How to use list_trusts method in tempest

Best Python code snippet using tempest_python

test_backends.py

Source:test_backends.py Github

copy

Full Screen

...106 trusts = PROVIDERS.trust_api.list_trusts_for_trustor(107 self.trustee['id']108 )109 self.assertEqual(0, len(trusts))110 def test_list_trusts(self):111 for i in range(3):112 self.create_sample_trust(uuid.uuid4().hex)113 trusts = PROVIDERS.trust_api.list_trusts()114 self.assertEqual(3, len(trusts))115 def test_trust_has_remaining_uses_positive(self):116 # create a trust with limited uses, check that we have uses left117 trust_data = self.create_sample_trust(uuid.uuid4().hex,118 remaining_uses=5)119 self.assertEqual(5, trust_data['remaining_uses'])120 # create a trust with unlimited uses, check that we have uses left121 trust_data = self.create_sample_trust(uuid.uuid4().hex)122 self.assertIsNone(trust_data['remaining_uses'])123 def test_trust_has_remaining_uses_negative(self):124 # try to create a trust with no remaining uses, check that it fails125 self.assertRaises(exception.ValidationError,126 self.create_sample_trust,127 uuid.uuid4().hex,128 remaining_uses=0)129 # try to create a trust with negative remaining uses,130 # check that it fails131 self.assertRaises(exception.ValidationError,132 self.create_sample_trust,133 uuid.uuid4().hex,134 remaining_uses=-12)135 def test_consume_use(self):136 # consume a trust repeatedly until it has no uses anymore137 trust_data = self.create_sample_trust(uuid.uuid4().hex,138 remaining_uses=2)139 PROVIDERS.trust_api.consume_use(trust_data['id'])140 t = PROVIDERS.trust_api.get_trust(trust_data['id'])141 self.assertEqual(1, t['remaining_uses'])142 PROVIDERS.trust_api.consume_use(trust_data['id'])143 # This was the last use, the trust isn't available anymore144 self.assertRaises(exception.TrustNotFound,145 PROVIDERS.trust_api.get_trust,146 trust_data['id'])147 def test_duplicate_trusts_not_allowed(self):148 self.trustor = self.user_foo149 self.trustee = self.user_two150 trust_data = {'trustor_user_id': self.trustor['id'],151 'trustee_user_id': self.user_two['id'],152 'project_id': self.project_bar['id'],153 'expires_at': timeutils.parse_isotime(154 '2032-02-18T18:10:00Z'),155 'impersonation': True,156 'remaining_uses': None}157 roles = [{"id": "member"},158 {"id": "other"},159 {"id": "browser"}]160 PROVIDERS.trust_api.create_trust(uuid.uuid4().hex, trust_data, roles)161 self.assertRaises(exception.Conflict,162 PROVIDERS.trust_api.create_trust,163 uuid.uuid4().hex,164 trust_data,165 roles)166 def test_flush_expired_trusts(self):167 roles = [{"id": "member"},168 {"id": "other"},169 {"id": "browser"}]170 trust_ref1 = core.new_trust_ref(171 self.user_foo['id'], self.user_two['id'],172 project_id=self.project_bar['id'])173 trust_ref1['expires_at'] = \174 timeutils.utcnow() - datetime.timedelta(minutes=1)175 trust_ref2 = core.new_trust_ref(176 self.user_foo['id'], self.user_two['id'],177 project_id=self.project_bar['id'])178 trust_ref2['expires_at'] = \179 timeutils.utcnow() + datetime.timedelta(minutes=1)180 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],181 trust_ref1, roles)182 self.assertIsNotNone(trust_data)183 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],184 trust_ref2, roles)185 self.assertIsNotNone(trust_data)186 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(187 date=datetime.datetime.utcnow())188 trusts = self.trust_api.list_trusts()189 self.assertEqual(len(trusts), 1)190 self.assertEqual(trust_ref2['id'], trusts[0]['id'])191 def test_flush_expired_trusts_with_all_id(self):192 roles = [{"id": "member"},193 {"id": "other"},194 {"id": "browser"}]195 trust_ref1 = core.new_trust_ref(196 self.user_foo['id'], self.user_foo['id'],197 project_id=self.project_bar['id'])198 trust_ref1['expires_at'] = \199 timeutils.utcnow() - datetime.timedelta(minutes=1)200 trust_ref2 = core.new_trust_ref(201 self.user_foo['id'], self.user_two['id'],202 project_id=self.project_bar['id'])203 trust_ref2['expires_at'] = \204 timeutils.utcnow() - datetime.timedelta(minutes=5)205 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],206 trust_ref1, roles)207 self.assertIsNotNone(trust_data)208 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],209 trust_ref2, roles)210 self.assertIsNotNone(trust_data)211 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(212 project_id=self.project_bar['id'],213 trustor_user_id=self.user_foo['id'],214 trustee_user_id=self.user_two['id'],215 date=datetime.datetime.utcnow())216 trusts = self.trust_api.list_trusts()217 self.assertEqual(len(trusts), 1)218 self.assertEqual(trust_ref1['id'], trusts[0]['id'])219 def test_flush_expired_trusts_with_no_project_id(self):220 roles = [{"id": "member"},221 {"id": "other"},222 {"id": "browser"}]223 trust_ref1 = core.new_trust_ref(224 self.user_foo['id'], self.user_two['id'],225 project_id=self.project_bar['id'])226 trust_ref1['expires_at'] = \227 timeutils.utcnow() - datetime.timedelta(minutes=1)228 trust_ref2 = core.new_trust_ref(229 self.user_foo['id'], self.user_two['id'],230 project_id=self.project_bar['id'])231 trust_ref2['expires_at'] = \232 timeutils.utcnow() + datetime.timedelta(minutes=1)233 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],234 trust_ref1, roles)235 self.assertIsNotNone(trust_data)236 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],237 trust_ref2, roles)238 self.assertIsNotNone(trust_data)239 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(240 trustor_user_id=self.user_foo['id'],241 trustee_user_id=self.user_two['id'],242 date=datetime.datetime.utcnow())243 trusts = self.trust_api.list_trusts()244 self.assertEqual(len(trusts), 1)245 self.assertEqual(trust_ref2['id'], trusts[0]['id'])246 def test_flush_expired_trusts_with_no_trustor_id(self):247 roles = [{"id": "member"},248 {"id": "other"},249 {"id": "browser"}]250 trust_ref1 = core.new_trust_ref(251 self.user_foo['id'], self.user_two['id'],252 project_id=self.project_bar['id'])253 trust_ref1['expires_at'] = \254 timeutils.utcnow() - datetime.timedelta(minutes=1)255 trust_ref2 = core.new_trust_ref(256 self.user_foo['id'], self.user_two['id'],257 project_id=self.project_bar['id'])258 trust_ref2['expires_at'] = \259 timeutils.utcnow() + datetime.timedelta(minutes=1)260 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],261 trust_ref1, roles)262 self.assertIsNotNone(trust_data)263 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],264 trust_ref2, roles)265 self.assertIsNotNone(trust_data)266 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(267 project_id=self.project_bar['id'],268 trustee_user_id=self.user_two['id'],269 date=datetime.datetime.utcnow())270 trusts = self.trust_api.list_trusts()271 self.assertEqual(len(trusts), 1)272 self.assertEqual(trust_ref2['id'], trusts[0]['id'])273 def test_flush_expired_trusts_with_no_trustee_id(self):274 roles = [{"id": "member"},275 {"id": "other"},276 {"id": "browser"}]277 trust_ref1 = core.new_trust_ref(278 self.user_foo['id'], self.user_two['id'],279 project_id=self.project_bar['id'])280 trust_ref1['expires_at'] = \281 timeutils.utcnow() - datetime.timedelta(minutes=1)282 trust_ref2 = core.new_trust_ref(283 self.user_foo['id'], self.user_two['id'],284 project_id=self.project_bar['id'])285 trust_ref2['expires_at'] = \286 timeutils.utcnow() + datetime.timedelta(minutes=1)287 