diff options
37 files changed, 257 insertions, 476 deletions
@@ -1,6 +1,7 @@ *.pyc *.egg *.egg-info +*.mo .DS_STORE docs/_build build diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 0000000..1ca9764 --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,16 @@ +If you would like to contribute to the development of OpenStack, +you must follow the steps documented at: + + http://wiki.openstack.org/HowToContribute#If_you.27re_a_developer + +Once those steps have been completed, changes to OpenStack +should be submitted for review via the Gerrit tool, following +the workflow documented at: + + http://wiki.openstack.org/GerritWorkflow + +Pull requests submitted through GitHub will be ignored. + +Bugs should be filed on Launchpad, not GitHub: + + https://bugs.launchpad.net/django-openstack-auth diff --git a/openstack_auth/backend.py b/openstack_auth/backend.py index f941ad3..1d56103 100644 --- a/openstack_auth/backend.py +++ b/openstack_auth/backend.py @@ -17,7 +17,6 @@ import logging from django.conf import settings from django.utils.translation import ugettext_lazy as _ - from keystoneclient import exceptions as keystone_exceptions from openstack_auth import exceptions diff --git a/openstack_auth/locale/ar/LC_MESSAGES/django.mo b/openstack_auth/locale/ar/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 156768d..0000000 --- a/openstack_auth/locale/ar/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/ca/LC_MESSAGES/django.mo b/openstack_auth/locale/ca/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 6c615ba..0000000 --- a/openstack_auth/locale/ca/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/de/LC_MESSAGES/django.mo b/openstack_auth/locale/de/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 71b11d4..0000000 --- a/openstack_auth/locale/de/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/en_AU/LC_MESSAGES/django.mo b/openstack_auth/locale/en_AU/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index c8cdee4..0000000 --- a/openstack_auth/locale/en_AU/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/en_GB/LC_MESSAGES/django.mo b/openstack_auth/locale/en_GB/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 8944e8e..0000000 --- a/openstack_auth/locale/en_GB/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/es/LC_MESSAGES/django.mo b/openstack_auth/locale/es/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 7c90898..0000000 --- a/openstack_auth/locale/es/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/es_MX/LC_MESSAGES/django.mo b/openstack_auth/locale/es_MX/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index c06fcc0..0000000 --- a/openstack_auth/locale/es_MX/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/fr/LC_MESSAGES/django.mo b/openstack_auth/locale/fr/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index c0fcc35..0000000 --- a/openstack_auth/locale/fr/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/hi/LC_MESSAGES/django.mo b/openstack_auth/locale/hi/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 10d7f73..0000000 --- a/openstack_auth/locale/hi/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/ja/LC_MESSAGES/django.mo b/openstack_auth/locale/ja/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index bc7033f..0000000 --- a/openstack_auth/locale/ja/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/ko_KR/LC_MESSAGES/django.mo b/openstack_auth/locale/ko_KR/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index b7cf71b..0000000 --- a/openstack_auth/locale/ko_KR/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/ne/LC_MESSAGES/django.po b/openstack_auth/locale/ne/LC_MESSAGES/django.po new file mode 100644 index 0000000..20351cd --- /dev/null +++ b/openstack_auth/locale/ne/LC_MESSAGES/django.po @@ -0,0 +1,62 @@ +# Nepali translations for django_openstack_auth. +# Copyright (C) 2014 ORGANIZATION +# This file is distributed under the same license as the +# django_openstack_auth project. +# +# Translators: +# Surit Aryal <surit_people@hotmail.com>, 2014 +msgid "" +msgstr "" +"Project-Id-Version: Horizon\n" +"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n" +"POT-Creation-Date: 2014-10-24 06:06+0000\n" +"PO-Revision-Date: 2014-10-24 02:31+0000\n" +"Last-Translator: Surit Aryal <surit_people@hotmail.com>\n" +"Language-Team: Nepali " +"(http://www.transifex.com/projects/p/horizon/language/ne/)\n" +"Plural-Forms: nplurals=2; plural=(n != 1)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Generated-By: Babel 1.3\n" + +#: openstack_auth/backend.py:40 +msgid "The authentication token issued by the Identity service has expired." +msgstr "पहिचान सेवा द्वारा जारी प्रमाणीकरण टोकन समाप्त भएको छ।" + +#: openstack_auth/backend.py:101 +msgid "Invalid user name or password." +msgstr "प्रयोगकर्ताको नाम वा पासवर्ड मिलेन । " + +#: openstack_auth/backend.py:106 +msgid "An error occurred authenticating. Please try again later." +msgstr "प्रमाणीकरणमा त्रुटि भयो। पछि फेरि प्रयास गर्नुहोस्।" + +#: openstack_auth/backend.py:128 +msgid "Unable to retrieve authorized projects." +msgstr "अधिकृत परियोजनाहरू प्राप्त गर्न सकिएन।" + +#: openstack_auth/backend.py:133 +msgid "You are not authorized for any projects." +msgstr "तपाईलाई कुनै पनि परियोजनाको अधिकार छैन।" + +#: openstack_auth/backend.py:153 +msgid "Unable to authenticate to any available projects." +msgstr "कुनै पनि उपलब्ध परियोजनाहरु प्रमाणीकरण गर्न असमर्थ।" + +#: openstack_auth/forms.py:48 +msgid "Region" +msgstr "क्षेत्र" + +#: openstack_auth/forms.py:50 +msgid "User Name" +msgstr "प्रयोगकर्ताको नाम" + +#: openstack_auth/forms.py:52 +msgid "Password" +msgstr "पासवर्ड" + +#: openstack_auth/forms.py:61 +msgid "Domain" +msgstr "डोमेन" + diff --git a/openstack_auth/locale/nl_NL/LC_MESSAGES/django.mo b/openstack_auth/locale/nl_NL/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 780c963..0000000 --- a/openstack_auth/locale/nl_NL/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/pa_IN/LC_MESSAGES/django.mo b/openstack_auth/locale/pa_IN/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index adcce26..0000000 --- a/openstack_auth/locale/pa_IN/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/pl_PL/LC_MESSAGES/django.mo b/openstack_auth/locale/pl_PL/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index f259fe1..0000000 --- a/openstack_auth/locale/pl_PL/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/pt/LC_MESSAGES/django.mo b/openstack_auth/locale/pt/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 87d50be..0000000 --- a/openstack_auth/locale/pt/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/pt_BR/LC_MESSAGES/django.mo b/openstack_auth/locale/pt_BR/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index a4874e5..0000000 --- a/openstack_auth/locale/pt_BR/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/ru/LC_MESSAGES/django.mo b/openstack_auth/locale/ru/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 02f62a7..0000000 --- a/openstack_auth/locale/ru/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/sl_SI/LC_MESSAGES/django.mo b/openstack_auth/locale/sl_SI/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 8f68c61..0000000 --- a/openstack_auth/locale/sl_SI/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/sr/LC_MESSAGES/django.mo b/openstack_auth/locale/sr/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index df40ce9..0000000 --- a/openstack_auth/locale/sr/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/tr_TR/LC_MESSAGES/django.mo b/openstack_auth/locale/tr_TR/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 207cdfe..0000000 --- a/openstack_auth/locale/tr_TR/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/uk/LC_MESSAGES/django.mo b/openstack_auth/locale/uk/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index f8bfc3b..0000000 --- a/openstack_auth/locale/uk/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/zh_CN/LC_MESSAGES/django.mo b/openstack_auth/locale/zh_CN/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 923a7f0..0000000 --- a/openstack_auth/locale/zh_CN/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/locale/zh_TW/LC_MESSAGES/django.mo b/openstack_auth/locale/zh_TW/LC_MESSAGES/django.mo Binary files differdeleted file mode 100644 index 987d25c..0000000 --- a/openstack_auth/locale/zh_TW/LC_MESSAGES/django.mo +++ /dev/null diff --git a/openstack_auth/tests/data_v2.py b/openstack_auth/tests/data_v2.py index 797f1ed..08834fe 100644 --- a/openstack_auth/tests/data_v2.py +++ b/openstack_auth/tests/data_v2.py @@ -15,7 +15,6 @@ import datetime import uuid from django.utils import datetime_safe - from keystoneclient import access from keystoneclient import service_catalog from keystoneclient.v2_0 import roles diff --git a/openstack_auth/tests/data_v3.py b/openstack_auth/tests/data_v3.py index be7fa04..be95b15 100644 --- a/openstack_auth/tests/data_v3.py +++ b/openstack_auth/tests/data_v3.py @@ -14,16 +14,14 @@ import datetime import uuid -import requests - from django.utils import datetime_safe - from keystoneclient import access from keystoneclient import service_catalog from keystoneclient.v3 import domains from keystoneclient.v3 import projects from keystoneclient.v3 import roles from keystoneclient.v3 import users +import requests class TestDataContainer(object): diff --git a/openstack_auth/tests/run_tests.py b/openstack_auth/tests/run_tests.py index 46c474c..32ec848 100644 --- a/openstack_auth/tests/run_tests.py +++ b/openstack_auth/tests/run_tests.py @@ -19,9 +19,9 @@ import sys os.environ['DJANGO_SETTINGS_MODULE'] = 'openstack_auth.tests.settings' +import django from django.test import simple as test_simple -import django if hasattr(django, 'setup'): django.setup() diff --git a/openstack_auth/tests/tests.py b/openstack_auth/tests/tests.py index b39936a..b0edf17 100644 --- a/openstack_auth/tests/tests.py +++ b/openstack_auth/tests/tests.py @@ -13,16 +13,15 @@ import copy -from mox3 import mox - from django.conf import settings from django.contrib import auth from django.core.urlresolvers import reverse from django import test - from keystoneclient import exceptions as keystone_exceptions from keystoneclient.v2_0 import client as client_v2 from keystoneclient.v3 import client as client_v3 +from mox3 import mox +import six from openstack_auth.tests import data_v2 from openstack_auth.tests import data_v3 @@ -32,7 +31,76 @@ from openstack_auth import utils DEFAULT_DOMAIN = settings.OPENSTACK_KEYSTONE_DEFAULT_DOMAIN -class OpenStackAuthTestsV2(test.TestCase): +class OpenStackAuthTestsMixin(object): + '''Common functions for version specific tests.''' + + def tearDown(self): + self.mox.UnsetStubs() + self.mox.VerifyAll() + + def _mock_unscoped_client(self, user): + self.mox.StubOutWithMock(self.ks_client_module, "Client") + self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, + password=user.password, + username=user.name, + user_domain_name=DEFAULT_DOMAIN, + insecure=False, + cacert=None, + debug=False)\ + .AndReturn(self.keystone_client_unscoped) + + def _mock_unscoped_client_with_token(self, user, unscoped): + self.mox.StubOutWithMock(self.ks_client_module, "Client") + url = settings.OPENSTACK_KEYSTONE_URL + self.ks_client_module.Client(user_id=user.id, + auth_url=url, + token=unscoped.auth_token, + insecure=False, + cacert=None, + debug=False)\ + .AndReturn(self.keystone_client_unscoped) + + def _mock_client_token_auth_failure(self, unscoped, tenant_id): + exc = keystone_exceptions.AuthorizationFailure + self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, + tenant_id=tenant_id, + insecure=False, + cacert=None, + token=unscoped.auth_token, + debug=False) \ + .AndRaise(exc) + + def _mock_client_password_auth_failure(self, username, password, exc): + self.mox.StubOutWithMock(self.ks_client_module, "Client") + self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, + password=password, + username=username, + user_domain_name=DEFAULT_DOMAIN, + insecure=False, + cacert=None, + debug=False).AndRaise(exc) + + def _mock_scoped_client_for_tenant(self, auth_ref, tenant_id, url=None): + if url is None: + auth_url = settings.OPENSTACK_KEYSTONE_URL + else: + auth_url = url + self.ks_client_module.Client(auth_url=auth_url, + tenant_id=tenant_id, + insecure=False, + cacert=None, + token=auth_ref.auth_token, + debug=False) \ + .AndReturn(self.keystone_client_scoped) + + def get_form_data(self, user): + return {'region': settings.OPENSTACK_KEYSTONE_URL, + 'domain': DEFAULT_DOMAIN, + 'password': user.password, + 'username': user.name} + + +class OpenStackAuthTestsV2(OpenStackAuthTestsMixin, test.TestCase): def setUp(self): super(OpenStackAuthTestsV2, self).setUp() self.mox = mox.Mox() @@ -48,39 +116,22 @@ class