def test_past_expiry_are_removed(self): user_id = 1 self.revoke_api.revoke_by_expiration(user_id, _future_time()) self.assertEqual(1, len(self.revoke_api.list_events())) event = model.RevokeEvent() event.revoked_at = _past_time() self.revoke_api.revoke(event) self.assertEqual(1, len(self.revoke_api.list_events()))
def _revoke_by_expiration(self, user_id, expires_at, project_id=None, domain_id=None): event = self.tree.add_event( model.RevokeEvent(user_id=user_id, expires_at=expires_at, project_id=project_id, domain_id=domain_id)) self.events.append(event) return event
def _revoke_by_grant(self, role_id, user_id=None, domain_id=None, project_id=None): event = self.tree.add_event( model.RevokeEvent(user_id=user_id, role_id=role_id, domain_id=domain_id, project_id=project_id)) self.events.append(event) return event
def _revoke_by_audit_chain_id(self, audit_chain_id, project_id=None, domain_id=None): event = self.tree.add_event( model.RevokeEvent(audit_chain_id=audit_chain_id, project_id=project_id, domain_id=domain_id) ) self.events.append(event) return event
def revoke_by_grant(self, role_id, user_id=None, domain_id=None, project_id=None): self.revoke( model.RevokeEvent(user_id=user_id, role_id=role_id, domain_id=domain_id, project_id=project_id))
def test_disabled_domain_in_list(self): domain_id = uuid.uuid4().hex sample = dict() sample['domain_id'] = six.text_type(domain_id) before_time = timeutils.utcnow() self.revoke_api.revoke(model.RevokeEvent(domain_id=domain_id)) resp = self.get('/OS-REVOKE/events') events = resp.json_body['events'] self.assertEqual(1, len(events)) self.assertReportedEventMatchesRecorded(events[0], sample, before_time)
def list_events(self, last_fetch=None): with sql.session_for_read() as session: query = session.query(RevocationEvent).order_by( RevocationEvent.revoked_at) if last_fetch: query = query.filter(RevocationEvent.revoked_at > last_fetch) events = [model.RevokeEvent(**e.to_dict()) for e in query] return events
def list_events(self, last_fetch=None): session = sql.get_session() query = session.query(RevocationEvent).order_by( RevocationEvent.revoked_at) if last_fetch: query = query.filter(RevocationEvent.revoked_at > last_fetch) events = [model.RevokeEvent(**e.to_dict()) for e in query] return events
def revoke_by_audit_chain_id(self, audit_chain_id, project_id=None, domain_id=None): self._assert_not_domain_and_project_scoped(domain_id=domain_id, project_id=project_id) self.revoke( model.RevokeEvent(audit_chain_id=audit_chain_id, domain_id=domain_id, project_id=project_id))
def revoke_by_expiration(self, user_id, expires_at, domain_id=None, project_id=None): self._assert_not_domain_and_project_scoped(domain_id=domain_id, project_id=project_id) self.revoke( model.RevokeEvent(user_id=user_id, expires_at=expires_at, domain_id=domain_id, project_id=project_id))
def test_since_future_time_no_events(self): domain_id = uuid.uuid4().hex sample = dict() sample['domain_id'] = six.text_type(domain_id) self.revoke_api.revoke(model.RevokeEvent(domain_id=domain_id)) resp = self.get('/OS-REVOKE/events') events = resp.json_body['events'] self.assertEqual(1, len(events)) resp = self.get('/OS-REVOKE/events?since=%s' % _future_time_string()) events = resp.json_body['events'] self.assertEqual([], events)
def _revoke_by_audit_id(self, audit_id): event = self.tree.add_event(model.RevokeEvent(audit_id=audit_id)) self.events.append(event) return event
def _revoke_by_user(self, user_id): return self.tree.add_event(model.RevokeEvent(user_id=user_id))
def _trust_callback(self, service, resource_type, operation, payload): self.revoke(model.RevokeEvent(trust_id=payload['resource_info']))
def revoke_by_domain_role_assignment(self, domain_id, role_id): self.revoke(model.RevokeEvent(domain_id=domain_id, role_id=role_id))
def _revoke_by_domain_role_assignment(self, domain_id, role_id): event = self.tree.add_event( model.RevokeEvent(domain_id=domain_id, role_id=role_id)) self.events.append(event) return event
def revoke_by_audit_id(self, audit_id): self.revoke(model.RevokeEvent(audit_id=audit_id))
def revoke_by_user(self, user_id): return self.revoke(model.RevokeEvent(user_id=user_id))
def _access_token_callback(self, service, resource_type, operation, payload): self.revoke( model.RevokeEvent(access_token_id=payload['resource_info']))
def _revoke_by_user_and_project(self, user_id, project_id): event = self.tree.add_event( model.RevokeEvent(project_id=project_id, user_id=user_id)) self.events.append(event) return event
def _revoke_by_project_role_assignment(self, project_id, role_id): event = self.tree.add_event( model.RevokeEvent(project_id=project_id, role_id=role_id)) self.events.append(event) return event
def revoke_by_user_and_project(self, user_id, project_id): self.revoke(model.RevokeEvent(project_id=project_id, user_id=user_id))
def _revoke_by_domain(self, domain_id): event = self.tree.add_event(model.RevokeEvent(domain_id=domain_id)) self.events.append(event)
def revoke_by_project_role_assignment(self, project_id, role_id): self.revoke(model.RevokeEvent(project_id=project_id, role_id=role_id))