Hello community,
here is the log from the commit of package openstack-keystone for
openSUSE:Factory checked in at 2013-10-18 19:22:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-keystone (Old)
and /work/SRC/openSUSE:Factory/.openstack-keystone.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-keystone"
Changes:
--------
--- /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone.changes
2013-10-03 07:26:38.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone.changes
2013-10-18 19:23:20.000000000 +0200
@@ -1,0 +2,16 @@
+Thu Oct 17 14:38:37 UTC 2013 - [email protected]
+
+- Update to 2013.2
+
+-------------------------------------------------------------------
+Tue Oct 15 08:50:23 UTC 2013 - [email protected]
+
+- Update to version 2013.2.rc2:
+ + No changes
+
+------------------------------------------------------------------
+Tue Oct 8 12:15:24 UTC 2013 - [email protected]
+
+- run db_sync before starting keystone server
+
+-------------------------------------------------------------------
Old:
----
keystone-2013.2.rc1.tar.gz
New:
----
keystone-2013.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-keystone-doc.spec ++++++
--- /var/tmp/diff_new_pack.dFYpvl/_old 2013-10-18 19:23:21.000000000 +0200
+++ /var/tmp/diff_new_pack.dFYpvl/_new 2013-10-18 19:23:21.000000000 +0200
@@ -19,13 +19,13 @@
%define component keystone
Name: openstack-%{component}-doc
-Version: 2013.2.rc1
+Version: 2013.2
Release: 0
Summary: OpenStack Identity Service (Keystone) - Documentation
License: Apache-2.0
Group: Documentation/HTML
Url: https://github.com/openstack/keystone
-Source: keystone-2013.2.rc1.tar.gz
+Source: keystone-2013.2.tar.gz
BuildRequires: openstack-suse-macros
BuildRequires: python-Sphinx
BuildRequires: python-base
@@ -43,7 +43,7 @@
This package contains documentation files for openstack-keystone.
%prep
-%setup -q -n keystone-2013.2.rc1
+%setup -q -n keystone-2013.2
%openstack_cleanup_prep
%build
++++++ openstack-keystone.spec ++++++
--- /var/tmp/diff_new_pack.dFYpvl/_old 2013-10-18 19:23:21.000000000 +0200
+++ /var/tmp/diff_new_pack.dFYpvl/_new 2013-10-18 19:23:21.000000000 +0200
@@ -21,13 +21,13 @@
%define username openstack-%{component}
Name: openstack-%{component}
-Version: 2013.2.rc1
+Version: 2013.2
Release: 0
Summary: OpenStack Identity Service (Keystone)
License: Apache-2.0
Group: Development/Languages/Python
Url: https://github.com/openstack/keystone
-Source: keystone-2013.2.rc1.tar.gz
+Source: keystone-2013.2.tar.gz
Source1: %{name}.init
Source2: logging.conf
Source3: default_catalog.templates
@@ -139,7 +139,7 @@
functionality of OpenStack Keystone.
%prep
-%setup -q -n keystone-2013.2.rc1
+%setup -q -n keystone-2013.2
%patch0 -p1
%openstack_cleanup_prep
++++++ _service ++++++
--- /var/tmp/diff_new_pack.dFYpvl/_old 2013-10-18 19:23:21.000000000 +0200
+++ /var/tmp/diff_new_pack.dFYpvl/_new 2013-10-18 19:23:21.000000000 +0200
@@ -1,7 +1,6 @@
<services>
<service name="git_tarballs" mode="disabled">
- <!--<param
name="url">http://tarballs.openstack.org/keystone/keystone-master.tar.gz</param>
-->
- <param
name="url">http://tarballs.openstack.org/keystone/keystone-2013.2.rc1.tar.gz</param>
+ <param
name="url">http://tarballs.openstack.org/keystone/keystone-2013.2.tar.gz</param>
<param name="email">[email protected]</param>
<param name="plain-version">True</param>
</service>
++++++ keystone-2013.2.rc1.tar.gz -> keystone-2013.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/AUTHORS
new/keystone-2013.2/AUTHORS
--- old/keystone-2013.2.rc1/AUTHORS 2013-10-02 13:44:55.000000000 +0200
+++ new/keystone-2013.2/AUTHORS 2013-10-17 15:58:50.000000000 +0200
@@ -73,6 +73,7 @@
James E. Blair <[email protected]>
James Slagle <[email protected]>
Jamie Lennox <[email protected]>
+Jamie Lennox <[email protected]>
Jamie Lennox <[email protected]>
Jan Provaznik <[email protected]>
Jaroslav Henner <[email protected]>
@@ -124,6 +125,7 @@
Mark McLoughlin <[email protected]>
Maru Newby <[email protected]>
Mat Grove <[email protected]>
+Matt Odden <[email protected]>
Matthew Treinish <[email protected]>
Michael Basnight <[email protected]>
Michael J Fork <[email protected]>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/ChangeLog
new/keystone-2013.2/ChangeLog
--- old/keystone-2013.2.rc1/ChangeLog 2013-10-02 13:44:55.000000000 +0200
+++ new/keystone-2013.2/ChangeLog 2013-10-17 15:58:49.000000000 +0200
@@ -1,3 +1,141 @@
+commit 1a0297e1f5d1049c9e2dd362f478112cd6691980
+Author: Matt Odden <[email protected]>
+Date: Tue Oct 1 08:52:15 2013 +0000
+
+ Disable lazy gettext
+
+ This change disables lazy gettext functionality in Keystone,
+ due to problems with character encoding and logging
+ detailed in bug 1225099.
