Remove DataGenerator from admin V2 identity tests
The identity tests have a DataGenerator that handles resource creation
and cleanup for tests, however using this DataGenerator has proven to
make debugging more difficult. The object storage tests used to use
this DataGenerator as well but was removed for the same reason. This
is the first of a series of commits to removes the DataGenerator from
the Identity tests. This commit removes the DataGenerator from the
admin v2 tests and moves resource creation and cleanup back to the
tests or the resource_setup, resource_cleanup methods.
Change-Id: I2767d962826d0a6249b14afb325cbaad7fcaa34c
diff --git a/tempest/api/identity/admin/v2/test_roles.py b/tempest/api/identity/admin/v2/test_roles.py
index 0924619..380920f 100644
--- a/tempest/api/identity/admin/v2/test_roles.py
+++ b/tempest/api/identity/admin/v2/test_roles.py
@@ -17,6 +17,7 @@
from tempest.api.identity import base
from tempest.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest import test
@@ -25,17 +26,22 @@
@classmethod
def resource_setup(cls):
super(RolesTestJSON, cls).resource_setup()
+ cls.roles = list()
for _ in moves.xrange(5):
role_name = data_utils.rand_name(name='role')
role = cls.roles_client.create_role(name=role_name)['role']
- cls.data.roles.append(role)
+ cls.roles.append(role)
+
+ @classmethod
+ def resource_cleanup(cls):
+ super(RolesTestJSON, cls).resource_cleanup()
+ for role in cls.roles:
+ cls.roles_client.delete_role(role['id'])
def _get_role_params(self):
- self.data.setup_test_user()
- self.data.setup_test_role()
- user = self.get_user_by_name(self.data.user['name'])
- tenant = self.get_tenant_by_name(self.data.tenant['name'])
- role = self.get_role_by_name(self.data.role['name'])
+ user = self.setup_test_user()
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ role = self.setup_test_role()
return (user, tenant, role)
def assert_role_in_role_list(self, role, roles):
@@ -49,15 +55,17 @@
def test_list_roles(self):
"""Return a list of all roles."""
body = self.roles_client.list_roles()['roles']
- found = [role for role in body if role in self.data.roles]
+ found = [role for role in body if role in self.roles]
self.assertTrue(any(found))
- self.assertEqual(len(found), len(self.data.roles))
+ self.assertEqual(len(found), len(self.roles))
@test.idempotent_id('c62d909d-6c21-48c0-ae40-0a0760e6db5e')
def test_role_create_delete(self):
"""Role should be created, verified, and deleted."""
role_name = data_utils.rand_name(name='role-test')
body = self.roles_client.create_role(name=role_name)['role']
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.roles_client.delete_role, body['id'])
self.assertEqual(role_name, body['name'])
body = self.roles_client.list_roles()['roles']
@@ -73,9 +81,9 @@
@test.idempotent_id('db6870bd-a6ed-43be-a9b1-2f10a5c9994f')
def test_get_role_by_id(self):
"""Get a role by its id."""
- self.data.setup_test_role()
- role_id = self.data.role['id']
- role_name = self.data.role['name']
+ role = self.setup_test_role()
+ role_id = role['id']
+ role_name = role['name']
body = self.roles_client.show_role(role_id)['role']
self.assertEqual(role_id, body['id'])
self.assertEqual(role_name, body['name'])
diff --git a/tempest/api/identity/admin/v2/test_roles_negative.py b/tempest/api/identity/admin/v2/test_roles_negative.py
index 770bb14..7116913 100644
--- a/tempest/api/identity/admin/v2/test_roles_negative.py
+++ b/tempest/api/identity/admin/v2/test_roles_negative.py
@@ -22,11 +22,9 @@
class RolesNegativeTestJSON(base.BaseIdentityV2AdminTest):
def _get_role_params(self):
- self.data.setup_test_user()
- self.data.setup_test_role()
- user = self.get_user_by_name(self.data.user['name'])
- tenant = self.get_tenant_by_name(self.data.tenant['name'])
- role = self.get_role_by_name(self.data.role['name'])
+ user = self.setup_test_user()
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ role = self.setup_test_role()
return (user, tenant, role)
@test.attr(type=['negative'])
@@ -89,7 +87,7 @@
# Non-administrator user should not be able to delete role
role_name = data_utils.rand_name(name='role')
body = self.roles_client.create_role(name=role_name)['role']
- self.data.roles.append(body)
+ self.addCleanup(self.roles_client.delete_role, body['id'])
role_id = body.get('id')
self.assertRaises(lib_exc.Forbidden,
self.non_admin_roles_client.delete_role, role_id)
@@ -100,7 +98,7 @@
# Request to delete role without a valid token should fail
role_name = data_utils.rand_name(name='role')
body = self.roles_client.create_role(name=role_name)['role']
- self.data.roles.append(body)
+ self.addCleanup(self.roles_client.delete_role, body['id'])
role_id = body.get('id')
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
diff --git a/tempest/api/identity/admin/v2/test_tenant_negative.py b/tempest/api/identity/admin/v2/test_tenant_negative.py
index d1e0217..baa78e9 100644
--- a/tempest/api/identity/admin/v2/test_tenant_negative.py
+++ b/tempest/api/identity/admin/v2/test_tenant_negative.py
@@ -44,7 +44,7 @@
# Non-administrator user should not be able to delete a tenant
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
self.assertRaises(lib_exc.Forbidden,
self.non_admin_tenants_client.delete_tenant,
