diff options
-rw-r--r-- | openstack_auth/plugin/base.py | 1 | ||||
-rw-r--r-- | openstack_auth/tests/tests.py | 28 | ||||
-rw-r--r-- | openstack_auth/user.py | 5 | ||||
-rw-r--r-- | requirements.txt | 3 |
4 files changed, 35 insertions, 2 deletions
diff --git a/openstack_auth/plugin/base.py b/openstack_auth/plugin/base.py index a2fc755..e3bd802 100644 --- a/openstack_auth/plugin/base.py +++ b/openstack_auth/plugin/base.py @@ -12,6 +12,7 @@ import abc +from django.utils.translation import ugettext_lazy as _ from keystoneclient import exceptions as keystone_exceptions from keystoneclient.v2_0 import client as v2_client from keystoneclient.v3 import client as v3_client diff --git a/openstack_auth/tests/tests.py b/openstack_auth/tests/tests.py index 29bfa3d..09bdc76 100644 --- a/openstack_auth/tests/tests.py +++ b/openstack_auth/tests/tests.py @@ -474,6 +474,15 @@ class OpenStackAuthTestsV3(OpenStackAuthTestsMixin, test.TestCase): client.projects = self.mox.CreateMockAnything() client.projects.list(user=user.id).AndReturn(projects) + def _mock_unscoped_client_list_projects_fail(self, user): + client = self._mock_unscoped_client(user) + self._mock_unscoped_list_projects_fail(client, user) + + def _mock_unscoped_list_projects_fail(self, client, user): + client.projects = self.mox.CreateMockAnything() + client.projects.list(user=user.id).AndRaise( + keystone_exceptions.AuthorizationFailure) + def _create_password_auth(self, username=None, password=None, url=None): if not username: username = self.data.user.name @@ -607,6 +616,25 @@ class OpenStackAuthTestsV3(OpenStackAuthTestsMixin, test.TestCase): self.assertContains(response, 'You are not authorized for any projects.') + def test_fail_projects(self): + user = self.data.user + + form_data = self.get_form_data(user) + self._mock_unscoped_client_list_projects_fail(user) + self.mox.ReplayAll() + + url = reverse('login') + + # GET the page to set the test cookie. + response = self.client.get(url, form_data) + self.assertEqual(response.status_code, 200) + + # POST to the page to log in. + response = self.client.post(url, form_data) + self.assertTemplateUsed(response, 'auth/login.html') + self.assertContains(response, + 'Unable to retrieve authorized projects.') + def test_invalid_credentials(self): user = self.data.user diff --git a/openstack_auth/user.py b/openstack_auth/user.py index 811fe84..132e37b 100644 --- a/openstack_auth/user.py +++ b/openstack_auth/user.py @@ -55,8 +55,9 @@ def create_user_from_token(request, token, endpoint, services_region=None): roles=token.roles, endpoint=endpoint, services_region=svc_region, - is_federated=token.is_federated, - unscoped_token=token.unscoped_token) + is_federated=getattr(token, 'is_federated', False), + unscoped_token=getattr(token, 'unscoped_token', + request.session.get('unscoped_token'))) class Token(object): diff --git a/requirements.txt b/requirements.txt index 8116201..02c1e7f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,5 +4,8 @@ pbr>=0.6,!=0.7,<1.0 Django>=1.4.2,<1.8 oslo.config>=1.9.3,<1.10.0 # Apache-2.0 +oslo.i18n>=1.5.0,<1.6.0 # Apache-2.0 +oslo.serialization>=1.4.0,<1.5.0 # Apache-2.0 +oslo.utils>=1.4.0,<1.5.0 # Apache-2.0 python-keystoneclient>=1.1.0 six>=1.9.0 |