+
+ It is part of a series of commits across all projects with
+ lazy gettext enabled.
+
+ Change-Id: Ia934a7df9386baf6ae8eb9ff48c24386c47ecd23
+ Partial-bug: 1225099
+
+commit 4285b798a36a206ad420326f593525740d71d7ac
+Author: Steven Hardy <[email protected]>
+Date: Sun Oct 13 10:44:52 2013 +0100
+
+ Fix v2 token user ref with trust impersonation=True
+
+ The v2 token controller incorrectly checks for a string instead
+ of a boolean, which results in the wrong user ID (trustee, when
+ it should be the trustor) when impersonation=True. So fix the
+ comparison and tests, adding a test which illustrates the issue.
+
+ Change-Id: Ic94f30f2354c9fda20531bb598387368fde8a096
+ Closes-Bug: #1239303
+
+commit 71af37b6c35cdc8b9239cb4d7477052a0f4530b2
+Merge: a0ae37e 3866991
+Author: Jenkins <[email protected]>
+Date: Mon Oct 14 22:18:58 2013 +0000
+
+ Merge "set user_update policy to admin_required" into milestone-proposed
+
+commit a0ae37eb3ea96a394f10d3f38e8b454d2d7a98e0
+Author: Morgan Fainberg <[email protected]>
+Date: Sun Oct 13 18:34:24 2013 -0700
+
+ Handle unicode at the caching layer more elegantly
+
+ This patchset resolves an issue where in some cases unicode would
+ cause the cache key generator to raise a UnicodeEncodeError due to
+ the name/value being outside of the standard ascii character set.
+ Included is a fix to the cache backend debug code to utilize repr
+ for passing the keys/values to the logger.
+
+ Tests in test_backend provided by chenxiao <[email protected]>
+
+ Closes-bug: 1237892
+ Change-Id: Ic99503987851128cd41d83ad1ea50dc4a132fbd3
+
+commit 3866991918beb818aa26aeab287a247f4732f6e7
+Author: Dolph Mathews <[email protected]>
+Date: Thu Oct 10 10:36:00 2013 -0500
+
+ set user_update policy to admin_required
+
+ This changes the default policy.json to prevent users from changing
+ their own attributes such as password, name, or default_project_id.
+
+ Closes-Bug: 1237989
+ Change-Id: I7de5fff3d72a76b78113e289c57a9fac2096395f
+
+commit c14ebd668f00b1d0c0f3c94fa331b2080d5ec053
+Author: Jamie Lennox <[email protected]>
+Date: Wed Oct 9 11:49:58 2013 +1000
+
+ Don't use default value in LimitingReader
+
+ We can't simply pass the None default on to the read operation as this
+ default is handled differently between different wsgi implementations.
