Skip to content

Commit

Permalink
fixed bugs
Browse files Browse the repository at this point in the history
  • Loading branch information
@sirishbitra
sirishbitra committed May 13, 2011
1 parent 2bb3e96 commit 8199562
Show file tree
Hide file tree
Showing 9 changed files with 88 additions and 45 deletions.
2 changes: 1 addition & 1 deletion keystone/db/sqlalchemy/api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -702,7 +702,7 @@ def user_delete_tenant(id, tenant_id, session=None):
for group_user in group_users:
session.delete(group_user)
user_tenant_ref = session.query(models.UserTenantAssociation)\
.filter_by(user_id=id).first()
.filter_by(user_id=id, tenant_id=tenant_id).first()
if user_tenant_ref is None:
user_ref = user_get(id, session)
session.delete(user_ref)
21 changes: 14 additions & 7 deletions keystone/logic/service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,17 @@ def authenticate(self, credentials):
# Look for an existing token, or create one,
# TODO: Handle tenant/token search
#
if not credentials.tenant_id:
# removing following code for multi-token
"""if not credentials.tenant_id:
dtoken = db_api.token_for_user(duser.id)
else:
dtoken = db_api.token_for_user_tenant(duser.id, credentials.tenant_id)
dtoken = db_api.token_for_user_tenant(duser.id,
credentials.tenant_id)
"""
# added following code
dtoken = db_api.token_for_user_tenant(duser.id,
credentials.tenant_id)
#---
if not dtoken or dtoken.expires < datetime.now():
dtoken = db_models.Token()
dtoken.token_id = str(uuid.uuid4())
Expand All @@ -63,13 +70,15 @@ def authenticate(self, credentials):
if not duser.tenants:
raise fault.IDMFault("Strange: user %s is not associated "
"with a tenant!" % duser.id)
if not credentials.tenant_id and db_api.user_get_by_tenant(duser.id, credentials.tenant_id):
if not credentials.tenant_id and db_api.user_get_by_tenant(\
duser.id, credentials.tenant_id):
raise fault.IDMFault("Error: user %s is not associated "
"with a tenant! %s" % (duser.id,
credentials.tenant_id))
dtoken.tenant_id = credentials.tenant_id
else:
dtoken.tenant_id = duser.tenants[0].tenant_id
#removing following code for multi token
"""else:
dtoken.tenant_id = duser.tenants[0].tenant_id"""
dtoken.expires = datetime.now() + timedelta(days=1)
db_api.token_create(dtoken)

Expand Down Expand Up @@ -646,8 +655,6 @@ def add_user_tenant(self, admin_token, user_id, tenant_id):
self.__validate_token(admin_token)

dtenant = db_api.tenant_get(tenant_id)
print '1' * 80
print dtenant
if dtenant == None:
raise fault.UnauthorizedFault("Unauthorized")
if not dtenant.enabled:
Expand Down
19 changes: 16 additions & 3 deletions keystone/logic/types/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,12 @@
from lxml import etree



class PasswordCredentials(object):
"Credentials based on username, password, and (optional) tenant_id."
"""Credentials based on username, password, and (optional) tenant_id.
To handle multiple token for a user depending on tenants,
tenant_id is mandatory.
"""

def __init__(self, username, password, tenant_id):
self.username = username
Expand All @@ -45,6 +49,12 @@ def from_xml(xml_str):
if password == None:
raise fault.BadRequestFault("Expecting a password")
tenant_id = root.get("tenantId")

#--for multi-token handling--
if tenant_id == None:
raise fault.BadRequestFault("Expecting tenant")
# ----

return PasswordCredentials(username, password, tenant_id)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse password credentials",
Expand All @@ -66,7 +76,10 @@ def from_json(json_str):
if "tenantId" in cred:
tenant_id = cred["tenantId"]
else:
tenant_id = None
#--for multi-token handling--
if tenant_id == None:
raise fault.BadRequestFault("Expecting a tenant")
# ---
return PasswordCredentials(username, password, tenant_id)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse password credentials",
Expand Down Expand Up @@ -121,7 +134,7 @@ def to_xml(self):
token.set("id", self.token.token_id)
user = etree.Element("user",
username=self.user.username,
tenantId=self.user.tenant_id)
tenantId=str(self.user.tenant_id))
groups = etree.Element("groups")
for group in self.user.groups.values:
g = etree.Element("group",
Expand Down
17 changes: 10 additions & 7 deletions test/unit/test_authentication.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ class authentication_test(unittest.TestCase):

