.authenticate, + self.identity_api.authenticate, user_id=uuid.uuid4().hex, tenant_id=self.tenant_bar['id'], password=self.user_foo['password']) def test_authenticate_bad_password(self): self.assertRaises(AssertionError, - self.identity_man.authenticate, + self.identity_api.authenticate, user_id=self.user_foo['id'], tenant_id=self.tenant_bar['id'], password=uuid.uuid4().hex) def test_authenticate_bad_project(self): self.assertRaises(AssertionError, - self.identity_man.authenticate, + self.identity_api.authenticate, user_id=self.user_foo['id'], tenant_id=uuid.uuid4().hex, password=self.user_foo['password']) def test_authenticate_no_project(self): - user_ref, tenant_ref, metadata_ref = self.identity_man.authenticate( + user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_id=self.user_foo['id'], password=self.user_foo['password']) # NOTE(termie): the password field is left in user_foo to make @@ -92,7 +92,7 @@ def test_authenticate_no_project(self): self.assert_(not metadata_ref) def test_authenticate(self): - user_ref, tenant_ref, metadata_ref = self.identity_man.authenticate( + user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_id=self.user_sna['id'], tenant_id=self.tenant_bar['id'], password=self.user_sna['password']) @@ -109,7 +109,7 @@ def test_authenticate(self): def test_authenticate_role_return(self): self.identity_api.add_role_to_user_and_project( self.user_foo['id'], self.tenant_baz['id'], self.role_admin['id']) - user_ref, tenant_ref, metadata_ref = self.identity_man.authenticate( + user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_id=self.user_foo['id'], tenant_id=self.tenant_baz['id'], password=self.user_foo['password']) @@ -123,10 +123,10 @@ def test_authenticate_no_metadata(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'no_meta2', } - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_user_to_project(self.tenant_baz['id'], user['id']) - user_ref, tenant_ref, metadata_ref = self.identity_man.authenticate( + user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_id=user['id'], tenant_id=self.tenant_baz['id'], password=user['password']) @@ -149,7 +149,7 @@ def test_create_unicode_user_name(self): 'name': unicode_name, 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex} - ref = self.identity_man.create_user(user['id'], user) + ref = self.identity_api.create_user(user['id'], user) self.assertEqual(unicode_name, ref['name']) def test_get_project(self): @@ -281,10 +281,10 @@ def test_create_duplicate_user_id_fails(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'fakepass', 'tenants': ['bar']} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['name'] = 'fake2' self.assertRaises(exception.Conflict, - self.identity_man.create_user, + self.identity_api.create_user, 'fake1', user) @@ -294,10 +294,10 @@ def test_create_duplicate_user_name_fails(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'fakepass', 'tenants': ['bar']} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['id'] = 'fake2' self.assertRaises(exception.Conflict, - self.identity_man.create_user, + self.identity_api.create_user, 'fake2', user) @@ -312,8 +312,8 @@ def test_create_duplicate_user_name_in_different_domains(self): 'name': user1['name'], 'domain_id': new_domain['id'], 'password': uuid.uuid4().hex} - self.identity_man.create_user(user1['id'], user1) - self.identity_man.create_user(user2['id'], user2) + self.identity_api.create_user(user1['id'], user1) + self.identity_api.create_user(user2['id'], user2) def test_move_user_between_domains(self): domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} @@ -324,9 +324,9 @@ def test_move_user_between_domains(self): 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) user['domain_id'] = domain2['id'] - self.identity_man.update_user(user['id'], user) + self.identity_api.update_user(user['id'], user) def test_move_user_between_domains_with_clashing_names_fails(self): domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} @@ -338,19 +338,19 @@ def test_move_user_between_domains_with_clashing_names_fails(self): 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) # Now create a user in domain2 with a potentially clashing # name - which should work since we have domain separation user2 = {'id': uuid.uuid4().hex, 'name': user1['name'], 'domain_id': domain2['id'], 'password': uuid.uuid4().hex} - self.identity_man.create_user(user2['id'], user2) + self.identity_api.create_user(user2['id'], user2) # Now try and move user1 into the 2nd domain - which should # fail since the names clash user1['domain_id'] = domain2['id'] self.assertRaises(exception.Conflict, - self.identity_man.update_user, + self.identity_api.update_user, user1['id'], user1) @@ -365,11 +365,11 @@ def test_rename_duplicate_user_name_fails(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'fakepass', 'tenants': ['bar']} - self.identity_man.create_user('fake1', user1) - self.identity_man.create_user('fake2', user2) + self.identity_api.create_user('fake1', user1) + self.identity_api.create_user('fake2', user2) user2['name'] = 'fake1' self.assertRaises(exception.Conflict, - self.identity_man.update_user, + self.identity_api.update_user, 'fake2', user2) @@ -379,10 +379,10 @@ def test_update_user_id_fails(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'fakepass', 'tenants': ['bar']} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['id'] = 'fake2' self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) user_ref = self.identity_api.get_user('fake1') @@ -394,20 +394,20 @@ def test_update_user_id_fails(self): def test_create_duplicate_project_id_fails(self): tenant = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant) + self.identity_api.create_project('fake1', tenant) tenant['name'] = 'fake2' self.assertRaises(exception.Conflict, - self.identity_man.create_project, + self.identity_api.create_project, 'fake1', tenant) def test_create_duplicate_project_name_fails(self): tenant = {'id': 'fake1', 'name': 'fake', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant) + self.identity_api.create_project('fake1', tenant) tenant['id'] = 'fake2' self.assertRaises(exception.Conflict, - self.identity_man.create_project, + self.identity_api.create_project, 'fake1', tenant) @@ -418,8 +418,8 @@ def test_create_duplicate_project_name_in_different_domains(self): 'domain_id': DEFAULT_DOMAIN_ID} tenant2 = {'id': uuid.uuid4().hex, 'name': tenant1['name'], 