+
+ Change-Id: I337e797b8dee3dfcf9299fe361cf197a176c8fe2
+ Fixes: bug 1213106
+
+commit e93365554f7459fd152fdfa78112192eb220cfcc
+Merge: ffc016d 7577cbd
+Author: Jenkins <[email protected]>
+Date: Wed Oct 9 09:59:24 2013 +0000
+
+ Merge "Handle DB2 disconnect" into milestone-proposed
+
+commit ffc016d1c8a128978d5e3236272759ad493f34ef
+Merge: fd5260d d044f0b
+Author: Jenkins <[email protected]>
+Date: Tue Oct 8 23:54:25 2013 +0000
+
+ Merge "Close the cursor for SQLite for 034 upgrade/downgrade on select"
into milestone-proposed
+
+commit d044f0bfed76f9bac0277fcd645b6f21eb088eaf
+Author: Morgan Fainberg <[email protected]>
+Date: Fri Sep 27 13:38:59 2013 -0700
+
+ Close the cursor for SQLite for 034 upgrade/downgrade on select
+
+ The list() is needed around the table select for SQLite upgrade/downgrade
+ to work. This forces a cursor close and prevents database locked errors.
+
+ closes-bug: 1233329
+ Change-Id: I01aedf9d2743a86881c124c9690f10233d9966bc
+
+commit 7577cbd1cf404e34b31c347bcd1f334468a0471c
+Author: Brant Knudson <[email protected]>
+Date: Thu Oct 3 15:35:19 2013 -0500
+
+ Handle DB2 disconnect
+
+ If the DB2 server was restarted, database connections would fail,
+ requiring a restart of the Keystone server.
+
+ This change adds an on-checkout handler for DB2 similar to the
+ MySQL handler.
+
+ Change-Id: Ie53d9606edac408401961fc6526bb7c99baa836a
+ Closes-Bug: #1231657
+ (cherry picked from commit f18dbd7e74303b7e0af97439ed935038e2231feb)
+
+commit fd5260d452d750ba2ad8e0f3cb77e658d4d56264
+Author: Brant Knudson <[email protected]>
+Date: Tue Oct 1 16:26:18 2013 -0500
+
+ Fix mysql checkout handler AttributeError
+
+ If the mysql_on_checkout handler encountered an error due to
+ disconnect, it would fail with an AttributeError,
+
+ AttributeError: 'module' object has no attribute 'warn'
+
+ This is because it used the logging module where the LOG logger
+ should have been used.
+
+ Change-Id: Iae8a9bd4aeee6e35508059c20b92d70c36232963
+ Closes-Bug: #1234873
+ (cherry picked from commit d973ea9a47a6f9892208722f69a0cd127b2f73dc)
+
commit b6b1e30d3b8d8d89ddb6d26b201a2f767ef83663
Merge: 3ed9c32 ca3a073
Author: Jenkins <[email protected]>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/PKG-INFO
new/keystone-2013.2/PKG-INFO
--- old/keystone-2013.2.rc1/PKG-INFO 2013-10-02 13:44:56.000000000 +0200
+++ new/keystone-2013.2/PKG-INFO 2013-10-17 15:58:51.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: keystone
-Version: 2013.2.rc1
+Version: 2013.2
Summary: OpenStack Identity
Home-page: http://www.openstack.org/
Author: OpenStack
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/bin/keystone-all
new/keystone-2013.2/bin/keystone-all
--- old/keystone-2013.2.rc1/bin/keystone-all 2013-10-02 13:42:32.000000000
+0200
+++ new/keystone-2013.2/bin/keystone-all 2013-10-17 15:56:04.000000000
+0200
@@ -39,11 +39,7 @@
# NOTE(blk-u):
# gettextutils.install() must run to set _ before importing any modules that
# contain static translated strings.
-#
-# Configure gettextutils for deferred translation of messages
-# so that error messages in responses can be translated according to the
-# Accept-Language in the request rather than the Keystone server locale.
-gettextutils.install('keystone', lazy=True)
+gettextutils.install('keystone')
from keystone.common import environment
from keystone.common import utils
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/etc/policy.json
new/keystone-2013.2/etc/policy.json
--- old/keystone-2013.2.rc1/etc/policy.json 2013-10-02 13:42:32.000000000
+0200
+++ new/keystone-2013.2/etc/policy.json 2013-10-17 15:56:04.000000000 +0200
@@ -35,7 +35,7 @@
"identity:get_user": [["rule:admin_required"]],
"identity:list_users": [["rule:admin_required"]],
"identity:create_user": [["rule:admin_required"]],
- "identity:update_user": [["rule:admin_or_owner"]],
+ "identity:update_user": [["rule:admin_required"]],
"identity:delete_user": [["rule:admin_required"]],
"identity:get_group": [["rule:admin_required"]],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/httpd/keystone.py