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],288 trust_ref1, roles)289 self.assertIsNotNone(trust_data)290 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],291 trust_ref2, roles)292 self.assertIsNotNone(trust_data)293 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(294 project_id=self.project_bar['id'],295 trustor_user_id=self.user_foo['id'],296 date=datetime.datetime.utcnow())297 trusts = self.trust_api.list_trusts()298 self.assertEqual(len(trusts), 1)299 self.assertEqual(trust_ref2['id'], trusts[0]['id'])300 def test_flush_expired_trusts_with_project_id(self):301 roles = [{"id": "member"},302 {"id": "other"},303 {"id": "browser"}]304 trust_ref1 = core.new_trust_ref(305 self.user_foo['id'], self.user_two['id'],306 project_id=self.project_bar['id'])307 trust_ref1['expires_at'] = \308 timeutils.utcnow() - datetime.timedelta(minutes=1)309 trust_ref2 = core.new_trust_ref(310 self.user_foo['id'], self.user_two['id'],311 project_id=self.user_foo['id'])312 trust_ref2['expires_at'] = \313 timeutils.utcnow() - datetime.timedelta(minutes=5)314 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],315 trust_ref1, roles)316 self.assertIsNotNone(trust_data)317 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],318 trust_ref2, roles)319 self.assertIsNotNone(trust_data)320 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(321 project_id=self.project_bar['id'],322 date=datetime.datetime.utcnow())323 trusts = self.trust_api.list_trusts()324 self.assertEqual(len(trusts), 1)325 self.assertEqual(trust_ref2['id'], trusts[0]['id'])326 def test_flush_expired_trusts_with_trustee_id(self):327 roles = [{"id": "member"},328 {"id": "other"},329 {"id": "browser"}]330 trust_ref1 = core.new_trust_ref(331 self.user_foo['id'], self.user_two['id'],332 project_id=self.project_bar['id'])333 trust_ref1['expires_at'] = \334 timeutils.utcnow() - datetime.timedelta(minutes=1)335 trust_ref2 = core.new_trust_ref(336 self.user_foo['id'], self.user_foo['id'],337 project_id=self.project_bar['id'])338 trust_ref2['expires_at'] = \339 timeutils.utcnow() - datetime.timedelta(minutes=5)340 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],341 trust_ref1, roles)342 self.assertIsNotNone(trust_data)343 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],344 trust_ref2, roles)345 self.assertIsNotNone(trust_data)346 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(347 trustee_user_id=self.user_two['id'],348 date=datetime.datetime.utcnow())349 trusts = self.trust_api.list_trusts()350 self.assertEqual(len(trusts), 1)351 self.assertEqual(trust_ref2['id'], trusts[0]['id'])352 def test_flush_expired_trusts_with_trustor_id(self):353 roles = [{"id": "member"},354 {"id": "other"},355 {"id": "browser"}]356 trust_ref1 = core.new_trust_ref(357 self.user_foo['id'], self.user_two['id'],358 project_id=self.project_bar['id'])359 trust_ref1['expires_at'] = \360 timeutils.utcnow() - datetime.timedelta(minutes=1)361 trust_ref2 = core.new_trust_ref(362 self.user_two['id'], self.user_two['id'],363 project_id=self.project_bar['id'])364 trust_ref2['expires_at'] = \365 timeutils.utcnow() - datetime.timedelta(minutes=5)366 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],367 trust_ref1, roles)368 self.assertIsNotNone(trust_data)369 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],370 trust_ref2, roles)371 self.assertIsNotNone(trust_data)372 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(373 trustor_user_id=self.user_foo['id'],374 date=datetime.datetime.utcnow())375 trusts = self.trust_api.list_trusts()376 self.assertEqual(len(trusts), 1)377 self.assertEqual(trust_ref2['id'], trusts[0]['id'])378 