'domain_id': new_domain['id']} - self.identity_man.create_project(tenant1['id'], tenant1) - self.identity_man.create_project(tenant2['id'], tenant2) + self.identity_api.create_project(tenant1['id'], tenant1) + self.identity_api.create_project(tenant2['id'], tenant2) def test_move_project_between_domains(self): domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} @@ -429,7 +429,7 @@ def test_move_project_between_domains(self): project = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project['id'], project) + self.identity_api.create_project(project['id'], project) project['domain_id'] = domain2['id'] self.identity_api.update_project(project['id'], project) @@ -442,13 +442,13 @@ def test_move_project_between_domains_with_clashing_names_fails(self): project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) # Now create a project in domain2 with a potentially clashing # name - which should work since we have domain separation project2 = {'id': uuid.uuid4().hex, 'name': project1['name'], 'domain_id': domain2['id']} - self.identity_man.create_project(project2['id'], project2) + self.identity_api.create_project(project2['id'], project2) # Now try and move project1 into the 2nd domain - which should # fail since the names clash project1['domain_id'] = domain2['id'] @@ -462,8 +462,8 @@ def test_rename_duplicate_project_name_fails(self): 'domain_id': DEFAULT_DOMAIN_ID} tenant2 = {'id': 'fake2', 'name': 'fake2', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant1) - self.identity_man.create_project('fake2', tenant2) + self.identity_api.create_project('fake1', tenant1) + self.identity_api.create_project('fake2', tenant2) tenant2['name'] = 'fake1' self.assertRaises(exception.Error, self.identity_api.update_project, @@ -530,11 +530,11 @@ def test_get_roles_for_user_and_domain(self): new_user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user1['id'], new_user1) + self.identity_api.create_user(new_user1['id'], new_user1) new_user2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user2['id'], new_user2) + self.identity_api.create_user(new_user2['id'], new_user2) roles_ref = self.identity_api.list_grants( user_id=new_user1['id'], domain_id=new_domain['id']) @@ -580,7 +580,7 @@ def test_get_roles_for_user_and_domain_404(self): new_user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user1['id'], new_user1) + self.identity_api.create_user(new_user1['id'], new_user1) self.assertRaises(exception.UserNotFound, self.identity_api.get_roles_for_user_and_domain, @@ -720,11 +720,11 @@ def test_get_and_remove_role_grant_by_group_and_project(self): self.identity_api.create_domain(new_domain['id'], new_domain) new_group = {'id': uuid.uuid4().hex, 'domain_id': new_domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': 'secret', 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) roles_ref = self.identity_api.list_grants( @@ -757,11 +757,11 @@ def test_get_and_remove_role_grant_by_group_and_domain(self): self.identity_api.create_domain(new_domain['id'], new_domain) new_group = {'id': uuid.uuid4().hex, 'domain_id': new_domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) @@ -797,21 +797,21 @@ def test_get_and_remove_correct_role_grant_from_a_mix(self): self.identity_api.create_domain(new_domain['id'], new_domain) new_project = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': new_domain['id']} - self.identity_man.create_project(new_project['id'], new_project) + self.identity_api.create_project(new_project['id'], new_project) new_group = {'id': uuid.uuid4().hex, 'domain_id': new_domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_group2 = {'id': uuid.uuid4().hex, 'domain_id': new_domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group2['id'], new_group2) + self.identity_api.create_group(new_group2['id'], new_group2) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) new_user2 = {'id': uuid.uuid4().hex, 'name': 'new_user2', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user2['id'], new_user2) + self.identity_api.create_user(new_user2['id'], new_user2) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) # First check we have no grants @@ -859,7 +859,7 @@ def test_get_and_remove_role_grant_by_user_and_domain(self): new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': 'secret', 'enabled': True, 'domain_id': new_domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) roles_ref = self.identity_api.list_grants( user_id=new_user['id'], domain_id=new_domain['id']) @@ -900,7 +900,7 @@ def test_get_and_remove_role_grant_by_group_and_cross_domain(self): self.identity_api.create_domain(domain2['id'], domain2) group1 = {'id': uuid.uuid4().hex, 'domain_id': domain1['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) roles_ref = self.identity_api.list_grants( group_id=group1['id'], domain_id=domain1['id']) @@ -953,7 +953,7 @@ def test_get_and_remove_role_grant_by_user_and_cross_domain(self): user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) roles_ref = self.identity_api.list_grants( user_id=user1['id'], domain_id=domain1['id']) @@ -1001,10 +1001,10 @@ def test_role_grant_by_group_and_cross_domain_project(self): self.identity_api.create_domain(domain2['id'], domain2) group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'enabled': True} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain2['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) roles_ref = self.identity_api.list_grants( group_id=group1['id'], project_id=project1['id']) @@ -1046,10 +1046,10 @@ def test_role_grant_by_user_and_cross_domain_project(self): user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain2['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) roles_ref = self.identity_api.list_grants( user_id=user1['id'], project_id=project1['id']) @@ -1090,13 +1090,13 @@ def test_multi_role_grant_by_user_group_on_project_domain(self): user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'enabled': True} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) self.identity_api.add_user_to_group(user1['id'], group1['id']) @@ -1157,14 +1157,14 @@ def test_delete_role_with_user_and_group_grants(self): self.identity_api.create_domain(domain1['id'], domain1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'enabled': True} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) self.identity_api.create_grant(user_id=user1['id'], project_id=project1['id'], role_id=role1['id']) @@ -1218,14 +1218,14 @@ def