def setUp(self):
self.tenant = utils.get_tenant()
self.token = utils.get_token('joeuser', 'secrete', 'token')
self.token = utils.get_token('joeuser', 'secrete', self.tenant,
'token')
self.user = utils.get_user()
self.userdisabled = utils.get_userdisabled()
self.auth_token = utils.get_auth_token()
Expand All @@ -27,12 +28,12 @@ def tearDown(self):
utils.delete_token(self.token, self.auth_token)

def test_a_authorize(self):
resp, content = utils.get_token('joeuser', 'secrete', '')
resp, content = utils.get_token('joeuser', 'secrete', self.tenant)
self.assertEqual(200, int(resp['status']))
self.assertEqual('application/json', utils.content_type(resp))

def test_a_authorize_xml(self):
resp, content = utils.get_token_xml('joeuser', 'secrete', '',
resp, content = utils.get_token_xml('joeuser', 'secrete',
self.tenant)
self.assertEqual(200, int(resp['status']))
self.assertEqual('application/xml', utils.content_type(resp))
Expand All @@ -41,7 +42,8 @@ def test_a_authorize_user_disabled(self):
header = httplib2.Http(".cache")
url = '%stoken' % utils.URL
body = {"passwordCredentials": {"username": "disabled",
"password": "secrete"}}
"password": "secrete",
"tenantId" : self.tenant}}
resp, content = header.request(url, "POST", body=json.dumps(body),
headers={"Content-Type": "application/json"})
content = json.loads(content)
Expand All @@ -59,7 +61,7 @@ def test_a_authorize_user_disabled_xml(self):
<passwordCredentials \
xmlns="http://docs.openstack.org/idm/api/v1.0" \
password="secrete" username="disabled" \
/>'
tenantId="%s"/>' % self.tenant
resp, content = header.request(url, "POST", body=body,
headers={"Content-Type": "application/xml",
"ACCEPT": "application/xml"})
Expand All @@ -75,7 +77,8 @@ def test_a_authorize_user_wrong(self):
header = httplib2.Http(".cache")
url = '%stoken' % utils.URL
body = {"passwordCredentials": {"username-w": "disabled",
"password": "secrete"}}
"password": "secrete",
"tenantId" : self.tenant}}
resp, content = header.request(url, "POST", body=json.dumps(body),
headers={"Content-Type": "application/json"})
content = json.loads(content)
Expand All @@ -93,7 +96,7 @@ def test_a_authorize_user_wrong_xml(self):
<passwordCredentials \
xmlns="http://docs.openstack.org/idm/api/v1.0" \
password="secrete" username-w="disabled" \
/>'
tenantId="%s"/>' % self.tenant
resp, content = header.request(url, "POST", body=body,
headers={"Content-Type": "application/xml",
"ACCEPT": "application/xml"})
Expand Down
38 changes: 26 additions & 12 deletions test/unit/test_common.py
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
import os
import sys

# Need to access identity module
sys.path.append(os.path.abspath(os.path.join(os.path.abspath(__file__),
'..', '..', '..', '..', 'keystone')))
import unittest
from webtest import TestApp

import httplib2
import json
from lxml import etree
Expand All @@ -13,17 +14,23 @@
URL = 'http://localhost:8080/v1.0/'


def get_token(user, pswd, kind='', tenant_id=None):
def get_token(user, pswd, tenant_id, kind='',):
header = httplib2.Http(".cache")
url = '%stoken' % URL
if not tenant_id:
# to test multi token, removing below code
"""if not tenant_id:
body = {"passwordCredentials": {"username": user,
"password": pswd}}
else:
body = {"passwordCredentials": {"username": user,
"password": pswd,
"tenantId": tenant_id}}

