Hide settings/change password on keystone v32013.2.rc2

When using keystone v3, it was possible to change the user
password without knowing the old password.

Change-Id: I2e3721f9c8a1de4b9a5f85b230432844d2c83507
Closes-Bug: 1237989

2 files changed, 23 insertions, 4 deletions

diff --git a/openstack_dashboard/dashboards/settings/password/panel.py b/openstack_dashboard/dashboards/settings/password/panel.py
index b7a1e690b..063341865 100644
--- a/openstack_dashboard/dashboards/settings/password/panel.py
+++ b/openstack_dashboard/dashboards/settings/password/panel.py
@@ -18,6 +18,7 @@ from django.utils.translation import ugettext_lazy as _  # noqa
 
 import horizon
 
+from openstack_dashboard.api import keystone
 from openstack_dashboard.dashboards.settings import dashboard
 
 
@@ -25,5 +26,7 @@ class PasswordPanel(horizon.Panel):
     name = _("Change Password")
     slug = 'password'
 
-
-dashboard.Settings.register(PasswordPanel)
+# TODO(mrunge): remove restriction, when keystone v3 has a update own user
+# function and checks passwords properly.
+if keystone.VERSIONS.active == 2:
+    dashboard.Settings.register(PasswordPanel)
diff --git a/openstack_dashboard/dashboards/settings/password/tests.py b/openstack_dashboard/dashboards/settings/password/tests.py
index 43126658b..1e5b6eff6 100644
--- a/openstack_dashboard/dashboards/settings/password/tests.py
+++ b/openstack_dashboard/dashboards/settings/password/tests.py
@@ -14,6 +14,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+from django.core.urlresolvers import NoReverseMatch  # noqa
 from django.core.urlresolvers import reverse  # noqa
 from django import http
 
@@ -22,14 +23,19 @@ from mox import IsA  # noqa
 from openstack_dashboard import api
 from openstack_dashboard.test import helpers as test
 
-
-INDEX_URL = reverse('horizon:settings:password:index')
+# TODO(mrunge): remove, when keystone v3 supports
+# change_own_password, incl. password validation
+kver = api.keystone.VERSIONS.active
+if kver == 2:
+    INDEX_URL = reverse('horizon:settings:password:index')
 
 
 class ChangePasswordTests(test.TestCase):
 
     @test.create_stubs({api.keystone: ('user_update_own_password', )})
     def test_change_password(self):
+        if kver == 3:
+            self.skipTest('Password change in keystone v3 unsupported')
         api.keystone.user_update_own_password(IsA(http.HttpRequest),
                                               'oldpwd',
                                               'normalpwd',).AndReturn(None)
@@ -44,6 +50,8 @@ class ChangePasswordTests(test.TestCase):
         self.assertNoFormErrors(res)
 
     def test_change_validation_passwords_not_matching(self):
+        if kver == 3:
+            self.skipTest('Password change in keystone v3 unsupported')
         formData = {'method': 'PasswordForm',
                     'current_password': 'currpasswd',
                     'new_password': 'testpassword',
@@ -54,6 +62,8 @@ class ChangePasswordTests(test.TestCase):
 
     @test.create_stubs({api.keystone: ('user_update_own_password', )})
     def test_change_password_shows_message_on_login_page(self):
+        if kver == 3:
+            self.skipTest('Password change in keystone v3 unsupported')
         api.keystone.user_update_own_password(IsA(http.HttpRequest),
                                               'oldpwd',
                                               'normalpwd').AndReturn(None)
@@ -67,3 +77,9 @@ class ChangePasswordTests(test.TestCase):
 
         info_msg = "Password changed. Please log in again to continue."
         self.assertContains(res, info_msg)
+
+    def test_on_keystone_v3_disabled(self):
+        try:
+            reverse('horizon:settings:password:index')
+        except NoReverseMatch:
+            pass