← Back to branch summary

~ubuntu-branches/ubuntu/raring/keystone/raring-updates

« back to all changes in this revision

Viewing changes to tests/test_v3_auth.py

  • Committer: Package Import Robot
  • Author(s): Adam Gandelman
  • Date: 2013-10-17 13:52:59 UTC
  • mfrom: (1.1.37)
  • mto: This revision was merged to the branch mainline in revision 50.
  • Revision ID: package-import@ubuntu.com-20131017135259-dqiwbrzjs1q4mp6q
Tags: 1:2013.1.4-0ubuntu1
https://launchpad.net/bugs/1241202
* Resynchronize with stable/grizzly (9666fc0) (LP: #1241202):
  - [6792499] periodic-keystone-python27-stable-grizzly fails due to"No
    module named netaddr"   LP: 1212939
  - [775d7a7] Fix and test token revocation list API
  - [0876ea2] N+1 lookups in groups SQL LP: 1218675
  - [afbc75b] Disabling a tenant would not disable a user token LP: 1179955
  - [9666fc0] User operations with LDAP Identity and
    enabled_mask/user_enabled_default fail LP: 1210175

Show diffs side-by-side

added added

removed removed

Lines of Context:
tests/test_v3_auth.py
595
595
                  headers={'X-Subject-Token': token},
596
596
                  expected_status=204)
597
597
 
 
598
    def test_disabling_project_revokes_token(self):
 
599
        resp = self.post(
 
600
            '/auth/tokens',
 
601
            body=self.build_authentication_request(
 
602
                user_id=self.user3['id'],
 
603
                password=self.user3['password'],
 
604
                project_id=self.projectA['id']))
 
605
        token = resp.getheader('X-Subject-Token')
 
606
 
 
607
        # confirm token is valid
 
608
        self.head('/auth/tokens',
 
609
                  headers={'X-Subject-Token': token},
 
610
                  expected_status=204)
 
611
 
 
612
        # disable the project, which should invalidate the token
 
613
        self.patch(
 
614
            '/projects/%(project_id)s' % {'project_id': self.projectA['id']},
 
615
            body={'project': {'enabled': False}})
 
616
 
 
617
        # user should no longer have access to the project
 
618
        self.head('/auth/tokens',
 
619
                  headers={'X-Subject-Token': token},
 
620
                  expected_status=401)
 
621
        resp = self.post(
 
622
            '/auth/tokens',
 
623
            body=self.build_authentication_request(
 
624
                user_id=self.user3['id'],
 
625
                password=self.user3['password'],
 
626
                project_id=self.projectA['id']),
 
627
            expected_status=401)
 
628
 
 
629
    def test_deleting_project_revokes_token(self):
 
630
        resp = self.post(
 
631
            '/auth/tokens',
 
632
            body=self.build_authentication_request(
 
633
                user_id=self.user3['id'],
 
634
                password=self.user3['password'],
 
635
                project_id=self.projectA['id']))
 
636
        token = resp.getheader('X-Subject-Token')
 
637
 
 
638
        # confirm token is valid
 
639
        self.head('/auth/tokens',
 
640
                  headers={'X-Subject-Token': token},
 
641
                  expected_status=204)
 
642
 
 
643
        # delete the project, which should invalidate the token
 
644
        self.delete(
 
645
            '/projects/%(project_id)s' % {'project_id': self.projectA['id']})
 
646
 
 
647
        # user should no longer have access to the project
 
648
        self.head('/auth/tokens',
 
649
                  headers={'X-Subject-Token': token},
 
650
                  expected_status=401)
 
651
        resp = self.post(
 
652
            '/auth/tokens',
 
653
            body=self.build_authentication_request(
 
654
                user_id=self.user3['id'],
 
655
                password=self.user3['password'],
 
656
                project_id=self.projectA['id']),
 
657
            expected_status=401)
 
658
 
598
659
    def test_deleting_group_grant_revokes_tokens(self):
599
660
        """Test deleting a group grant revokes tokens.
600
661