"""
# adding code
body = {"passwordCredentials": {"username": user,
"password": pswd,
"tenantId": tenant_id}}
#---
resp, content = header.request(url, "POST", body=json.dumps(body),
headers={"Content-Type": "application/json"})
content = json.loads(content)
Expand Down Expand Up @@ -132,10 +139,11 @@ def delete_global_group_xml(groupid, auth_token):
return (resp, content)


def get_token_xml(user, pswd, type='', tenant_id=None):
def get_token_xml(user, pswd, tenant_id, type=''):
header = httplib2.Http(".cache")
url = '%stoken' % URL
if tenant_id:
# to test multi token, removing below code
"""if tenant_id:
body = '<?xml version="1.0" encoding="UTF-8"?> \
<passwordCredentials \
xmlns="http://docs.openstack.org/idm/api/v1.0" \
Expand All @@ -145,10 +153,17 @@ def get_token_xml(user, pswd, type='', tenant_id=None):
body = '<?xml version="1.0" encoding="UTF-8"?> \
<passwordCredentials \
xmlns="http://docs.openstack.org/idm/api/v1.0" \
password="%s" username="%s" /> ' % (pswd, user)
password="%s" username="%s" /> ' % (pswd, user)"""
# adding code ie., body
body = '<?xml version="1.0" encoding="UTF-8"?> \
<passwordCredentials \
xmlns="http://docs.openstack.org/idm/api/v1.0" \
password="%s" username="%s" \
tenantId="%s"/> ' % (pswd, user, tenant_id)
resp, content = header.request(url, "POST", body=body,
headers={"Content-Type": "application/xml",
"ACCEPT": "application/xml"})

dom = etree.fromstring(content)
root = dom.find("{http://docs.openstack.org/idm/api/v1.0}token")
token_root = root.attrib
Expand Down Expand Up @@ -236,12 +251,11 @@ def create_user(tenantid, userid, auth_token):
def delete_user(tenant, userid, auth_token):
header = httplib2.Http(".cache")
url = '%stenants/%s/users/%s' % (URL, tenant, userid)

resp, content = header.request(url, "DELETE", body='{}',
headers={"Content-Type": "application/json",
"X-Auth-Token": auth_token})

return (resp, content)
return resp


def create_user_xml(tenantid, userid, auth_token):
Expand All @@ -259,14 +273,14 @@ def create_user_xml(tenantid, userid, auth_token):
return (resp, content)


def delete_user(tenant, userid, auth_token):
"""def delete_user(tenant, userid, auth_token):
h = httplib2.Http(".cache")
url = '%stenants/%s/users/%s' % (URL, tenant, userid)
resp, content = h.request(url, "DELETE", body='{}',
headers={"Content-Type": "application/json",
"X-Auth-Token": auth_token})
return resp
return resp"""


def delete_user_xml(tenantid, userid, auth_token):
Expand Down
20 changes: 12 additions & 8 deletions test/unit/test_groups.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,9 @@
class global_group_test(unittest.TestCase):

def setUp(self):
self.token = utils.get_token('joeuser', 'secrete', 'token')
self.globaltenant = utils.get_global_tenant()
self.token = utils.get_token('joeuser', 'secrete', self.globaltenant,
'token')
self.user = utils.get_user()
self.userdisabled = utils.get_userdisabled()
self.auth_token = utils.get_auth_token()
Expand Down Expand Up @@ -572,8 +573,9 @@ def test_delete_global_group_xml(self):
class add_user_global_group_test(unittest.TestCase):

def setUp(self):
self.token = utils.get_token('joeuser', 'secrete', 'token')
self.tenant = utils.get_global_tenant()
self.token = utils.get_token('joeuser', 'secrete', self.tenant,
'token')
self.user = utils.get_user()
self.userdisabled = utils.get_userdisabled()
self.auth_token = utils.get_auth_token()
Expand All @@ -586,7 +588,7 @@ def tearDown(self):
self.user,
str(self.auth_token))