new/keystone-2013.2/httpd/keystone.py
--- old/keystone-2013.2.rc1/httpd/keystone.py 2013-10-02 13:42:32.000000000
+0200
+++ new/keystone-2013.2/httpd/keystone.py 2013-10-17 15:56:04.000000000
+0200
@@ -24,11 +24,7 @@
# NOTE(blk-u):
# gettextutils.install() must run to set _ before importing any modules that
# contain static translated strings.
-#
-# Configure gettextutils for deferred translation of messages
-# so that error messages in responses can be translated according to the
-# Accept-Language in the request rather than the Keystone server locale.
-gettextutils.install('keystone', lazy=True)
+gettextutils.install('keystone')
from keystone.common import environment
from keystone import config
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/common/cache/core.py
new/keystone-2013.2/keystone/common/cache/core.py
--- old/keystone-2013.2.rc1/keystone/common/cache/core.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/common/cache/core.py 2013-10-17
15:56:04.000000000 +0200
@@ -28,10 +28,8 @@
CONF = config.CONF
LOG = log.getLogger(__name__)
-REGION = dogpile.cache.make_region()
make_region = dogpile.cache.make_region
-on_arguments = REGION.cache_on_arguments
dogpile.cache.register_backend(
'keystone.common.cache.noop',
@@ -41,33 +39,39 @@
class DebugProxy(proxy.ProxyBackend):
"""Extra Logging ProxyBackend."""
+ # NOTE(morganfainberg): Pass all key/values through repr to ensure we have
+ # a clean description of the information. Without use of repr, it might
+ # be possible to run into encode/decode error(s). For logging/debugging
+ # purposes encode/decode is irrelevant and we should be looking at the
+ # data exactly as it stands.
+
def get(self, key):
value = self.proxied.get(key)
msg = _('CACHE_GET: Key: "%(key)s" Value: "%(value)s"')
- LOG.debug(msg % {'key': key, 'value': value})
+ LOG.debug(msg % {'key': repr(key), 'value': repr(value)})
return value
def get_multi(self, keys):
values = self.proxied.get_multi(keys)
msg = _('CACHE_GET_MULTI: "%(keys)s" Values: "%(values)s"')
- LOG.debug(msg % {'keys': keys, 'values': values})
+ LOG.debug(msg % {'keys': repr(keys), 'values': repr(values)})
return values
def set(self, key, value):
msg = _('CACHE_SET: Key: "%(key)s" Value: "%(value)s"')
- LOG.debug(msg % {'key': key, 'value': value})
+ LOG.debug(msg % {'key': repr(key), 'value': repr(value)})
return self.proxied.set(key, value)
def set_multi(self, keys):
- LOG.debug(_('CACHE_SET_MULTI: "%s"') % keys)
+ LOG.debug(_('CACHE_SET_MULTI: "%s"') % repr(keys))
self.proxied.set_multi(keys)
def delete(self, key):
self.proxied.delete(key)
- LOG.debug(_('CACHE_DELETE: "%s"') % key)
+ LOG.debug(_('CACHE_DELETE: "%s"') % repr(key))
def delete_multi(self, keys):
- LOG.debug(_('CACHE_DELETE_MULTI: "%s"') % keys)
+ LOG.debug(_('CACHE_DELETE_MULTI: "%s"') % repr(keys))
self.proxied.delete_multi(keys)
@@ -176,3 +180,23 @@
conf_group = getattr(CONF, section)
return getattr(conf_group, 'caching', True)
return should_cache
+
+
+def key_generate_to_str(s):
+ # NOTE(morganfainberg): Since we need to stringify all arguments, attempt
+ # to stringify and handle the Unicode error explicitly as needed.
+ try:
+ return str(s)
+ except UnicodeEncodeError:
+ return s.encode('utf-8')
+
+
+def function_key_generator(namespace, fn, to_str=key_generate_to_str):
+ # NOTE(morganfainberg): This wraps dogpile.cache's default
+ # function_key_generator to change the default to_str mechanism.
