diff options
author | Jenkins <jenkins@review.openstack.org> | 2015-04-01 21:45:37 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2015-04-01 21:45:37 +0000 |
commit | ade2094a27177a4e726b63d2be448d1ea78a2dc5 (patch) | |
tree | e5a14b7c854e47c82c4e9262c5809288a7a627a6 | |
parent | 14cb676deee7697ba2658103d22c2d9fe8f0e025 (diff) | |
parent | 027236c5815f45a65f92be5e5dfa543bff1ae935 (diff) | |
download | keystone-ade2094a27177a4e726b63d2be448d1ea78a2dc5.tar.gz |
Merge "Don't try to convert LDAP attributes to boolean" into stable/juno
-rw-r--r-- | keystone/common/ldap/core.py | 7 | ||||
-rw-r--r-- | keystone/tests/test_backend_ldap.py | 14 | ||||
-rw-r--r-- | keystone/tests/unit/common/test_ldap.py | 16 |
3 files changed, 31 insertions, 6 deletions
diff --git a/keystone/common/ldap/core.py b/keystone/common/ldap/core.py index 3427b17d3..e796d0306 100644 --- a/keystone/common/ldap/core.py +++ b/keystone/common/ldap/core.py @@ -125,16 +125,11 @@ def ldap2py(val): """Convert an LDAP formatted value to Python type used by OpenStack. Virtually all LDAP values are stored as UTF-8 encoded strings. - OpenStack prefers values which are Python types, e.g. unicode, - boolean, etc. + OpenStack prefers values which are unicode friendly. :param val: LDAP formatted value :returns: val converted to preferred Python type """ - try: - return LDAP_VALUES[val] - except KeyError: - pass return utf8_decode(val) diff --git a/keystone/tests/test_backend_ldap.py b/keystone/tests/test_backend_ldap.py index d46f675bb..e2ca050a9 100644 --- a/keystone/tests/test_backend_ldap.py +++ b/keystone/tests/test_backend_ldap.py @@ -649,6 +649,20 @@ class BaseLDAPIdentity(test_backend.IdentityTests): # If this doesn't raise, then the test is successful. user = self.identity_api.create_user(user) + def test_create_user_with_boolean_string_names(self): + # Ensure that any attribute that is equal to the string 'TRUE' + # or 'FALSE' will not be converted to a boolean value, it + # should be returned as is. + boolean_strings = ['TRUE', 'FALSE', 'true', 'false', 'True', 'False', + 'TrUe' 'FaLse'] + for name in boolean_strings: + user = { + 'name': name, + 'domain_id': CONF.identity.default_domain_id} + user_ref = self.identity_api.create_user(user) + user_info = self.identity_api.get_user(user_ref['id']) + self.assertEqual(name, user_info['name']) + def test_unignored_user_none_mapping(self): # Ensure that an attribute that maps to None that is not explicitly # ignored in configuration is implicitly ignored without triggering diff --git a/keystone/tests/unit/common/test_ldap.py b/keystone/tests/unit/common/test_ldap.py index 183d0ba5c..1b3a6984a 100644 --- a/keystone/tests/unit/common/test_ldap.py +++ b/keystone/tests/unit/common/test_ldap.py @@ -484,3 +484,19 @@ class CommonLdapTestCase(tests.BaseTestCase): # flag should be 225, the 0 is dropped. self.assertEqual(expected_bitmask, py_result[0][1]['enabled'][0]) self.assertEqual(user_id, py_result[0][1]['user_id'][0]) + + def test_user_id_and_user_name_with_boolean_string(self): + boolean_strings = ['TRUE', 'FALSE', 'true', 'false', 'True', 'False', + 'TrUe' 'FaLse'] + for user_name in boolean_strings: + user_id = uuid.uuid4().hex + result = [( + 'cn=dummy,dc=example,dc=com', + { + 'user_id': [user_id], + 'user_name': [user_name] + } + ), ] + py_result = ks_ldap.convert_ldap_result(result) + # The user name should still be a string value. + self.assertEqual(user_name, py_result[0][1]['user_name'][0]) |