def test_non_expired_soft_deleted_trusts(self):379 roles = [{"id": "member"},380 {"id": "other"},381 {"id": "browser"}]382 trust_ref1 = core.new_trust_ref(383 self.user_foo['id'], self.user_two['id'],384 project_id=self.project_bar['id'])385 trust_ref1['expires_at'] = \386 timeutils.utcnow() + datetime.timedelta(minutes=10)387 trust_ref2 = core.new_trust_ref(388 self.user_two['id'], self.user_two['id'],389 project_id=self.project_bar['id'])390 trust_ref2['expires_at'] = \391 timeutils.utcnow() + datetime.timedelta(minutes=5)392 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],393 trust_ref1, roles)394 self.assertIsNotNone(trust_data)395 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],396 trust_ref2, roles)397 self.assertIsNotNone(trust_data)398 PROVIDERS.trust_api.delete_trust(trust_ref2['id'])399 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(400 date=datetime.datetime.utcnow())401 trusts = self.trust_api.list_trusts()402 self.assertEqual(len(trusts), 1)403 self.assertEqual(trust_ref1['id'], trusts[0]['id'])404 def test_non_expired_non_deleted_trusts(self):405 roles = [{"id": "member"},406 {"id": "other"},407 {"id": "browser"}]408 trust_ref1 = core.new_trust_ref(409 self.user_foo['id'], self.user_two['id'],410 project_id=self.project_bar['id'])411 trust_ref1['expires_at'] = \412 timeutils.utcnow() + datetime.timedelta(minutes=10)413 trust_ref2 = core.new_trust_ref(414 self.user_two['id'], self.user_two['id'],415 project_id=self.project_bar['id'])416 trust_ref2['expires_at'] = \417 timeutils.utcnow() + datetime.timedelta(minutes=5)418 trust_ref3 = core.new_trust_ref(419 self.user_two['id'], self.user_foo['id'],420 project_id=self.project_bar['id'])421 trust_ref3['expires_at'] = None422 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],423 trust_ref1, roles)424 self.assertIsNotNone(trust_data)425 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],426 trust_ref2, roles)427 self.assertIsNotNone(trust_data)428 PROVIDERS.trust_api.delete_trust(trust_ref2['id'])429 trust_data = PROVIDERS.trust_api.create_trust(trust_ref3['id'],430 trust_ref3, roles)431 self.assertIsNotNone(trust_data)432 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(433 date=datetime.datetime.utcnow())434 trusts = self.trust_api.list_trusts()435 self.assertEqual(len(trusts), 2)436 def test_flush_expired_trusts_with_date(self):437 roles = [{"id": "member"},438 {"id": "other"},439 {"id": "browser"}]440 trust_ref1 = core.new_trust_ref(441 self.user_foo['id'], self.user_two['id'],442 project_id=self.project_bar['id'])443 trust_ref1['expires_at'] = \444 timeutils.utcnow() + datetime.timedelta(minutes=10)445 trust_ref2 = core.new_trust_ref(446 self.user_two['id'], self.user_two['id'],447 project_id=self.project_bar['id'])448 trust_ref2['expires_at'] = \449 timeutils.utcnow() + datetime.timedelta(minutes=30)450 trust_ref3 = core.new_trust_ref(451 self.user_two['id'], self.user_foo['id'],452 project_id=self.project_bar['id'])453 trust_ref3['expires_at'] = \454 timeutils.utcnow() - datetime.timedelta(minutes=30)455 trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],456 trust_ref1, roles)457 self.assertIsNotNone(trust_data)458 trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],459 trust_ref2, roles)460 self.assertIsNotNone(trust_data)461 trust_data = PROVIDERS.trust_api.create_trust(trust_ref3['id'],462 trust_ref3, roles)463 self.assertIsNotNone(trust_data)464 fake_date = timeutils.utcnow() + datetime.timedelta(minutes=15)465 PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(466 date=fake_date467 )468 trusts = self.trust_api.list_trusts()469 self.assertEqual(len(trusts), 1)...