+ return util.function_key_generator(namespace, fn, to_str=to_str)
+
+
+REGION = dogpile.cache.make_region(
+ function_key_generator=function_key_generator)
+on_arguments = REGION.cache_on_arguments
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/common/sql/core.py
new/keystone-2013.2/keystone/common/sql/core.py
--- old/keystone-2013.2.rc1/keystone/common/sql/core.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/common/sql/core.py 2013-10-17
15:56:04.000000000 +0200
@@ -204,7 +204,22 @@
dbapi_conn.cursor().execute('select 1')
except dbapi_conn.OperationalError as e:
if e.args[0] in (2006, 2013, 2014, 2045, 2055):
- logging.warn(_('Got mysql server has gone away: %s'), e)
+ LOG.warn(_('Got mysql server has gone away: %s'), e)
+ raise DisconnectionError("Database server went away")
+ else:
+ raise
+
+
+def db2_on_checkout(engine, dbapi_conn, connection_rec, connection_proxy):
+ """Ensures that DB2 connections checked out of the pool are alive."""
+
+ cursor = dbapi_conn.cursor()
+ try:
+ cursor.execute('select 1 from (values (1)) AS t1')
+ except Exception as e:
+ is_disconnect = engine.dialect.is_disconnect(e, dbapi_conn, cursor)
+ if is_disconnect:
+ LOG.warn(_('Got database server has gone away: %s'), e)
raise DisconnectionError("Database server went away")
else:
raise
@@ -248,6 +263,9 @@
if engine.name == 'mysql':
sql.event.listen(engine, 'checkout', mysql_on_checkout)
+ elif engine.name == 'ibm_db_sa':
+ callback = functools.partial(db2_on_checkout, engine)
+ sql.event.listen(engine, 'checkout', callback)
return engine
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystone-2013.2.rc1/keystone/common/sql/migrate_repo/versions/034_add_default_project_id_column_to_user.py
new/keystone-2013.2/keystone/common/sql/migrate_repo/versions/034_add_default_project_id_column_to_user.py
---
old/keystone-2013.2.rc1/keystone/common/sql/migrate_repo/versions/034_add_default_project_id_column_to_user.py
2013-10-02 13:42:32.000000000 +0200
+++
new/keystone-2013.2/keystone/common/sql/migrate_repo/versions/034_add_default_project_id_column_to_user.py
2013-10-17 15:56:04.000000000 +0200
@@ -23,7 +23,7 @@
def migrate_default_project_from_extra_json(meta, migrate_engine):
user_table = sql.Table('user', meta, autoload=True)
- user_list = user_table.select().execute()
+ user_list = list(user_table.select().execute())
session = sessionmaker(bind=migrate_engine)()
for user in user_list:
try:
@@ -58,7 +58,7 @@
def migrate_default_project_to_extra_json(meta, migrate_engine):
user_table = sql.Table('user', meta, autoload=True)
- user_list = user_table.select().execute()
+ user_list = list(user_table.select().execute())
session = sessionmaker(bind=migrate_engine)()
for user in user_list:
try:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/common/utils.py
new/keystone-2013.2/keystone/common/utils.py
--- old/keystone-2013.2.rc1/keystone/common/utils.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/common/utils.py 2013-10-17
15:56:04.000000000 +0200
@@ -290,7 +290,12 @@
yield chunk
def read(self, i=None):
- result = self.data.read(i)
+ # NOTE(jamielennox): We can't simply provide the default to the read()
+ # call as the expected default differs between mod_wsgi and eventlet
+ if i is None:
+ result = self.data.read()
+ else:
+ result = self.data.read(i)
self.bytes_read += len(result)
if self.bytes_read > self.limit:
raise exception.RequestTooLarge()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/tests/test_auth.py
new/keystone-2013.2/keystone/tests/test_auth.py
--- old/keystone-2013.2.rc1/keystone/tests/test_auth.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_auth.py 2013-10-17
15:56:05.000000000 +0200
@@ -603,7 +603,7 @@
self.sample_data = {'trustor_user_id': self.trustor['id'],
'trustee_user_id': self.trustee['id'],
'project_id': self.tenant_bar['id'],
- 'impersonation': 'True',
+ 'impersonation': True,