OpenStackAuthTestsV2(test.TestCase): settings.OPENSTACK_API_VERSIONS['identity'] = 2.0 settings.OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0" - def tearDown(self): - self.mox.UnsetStubs() - self.mox.VerifyAll() + def _mock_unscoped_list_tenants(self, tenants): + self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") + self.keystone_client_unscoped.tenants.list().AndReturn(tenants) + + def _mock_unscoped_client_list_tenants(self, user, tenants): + self._mock_unscoped_client(user) + self._mock_unscoped_list_tenants(tenants) def _login(self): tenants = [self.data.tenant_one, self.data.tenant_two] user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_tenants(user, tenants) + self._mock_scoped_client_for_tenant(unscoped, self.data.tenant_two.id) self.mox.ReplayAll() @@ -104,39 +155,10 @@ class OpenStackAuthTestsV2(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - exc = keystone_exceptions.AuthorizationFailure - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_one.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) - + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_tenants(user, tenants) + self._mock_client_token_auth_failure(unscoped, self.data.tenant_two.id) + self._mock_scoped_client_for_tenant(unscoped, self.data.tenant_one.id) self.mox.ReplayAll() url = reverse('login') @@ -154,39 +176,10 @@ class OpenStackAuthTestsV2(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - exc = keystone_exceptions.AuthorizationFailure - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_one.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) - + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_tenants(user, tenants) + self._mock_client_token_auth_failure(unscoped, self.data.tenant_two.id) + self._mock_client_token_auth_failure(unscoped, self.data.tenant_one.id) self.mox.ReplayAll() url = reverse('login') @@ -205,23 +198,8 @@ class OpenStackAuthTestsV2(test.TestCase): def test_no_tenants(self): user = self.data.user - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn([]) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_tenants(user, []) self.mox.ReplayAll() @@ -240,21 +218,11 @@ class OpenStackAuthTestsV2(test.TestCase): def test_invalid_credentials(self): user = self.data.user - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': "invalid", - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") + form_data = self.get_form_data(user) + form_data['password'] = "invalid" exc = keystone_exceptions.Unauthorized(401) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password="invalid", - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False).AndRaise(exc) + self._mock_client_password_auth_failure(user.name, "invalid", exc) self.mox.ReplayAll() @@ -272,22 +240,9 @@ class OpenStackAuthTestsV2(test.TestCase): def test_exception(self): user = self.data.user - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - + form_data = self.get_form_data(user) exc = keystone_exceptions.ClientException(500) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False).AndRaise(exc) - + self._mock_client_password_auth_failure(user.name, user.password, exc) self.mox.ReplayAll() url = reverse('login') @@ -331,39 +286,12 @@ class OpenStackAuthTestsV2(test.TestCase): sc = self.data.service_catalog et = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE', 'publicURL') - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'username': user.name, - 'password': user.password} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) - - self.ks_client_module.Client(auth_url=sc.url_for(endpoint_type=et), - tenant_id=tenant.id, - token=scoped.auth_token, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_tenants(user, tenants) + self._mock_scoped_client_for_tenant(unscoped, self.data.tenant_two.id) + self._mock_scoped_client_for_tenant(scoped, tenant.id, + url=sc.url_for(endpoint_type=et)) self.mox.ReplayAll() url = reverse('login') @@ -401,30 +329,10 @@ class OpenStackAuthTestsV2(test.TestCase): unscoped = self.data.unscoped_access_info sc = self.data.service_catalog - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'username': user.name, - 'password': user.password} + form_data = self.get_form_data(user) - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.tenant_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + self._mock_unscoped_client_list_tenants(user, tenants) + self._mock_scoped_client_for_tenant(unscoped, self.data.tenant_two.id) self.mox.ReplayAll() @@ -466,17 +374,8 @@ class OpenStackAuthTestsV2(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(user_id=user.id, - auth_url=settings.OPENSTACK_KEYSTONE_URL, - token=unscoped.auth_token, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) + self._mock_unscoped_client_with_token(user, unscoped) + self._mock_unscoped_list_tenants(tenants) self.mox.ReplayAll() @@ -495,18 +394,8 @@ class OpenStackAuthTestsV2(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.tenants, "list") - - self.ks_client_module.Client(user_id=user.id, - auth_url=settings.OPENSTACK_KEYSTONE_URL, - token=unscoped.auth_token, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.tenants.list().AndReturn(tenants) - + self._mock_unscoped_list_tenants(tenants) + self._mock_unscoped_client_with_token(user, unscoped) self.mox.ReplayAll() tenant_list = utils.get_project_list( @@ -555,29 +444,40 @@ def EndpointMetaFactory(endpoint_type): # wrap each test with OPENSTACK_ENDPOINT_TYPE parameter set/restore def __new__(cls, name, bases, attrs): base, = bases - for k, v in base.__dict__.iteritems(): + for k, v in six.iteritems(base.__dict__): if not k.startswith('__') and getattr(v, '__call__', None): attrs[k] = endpoint_wrapper(v) return super(EndPointMeta, cls).__new__(cls, name, bases, attrs) return EndPointMeta +@six.add_metaclass(EndpointMetaFactory('publicURL')) class OpenStackAuthTestsV2WithPublicURL(OpenStackAuthTestsV2): """Test V2 with settings.OPENSTACK_ENDPOINT_TYPE = 'publicURL'.""" - __metaclass__ = EndpointMetaFactory('publicURL') +@six.add_metaclass(EndpointMetaFactory('internalURL')) class OpenStackAuthTestsV2WithInternalURL(OpenStackAuthTestsV2): """Test V2 with settings.OPENSTACK_ENDPOINT_TYPE = 'internalURL'.""" - __metaclass__ = EndpointMetaFactory('internalURL') +@six.add_metaclass(EndpointMetaFactory('adminURL')) class OpenStackAuthTestsV2WithAdminURL(OpenStackAuthTestsV2): """Test V2 with settings.OPENSTACK_ENDPOINT_TYPE = 'adminURL'.""" - __metaclass__ = EndpointMetaFactory('adminURL') -class OpenStackAuthTestsV3(test.TestCase): +class OpenStackAuthTestsV3(OpenStackAuthTestsMixin, test.TestCase): + + def _mock_unscoped_client_list_projects(self, user, projects): + self._mock_unscoped_client(user) + self._mock_unscoped_list_projects(user, projects) + + def _mock_unscoped_list_projects(self, user, projects): + self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, + "list") + self.keystone_client_unscoped.projects.list(user=user.id) \ + .AndReturn(projects) + def setUp(self): super(OpenStackAuthTestsV3, self).setUp() self.mox = mox.Mox() @@ -593,41 +493,14 @@ class OpenStackAuthTestsV3(test.TestCase): settings.OPENSTACK_API_VERSIONS['identity'] = 3 settings.OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v3" - def tearDown(self): - self.mox.UnsetStubs() - self.mox.VerifyAll() - def test_login(self): projects = [self.data.project_one, self.data.project_two] user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects(user, projects) + self._mock_scoped_client_for_tenant(unscoped, self.data.project_two.id) self.mox.ReplayAll() @@ -646,41 +519,11 @@ class OpenStackAuthTestsV3(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - exc = keystone_exceptions.AuthorizationFailure - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_one.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) - + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects(user, projects) + self._mock_client_token_auth_failure(unscoped, + self.data.project_two.id) + self._mock_scoped_client_for_tenant(unscoped, self.data.project_one.id) self.mox.ReplayAll() url = reverse('login') @@ -698,41 +541,13 @@ class OpenStackAuthTestsV3(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - exc = keystone_exceptions.AuthorizationFailure - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_one.