Full Screen

Full Screen

test_trust.py

Source:test_trust.py Github

copy

Full Screen

...101 unaffiliated102 """103 pass104 @abc.abstractmethod105 def test_identity_list_trusts(self):106 """Test identity:list_trusts policy.107 This test must check:108 * whether the persona can list all trusts109 """110 pass111 @abc.abstractmethod112 def test_identity_list_trusts_for_trustor(self):113 """Test identity:list_trusts_for_trustor policy.114 This test must check:115 * whether the persona can list trusts by trustor for which they are116 the trustor117 * whether the persona can list trusts by trustor for which another118 user is trustor119 """120 pass121 @abc.abstractmethod122 def test_identity_list_trusts_for_trustee(self):123 """Test identity:list_trusts_for_trustee policy.124 This test must check:125 * whether the persona can list trusts by trustee for which they are126 the trustee127 * whether the persona can list trusts by trustee for which another128 user is trustee129 """130 pass131 @abc.abstractmethod132 def test_identity_list_roles_for_trust(self):133 """Test identity:list_roles_for_trust policy.134 This test must check:135 * whether the persona can list the roles of a trust for which they136 are the trustee137 * whether the persona can list the roles of a trust for which they138 are the trustor139 * whether the persona can list the roles of a trust with which they140 are unaffiliated141 """142 pass143 @abc.abstractmethod144 def test_identity_get_role_for_trust(self):145 """Test identity:get_role_for_trust policy.146 This test must check:147 * whether the persona can get a role of a trust for which they are148 the trustee149 * whether the persona can get a role of a trust for which they are150 the trustor151 * whether the persona can get a role of a trust with which they are152 unaffiliated153 """154 pass155 @abc.abstractmethod156 def test_identity_delete_trust(self):157 """Test identity:delete_trust policy.158 This test must check159 * whether the persona can delete a trust for which they are the160 trustor161 * whether the persona can delete a trust for which they are the162 trustee163 * whether the persona can delete a trust which which they are164 unaffiliated165 """166 pass167class SystemAdminTests(IdentityV3RbacTrustTest, base.BaseIdentityTest):168 credentials = ['system_admin']169 def test_identity_create_trust(self):170 # user cannot create trust for themself171 self.do_request('create_trust',172 expected_status=exceptions.Forbidden,173 **self.trust(trustor=self.persona.credentials.user_id))174 # user cannot create trust for another user175 self.do_request('create_trust',176 expected_status=exceptions.Forbidden,177 **self.trust())178 def test_identity_get_trust(self):179 # user cannot have their own trust180 # user can get trust for other user181 trust_id = self.user_trust_client.create_trust(182 **self.trust())['trust']['id']183 self.addCleanup(self.admin_trusts_client.delete_trust,184 trust_id=trust_id)185 self.do_request('show_trust', trust_id=trust_id)186 def test_identity_list_trusts(self):187 trust_id = self.user_trust_client.create_trust(188 **self.trust())['trust']['id']189 self.addCleanup(self.admin_trusts_client.delete_trust,190 trust_id=trust_id)191 resp = self.do_request('list_trusts')192 self.assertIn(trust_id, [t['id'] for t in resp['trusts']])193 def test_identity_list_trusts_for_trustor(self):194 # user cannot have their own trust195 # user can list trusts for other user196 trust_id = self.user_trust_client.create_trust(197 **self.trust())['trust']['id']198 self.addCleanup(self.admin_trusts_client.delete_trust,199 trust_id=trust_id)200 self.do_request('list_trusts', trustor_user_id=self.trustor)201 def test_identity_list_trusts_for_trustee(self):202 # user cannot have their own trust203 # user can list trusts for other user204 trust_id = self.user_trust_client.create_trust(205 **self.trust())['trust']['id']206 self.addCleanup(self.admin_trusts_client.delete_trust,207 trust_id=trust_id)208 self.do_request('list_trusts', trustee_user_id=self.trustee)209 def test_identity_list_roles_for_trust(self):210 # user cannot have their own trust211 # user can list roles of trust for other user212 trust_id = self.user_trust_client.create_trust(213 **self.trust())['trust']['id']214 self.addCleanup(self.admin_trusts_client.delete_trust,215 trust_id=trust_id)216 resp = self.do_request('list_trust_roles', trust_id=trust_id)217 self.assertIn(self.roles[0]['id'], [r['id'] for r in resp['roles']])218 def test_identity_get_role_for_trust(self):219 # user cannot have their own trust220 # user can get role of trust for other user221 trust_id = self.user_trust_client.create_trust(222 **self.trust())['trust']['id']223 self.addCleanup(self.admin_trusts_client.delete_trust,224 trust_id=trust_id)225 self.do_request('show_trust_role',226 trust_id=trust_id, role_id=self.roles[0]['id'])227 def test_identity_delete_trust(self):228 # user cannot have their own trust229 # user can delete a user's trust230 trust_id = self.user_trust_client.create_trust(231 **self.trust())['trust']['id']232 self.do_request('delete_trust', expected_status=204, trust_id=trust_id)233class SystemMemberTests(SystemAdminTests):234 credentials = ['system_member', 'system_admin']235 def test_identity_delete_trust(self):236 # system user cannot have their own trust237 # user cannot delete another user's trust238 trust_id = self.user_trust_client.create_trust(239 **self.trust())['trust']['id']240 self.addCleanup(self.admin_trusts_client.delete_trust,241 trust_id=trust_id)242 