diff options
| author | adrian-turjak <adriant@catalyst.net.nz> | 2016-09-26 13:06:42 +1300 |
|---|---|---|
| committer | adrian-turjak <adriant@catalyst.net.nz> | 2017-03-20 14:40:56 +1300 |
| commit | 49f6032b699804b1b0ed56137ab14ba266251157 (patch) | |
| tree | 3974902aa84cf99ca462ddb1c2a305c8c88a554a /openstackclient/tests/unit | |
| parent | ad5b57fd19d08bb16c539a042f0a48653b700b4a (diff) | |
| download | python-openstackclient-49f6032b699804b1b0ed56137ab14ba266251157.tar.gz | |
Non-Admin can't list own projects
Due to a default Keystone policy until Newtown,
and the use of resource_find, non-admins are unable
to list their own projects.
This patch bypasses this problem while also introducing better
UX for non-admins wishing to get their project list.
'openstack project list' retains the default of 'list all projects'
but on a forbidden error will default instead to 'list my projects'.
This way for non-admins 'list my projects' feels like the default
without breaking the expected admin default.
Adding the '--my-projects' option allows admins to easily list their
own projects or allows non-admins to be explicit and bypass the
forbidden error fallback.
Change-Id: I1021276f69fbbf28e13e17c4e567d932fce7ed8b
Closes-Bug: #1627555
Diffstat (limited to 'openstackclient/tests/unit')
| -rw-r--r-- | openstackclient/tests/unit/identity/v3/test_project.py | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/openstackclient/tests/unit/identity/v3/test_project.py b/openstackclient/tests/unit/identity/v3/test_project.py index a27bf2a5..7be81153 100644 --- a/openstackclient/tests/unit/identity/v3/test_project.py +++ b/openstackclient/tests/unit/identity/v3/test_project.py @@ -617,6 +617,36 @@ class TestProjectList(TestProject): self.assertEqual(datalists, tuple(data)) + def test_project_list_my_projects(self): + auth_ref = identity_fakes.fake_auth_ref( + identity_fakes.TOKEN_WITH_PROJECT_ID, + ) + ar_mock = mock.PropertyMock(return_value=auth_ref) + type(self.app.client_manager).auth_ref = ar_mock + + arglist = [ + '--my-projects', + ] + verifylist = [ + ('my_projects', True), + ] + parsed_args = self.check_parser(self.cmd, arglist, verifylist) + + # In base command class Lister in cliff, abstract method take_action() + # returns a tuple containing the column names and an iterable + # containing the data to be listed. + columns, data = self.cmd.take_action(parsed_args) + self.projects_mock.list.assert_called_with( + user=self.app.client_manager.auth_ref.user_id) + + collist = ('ID', 'Name') + self.assertEqual(collist, columns) + datalist = (( + self.project.id, + self.project.name, + ), ) + self.assertEqual(datalist, tuple(data)) + class TestProjectSet(TestProject): |