test_delete_user_with_group_project_domain_links(self): self.identity_api.create_domain(domain1['id'], domain1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'enabled': True} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) self.identity_api.create_grant(user_id=user1['id'], project_id=project1['id'], role_id=role1['id']) @@ -1266,14 +1266,14 @@ def test_delete_group_with_user_project_domain_links(self): self.identity_api.create_domain(domain1['id'], domain1) project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_project(project1['id'], project1) + self.identity_api.create_project(project1['id'], project1) user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'password': uuid.uuid4().hex, 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id'], 'enabled': True} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) self.identity_api.create_grant(group_id=group1['id'], project_id=project1['id'], role_id=role1['id']) @@ -1393,7 +1393,7 @@ def test_delete_project_404(self): def test_update_user_404(self): user_id = uuid.uuid4().hex self.assertRaises(exception.UserNotFound, - self.identity_man.update_user, + self.identity_api.update_user, user_id, {'id': user_id}) @@ -1402,7 +1402,7 @@ def test_delete_user_with_project_association(self): 'name': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_user_to_project(self.tenant_bar['id'], user['id']) self.identity_api.delete_user(user['id']) @@ -1415,7 +1415,7 @@ def test_delete_user_with_project_roles(self): 'name': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_role_to_user_and_project( user['id'], self.tenant_bar['id'], @@ -1439,7 +1439,7 @@ def test_create_project_long_name_fails(self): tenant = {'id': 'fake1', 'name': 'a' * 65, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, tenant['id'], tenant) @@ -1447,7 +1447,7 @@ def test_create_project_blank_name_fails(self): tenant = {'id': 'fake1', 'name': '', 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, tenant['id'], tenant) @@ -1455,20 +1455,20 @@ def test_create_project_invalid_name_fails(self): tenant = {'id': 'fake1', 'name': None, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, tenant['id'], tenant) tenant = {'id': 'fake1', 'name': 123, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, tenant['id'], tenant) def test_update_project_blank_name_fails(self): tenant = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant) + self.identity_api.create_project('fake1', tenant) tenant['name'] = '' self.assertRaises(exception.ValidationError, self.identity_api.update_project, @@ -1478,7 +1478,7 @@ def test_update_project_blank_name_fails(self): def test_update_project_long_name_fails(self): tenant = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant) + self.identity_api.create_project('fake1', tenant) tenant['name'] = 'a' * 65 self.assertRaises(exception.ValidationError, self.identity_api.update_project, @@ -1488,7 +1488,7 @@ def test_update_project_long_name_fails(self): def test_update_project_invalid_name_fails(self): tenant = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project('fake1', tenant) + self.identity_api.create_project('fake1', tenant) tenant['name'] = None self.assertRaises(exception.ValidationError, self.identity_api.update_project, @@ -1505,7 +1505,7 @@ def test_create_user_long_name_fails(self): user = {'id': 'fake1', 'name': 'a' * 65, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, 'fake1', user) @@ -1513,7 +1513,7 @@ def test_create_user_blank_name_fails(self): user = {'id': 'fake1', 'name': '', 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, 'fake1', user) @@ -1521,14 +1521,14 @@ def test_create_user_invalid_name_fails(self): user = {'id': 'fake1', 'name': None, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, 'fake1', user) user = {'id': 'fake1', 'name': 123, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, 'fake1', user) @@ -1537,14 +1537,14 @@ def test_update_project_invalid_enabled_type_string(self): 'name': uuid.uuid4().hex, 'enabled': True, 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_project(project['id'], project) + self.identity_api.create_project(project['id'], project) project_ref = self.identity_api.get_project(project['id']) self.assertEqual(project_ref['enabled'], True) # Strings are not valid boolean values project['enabled'] = "false" self.assertRaises(exception.ValidationError, - self.identity_man.update_project, + self.identity_api.update_project, project['id'], project) @@ -1555,7 +1555,7 @@ def test_create_project_invalid_enabled_type_string(self): # invalid string value 'enabled': "true"} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, project['id'], project) @@ -1567,44 +1567,44 @@ def test_create_user_invalid_enabled_type_string(self): # invalid string value 'enabled': "true"} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, user['id'], user) def test_update_user_long_name_fails(self): user = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['name'] = 'a' * 65 self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) def test_update_user_blank_name_fails(self): user = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['name'] = '' self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) def test_update_user_invalid_name_fails(self): user = {'id': 'fake1', 'name': 'fake1', 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user['name'] = None self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) user['name'] = 123 self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) @@ -1622,8 +1622,8 @@ def test_list_groups(self): 'id': uuid.uuid4().hex, 'domain_id': CONF.identity.default_domain_id, 'name': uuid.uuid4().hex} - self.identity_man.create_group(group1['id'], group1) - self.identity_man.create_group(group2['id'], group2) + self.identity_api.create_group(group1['id'], group1) + self.identity_api.create_group(group2['id'], group2) groups = self.identity_api.list_groups() self.assertEquals(len(groups), 2) group_ids = [] @@ -1690,7 +1690,7 @@ def test_create_project_doesnt_modify_passed_in_dict(self): new_project = {'id': 'tenant_id', 'name': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID} original_project = new_project.copy() - self.identity_man.create_project('tenant_id', new_project) + self.identity_api.create_project('tenant_id', new_project) self.assertDictEqual(original_project, new_project) def test_create_user_doesnt_modify_passed_in_dict(self): @@ -1698,60 +1698,60 @@ def test_create_user_doesnt_modify_passed_in_dict(self): 'password': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID} original_user = new_user.copy() - self.identity_man.create_user('user_id', new_user) + self.identity_api.create_user('user_id', new_user) self.assertDictEqual(original_user, new_user) def test_update_user_enable(self): user = {'id': 'fake1', 'name': 'fake1', 'enabled': True, 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], True) user['enabled'] = False - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], user['enabled']) # If not present, enabled field should not be updated del user['enabled'] - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], False) user['enabled'] = True - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], user['enabled']) del user['enabled'] - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], True) # Integers are valid Python's booleans. Explicitly test it. user['enabled'] = 0 - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], False) # Any integers other than 0 are interpreted as True user['enabled'] = -42 - self.identity_man.update_user('fake1', user) + self.identity_api.update_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], True) def test_update_user_enable_fails(self): user = {'id': 'fake1', 'name': 'fake1', 'enabled': True, 'domain_id': DEFAULT_DOMAIN_ID} - self.identity_man.create_user('fake1', user) + self.identity_api.create_user('fake1', user) user_ref = self.identity_api.get_user('fake1') self.assertEqual(user_ref['enabled'], True) # Strings are not valid boolean values user['enabled'] = "false" self.assertRaises(exception.ValidationError, - self.identity_man.update_user, + self.identity_api.update_user, 'fake1', user) @@ -1787,11 +1787,11 @@ def test_add_user_to_group(self): domain = self._get_domain_fixture() new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) groups = self.identity_api.list_groups_for_user(new_user['id']) @@ -1807,7 +1807,7 @@ def test_add_user_to_group_404(self): new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.assertRaises(exception.GroupNotFound, self.identity_api.add_user_to_group, new_user['id'], @@ -1815,7 +1815,7 @@ def test_add_user_to_group_404(self): new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) self.assertRaises(exception.UserNotFound, self.identity_api.add_user_to_group, uuid.uuid4().hex, @@ -1825,11 +1825,11 @@ def test_check_user_in_group(self): domain = self._get_domain_fixture() new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) self.identity_api.check_user_in_group(new_user['id'], new_group['id']) @@ -1839,7 +1839,7 @@ def test_check_user_not_in_group(self): 'id': uuid.uuid4().hex, 'domain_id': CONF.identity.default_domain_id, 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) self.assertRaises(exception.UserNotFound, self.identity_api.check_user_in_group, uuid.uuid4().hex, @@ -1849,11 +1849,11 @@ def test_list_users_in_group(self): domain = self._get_domain_fixture() new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) user_refs = self.identity_api.list_users_in_group(new_group['id']) @@ -1867,11 +1867,11 @@ def test_remove_user_from_group(self): domain = self._get_domain_fixture() new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) self.identity_api.add_user_to_group(new_user['id'], new_group['id']) groups = self.identity_api.list_groups_for_user(new_user['id']) @@ -1886,10 +1886,10 @@ def test_remove_user_from_group_404(self): new_user = {'id': uuid.uuid4().hex, 'name': 'new_user', 'password': uuid.uuid4().hex, 'enabled': True, 'domain_id': domain['id']} - self.identity_man.create_user(new_user['id'], new_user) + self.identity_api.create_user(new_user['id'], new_user) new_group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(new_group['id'], new_group) + self.identity_api.create_group(new_group['id'], new_group) self.assertRaises(exception.NotFound, self.identity_api.remove_user_from_group, new_user['id'], @@ -1910,7 +1910,7 @@ def test_group_crud(self): self.identity_api.create_domain(domain['id'], domain) group = {'id': uuid.uuid4().hex, 'domain_id': domain['id'], 'name': uuid.uuid4().hex} - self.identity_man.create_group(group['id'], group) + self.identity_api.create_group(group['id'], group) group_ref = self.identity_api.get_group(group['id']) self.assertDictContainsSubset(group, group_ref) @@ -1929,9 +1929,9 @@ def test_create_duplicate_group_name_fails(self): 'name': uuid.uuid4().hex} group2 = {'id': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID, 'name': group1['name']} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) self.assertRaises(exception.Conflict, - self.identity_man.create_group, + self.identity_api.create_group, group2['id'], group2) def test_create_duplicate_group_name_in_different_domains(self): @@ -1941,8 +1941,8 @@ def test_create_duplicate_group_name_in_different_domains(self): 'name': uuid.uuid4().hex} group2 = {'id': uuid.uuid4().hex, 'domain_id': new_domain['id'], 'name': group1['name']} - self.identity_man.create_group(group1['id'], group1) - self.identity_man.create_group(group2['id'], group2) + self.identity_api.create_group(group1['id'], group1) + self.identity_api.create_group(group2['id'], group2) def test_move_group_between_domains(self): domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} @@ -1952,7 +1952,7 @@ def test_move_group_between_domains(self): group = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_group(group['id'], group) + self.identity_api.create_group(group['id'], group) group['domain_id'] = domain2['id'] self.identity_api.update_group(group['id'], group) @@ -1965,13 +1965,13 @@ def test_move_group_between_domains_with_clashing_names_fails(self): group1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain1['id']} - self.identity_man.create_group(group1['id'], group1) + self.identity_api.create_group(group1['id'], group1) # Now create a group in domain2 with a potentially clashing # name - which should work since we have domain separation group2 = {'id': uuid.uuid4().hex, 'name': group1['name'], 'domain_id': domain2['id']} - self.identity_man.create_group(group2['id'], group2) + self.identity_api.create_group(group2['id'], group2) # Now try and move group1 into the 2nd domain - which should # fail since the names clash group1['domain_id'] = domain2['id'] @@ -1986,7 +1986,7 @@ def test_project_crud(self): self.identity_api.create_domain(domain['id'], domain) project = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'domain_id': domain['id']} - self.identity_man.create_project(project['id'], project) + self.identity_api.create_project(project['id'], project) project_ref = self.identity_api.get_project(project['id']) self.assertDictContainsSubset(project, project_ref) @@ -2021,14 +2021,14 @@ def test_user_crud(self): user = {'domain_id': CONF.identity.default_domain_id, 'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'password': 'passw0rd'} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) user_ref = self.identity_api.get_user(user['id']) del user['password'] user_ref_dict = dict((x, user_ref[x]) for x in user_ref) self.assertDictContainsSubset(user, user_ref_dict) user['password'] = uuid.uuid4().hex - self.identity_man.update_user(user['id'], user) + self.identity_api.update_user(user['id'], user) user_ref = self.identity_api.get_user(user['id']) del user['password'] user_ref_dict = dict((x, user_ref[x]) for x in user_ref) @@ -2045,7 +2045,7 @@ def test_list_user_projects(self): user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex, 'domain_id': domain['id'], 'enabled': True} - self.identity_man.create_user(user1['id'], user1) + self.identity_api.create_user(user1['id'], user1) user_projects = self.identity_api.list_user_projects(user1['id']) self.assertEquals(len(user_projects), 0) self.identity_api.create_grant(user_id=user1['id'], @@ -2413,10 +2413,10 @@ def test_service_crud(self): # delete self.catalog_api.delete_service(service_id) self.assertRaises(exception.ServiceNotFound, - self.catalog_man.delete_service, + self.catalog_api.delete_service, service_id) self.assertRaises(exception.ServiceNotFound, - self.catalog_man.get_service, + self.catalog_api.get_service, service_id) def test_delete_service_with_endpoint(self): @@ -2442,20 +2442,20 @@ def test_delete_service_with_endpoint(self): # deleting the service should also delete the endpoint self.catalog_api.delete_service(service['id']) self.assertRaises(exception.EndpointNotFound, - self.catalog_man.get_endpoint, + self.catalog_api.get_endpoint, endpoint['id']) self.assertRaises(exception.EndpointNotFound, - self.catalog_man.delete_endpoint, + self.catalog_api.delete_endpoint, endpoint['id']) def test_get_service_404(self): self.assertRaises(exception.ServiceNotFound, - self.catalog_man.get_service, + self.catalog_api.get_service, uuid.uuid4().hex) def test_delete_service_404(self): self.assertRaises(exception.ServiceNotFound, - self.catalog_man.delete_service, + self.catalog_api.delete_service, uuid.uuid4().hex) def test_create_endpoint_404(self): @@ -2464,18 +2464,18 @@ def test_create_endpoint_404(self): 'service_id': uuid.uuid4().hex, } self.assertRaises(exception.ServiceNotFound, - self.catalog_man.create_endpoint, + self.catalog_api.create_endpoint, endpoint['id'], endpoint) def test_get_endpoint_404(self): self.assertRaises(exception.EndpointNotFound, - self.catalog_man.get_endpoint, + self.catalog_api.get_endpoint, uuid.uuid4().hex) def test_delete_endpoint_404(self): self.assertRaises(exception.EndpointNotFound, - self.catalog_man.delete_endpoint, + self.catalog_api.delete_endpoint, uuid.uuid4().hex) def test_create_endpoint(self): @@ -2541,7 +2541,7 @@ def test_update(self): # (cannot change policy ID) self.assertRaises(exception.ValidationError, - self.policy_man.update_policy, + self.policy_api.update_policy, orig['id'], ref) @@ -2555,27 +2555,27 @@ def test_delete(self): self.policy_api.delete_policy(ref['id']) self.assertRaises(exception.PolicyNotFound, - self.policy_man.delete_policy, + self.policy_api.delete_policy, ref['id']) self.assertRaises(exception.PolicyNotFound, - self.policy_man.get_policy, + self.policy_api.get_policy, ref['id']) res = self.policy_api.list_policies() self.assertFalse(len([x for x in res if x['id'] == ref['id']])) def test_get_policy_404(self): self.assertRaises(exception.PolicyNotFound, - self.policy_man.get_policy, + self.policy_api.get_policy, uuid.uuid4().hex) def test_update_policy_404(self): ref = self._new_policy_ref() self.assertRaises(exception.PolicyNotFound, - self.policy_man.update_policy, + self.policy_api.update_policy, ref['id'], ref) def test_delete_policy_404(self): self.assertRaises(exception.PolicyNotFound, - self.policy_man.delete_policy, + self.policy_api.delete_policy, uuid.uuid4().hex) diff --git a/tests/test_backend_kvs.py b/tests/test_backend_kvs.py index dce1f756f8..0c6c2abe4a 100644 --- a/tests/test_backend_kvs.py +++ b/tests/test_backend_kvs.py @@ -19,12 +19,8 @@ from keystone import test -from keystone import catalog -from keystone.catalog.backends import kvs as catalog_kvs from keystone import exception from keystone import identity -from keystone.token.backends import kvs as token_kvs -from keystone.trust.backends import kvs as trust_kvs import default_fixtures import test_backend @@ -33,10 +29,9 @@ class KvsIdentity(test.TestCase, test_backend.IdentityTests): def setUp(self): super(KvsIdentity, self).setUp() - identity.CONF.identity.driver = \ - 'keystone.identity.backends.kvs.Identity' - self.identity_man = identity.Manager() - self.identity_api = self.identity_man.driver + identity.CONF.identity.driver = ( + 'keystone.identity.backends.kvs.Identity') + self.load_backends() self.load_fixtures(default_fixtures) def test_list_user_projects(self): @@ -74,31 +69,38 @@ def test_move_project_between_domains_with_clashing_names_fails(self): class KvsToken(test.TestCase, test_backend.TokenTests): def setUp(self): super(KvsToken, self).setUp() - self.token_api = token_kvs.Token(db={}) + identity.CONF.identity.driver = ( + 'keystone.identity.backends.kvs.Identity') + self.load_backends() class KvsTrust(test.TestCase, test_backend.TrustTests): def setUp(self): super(KvsTrust, self).setUp() - identity.CONF.identity.driver = \ - 'keystone.identity.backends.kvs.Identity' - self.identity_man = identity.Manager() - self.identity_api = self.identity_man.driver - self.trust_api = trust_kvs.Trust(db={}) - self.catalog_api = catalog_kvs.Catalog(db={}) + identity.CONF.identity.driver = ( + 'keystone.identity.backends.kvs.Identity') + identity.CONF.trust.driver = ( + 'keystone.trust.backends.kvs.Trust') + identity.CONF.catalog.driver = ( + 'keystone.catalog.backends.kvs.Catalog') + self.load_backends() self.load_fixtures(default_fixtures) class KvsCatalog(test.TestCase, test_backend.CatalogTests): def setUp(self): super(KvsCatalog, self).setUp() - self.catalog_api = catalog_kvs.Catalog(db={}) - self.catalog_man = catalog.Manager() - self.load_fixtures(default_fixtures) + identity.CONF.identity.driver = ( + 'keystone.identity.backends.kvs.Identity') + identity.CONF.trust.driver = ( + 