respG, contentG = utils.delete_user(self.tenant, self.user,
resp = utils.delete_user(self.tenant, self.user,
str(self.auth_token))
resp, content = utils.delete_global_group(self.global_group,
self.auth_token)
Expand Down Expand Up @@ -730,8 +732,10 @@ def test_add_user_global_group_forbidden_xml(self):
class get_users_tenant_group_test(unittest.TestCase):

def setUp(self):
self.token = utils.get_token('joeuser', 'secrete', 'token')

self.tenant = utils.get_global_tenant()
self.token = utils.get_token('joeuser', 'secrete', self.tenant,
'token')
self.user = utils.get_user()
self.userdisabled = utils.get_userdisabled()
self.auth_token = utils.get_auth_token()
Expand All @@ -743,8 +747,7 @@ def tearDown(self):
respG, contentG = utils.delete_user_global_group(self.global_group,
self.user,
str(self.auth_token))

respG, contentG = utils.delete_user(self.tenant, self.user,
respG = utils.delete_user(self.tenant, self.user,
str(self.auth_token))
resp, content = utils.delete_global_group(self.global_group,
self.auth_token)
Expand Down Expand Up @@ -895,8 +898,9 @@ def test_get_users_global_group_expired_xml(self):
class delete_users_global_group_test(unittest.TestCase):

def setUp(self):
self.token = utils.get_token('joeuser', 'secrete', 'token')
self.tenant = utils.get_global_tenant()
self.token = utils.get_token('joeuser', 'secrete', self.tenant,
'token')
self.user = utils.get_user()
self.userdisabled = utils.get_userdisabled()
self.auth_token = utils.get_auth_token()
Expand All @@ -909,7 +913,7 @@ def tearDown(self):
self.user,
str(self.auth_token))

respG, contentG = utils.delete_user(self.tenant, self.user,
resp = utils.delete_user(self.tenant, self.user,
str(self.auth_token))
resp, content = utils.delete_global_group(self.global_group,
self.auth_token)
Expand Down
11 changes: 6 additions & 5 deletions test/unit/test_tenant_groups.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,9 @@
class tenant_group_test(unittest.TestCase):

def setUp(self):
self.token = util.get_token('joeuser', 'secrete', 'token')
self.tenant = util.get_tenant()
self.token = util.get_token('joeuser', 'secrete', self.tenant,
'token')
self.user = util.get_user()
self.userdisabled = util.get_userdisabled()
self.auth_token = util.get_auth_token()
Expand Down Expand Up @@ -749,8 +750,8 @@ def test_delete_tenant_group_xml(self):
class add_user_tenant_group_test(tenant_group_test):

def setUp(self):
self.token = util.get_token('joeuser', 'secrete', 'token')
self.tenant = 'test_tenant'
self.token = util.get_token('joeuser', 'secrete', self.tenant, 'token')
self.user = util.get_user()
self.userdisabled = util.get_userdisabled()
self.auth_token = util.get_auth_token()
Expand All @@ -764,7 +765,7 @@ def tearDown(self):
self.user,
str(self.auth_token))

resp, content = util.delete_user(self.tenant, self.user,
resp = util.delete_user(self.tenant, self.user,
str(self.auth_token))
resp, content = util.delete_tenant_group(self.tenant_group,
self.tenant,
Expand Down Expand Up @@ -931,8 +932,8 @@ def test_add_user_tenant_group_forbidden_xml(self):
class get_users_tenant_group_test(tenant_group_test):

def setUp(self):
self.token = util.get_token('joeuser', 'secrete', 'token')
self.tenant = 'test_tenant'
self.token = util.get_token('joeuser', 'secrete', self.tenant, 'token')
self.user = util.get_user()
self.userdisabled = util.get_userdisabled()
self.auth_token = util.get_auth_token()
Expand All @@ -946,7 +947,7 @@ def tearDown(self):
self.user,
str(self.auth_token))

resp, content = util.delete_user(self.tenant, self.user,
resp = util.delete_user(self.tenant, self.user,
str(self.auth_token))
resp, content = util.delete_tenant_group(self.tenant_group,
self.tenant,
Expand Down
Loading

0 comments on commit 8199562

Please sign in to comment.