self.do_request('delete_trust', expected_status=exceptions.Forbidden,243 trust_id=trust_id)244class SystemReaderTests(SystemMemberTests):245 credentials = ['system_reader', 'system_admin']246class DomainAdminTests(SystemReaderTests, base.BaseIdentityTest):247 # Domain admins cannot create their own trusts (trusts can only be248 # scoped to projects) and domain admins have no special privileges over the249 # trusts own by users in their domains.250 credentials = ['domain_admin', 'system_admin']251 def test_identity_get_trust(self):252 # user cannot have their own trust253 # user can get trust for other user254 trust_id = self.user_trust_client.create_trust(255 **self.trust())['trust']['id']256 self.addCleanup(self.admin_trusts_client.delete_trust,257 trust_id=trust_id)258 self.do_request('show_trust', expected_status=exceptions.Forbidden,259 trust_id=trust_id)260 def test_identity_list_trusts(self):261 trust_id = self.user_trust_client.create_trust(262 **self.trust())['trust']['id']263 self.addCleanup(self.admin_trusts_client.delete_trust,264 trust_id=trust_id)265 self.do_request('list_trusts',266 expected_status=exceptions.Forbidden)267 def test_identity_list_trusts_for_trustor(self):268 # user cannot have their own trust269 # user can list trusts for other user270 trust_id = self.user_trust_client.create_trust(271 **self.trust())['trust']['id']272 self.addCleanup(self.admin_trusts_client.delete_trust,273 trust_id=trust_id)274 self.do_request('list_trusts', expected_status=exceptions.Forbidden,275 trustor_user_id=self.trustor)276 def test_identity_list_trusts_for_trustee(self):277 # user cannot have their own trust278 # user can list trusts for other user279 trust_id = self.user_trust_client.create_trust(280 **self.trust())['trust']['id']281 self.addCleanup(self.admin_trusts_client.delete_trust,282 trust_id=trust_id)283 self.do_request('list_trusts', expected_status=exceptions.Forbidden,284 trustee_user_id=self.trustee)285 def test_identity_list_roles_for_trust(self):286 # user cannot have their own trust287 # user can list roles of trust for other user288 trust_id = self.user_trust_client.create_trust(289 **self.trust())['trust']['id']290 self.addCleanup(self.admin_trusts_client.delete_trust,291 trust_id=trust_id)292 self.do_request('list_trust_roles',293 expected_status=exceptions.Forbidden,294 trust_id=trust_id)295 def test_identity_get_role_for_trust(self):296 # user cannot have their own trust297 # user can get role of trust for other user298 trust_id = self.user_trust_client.create_trust(299 **self.trust())['trust']['id']300 self.addCleanup(self.admin_trusts_client.delete_trust,301 trust_id=trust_id)302 self.do_request('show_trust_role',303 expected_status=exceptions.Forbidden,304 trust_id=trust_id, role_id=self.roles[0]['id'])305class DomainMemberTests(DomainAdminTests):306 credentials = ['domain_member', 'system_admin']307class DomainReaderTests(DomainAdminTests):308 credentials = ['domain_reader', 'system_admin']309class ProjectAdminTests(IdentityV3RbacTrustTest, base.BaseIdentityTest):310 credentials = ['project_admin', 'system_admin']311 def setUp(self):312 super(ProjectAdminTests, self).setUp()313 self.role_id = self.admin_role_id314 def test_identity_create_trust(self):315 # user can create a trust for their own project316 trustor_user_id = self.persona.credentials.user_id317 project_id = self.persona.credentials.project_id318 resp = self.do_request(319 'create_trust',320 expected_status=201,321 **self.trust(322 trustor=trustor_user_id,323 project_id=project_id,324 roles=[{'id': self.role_id}])325 )['trust']326 self.addCleanup(self.client.delete_trust, resp['id'])327 # user cannot create trust with another user as trustor328 self.do_request(329 'create_trust',330 expected_status=exceptions.Forbidden,331 **self.trust())332 def test_identity_get_trust(self):333 # user can get a trust for which they are trustor334 trustor_user_id = self.persona.credentials.user_id335 project_id = self.persona.credentials.project_id336 trust_id = self.client.create_trust(337 **self.trust(trustor=trustor_user_id,338 project_id=project_id,339 roles=[{'id': self.role_id}]))['trust']['id']340 self.addCleanup(self.client.delete_trust, trust_id=trust_id)341 self.do_request('show_trust', trust_id=trust_id)342 # user can get a trust for which they are trustee343 trustee_user_id = self.persona.credentials.user_id344 trust_id = self.user_trust_client.create_trust(345 **self.trust(trustee=trustee_user_id))['trust']['id']346 self.addCleanup(self.user_trust_client.delete_trust, trust_id=trust_id)347 self.do_request('show_trust', trust_id=trust_id)348 # user cannot get a trust with which they are unaffiliated349 trust_id = self.user_trust_client.create_trust(350 **self.trust())['trust']['id']351 self.addCleanup(self.user_trust_client.delete_trust, trust_id=trust_id)352 self.do_request('show_trust', expected_status=exceptions.Forbidden,353 trust_id=trust_id)354 def test_identity_list_trusts(self):355 trust_id = self.user_trust_client.create_trust(356 **self.trust())['trust']['id']357 self.addCleanup(self.admin_trusts_client.delete_trust,358 trust_id=trust_id)359 self.do_request('list_trusts',360 expected_status=exceptions.Forbidden)361 def test_identity_list_trusts_for_trustor(self):362 # user can list their own trusts363 trustor_user_id = self.persona.credentials.user_id364 project_id = self.persona.credentials.project_id365 trust_id = self.client.create_trust(366 **self.trust(trustor=trustor_user_id,367 project_id=project_id,368 roles=[{'id': self.role_id}]))['trust']['id']...

