← Back to branch summary

~soren/nova/iptables-security-groups

« back to all changes in this revision

Viewing changes to nova/tests/test_auth.py

  • Committer: Soren Hansen
  • Date: 2011-01-03 09:56:21 UTC
  • mfrom: (430.2.79 nova)
  • Revision ID: soren@linux2go.dk-20110103095621-qy398qk1uk8o7cy3
Merge trunk

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/tests/test_auth.py
208
208
        #             so it probably belongs in crypto_unittest
209
209
        #             but I'm leaving it where I found it.
210
210
        with user_and_project_generator(self.manager) as (user, project):
211
 
            # NOTE(todd): Should mention why we must setup controller first
212
 
            #             (somebody please clue me in)
213
 
            cloud_controller = cloud.CloudController()
214
 
            cloud_controller.setup()
215
 
            _key, cert_str = self.manager._generate_x509_cert('test1',
216
 
                                                              'testproj')
 
211
            # NOTE(vish): Setup runs genroot.sh if it hasn't been run
 
212
            cloud.CloudController().setup()
 
213
            _key, cert_str = crypto.generate_x509_cert(user.id, project.id)
217
214
            logging.debug(cert_str)
218
215
 
219
 
            # Need to verify that it's signed by the right intermediate CA
220
 
            full_chain = crypto.fetch_ca(project_id='testproj', chain=True)
221
 
            int_cert = crypto.fetch_ca(project_id='testproj', chain=False)
 
216
            full_chain = crypto.fetch_ca(project_id=project.id, chain=True)
 
217
            int_cert = crypto.fetch_ca(project_id=project.id, chain=False)
222
218
            cloud_cert = crypto.fetch_ca()
223
219
            logging.debug("CA chain:\n\n =====\n%s\n\n=====" % full_chain)
224
220
            signed_cert = X509.load_cert_string(cert_str)
227
223
            cloud_cert = X509.load_cert_string(cloud_cert)
228
224
            self.assertTrue(signed_cert.verify(chain_cert.get_pubkey()))
229
225
            self.assertTrue(signed_cert.verify(int_cert.get_pubkey()))
230
 
            if not FLAGS.use_intermediate_ca:
 
226
 
 
227
            if not FLAGS.use_project_ca:
231
228
                self.assertTrue(signed_cert.verify(cloud_cert.get_pubkey()))
232
229
            else:
233
230
                self.assertFalse(signed_cert.verify(cloud_cert.get_pubkey()))
326
323
            self.assertTrue(user.is_admin())
327
324
 
328
325
 
329
 
class AuthManagerLdapTestCase(AuthManagerTestCase, test.TrialTestCase):
 
326
class AuthManagerLdapTestCase(AuthManagerTestCase, test.TestCase):
330
327
    auth_driver = 'nova.auth.ldapdriver.FakeLdapDriver'
331
328
 
332
329
    def __init__(self, *args, **kwargs):
333
330
        AuthManagerTestCase.__init__(self)
334
 
        test.TrialTestCase.__init__(self, *args, **kwargs)
 
331
        test.TestCase.__init__(self, *args, **kwargs)
335
332
        import nova.auth.fakeldap as fakeldap
336
 
        FLAGS.redis_db = 8
337
333
        if FLAGS.flush_db:
338
 
            logging.info("Flushing redis datastore")
339
 
            try:
340
 
                r = fakeldap.Redis.instance()
341
 
                r.flushdb()
342
 
            except:
343
 
                self.skip = True
344
 
 
345
 
 
346
 
class AuthManagerDbTestCase(AuthManagerTestCase, test.TrialTestCase):
 
334
            logging.info("Flushing datastore")
 
335
            r = fakeldap.Store.instance()
 
336
            r.flushdb()
 
337
 
 
338
 
 
339
class AuthManagerDbTestCase(AuthManagerTestCase, test.TestCase):
347
340
    auth_driver = 'nova.auth.dbdriver.DbDriver'
348
341
 
349
342