'roles': [{'id': self.role_browser['id']},
{'name': self.role_member['name']}]}
expires_at = timeutils.strtime(timeutils.utcnow() +
@@ -611,7 +611,7 @@
fmt=TIME_FORMAT)
self.create_trust(expires_at=expires_at)
- def create_trust(self, expires_at=None, impersonation='True'):
+ def create_trust(self, expires_at=None, impersonation=True):
username = self.trustor['name'],
password = 'foo2'
body_dict = _build_user_auth(username=username, password=password)
@@ -676,13 +676,12 @@
self.assertIn(role['id'], role_ids)
def test_create_trust_no_impersonation(self):
- self.create_trust(expires_at=None, impersonation='False')
+ self.create_trust(expires_at=None, impersonation=False)
self.assertEquals(self.new_trust['trustor_user_id'],
self.trustor['id'])
self.assertEquals(self.new_trust['trustee_user_id'],
self.trustee['id'])
- self.assertEquals(self.new_trust['impersonation'],
- 'False')
+ self.assertIs(self.new_trust['impersonation'], False)
auth_response = self.fetch_v2_token_from_trust()
token_user = auth_response['access']['user']
self.assertEquals(token_user['id'],
@@ -690,6 +689,15 @@
# TODO(ayoung): Endpoints
+ def test_create_trust_impersonation(self):
+ self.create_trust(expires_at=None)
+ self.assertEqual(self.new_trust['trustor_user_id'], self.trustor['id'])
+ self.assertEqual(self.new_trust['trustee_user_id'], self.trustee['id'])
+ self.assertIs(self.new_trust['impersonation'], True)
+ auth_response = self.fetch_v2_token_from_trust()
+ token_user = auth_response['access']['user']
+ self.assertEqual(token_user['id'], self.new_trust['trustor_user_id'])
+
def test_token_from_trust_wrong_user_fails(self):
request_body = self.build_v2_token_request('FOO', 'foo2')
self.assertRaises(
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/tests/test_backend.py
new/keystone-2013.2/keystone/tests/test_backend.py
--- old/keystone-2013.2.rc1/keystone/tests/test_backend.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_backend.py 2013-10-17
15:56:05.000000000 +0200
@@ -1607,6 +1607,16 @@
self.identity_api.delete_role,
uuid.uuid4().hex)
+ def test_create_update_delete_unicode_project(self):
+ unicode_project_name = u'name \u540d\u5b57'
+ project = {'id': uuid.uuid4().hex,
+ 'name': unicode_project_name,
+ 'description': uuid.uuid4().hex,
+ 'domain_id': CONF.identity.default_domain_id}
+ self.assignment_api.create_project(project['id'], project)
+ self.assignment_api.update_project(project['id'], project)
+ self.assignment_api.delete_project(project['id'])
+
def test_create_project_case_sensitivity(self):
# create a ref with a lowercase name
ref = {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/keystone-2013.2.rc1/keystone/tests/test_keystoneclient.py
new/keystone-2013.2/keystone/tests/test_keystoneclient.py
--- old/keystone-2013.2.rc1/keystone/tests/test_keystoneclient.py
2013-10-02 13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_keystoneclient.py 2013-10-17
15:56:05.000000000 +0200
@@ -297,6 +297,62 @@
self.assertFalse([t for t in client.tenants.list()
if t.id == tenant.id])
+ def test_tenant_create_update_and_delete_unicode(self):
+ from keystoneclient import exceptions as client_exceptions
+
+ tenant_name = u'original \u540d\u5b57'
+ tenant_description = 'My original tenant!'
+ tenant_enabled = True
+ client = self.get_client(admin=True)
+
+ # create, get, and list a tenant
+ tenant = client.tenants.create(tenant_name,
+ description=tenant_description,
+ enabled=tenant_enabled)
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ tenant = client.tenants.get(tenant.id)
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ # multiple tenants exist due to fixtures, so find the one we're testing
+ tenant = [t for t in client.tenants.list() if t.id == tenant.id].pop()
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ # update, get, and list a tenant
+ tenant_name = u'updated \u540d\u5b57'
+ tenant_description = 'Updated tenant!'
