Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / keystone-tempest-plugin / f05f742f803a219692a48db33f3c4ddabba571bd^! / .
commitf05f742f803a219692a48db33f3c4ddabba571bd[log] [tgz]
authorDouglas Mendizábal <dmendiza@redhat.com>Wed Mar 27 15:24:29 2024 -0400
committerDouglas Mendizábal <douglas@redrobot.io>Fri Mar 29 09:07:52 2024 -0500
treeaba8a41787068b7fde52f9c44a28e6373823e821
parentb2aa462f0ea16e0c2c0bf350cd99e29e2988f0f0 [diff]
Fix domain-scope tests for list_domains

A recent change merged in keystone that now allows domain-scoped
tokens to be used to list domains. [1]

This patch changes the tests in the DomainXXXTests classes to expect
the API calls to return without error instead of expecting them to
return 403 - Forbidden.

[1] https://opendev.org/openstack/keystone/commit/dd785ee692118a56ea0e3aaaf7f5bd6c73ea9c91

Change-Id: I97251f7f2974d3c562e59cc461294d9b040193ed

diff --git a/keystone_tempest_plugin/tests/rbac/v3/test_domain.py b/keystone_tempest_plugin/tests/rbac/v3/test_domain.py
index 49f7556..341e011 100644
--- a/keystone_tempest_plugin/tests/rbac/v3/test_domain.py
+++ b/keystone_tempest_plugin/tests/rbac/v3/test_domain.py

@@ -177,13 +177,9 @@
     credentials = ['domain_admin', 'system_admin']
 
     def test_identity_list_domains(self):
-        domain_id = self.admin_domains_client.create_domain(
-            name=data_utils.rand_name())['domain']['id']
-        self.addCleanup(self.admin_domains_client.delete_domain, domain_id)
-        self.addCleanup(self.admin_domains_client.update_domain,
-                        domain_id=domain_id, enabled=False)
-        self.do_request('list_domains',
-                        expected_status=exceptions.Forbidden)
+        domain_id = self.persona.credentials.domain_id
+        resp = self.do_request('list_domains')
+        self.assertIn(domain_id, [d['id'] for d in resp['domains']])
 
 
 class DomainMemberTests(DomainAdminTests, base.BaseIdentityTest):
@@ -217,6 +213,15 @@
 
     credentials = ['project_member', 'system_admin']
 
+    def test_identity_list_domains(self):
+        domain_id = self.admin_domains_client.create_domain(
+            name=data_utils.rand_name())['domain']['id']
+        self.addCleanup(self.admin_domains_client.delete_domain, domain_id)
+        self.addCleanup(self.admin_domains_client.update_domain,
+                        domain_id=domain_id, enabled=False)
+        self.do_request('list_domains',
+                        expected_status=exceptions.Forbidden)
+
 
 class ProjectReaderTests(ProjectMemberTests):