def test_user_cannot_update_mappings(self): mapping = unit.new_mapping_ref() mapping = PROVIDERS.federation_api.create_mapping( mapping['id'], mapping) update = { 'mapping': { 'rules': [{ 'local': [{ 'user': { 'name': '{0}' } }], 'remote': [{ 'type': 'UserName' }], }] } } with self.test_client() as c: c.patch('/v3/OS-FEDERATION/mappings/%s' % mapping['id'], json=update, headers=self.headers, expected_status_code=http.client.FORBIDDEN)
def test_user_can_get_a_mapping(self): mapping = unit.new_mapping_ref() mapping = PROVIDERS.federation_api.create_mapping( mapping['id'], mapping) with self.test_client() as c: c.get('/v3/OS-FEDERATION/mappings/%s' % mapping['id'], headers=self.headers)
def test_user_can_list_mappings(self): mapping = unit.new_mapping_ref() mapping = PROVIDERS.federation_api.create_mapping( mapping['id'], mapping) with self.test_client() as c: r = c.get('/v3/OS-FEDERATION/mappings', headers=self.headers) self.assertEqual(1, len(r.json['mappings'])) self.assertEqual(mapping['id'], r.json['mappings'][0]['id'])
def test_user_cannot_delete_mappings(self): mapping = unit.new_mapping_ref() mapping = PROVIDERS.federation_api.create_mapping( mapping['id'], mapping) with self.test_client() as c: c.delete('/v3/OS-FEDERATION/mappings/%s' % mapping['id'], headers=self.headers, expected_status_code=http.client.FORBIDDEN)
def _create_protocol_and_deps(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref()) protocol = unit.new_protocol_ref(mapping_id=mapping['id']) protocol = PROVIDERS.federation_api.create_protocol( identity_provider['id'], protocol['id'], protocol) return (protocol, mapping, identity_provider)
def test_user_can_update_protocols(self): protocol, mapping, identity_provider = self._create_protocol_and_deps() new_mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref()) update = {'protocol': {'mapping_id': new_mapping['id']}} with self.test_client() as c: path = ('/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol['id'])) c.patch(path, json=update, headers=self.headers)
def test_user_can_update_protocols(self): protocol, mapping, identity_provider = self._create_protocol_and_deps() new_mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref() ) update = {'protocol': {'mapping_id': new_mapping['id']}} with self.test_client() as c: path = ( '/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol['id']) ) c.patch(path, json=update, headers=self.headers)
def _create_protocol_and_deps(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider ) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref() ) protocol = unit.new_protocol_ref(mapping_id=mapping['id']) protocol = PROVIDERS.federation_api.create_protocol( identity_provider['id'], protocol['id'], protocol ) return (protocol, mapping, identity_provider)
def test_user_cannot_create_protocols(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref()) protocol_id = 'saml2' create = {'protocol': {'mapping_id': mapping['id']}} with self.test_client() as c: path = ('/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol_id)) c.put(path, json=create, headers=self.headers, expected_status_code=http_client.FORBIDDEN)
def test_user_cannot_create_protocols(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider ) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref() ) protocol_id = 'saml2' create = {'protocol': {'mapping_id': mapping['id']}} with self.test_client() as c: path = ( '/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol_id) ) c.put( path, json=create, headers=self.headers, expected_status_code=http_client.FORBIDDEN )