def test_check_credentials_default(self):
policy.reset()
enforcer = policy._get_enforcer()
scope = enforcer['with_default']
user = utils.get_user()
credentials = policy._user_to_credentials(user)
target = {
'project_id': user.project_id,
'tenant_id': user.project_id,
'user_id': user.id,
'domain_id': user.user_domain_id,
'user.domain_id': user.user_domain_id,
'group.domain_id': user.user_domain_id,
'project.domain_id': user.user_domain_id,
}
is_valid = policy._check_credentials(scope, 'action', target,
credentials)
self.assertFalse(is_valid)
def test_check_credentials_default(self):
policy.reset()
enforcer = policy._get_enforcer()
scope = enforcer['with_default']
user = utils.get_user()
credentials = policy._user_to_credentials(user)
target = {
'project_id': user.project_id,
'tenant_id': user.project_id,
'user_id': user.id,
'domain_id': user.user_domain_id,
'user.domain_id': user.user_domain_id,
'group.domain_id': user.user_domain_id,
'project.domain_id': user.user_domain_id,
}
is_valid = policy._check_credentials(scope, 'action', target,
credentials)
self.assertFalse(is_valid)