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndRaise(exc) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects(user, projects) + self._mock_client_token_auth_failure(unscoped, + self.data.project_two.id) + self._mock_client_token_auth_failure(unscoped, + self.data.project_one.id) self.mox.ReplayAll() url = reverse('login') @@ -751,26 +566,8 @@ class OpenStackAuthTestsV3(test.TestCase): def test_no_projects(self): user = self.data.user - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn([]) - + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects(user, []) self.mox.ReplayAll() url = reverse('login') @@ -788,21 +585,12 @@ class OpenStackAuthTestsV3(test.TestCase): def test_invalid_credentials(self): user = self.data.user - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': "invalid", - 'username': user.name} + form_data = self.get_form_data(user) - self.mox.StubOutWithMock(self.ks_client_module, "Client") + form_data['password'] = "invalid" exc = keystone_exceptions.Unauthorized(401) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password="invalid", - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False).AndRaise(exc) + self._mock_client_password_auth_failure(user.name, "invalid", exc) self.mox.ReplayAll() @@ -819,23 +607,9 @@ class OpenStackAuthTestsV3(test.TestCase): def test_exception(self): user = self.data.user - - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'password': user.password, - 'username': user.name} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - + form_data = self.get_form_data(user) exc = keystone_exceptions.ClientException(500) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False).AndRaise(exc) - + self._mock_client_password_auth_failure(user.name, user.password, exc) self.mox.ReplayAll() url = reverse('login') @@ -861,39 +635,14 @@ class OpenStackAuthTestsV3(test.TestCase): sc = self.data.service_catalog et = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE', 'publicURL') - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'username': user.name, - 'password': user.password} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") + form_data = self.get_form_data(user) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) - self.ks_client_module.Client(auth_url=sc.url_for(endpoint_type=et), - tenant_id=project.id, - token=scoped.auth_token, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + self._mock_unscoped_client_list_projects(user, projects) + self._mock_scoped_client_for_tenant(unscoped, self.data.project_two.id) + self._mock_scoped_client_for_tenant( + unscoped, + project.id, + url=sc.url_for(endpoint_type=et)) self.mox.ReplayAll() @@ -932,32 +681,9 @@ class OpenStackAuthTestsV3(test.TestCase): unscoped = self.data.unscoped_access_info sc = self.data.service_catalog - form_data = {'region': settings.OPENSTACK_KEYSTONE_URL, - 'domain': DEFAULT_DOMAIN, - 'username': user.name, - 'password': user.password} - - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - password=user.password, - username=user.name, - user_domain_name=DEFAULT_DOMAIN, - insecure=False, - cacert=None, - debug=False) \ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - self.ks_client_module.Client(auth_url=settings.OPENSTACK_KEYSTONE_URL, - tenant_id=self.data.project_two.id, - insecure=False, - cacert=None, - token=unscoped.auth_token, - debug=False) \ - .AndReturn(self.keystone_client_scoped) + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects(user, projects) + self._mock_scoped_client_for_tenant(unscoped, self.data.project_two.id) self.mox.ReplayAll() @@ -999,20 +725,8 @@ class OpenStackAuthTestsV3(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(user_id=user.id, - auth_url=settings.OPENSTACK_KEYSTONE_URL, - token=unscoped.auth_token, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) - + self._mock_unscoped_client_with_token(user, unscoped) + self._mock_unscoped_list_projects(user, projects) self.mox.ReplayAll() project_list = utils.get_project_list( @@ -1030,19 +744,8 @@ class OpenStackAuthTestsV3(test.TestCase): user = self.data.user unscoped = self.data.unscoped_access_info - self.mox.StubOutWithMock(self.ks_client_module, "Client") - self.mox.StubOutWithMock(self.keystone_client_unscoped.projects, - "list") - - self.ks_client_module.Client(user_id=user.id, - auth_url=settings.OPENSTACK_KEYSTONE_URL, - token=unscoped.auth_token, - insecure=False, - cacert=None, - debug=False)\ - .AndReturn(self.keystone_client_unscoped) - self.keystone_client_unscoped.projects.list(user=user.id) \ - .AndReturn(projects) + self._mock_unscoped_client_with_token(user, unscoped) + self._mock_unscoped_list_projects(user, projects) self.mox.ReplayAll() @@ -1072,16 +775,16 @@ class OpenStackAuthTestsV3(test.TestCase): self.assertIsNone(utils._PROJECT_CACHE.get(unscoped.auth_token)) +@six.add_metaclass(EndpointMetaFactory('publicURL')) class OpenStackAuthTestsV3WithPublicURL(OpenStackAuthTestsV3): """Test V3 with settings.OPENSTACK_ENDPOINT_TYPE = 'publicURL'.""" - __metaclass__ = EndpointMetaFactory('publicURL') +@six.add_metaclass(EndpointMetaFactory('internalURL')) class OpenStackAuthTestsV3WithInternalURL(OpenStackAuthTestsV3): """Test V3 with settings.OPENSTACK_ENDPOINT_TYPE = 'internalURL'.""" - __metaclass__ = EndpointMetaFactory('internalURL') +@six.add_metaclass(EndpointMetaFactory('adminURL')) class OpenStackAuthTestsV3WithAdminURL(OpenStackAuthTestsV3): """Test V3 with settings.OPENSTACK_ENDPOINT_TYPE = 'adminURL'.""" - __metaclass__ = EndpointMetaFactory('adminURL') diff --git a/openstack_auth/user.py b/openstack_auth/user.py index bdcf5ba..6eda8f5 100644 --- a/openstack_auth/user.py +++ b/openstack_auth/user.py @@ -16,7 +16,6 @@ import logging from django.conf import settings from django.contrib.auth import models - from keystoneclient import exceptions as keystone_exceptions from openstack_auth import utils @@ -259,7 +258,12 @@ class User(models.AnonymousUser): Returns ``True`` or ``False``. """ - return 'admin' in [role['name'].lower() for role in self.roles] + admin_roles = [role.lower() for role in getattr( + settings, + 'OPENSTACK_KEYSTONE_ADMIN_ROLES', + ['admin'])] + user_roles = [role['name'].lower() for role in self.roles] + return True if set(admin_roles).intersection(user_roles) else False @property def authorized_tenants(self): diff --git a/openstack_auth/utils.py b/openstack_auth/utils.py index f41985c..6a0d73b 100644 --- a/openstack_auth/utils.py +++ b/openstack_auth/utils.py @@ -14,17 +14,15 @@ import datetime import functools -from six.moves.urllib import parse as urlparse - from django.conf import settings from django.contrib import auth from django.contrib.auth import middleware from django.contrib.auth import models from django.utils import decorators from django.utils import timezone - from keystoneclient.v2_0 import client as client_v2 from keystoneclient.v3 import client as client_v3 +from six.moves.urllib import parse as urlparse _PROJECT_CACHE = {} diff --git a/openstack_auth/views.py b/openstack_auth/views.py index 00aff6a..e7ea1e8 100644 --- a/openstack_auth/views.py +++ b/openstack_auth/views.py @@ -24,7 +24,6 @@ from django.utils import http from django.views.decorators.cache import never_cache # noqa from django.views.decorators.csrf import csrf_protect # noqa from django.views.decorators.debug import sensitive_post_parameters # noqa - from keystoneclient import exceptions as keystone_exceptions from keystoneclient.v2_0 import client as keystone_client_v2 diff --git a/requirements.txt b/requirements.txt index 6927324..68a57ba 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,5 +3,5 @@ # process, which may cause wedges in the gate later. pbr>=0.6,!=0.7,<1.0 Django>=1.4.2,<1.7 -python-keystoneclient>=0.10.0 +python-keystoneclient>=0.11.1 six>=1.7.0 diff --git a/test-requirements.txt b/test-requirements.txt index be0da50..0a80fd8 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,9 +1,9 @@ # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -hacking>=0.8.0,<0.9 +hacking>=0.9.2,<0.10 Babel>=1.3 coverage>=3.6 mox3>=0.7.0 -sphinx>=1.1.2,!=1.2.0,<1.3 +sphinx>=1.1.2,!=1.2.0,!=1.3b1,<1.3 oslosphinx>=2.2.0 # Apache-2.0 @@ -41,8 +41,10 @@ downloadcache = ~/cache/pip [flake8] builtins = _ exclude = .venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,build,panel_template,dash_template,local_settings.py +# H405 multi line docstring summary not separated with an empty line # H803 git commit title should not end with period (disabled on purpose, see bug #1236621) -ignore = H803 +# H904 Wrap long lines in parentheses instead of a backslash +ignore = H405,H803,H904 [hacking] import_exceptions = django.conf.settings, |