keystone.tests.unit.identity package¶

Subpackages¶

Submodules¶

keystone.tests.unit.identity.test_backend_sql module¶

class keystone.tests.unit.identity.test_backend_sql.ChangePasswordRequiredAfterFirstUse(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

assertPasswordIsExpired(user_id, password)[source]¶

assertPasswordIsNotExpired(user_id, password)[source]¶

test_password_expired_after_create()[source]¶

test_password_expired_after_reset()[source]¶

test_password_not_expired_for_ignore_user()[source]¶

test_password_not_expired_when_feature_disabled()[source]¶

class keystone.tests.unit.identity.test_backend_sql.DisableInactiveUserTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

setUp()[source]¶

test_authenticate_user_disabled_due_to_inactivity()[source]¶

test_authenticate_user_not_disabled_due_to_inactivity()[source]¶

test_enabled_after_create_update_user()[source]¶

test_get_user_disabled_due_to_inactivity()[source]¶

test_get_user_not_disabled_due_to_inactivity()[source]¶

class keystone.tests.unit.identity.test_backend_sql.LockingOutUserTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

setUp()[source]¶

test_lock_out_for_ignored_user()[source]¶

test_locking_out_user_after_max_failed_attempts()[source]¶

test_lockout_duration()[source]¶

test_lockout_duration_failed_auth_cnt_resets()[source]¶

test_set_enabled_unlocks_user()[source]¶

class keystone.tests.unit.identity.test_backend_sql.MinimumPasswordAgeTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

assertValidChangePassword(user_id, password, new_password)[source]¶

setUp()[source]¶

test_user_can_change_password_after_admin_reset()[source]¶

test_user_can_change_password_after_min_age()[source]¶

test_user_cannot_change_password_before_min_age()[source]¶

class keystone.tests.unit.identity.test_backend_sql.PasswordExpiresValidationTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

setUp()[source]¶

test_authenticate_with_expired_password()[source]¶

test_authenticate_with_expired_password_for_ignore_user_option()[source]¶

test_authenticate_with_non_expired_password()[source]¶

class keystone.tests.unit.identity.test_backend_sql.PasswordHistoryValidationTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

assertValidChangePassword(user_id, password, new_password)[source]¶

setUp()[source]¶

test_admin_password_reset_is_not_validated_by_password_history()[source]¶

test_disable_password_history_and_repeat_same_password()[source]¶

test_truncate_passwords()[source]¶

test_truncate_passwords_when_max_is_default()[source]¶

test_truncate_passwords_when_max_is_default_and_no_password()[source]¶

test_validate_password_history_but_start_with_password_none()[source]¶

test_validate_password_history_with_invalid_password()[source]¶

test_validate_password_history_with_valid_password()[source]¶

class keystone.tests.unit.identity.test_backend_sql.UserPasswordCreatedAtIntTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

config_overrides()[source]¶

test_user_password_created_expired_at_int_matches_created_at()[source]¶

class keystone.tests.unit.identity.test_backend_sql.UserPasswordHashingTestsNoCompat(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

config_overrides()[source]¶

test_configured_algorithm_used()[source]¶

test_password_hashing_compat_not_set_used()[source]¶

class keystone.tests.unit.identity.test_backend_sql.UserResourceOptionTests(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.test_backend_sql.SqlTests

setUp()[source]¶

test_unregistered_resource_option_deleted()[source]¶

test_user_add_delete_resource_option_existing_option_values()[source]¶

test_user_add_update_delete_option_in_resource_option()[source]¶

test_user_set_option_in_resource_option()[source]¶

keystone.tests.unit.identity.test_backends module¶

class keystone.tests.unit.identity.test_backends.FilterTests[source]¶

Bases: keystone.tests.unit.filtering.FilterTests

test_filter_value_wider_than_field()[source]¶

test_groups_for_user_exact_filtered()[source]¶

Test exact filters doesn’t break groups_for_user listing.

test_groups_for_user_inexact_filtered()[source]¶

Test use of filtering doesn’t break groups_for_user listing.

Some backends may use filtering to achieve the list of groups for a user, so test that it can combine a second filter.