'keystone.trust.backends.kvs.Trust') + identity.CONF.catalog.driver = ( + 'keystone.catalog.backends.kvs.Catalog') + self.load_backends() self._load_fake_catalog() def _load_fake_catalog(self): - self.catalog_foobar = self.catalog_api._create_catalog( + self.catalog_foobar = self.catalog_api.driver._create_catalog( 'foo', 'bar', {'RegionFoo': {'service_bar': {'foo': 'bar'}}}) diff --git a/tests/test_backend_ldap.py b/tests/test_backend_ldap.py index 7632cfb7af..577a6ef04a 100644 --- a/tests/test_backend_ldap.py +++ b/tests/test_backend_ldap.py @@ -51,8 +51,8 @@ def setUp(self): super(LDAPIdentity, self).setUp() self._set_config() self.clear_database() - self.identity_man = identity.Manager() - self.identity_api = self.identity_man.driver + + self.load_backends() self.load_fixtures(default_fixtures) def test_build_tree(self): @@ -63,8 +63,6 @@ def test_build_tree(self): self.assertEquals(user_api.tree_dn, "ou=Users,%s" % CONF.ldap.suffix) def test_configurable_allowed_user_actions(self): - self.identity_api = identity.backends.ldap.Identity() - user = {'id': 'fake1', 'name': 'fake1', 'password': 'fakepass1', @@ -85,7 +83,7 @@ def test_configurable_forbidden_user_actions(self): CONF.ldap.user_allow_create = False CONF.ldap.user_allow_update = False CONF.ldap.user_allow_delete = False - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() user = {'id': 'fake1', 'name': 'fake1', @@ -107,8 +105,6 @@ def test_configurable_forbidden_user_actions(self): self.user_foo['id']) def test_configurable_allowed_project_actions(self): - self.identity_api = identity.backends.ldap.Identity() - tenant = {'id': 'fake1', 'name': 'fake1', 'enabled': True} self.identity_api.create_project('fake1', tenant) tenant_ref = self.identity_api.get_project('fake1') @@ -126,7 +122,7 @@ def test_configurable_forbidden_project_actions(self): CONF.ldap.tenant_allow_create = False CONF.ldap.tenant_allow_update = False CONF.ldap.tenant_allow_delete = False - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() tenant = {'id': 'fake1', 'name': 'fake1'} self.assertRaises(exception.ForbiddenAction, @@ -144,8 +140,6 @@ def test_configurable_forbidden_project_actions(self): self.tenant_bar['id']) def test_configurable_allowed_role_actions(self): - self.identity_api = identity.backends.ldap.Identity() - role = {'id': 'fake1', 'name': 'fake1'} self.identity_api.create_role('fake1', role) role_ref = self.identity_api.get_role('fake1') @@ -163,7 +157,7 @@ def test_configurable_forbidden_role_actions(self): CONF.ldap.role_allow_create = False CONF.ldap.role_allow_update = False CONF.ldap.role_allow_delete = False - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex} self.assertRaises(exception.ForbiddenAction, @@ -187,7 +181,7 @@ def test_user_filter(self): self.assertDictEqual(user_ref, self.user_foo) CONF.ldap.user_filter = '(CN=DOES_NOT_MATCH)' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.assertRaises(exception.UserNotFound, self.identity_api.get_user, self.user_foo['id']) @@ -197,7 +191,7 @@ def test_project_filter(self): self.assertDictEqual(tenant_ref, self.tenant_bar) CONF.ldap.tenant_filter = '(CN=DOES_NOT_MATCH)' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.assertRaises(exception.ProjectNotFound, self.identity_api.get_project, self.tenant_bar['id']) @@ -207,7 +201,7 @@ def test_role_filter(self): self.assertDictEqual(role_ref, self.role_member) CONF.ldap.role_filter = '(CN=DOES_NOT_MATCH)' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.assertRaises(exception.RoleNotFound, self.identity_api.get_role, self.role_member['id']) @@ -216,7 +210,7 @@ def test_dumb_member(self): CONF.ldap.use_dumb_member = True CONF.ldap.dumb_member = 'cn=dumb,cn=example,cn=com' self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) self.assertRaises(exception.UserNotFound, self.identity_api.get_user, @@ -227,7 +221,7 @@ def test_user_attribute_mapping(self): CONF.ldap.user_mail_attribute = 'mail' CONF.ldap.user_enabled_attribute = 'enabled' self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) user_ref = self.identity_api.get_user(self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id']) @@ -236,7 +230,7 @@ def test_user_attribute_mapping(self): CONF.ldap.user_name_attribute = 'mail' CONF.ldap.user_mail_attribute = 'sn' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() user_ref = self.identity_api.get_user(self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id']) self.assertEqual(user_ref['name'], self.user_two['email']) @@ -246,7 +240,7 @@ def test_user_attribute_ignore(self): CONF.ldap.user_attribute_ignore = ['email', 'password', 'tenant_id', 'enabled', 'tenants'] self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) user_ref = self.identity_api.get_user(self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id']) @@ -261,7 +255,7 @@ def test_project_attribute_mapping(self): CONF.ldap.tenant_desc_attribute = 'description' CONF.ldap.tenant_enabled_attribute = 'enabled' self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) self.assertEqual(tenant_ref['id'], self.tenant_baz['id']) @@ -273,7 +267,7 @@ def test_project_attribute_mapping(self): CONF.ldap.tenant_name_attribute = 'description' CONF.ldap.tenant_desc_attribute = 'ou' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) self.assertEqual(tenant_ref['id'], self.tenant_baz['id']) self.assertEqual(tenant_ref['name'], self.tenant_baz['description']) @@ -285,7 +279,7 @@ def test_project_attribute_ignore(self): 'description', 'enabled'] self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) self.assertEqual(tenant_ref['id'], self.tenant_baz['id']) @@ -296,14 +290,14 @@ def test_project_attribute_ignore(self): def test_role_attribute_mapping(self): CONF.ldap.role_name_attribute = 'ou' self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) role_ref = self.identity_api.get_role(self.role_member['id']) self.assertEqual(role_ref['id'], self.role_member['id']) self.assertEqual(role_ref['name'], self.role_member['name']) CONF.ldap.role_name_attribute = 'sn' - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() role_ref = self.identity_api.get_role(self.role_member['id']) self.assertEqual(role_ref['id'], self.role_member['id']) self.assertNotIn('name', role_ref) @@ -311,7 +305,7 @@ def test_role_attribute_mapping(self): def test_role_attribute_ignore(self): CONF.ldap.role_attribute_ignore = ['name'] self.clear_database() - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() self.load_fixtures(default_fixtures) role_ref = self.identity_api.get_role(self.role_member['id']) self.assertEqual(role_ref['id'], self.role_member['id']) @@ -322,7 +316,6 @@ def test_user_enable_attribute_mask(self): CONF.ldap.user_enabled_mask = 2 CONF.ldap.user_enabled_default = 512 self.clear_database() - self.identity_api = identity.backends.ldap.Identity() user = {'id': 'fake1', 'name': 'fake1', 'enabled': True} self.identity_api.create_user('fake1', user) user_ref = self.identity_api.get_user('fake1') @@ -370,21 +363,21 @@ def test_wrong_alias_dereferencing(self): def test_user_extra_attribute_mapping(self): CONF.ldap.user_additional_attribute_mapping = ['description:name'] - self.identity_api = identity.backends.ldap.Identity() + self.load_backends() user = { 'id': 'extra_attributes', 'name': 'EXTRA_ATTRIBUTES', 'password': 'extra', } self.identity_api.create_user(user['id'], user) - dn, attrs = self.identity_api.user._ldap_get(user['id']) + dn, attrs = self.identity_api.driver.user._ldap_get(user['id']) self.assertTrue(user['name'] in attrs['description']) def test_parse_extra_attribute_mapping(self): option_list = ['description:name', 'gecos:password', 'fake:invalid', 'invalid1', 'invalid2:', 'description:name:something'] - mapping = self.identity_api.user._parse_extra_attrs(option_list) + mapping = self.identity_api.driver.user._parse_extra_attrs(option_list) expected_dict = {'description': 'name', 'gecos': 'password'} self.assertDictEqual(expected_dict, mapping) @@ -473,12 +466,12 @@ def test_project_crud(self): 'domain_id': CONF.identity.default_domain_id, 'description': uuid.uuid4().hex } - self.identity_api.create_project(project['id'], project) - project_ref = self.identity_api.get_project(project['id']) + self.identity_api.driver.create_project(project['id'], project) + project_ref = self.identity_api.driver.get_project(project['id']) # NOTE(crazed): If running live test with emulation, there will be # an enabled key in the project_ref. - if self.identity_api.project.enabled_emulation: + if self.identity_api.driver.project.enabled_emulation: project['enabled'] = True self.assertDictEqual(project_ref, project) @@ -580,7 +573,7 @@ def test_list_group_members_missing_entry(self): # Delete user 2 # NOTE(blk-u): need to go directly to user interface to keep from # updating the group. - self.identity_api.user.delete(user_2_id) + self.identity_api.driver.user.delete(user_2_id) # List group users and verify only user 1. res = self.identity_api.list_users_in_group(group_id) @@ -604,11 +597,11 @@ def test_authenticate_requires_simple_bind(self): 'password': 'no_meta2', 'enabled': True, } - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_user_to_project(self.tenant_baz['id'], user['id']) - self.identity_api.user.LDAP_USER = None - self.identity_api.user.LDAP_PASSWORD = None + self.identity_api.driver.user.LDAP_USER = None + self.identity_api.driver.user.LDAP_PASSWORD = None self.assertRaises(AssertionError, self.identity_api.authenticate_user, @@ -625,8 +618,7 @@ def setUp(self): CONF.ldap.user_enabled_emulation = True CONF.ldap.tenant_enabled_emulation = True self.clear_database() - self.identity_man = identity.Manager() - self.identity_api = self.identity_man.driver + self.load_backends() self.load_fixtures(default_fixtures) for obj in [self.tenant_bar, self.tenant_baz, self.user_foo, self.user_two, self.user_badguy]: @@ -640,10 +632,10 @@ def test_authenticate_no_metadata(self): 'password': 'no_meta2', 'enabled': True, } - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_user_to_project(self.tenant_baz['id'], user['id']) - user_ref, tenant_ref, metadata_ref = self.identity_man.authenticate( + user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_id=user['id'], tenant_id=self.tenant_baz['id'], password=user['password']) @@ -691,7 +683,7 @@ def test_user_crud(self): 'domain_id': CONF.identity.default_domain_id, 'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) user['enabled'] = True user_ref = self.identity_api.get_user(user['id']) del user['password'] diff --git a/tests/test_backend_memcache.py b/tests/test_backend_memcache.py index e31f157671..66401e092c 100644 --- a/tests/test_backend_memcache.py +++ b/tests/test_backend_memcache.py @@ -113,7 +113,9 @@ class MemcacheToken(test.TestCase, test_backend.TokenTests): def setUp(self): super(MemcacheToken, self).setUp() fake_client = MemcacheClient() - self.token_api = token_memcache.Token(client=fake_client) + self.token_man = token.Manager() + self.token_man.driver = token_memcache.Token(client=fake_client) + self.token_api = self.token_man def test_create_unicode_token_id(self): token_id = unicode(self._create_token_id()) @@ -157,28 +159,28 @@ def test_cleanup_user_index_on_create(self): # NOTE(morganfainberg): Directly access the data cache since we need to # get expired tokens as well as valid tokens. token_api.list_tokens() # will not return any expired tokens in the list. - user_key = self.token_api._prefix_user_id(user_id) - user_record = self.token_api.client.get(user_key) + user_key = self.token_api.driver._prefix_user_id(user_id) + user_record = self.token_api.driver.client.get(user_key) user_token_list = jsonutils.loads('[%s]' % user_record) self.assertEquals(len(user_token_list), 2) - expired_token_ptk = self.token_api._prefix_token_id( + expired_token_ptk = self.token_api.driver._prefix_token_id( token.unique_id(expired_token_id)) - expired_token = self.token_api.client.get(expired_token_ptk) + expired_token = self.token_api.driver.client.get(expired_token_ptk) expired_token['expires'] = (timeutils.utcnow() - expire_delta) - self.token_api.client.set(expired_token_ptk, expired_token) + self.token_api.driver.client.set(expired_token_ptk, expired_token) self.token_api.create_token(second_valid_token_id, second_valid_data) - user_record = self.token_api.client.get(user_key) + user_record = self.token_api.driver.client.get(user_key) user_token_list = jsonutils.loads('[%s]' % user_record) self.assertEquals(len(user_token_list), 2) def test_cas_failure(self): - self.token_api.client.reject_cas = True + self.token_api.driver.client.reject_cas = True token_id = uuid.uuid4().hex user_id = unicode(uuid.uuid4().hex) - user_key = self.token_api._prefix_user_id(user_id) + user_key = self.token_api.driver._prefix_user_id(user_id) token_data = jsonutils.dumps(token_id) self.assertRaises( exception.UnexpectedError, - self.token_api._update_user_list_with_cas, + self.token_api.driver._update_user_list_with_cas, user_key, token_data) diff --git a/tests/test_backend_sql.py b/tests/test_backend_sql.py index fb58c209af..46d7c013a4 100644 --- a/tests/test_backend_sql.py +++ b/tests/test_backend_sql.py @@ -18,14 +18,9 @@ from keystone import test -from keystone import catalog from keystone.common import sql from keystone import config from keystone import exception -from keystone import identity -from keystone import policy -from keystone import token -from keystone import trust import default_fixtures import test_backend @@ -43,25 +38,13 @@ def setUp(self): test.testsdir('test_overrides.conf'), test.testsdir('backend_sql.conf')]) - # initialize managers and override drivers - self.catalog_man = catalog.Manager() - self.identity_man = identity.Manager() - self.token_man = token.Manager() - self.trust_man = trust.Manager() - self.policy_man = policy.Manager() + self.load_backends() # create tables and keep an engine reference for cleanup. # this must be done after the models are loaded by the managers. self.engine = self.get_engine() sql.ModelBase.metadata.create_all(bind=self.engine) - # create shortcut references to each driver - self.catalog_api = self.catalog_man.driver - self.identity_api = self.identity_man.driver - self.token_api = self.token_man.driver - self.policy_api = self.policy_man.driver - self.trust_api = self.trust_man.driver - # populate the engine with tables & fixtures self.load_fixtures(default_fixtures) #defaulted by the data load @@ -85,7 +68,7 @@ def test_delete_user_with_project_association(self): 'name': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex} - self.identity_man.create_user(user['id'], user) + self.identity_api.create_user(user['id'], user) self.identity_api.add_user_to_project(self.tenant_bar['id'], user['id']) self.identity_api.delete_user(user['id']) @@ -99,7 +82,7 @@ def test_create_null_user_name(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex} self.assertRaises(exception.ValidationError, - self.identity_man.create_user, + self.identity_api.create_user, user['id'], user) self.assertRaises(exception.UserNotFound, @@ -115,7 +98,7 @@ def test_create_null_project_name(self): 'name': None, 'domain_id': DEFAULT_DOMAIN_ID} self.assertRaises(exception.ValidationError, - self.identity_man.create_project, + self.identity_api.create_project, tenant['id'], tenant) self.assertRaises(exception.ProjectNotFound, @@ -142,7 +125,7 @@ def test_delete_project_with_user_association(self): 'name': 'fakeuser', 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'passwd'} - self.identity_man.create_user('fake', user) + self.identity_api.create_user('fake', user) self.identity_api.add_user_to_project(self.tenant_bar['id'], user['id']) self.identity_api.delete_project(self.tenant_bar['id']) @@ -154,7 +137,7 @@ def test_delete_user_with_metadata(self): 'name': 'fakeuser', 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'passwd'} - self.identity_man.create_user('fake', user) + self.identity_api.create_user('fake', user) self.identity_api.create_metadata(user['id'], self.tenant_bar['id'], {'extra': 'extra'}) @@ -169,7 +152,7 @@ def test_delete_project_with_metadata(self): 'name': 'fakeuser', 'domain_id': DEFAULT_DOMAIN_ID, 'password': 'passwd'} - self.identity_man.create_user('fake', user) + self.identity_api.create_user('fake', user) self.identity_api.create_metadata(user['id'], self.tenant_bar['id'], {'extra': 'extra'}) @@ -197,7 +180,7 @@ def test_update_project_returns_extra(self): 'name': uuid.uuid4().hex, 'domain_id': DEFAULT_DOMAIN_ID, arbitrary_key: arbitrary_value} - ref = self.identity_man.create_project(tenant_id, tenant) + ref = self.identity_api.create_project(tenant_id, tenant) self.assertEqual(arbitrary_value, ref[arbitrary_key]) self.assertIsNone(ref.get('extra')) @@ -225,7 +208,7 @@ def test_update_user_returns_extra(self): 'domain_id': DEFAULT_DOMAIN_ID, 'password': uuid.uuid4().hex, arbitrary_key: arbitrary_value} - ref = self.identity_man.create_user(user_id, user) + ref = self.identity_api.create_user(user_id, user) self.assertEqual(arbitrary_value, ref[arbitrary_key]) self.assertIsNone(ref.get('password')) self.assertIsNone(ref.get('extra')) diff --git a/tests/test_backend_templated.py b/tests/test_backend_templated.py index 72dd21a772..bfa1919259 100644 --- a/tests/test_backend_templated.py +++ b/tests/test_backend_templated.py @@ -18,8 +18,6 @@ from keystone import test -from keystone import catalog -from keystone.catalog.backends import templated as catalog_templated from keystone import exception import default_fixtures @@ -54,8 +52,7 @@ class TestTemplatedCatalog(test.TestCase, test_backend.CatalogTests): def setUp(self): super(TestTemplatedCatalog, self).setUp() self.opt_in_group('catalog', template_file=DEFAULT_CATALOG_TEMPLATES) - self.catalog_api = catalog_templated.TemplatedCatalog() - self.catalog_man = catalog.Manager() + self.load_backends() self.load_fixtures(default_fixtures) def test_get_catalog(self): @@ -63,7 +60,8 @@ def test_get_catalog(self): self.assertDictEqual(catalog_ref, self.DEFAULT_FIXTURE) def test_malformed_catalog_throws_error(self): - self.catalog_api.templates['RegionOne']['compute']['adminURL'] = \ + (self.catalog_api.driver.templates + ['RegionOne']['compute']['adminURL']) = \ 'http://localhost:$(compute_port)s/v1.1/$(tenant)s' with self.assertRaises(exception.MalformedEndpoint): self.catalog_api.get_catalog('fake-user', 'fake-tenant') diff --git a/tests/test_migrate_nova_auth.py b/tests/test_migrate_nova_auth.py index edf2a80bf1..3a12294036 100644 --- a/tests/test_migrate_nova_auth.py +++ b/tests/test_migrate_nova_auth.py @@ -23,7 +23,6 @@ from keystone import config from keystone.contrib.ec2.backends import sql as ec2_sql from keystone import identity -from keystone.identity.backends import sql as identity_sql CONF = config.CONF @@ -76,8 +75,7 @@ def setUp(self): test.testsdir('backend_sql.conf'), test.testsdir('backend_sql_disk.conf')]) sql_util.setup_test_database() - self.identity_man = identity.Manager() - self.identity_api = identity_sql.Identity() + self.identity_api = identity.Manager() self.ec2_api = ec2_sql.Ec2() def tearDown(self): @@ -121,7 +119,7 @@ def test_import(self): for _user in FIXTURE['users']: if _user['id'] == old_user: password = _user['password'] - self.identity_man.authenticate(user['id'], tenant_id, password) + self.identity_api.authenticate(user['id'], tenant_id, password) for ec2_cred in FIXTURE['ec2_credentials']: user_id = users[ec2_cred['user_id']]['id']