+ tenant_enabled = False
+ tenant = client.tenants.update(tenant.id,
+ tenant_name=tenant_name,
+ enabled=tenant_enabled,
+ description=tenant_description)
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ tenant = client.tenants.get(tenant.id)
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ tenant = [t for t in client.tenants.list() if t.id == tenant.id].pop()
+ self.assertEqual(tenant.name, tenant_name)
+ self.assertEqual(tenant.description, tenant_description)
+ self.assertIs(tenant.enabled, tenant_enabled)
+
+ # delete, get, and list a tenant
+ client.tenants.delete(tenant.id)
+ self.assertRaises(client_exceptions.NotFound, client.tenants.get,
+ tenant.id)
+ self.assertFalse([t for t in client.tenants.list()
+ if t.id == tenant.id])
+
def test_tenant_create_no_name(self):
from keystoneclient import exceptions as client_exceptions
client = self.get_client(admin=True)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/tests/test_sql_core.py
new/keystone-2013.2/keystone/tests/test_sql_core.py
--- old/keystone-2013.2.rc1/keystone/tests/test_sql_core.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_sql_core.py 2013-10-17
15:56:04.000000000 +0200
@@ -13,6 +13,8 @@
# under the License.
+from sqlalchemy.exc import DisconnectionError
+
from keystone.common import sql
from keystone import tests
@@ -180,3 +182,111 @@
sql.set_global_engine(None)
session2 = base.get_session()
self.assertIsNot(session1.bind, session2.bind)
+
+
+class FakeDbapiConn(object):
+ """Simulates the dbapi_conn passed to mysql_on_checkout."""
+
+ class OperationalError(Exception):
+ pass
+
+ class Cursor(object):
+ def __init__(self, failwith=None):
+ self._failwith = failwith
+
+ def execute(self, sql):
+ if self._failwith:
+ raise self._failwith
+
+ def __init__(self, failwith=None):
+ self._cursor = self.Cursor(failwith=failwith)
+
+ def cursor(self):
+ return self._cursor
+
+
+class TestMysqlCheckoutHandler(tests.TestCase):
+ def _do_on_checkout(self, failwith=None):
+ dbapi_conn = FakeDbapiConn(failwith=failwith)
+ connection_rec = None
+ connection_proxy = None
+ sql.mysql_on_checkout(dbapi_conn, connection_rec, connection_proxy)
+
+ def test_checkout_success(self):
+ # If call mysql_on_checkout and query doesn't raise anything, then no
+ # problems
+
+ # If this doesn't raise then the test is successful.
+ self._do_on_checkout()
+
+ def test_disconnected(self):
+ # If call mysql_on_checkout and query raises OperationalError with
+ # specific errors, then raises DisconnectionError.
+
+ # mysql_on_checkout should look for 2006 among others.
+ disconnected_exception = FakeDbapiConn.OperationalError(2006)
+ self.assertRaises(DisconnectionError,
+ self._do_on_checkout,
+ failwith=disconnected_exception)
+
+ def test_error(self):
+ # If call mysql_on_checkout and query raises an exception that doesn't
+ # indicate disconnected, then the original error is raised.
+
+ # mysql_on_checkout doesn't look for 2056
+ other_exception = FakeDbapiConn.OperationalError(2056)
+ self.assertRaises(FakeDbapiConn.OperationalError,
+ self._do_on_checkout,
+ failwith=other_exception)
+
+
+class TestDb2CheckoutHandler(tests.TestCase):
+
+ class FakeEngine(object):
+ class Dialect():
+ DISCONNECT_EXCEPTION = Exception()
+
+ @classmethod
+ def is_disconnect(cls, e, *args):
+ return (e is cls.DISCONNECT_EXCEPTION)
+
+ dialect = Dialect()
+
+ def _do_on_checkout(self, failwith=None):
+ engine = self.FakeEngine()
+ dbapi_conn = FakeDbapiConn(failwith=failwith)
+ connection_rec = None
+ connection_proxy = None
+ sql.db2_on_checkout(engine, dbapi_conn, connection_rec,
+ connection_proxy)
+
+ def test_checkout_success(self):
+ # If call db2_on_checkout and query doesn't raise anything, then no
+ # problems
+
+ # If this doesn't raise then the test is successful.
+ self._do_on_checkout()
+
+ def test_disconnected(self):
+ # If call db2_on_checkout and query raises exception that engine
+ # dialect says is a disconnect problem, then raises DisconnectionError.
+
+ disconnected_exception = self.FakeEngine.Dialect.DISCONNECT_EXCEPTION
+ self.assertRaises(DisconnectionError,
+ self._do_on_checkout,
+ failwith=disconnected_exception)
+
+ def test_error(self):
+ # If call db2_on_checkout and query raises an exception that engine
+ # dialect says is not a disconnect problem, then the original error is
+ # raised.