Test Plan:

• Create 10 groups, some with names we can filter on
• Create 2 users
• Assign 1 of those users to most of the groups, including some of the well known named ones
• Assign the other user to other groups as spoilers
• Ensure that when we list groups for users with a filter on the group name, both restrictions have been enforced on what is returned.

test_list_entities_filtered()[source]¶

test_list_users_in_group_exact_filtered()[source]¶

test_list_users_in_group_inexact_filtered()[source]¶

test_list_users_inexact_filtered()[source]¶

class keystone.tests.unit.identity.test_backends.IdentityTests[source]¶

Bases: object

test_add_user_to_group()[source]¶

test_add_user_to_group_returns_not_found()[source]¶

test_arbitrary_attributes_are_returned_from_create_user()[source]¶

test_arbitrary_attributes_are_returned_from_get_user()[source]¶

test_authenticate()[source]¶

test_authenticate_and_get_roles_no_metadata()[source]¶

test_authenticate_bad_password()[source]¶

test_authenticate_bad_user()[source]¶

test_authenticate_if_no_password_set()[source]¶

test_cache_layer_get_user(*args, **kwargs)[source]¶

test_cache_layer_get_user_by_name(*args, **kwargs)[source]¶

test_cache_layer_group_crud(*args, **kwargs)[source]¶

test_check_user_in_group()[source]¶

test_check_user_in_group_returns_not_found()[source]¶

test_check_user_not_in_group()[source]¶

test_create_duplicate_group_name_fails()[source]¶

test_create_duplicate_group_name_in_different_domains()[source]¶

test_create_duplicate_user_name_fails()[source]¶

test_create_duplicate_user_name_in_different_domains()[source]¶

test_create_group_name_with_trailing_whitespace()[source]¶

test_create_unicode_user_name()[source]¶

test_create_user_blank_name_fails()[source]¶

test_create_user_doesnt_modify_passed_in_dict()[source]¶

test_create_user_invalid_enabled_type_string()[source]¶

test_create_user_invalid_name_fails()[source]¶

test_create_user_long_name_fails()[source]¶

test_create_user_missed_password()[source]¶

test_create_user_none_password()[source]¶

test_delete_group_with_user_project_domain_links()[source]¶

test_delete_user_returns_not_found()[source]¶

test_delete_user_with_group_project_domain_links()[source]¶

test_get_group_by_name()[source]¶

test_get_group_by_name_returns_not_found()[source]¶

test_get_user()[source]¶

test_get_user_by_name()[source]¶

test_get_user_by_name_returns_not_found()[source]¶

test_get_user_returns_not_found()[source]¶

test_get_user_returns_required_attributes()[source]¶

test_group_crud()[source]¶

test_list_domains_filtered_and_limited(*args, **kwargs)[source]¶

test_list_groups()[source]¶

test_list_groups_for_user()[source]¶

test_list_users()[source]¶

test_list_users_in_group()[source]¶

test_list_users_in_group_returns_not_found()[source]¶

test_list_users_with_all_federated_attributes()[source]¶

test_list_users_with_idp_id()[source]¶

test_list_users_with_idp_id_protocol_id()[source]¶

test_list_users_with_name()[source]¶

test_list_users_with_protocol_id()[source]¶

test_list_users_with_unique_id()[source]¶

test_list_users_with_unique_id_and_idp_id()[source]¶

test_list_users_with_unique_id_and_protocol_id()[source]¶

test_move_group_between_domains()[source]¶

test_move_user_between_domains()[source]¶

test_new_arbitrary_attributes_are_returned_from_update_user()[source]¶

test_remove_user_from_group()[source]¶

test_remove_user_from_group_returns_not_found()[source]¶

test_rename_duplicate_user_name_fails()[source]¶

test_update_group_name_with_trailing_whitespace()[source]¶

test_update_user_enable()[source]¶

test_update_user_id_fails()[source]¶

test_update_user_long_name_fails()[source]¶

test_update_user_name()[source]¶

test_update_user_returns_not_found()[source]¶

test_updated_arbitrary_attributes_are_returned_from_update_user()[source]¶

test_user_crud()[source]¶

test_user_update_and_user_get_return_same_response()[source]¶

class keystone.tests.unit.identity.test_backends.LimitTests[source]¶

Bases: keystone.tests.unit.filtering.FilterTests

ENTITIES = ['user', 'group', 'project']¶

clean_up_entities()[source]¶

Clean up entity test data from Limit Test Cases.

setUp()[source]¶

Setup for Limit Test Cases.

test_list_groups_filtered_and_limited()[source]¶

test_list_projects_filtered_and_limited()[source]¶

test_list_users_filtered_and_limited()[source]¶

keystone.tests.unit.identity.test_core module¶

Unit tests for core identity behavior.

class keystone.tests.unit.identity.test_core.TestDatabaseDomainConfigs(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.core.TestCase

setUp()[source]¶

test_domain_config_in_database_disabled_by_default()[source]¶

test_loading_config_from_database()[source]¶

class keystone.tests.unit.identity.test_core.TestDomainConfigs(*args, **kwargs)[source]¶

Bases: keystone.tests.unit.core.BaseTestCase

setUp()[source]¶

test_config_for_dot_name_domain()[source]¶

test_config_for_multiple_sql_backend()[source]¶

test_config_for_nonexistent_domain()[source]¶

Having a config for a non-existent domain will be ignored.

There are no assertions in this test because there are no side effects. If there is a config file for a domain that does not exist it should be ignored.

Module contents¶