diff options
| author | Colleen Murphy <colleen@gazlene.net> | 2016-11-28 15:37:14 +0100 |
|---|---|---|
| committer | Steve Martinelli <s.martinelli@gmail.com> | 2016-12-04 18:59:09 +0000 |
| commit | 5203cc970762953e72d4745452d6ed5a2283ad9f (patch) | |
| tree | 452576c8756204e00f77af2de6e91f63fe2ff63f /openstackclient | |
| parent | b12782726f61a3e50278f2271e0cc254df32ce54 (diff) | |
| download | python-openstackclient-5203cc970762953e72d4745452d6ed5a2283ad9f.tar.gz | |
Remove auth_with_unscoped_saml decorator
The auth_with_unscoped_saml decorator existed to make sure the user
selected the right auth plugin before trying to call either a
'federation domain' or 'federation project' command. This is outdated,
because openstackclient now uses keystoneauth[1] and keystoneauth
removed its entrypoints for the federation plugins[2] since its
_Rescoped class no longer needs them. This patch removes the decorator
since that validation check was the only thing standing in the way of
the commands working correctly. Also removed the '*_list_wrong_auth'
tests since those only existed to test the decorator, and stopped
setting the plugin in the positive tests since the
automatically-determined token plugin should now be fine.
[1] http://git.openstack.org/cgit/openstack/python-openstackclient/commit/?id=6ae0d2e8a54fd5139e63a990ab4bdce634e73c5e
[2] http://git.openstack.org/cgit/openstack/keystoneauth/commit/?id=d9e4d26bb86f8d48e43188b88bab9d7fe778d2c1
Change-Id: Id981739663113447a7bba8ddba81ba9394a19e07
Closes-bug: #1624115
Diffstat (limited to 'openstackclient')
| -rw-r--r-- | openstackclient/identity/v3/unscoped_saml.py | 22 | ||||
| -rw-r--r-- | openstackclient/tests/unit/identity/v3/test_unscoped_saml.py | 26 |
2 files changed, 0 insertions, 48 deletions
diff --git a/openstackclient/identity/v3/unscoped_saml.py b/openstackclient/identity/v3/unscoped_saml.py index 5940534a..f7598f17 100644 --- a/openstackclient/identity/v3/unscoped_saml.py +++ b/openstackclient/identity/v3/unscoped_saml.py @@ -18,35 +18,14 @@ the user can list domains and projects they are allowed to access, and request a scoped token.""" from osc_lib.command import command -from osc_lib import exceptions from osc_lib import utils from openstackclient.i18n import _ -UNSCOPED_AUTH_PLUGINS = ['v3unscopedsaml', 'v3unscopedadfs', 'v3oidc'] - - -def auth_with_unscoped_saml(func): - """Check the unscoped federated context""" - - def _decorated(self, parsed_args): - auth_plugin_name = self.app.client_manager.auth_plugin_name - if auth_plugin_name in UNSCOPED_AUTH_PLUGINS: - return func(self, parsed_args) - else: - msg = (_('This command requires the use of an unscoped SAML ' - 'authentication plugin. Please use argument ' - '--os-auth-type with one of the following ' - 'plugins: %s') % ', '.join(UNSCOPED_AUTH_PLUGINS)) - raise exceptions.CommandError(msg) - return _decorated - - class ListAccessibleDomains(command.Lister): _description = _("List accessible domains") - @auth_with_unscoped_saml def take_action(self, parsed_args): columns = ('ID', 'Enabled', 'Name', 'Description') identity_client = self.app.client_manager.identity @@ -61,7 +40,6 @@ class ListAccessibleDomains(command.Lister): class ListAccessibleProjects(command.Lister): _description = _("List accessible projects") - @auth_with_unscoped_saml def take_action(self, parsed_args): columns = ('ID', 'Domain ID', 'Enabled', 'Name') identity_client = self.app.client_manager.identity diff --git a/openstackclient/tests/unit/identity/v3/test_unscoped_saml.py b/openstackclient/tests/unit/identity/v3/test_unscoped_saml.py index 9e4e1876..34655263 100644 --- a/openstackclient/tests/unit/identity/v3/test_unscoped_saml.py +++ b/openstackclient/tests/unit/identity/v3/test_unscoped_saml.py @@ -12,8 +12,6 @@ import copy -from osc_lib import exceptions - from openstackclient.identity.v3 import unscoped_saml from openstackclient.tests.unit import fakes from openstackclient.tests.unit.identity.v3 import fakes as identity_fakes @@ -48,7 +46,6 @@ class TestDomainList(TestUnscopedSAML): self.cmd = unscoped_saml.ListAccessibleDomains(self.app, None) def test_accessible_domains_list(self): - self.app.client_manager.auth_plugin_name = 'v3unscopedsaml' arglist = [] verifylist = [] parsed_args = self.check_parser(self.cmd, arglist, verifylist) @@ -70,17 +67,6 @@ class TestDomainList(TestUnscopedSAML): ), ) self.assertEqual(datalist, tuple(data)) - def test_accessible_domains_list_wrong_auth(self): - auth = identity_fakes.FakeAuth("wrong auth") - self.app.client_manager.identity.session.auth = auth - arglist = [] - verifylist = [] - parsed_args = self.check_parser(self.cmd, arglist, verifylist) - - self.assertRaises(exceptions.CommandError, - self.cmd.take_action, - parsed_args) - class TestProjectList(TestUnscopedSAML): @@ -99,7 +85,6 @@ class TestProjectList(TestUnscopedSAML): self.cmd = unscoped_saml.ListAccessibleProjects(self.app, None) def test_accessible_projects_list(self): - self.app.client_manager.auth_plugin_name = 'v3unscopedsaml' arglist = [] verifylist = [] parsed_args = self.check_parser(self.cmd, arglist, verifylist) @@ -120,14 +105,3 @@ class TestProjectList(TestUnscopedSAML): identity_fakes.project_name, ), ) self.assertEqual(datalist, tuple(data)) - - def test_accessible_projects_list_wrong_auth(self): - auth = identity_fakes.FakeAuth("wrong auth") - self.app.client_manager.identity.session.auth = auth - arglist = [] - verifylist = [] - parsed_args = self.check_parser(self.cmd, arglist, verifylist) - - self.assertRaises(exceptions.CommandError, - self.cmd.take_action, - parsed_args) |