Full Screen

Full Screen

test_trusts_rbac.py

Source:test_trusts_rbac.py Github

copy

Full Screen

...97 @decorators.idempotent_id('f2e32896-bf66-4f4e-89cf-e7fba0ef1f38')98 @rbac_rule_validation.action(99 service="keystone",100 rules=["identity:list_trusts"])101 def test_list_trusts(self):102 # Depending on the passed arguments to the list trusts API, different103 # policy actions are enforced.104 feature_flag = \105 CONF.policy_feature_enabled.keystone_policy_enforcement_train106 with self.override_role():107 if feature_flag:108 self.trusts_client.list_trusts()109 else:110 self.trusts_client.list_trusts(111 trustor_user_id=self.trustor_user_id)112 @testtools.skipUnless(113 CONF.policy_feature_enabled.keystone_policy_enforcement_train,114 'This test tests Keystone policy actions introduced in Train')115 @decorators.idempotent_id('6273ab11-32ad-450e-be4e-deaa856d7051')116 @rbac_rule_validation.action(117 service="keystone",118 rules=["identity:list_trusts_for_trustor"],119 extra_target_data={120 "target.trust.trustor_user_id": "os_primary.credentials.user_id"121 })122 def test_list_trusts_for_trustor(self):123 with self.override_role():124 self.trusts_client.list_trusts(125 trustor_user_id=self.trustor_user_id)126 @testtools.skipUnless(127 CONF.policy_feature_enabled.keystone_policy_enforcement_train,128 'This test tests Keystone policy actions introduced in Train')129 @decorators.idempotent_id('90bbbd77-c1df-43f9-99dc-088d52b95eff')130 @rbac_rule_validation.action(131 service="keystone",132 rules=["identity:list_trusts_for_trustee"],133 extra_target_data={134 "target.trust.trustee_user_id": "trustee_user_id"135 })136 def test_list_trusts_for_trustee(self):137 with self.override_role():138 self.trusts_client.list_trusts(139 trustee_user_id=self.trustee_user_id)140 @decorators.idempotent_id('3c9ff92f-a73e-4f9b-8865-e017f38c70f5')141 @rbac_rule_validation.action(142 service="keystone",143 rules=["identity:list_roles_for_trust"],144 extra_target_data={145 "target.trust.trustor_user_id": "os_primary.credentials.user_id"146 })147 def test_list_roles_for_trust(self):148 with self.override_role():149 self.trusts_client.list_trust_roles(self.trust['id'])150 @decorators.idempotent_id('3bb4f97b-cecd-4c7d-ad10-b88ee6c5d573')151 @rbac_rule_validation.action(152 service="keystone",...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run tempest automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful