def test_correct_user_domain_id_from_Rackspace(self):
"""Check the user's domain using the data provided by Rackspace."""
token_data = {
'access': {
'user': {
'id':
uuid.uuid4().hex,
'roles': [
{
'tenantId': uuid.uuid4().hex
},
{
'tenantId': uuid.uuid4().hex
},
]
}
}
}
identity = v2.RackspaceIdentity(
self.username,
self.password,
user_domain_id=self.domain,
user_ref={'RAX-AUTH:domainId': self.domain})
identity._assert_user_domain(token_data)
def test_incorrect_domain_scope(self):
token_data = {
'access': {
'user': {
'id':
uuid.uuid4().hex,
'roles': [
{
'tenantId': uuid.uuid4().hex
},
{
'tenantId': uuid.uuid4().hex
},
]
}
}
}
identity = v2.RackspaceIdentity(
self.username,
self.password,
scope_domain_id=self.domain,
user_ref={'RAX-AUTH:domainId': uuid.uuid4().hex})
self.assertRaises(exception.Unauthorized,
identity._assert_domain_scope, token_data)
def test_correct_user_domain_name_from_roles(self):
"""Check the user's domain using the project IDs from the roles."""
token_data = {
'access': {
'user': {
'id':
uuid.uuid4().hex,
'roles': [
{
'tenantId': uuid.uuid4().hex
},
{
'tenantId': self.domain
},
]
}
}
}
user_ref = {}
identity = v2.RackspaceIdentity(self.username,
self.password,
user_ref,
user_domain_name=self.domain)
identity._assert_user_domain(token_data)
def test_correct_domain_scope_from_roles(self):
"""Check the domain scope using the project IDs from the roles."""
token_data = {
'access': {
'user': {
'id':
uuid.uuid4().hex,
'roles': [
{
'tenantId': uuid.uuid4().hex
},
{
'tenantId': self.domain
},
]
}
}
}
identity = v2.RackspaceIdentity(
self.username,
self.password,
scope_domain_id=self.domain,
user_ref={'RAX-AUTH:domainId': self.domain})
identity._assert_domain_scope(token_data)