+
+ # fake engine dialect doesn't look for this exception.
+
+ class OtherException(Exception):
+ pass
+
+ other_exception = OtherException()
+ self.assertRaises(OtherException,
+ self._do_on_checkout,
+ failwith=other_exception)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/tests/test_utils.py
new/keystone-2013.2/keystone/tests/test_utils.py
--- old/keystone-2013.2.rc1/keystone/tests/test_utils.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_utils.py 2013-10-17
15:56:05.000000000 +0200
@@ -105,3 +105,26 @@
for d in ['+0', '-11', '-8', '-5', '+5', '+8', '+14']:
TZ = 'UTC' + d
_test_unixtime()
+
+
+class LimitingReaderTests(tests.TestCase):
+
+ def test_read_default_value(self):
+
+ class FakeData(object):
+ def read(self, *args, **kwargs):
+ self.read_args = args
+ self.read_kwargs = kwargs
+ return 'helloworld'
+
+ data = FakeData()
+ utils.LimitingReader(data, 100)
+
+ self.assertEqual(data.read(), 'helloworld')
+ self.assertEqual(len(data.read_args), 0)
+ self.assertEqual(len(data.read_kwargs), 0)
+
+ self.assertEqual(data.read(10), 'helloworld')
+ self.assertEqual(len(data.read_args), 1)
+ self.assertEqual(len(data.read_kwargs), 0)
+ self.assertEqual(data.read_args[0], 10)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/tests/test_v3_auth.py
new/keystone-2013.2/keystone/tests/test_v3_auth.py
--- old/keystone-2013.2.rc1/keystone/tests/test_v3_auth.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/tests/test_v3_auth.py 2013-10-17
15:56:05.000000000 +0200
@@ -2220,14 +2220,9 @@
self.user_id, expected_status=200,
token=trust_token)
- auth_data = self.build_authentication_request(
- user_id=self.trustee_user['id'],
- password=self.trustee_user['password'])
-
self.assertValidUserResponse(
self.patch('/users/%s' % self.trustee_user['id'],
body={'user': {'password': uuid.uuid4().hex}},
- auth=auth_data,
expected_status=200))
self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone/token/controllers.py
new/keystone-2013.2/keystone/token/controllers.py
--- old/keystone-2013.2.rc1/keystone/token/controllers.py 2013-10-02
13:42:32.000000000 +0200
+++ new/keystone-2013.2/keystone/token/controllers.py 2013-10-17
15:56:04.000000000 +0200
@@ -181,7 +181,7 @@
trust_ref['trustee_user_id'])
if not trustee_user_ref['enabled']:
raise exception.Forbidden()()
- if trust_ref['impersonation'] == 'True':
+ if trust_ref['impersonation'] is True:
current_user_ref = trustor_user_ref
else:
current_user_ref = trustee_user_ref
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/keystone-2013.2.rc1/keystone.egg-info/PKG-INFO
new/keystone-2013.2/keystone.egg-info/PKG-INFO
--- old/keystone-2013.2.rc1/keystone.egg-info/PKG-INFO 2013-10-02
13:44:55.000000000 +0200
+++ new/keystone-2013.2/keystone.egg-info/PKG-INFO 2013-10-17
15:58:50.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: keystone
-Version: 2013.2.rc1
+Version: 2013.2
Summary: OpenStack Identity
Home-page: http://www.openstack.org/
Author: OpenStack
++++++ openstack-keystone.init ++++++
--- /var/tmp/diff_new_pack.dFYpvl/_old 2013-10-18 19:23:21.000000000 +0200
+++ /var/tmp/diff_new_pack.dFYpvl/_new 2013-10-18 19:23:21.000000000 +0200
@@ -23,6 +23,10 @@
case "$1" in
start)
+ echo -n "Checking DB Migrations for Keystone"
+ su $USER -s /bin/sh -c "keystone-manage --config-file=$CONFFILE
db_sync" > /dev/null
+ rc_status -v
+
echo -n "Starting keystone"
su $USER -s /bin/sh -c "/sbin/startproc -q -s /usr/bin/keystone-all
--config-file=$CONFFILE"
rc_status -v
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