tenant['id'])
@@ -55,7 +55,7 @@
# Request to delete a tenant without a valid token should fail
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(lib_exc.Unauthorized,
@@ -76,12 +76,9 @@
# Tenant names should be unique
tenant_name = data_utils.rand_name(name='tenant')
body = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- tenant = body
- self.data.tenants.append(tenant)
tenant1_id = body.get('id')
self.addCleanup(self.tenants_client.delete_tenant, tenant1_id)
- self.addCleanup(self.data.tenants.remove, tenant)
self.assertRaises(lib_exc.Conflict, self.tenants_client.create_tenant,
name=tenant_name)
@@ -136,7 +133,7 @@
# Non-administrator user should not be able to update a tenant
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
self.assertRaises(lib_exc.Forbidden,
self.non_admin_tenants_client.update_tenant,
tenant['id'])
@@ -147,7 +144,7 @@
# Request to update a tenant without a valid token should fail
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(lib_exc.Unauthorized,
diff --git a/tempest/api/identity/admin/v2/test_tenants.py b/tempest/api/identity/admin/v2/test_tenants.py
index 1aa80df..583fa8e 100644
--- a/tempest/api/identity/admin/v2/test_tenants.py
+++ b/tempest/api/identity/admin/v2/test_tenants.py
@@ -17,6 +17,7 @@
from tempest.api.identity import base
from tempest.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest import test
@@ -30,7 +31,9 @@
tenant_name = data_utils.rand_name(name='tenant-new')
tenant = self.tenants_client.create_tenant(
name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
tenants.append(tenant)
tenant_ids = map(lambda x: x['id'], tenants)
body = self.tenants_client.list_tenants()['tenants']
@@ -39,7 +42,6 @@
for tenant in tenants:
self.tenants_client.delete_tenant(tenant['id'])
- self.data.tenants.remove(tenant)
body = self.tenants_client.list_tenants()['tenants']
found = [tenant for tenant in body if tenant['id'] in tenant_ids]
@@ -53,7 +55,9 @@
body = self.tenants_client.create_tenant(name=tenant_name,
description=tenant_desc)
tenant = body['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
tenant_id = tenant['id']
desc1 = tenant['description']
self.assertEqual(desc1, tenant_desc, 'Description should have '
@@ -63,7 +67,6 @@
self.assertEqual(desc2, tenant_desc, 'Description does not appear'
'to be set')
self.tenants_client.delete_tenant(tenant_id)
- self.data.tenants.remove(tenant)
@test.idempotent_id('670bdddc-1cd7-41c7-b8e2-751cfb67df50')
def test_tenant_create_enabled(self):
@@ -72,7 +75,9 @@
body = self.tenants_client.create_tenant(name=tenant_name,
enabled=True)
tenant = body['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
tenant_id = tenant['id']
en1 = tenant['enabled']
self.assertTrue(en1, 'Enable should be True in response')
@@ -80,7 +85,6 @@
en2 = body['enabled']
self.assertTrue(en2, 'Enable should be True in lookup')
self.tenants_client.delete_tenant(tenant_id)
- self.data.tenants.remove(tenant)
@test.idempotent_id('3be22093-b30f-499d-b772-38340e5e16fb')
def test_tenant_create_not_enabled(self):
@@ -89,7 +93,9 @@
body = self.tenants_client.create_tenant(name=tenant_name,
enabled=False)
tenant = body['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
tenant_id = tenant['id']
en1 = tenant['enabled']
self.assertEqual('false', str(en1).lower(),
@@ -99,7 +105,6 @@
self.assertEqual('false', str(en2).lower(),
'Enable should be False in lookup')
self.tenants_client.delete_tenant(tenant_id)
- self.data.tenants.remove(tenant)
@test.idempotent_id('781f2266-d128-47f3-8bdb-f70970add238')
def test_tenant_update_name(self):
@@ -107,7 +112,9 @@
t_name1 = data_utils.rand_name(name='tenant')
body = self.tenants_client.create_tenant(name=t_name1)['tenant']
tenant = body
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
t_id = body['id']
resp1_name = body['name']
@@ -125,7 +132,6 @@
self.assertEqual(resp2_name, resp3_name)
self.tenants_client.delete_tenant(t_id)
- self.data.tenants.remove(tenant)
@test.idempotent_id('859fcfe1-3a03-41ef-86f9-b19a47d1cd87')
def test_tenant_update_desc(self):
@@ -135,7 +141,9 @@
body = self.tenants_client.create_tenant(name=t_name,
description=t_desc)
tenant = body['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
t_id = tenant['id']
resp1_desc = tenant['description']
@@ -154,7 +162,6 @@
self.assertEqual(resp2_desc, resp3_desc)
self.tenants_client.delete_tenant(t_id)
- self.data.tenants.remove(tenant)
@test.idempotent_id('8fc8981f-f12d-4c66-9972-2bdcf2bc2e1a')
def test_tenant_update_enable(self):
@@ -163,7 +170,9 @@
t_en = False
body = self.tenants_client.create_tenant(name=t_name, enabled=t_en)
tenant = body['tenant']
- self.data.tenants.append(tenant)
+ # Add the tenant to the cleanup list
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.tenants_client.delete_tenant, tenant['id'])
t_id = tenant['id']
resp1_en = tenant['enabled']
@@ -182,4 +191,3 @@
self.assertEqual(resp2_en, resp3_en)
self.tenants_client.delete_tenant(t_id)
- self.data.tenants.remove(tenant)
diff --git a/tempest/api/identity/admin/v2/test_tokens.py b/tempest/api/identity/admin/v2/test_tokens.py
index 5cf337b..2f7e941 100644
--- a/tempest/api/identity/admin/v2/test_tokens.py
+++ b/tempest/api/identity/admin/v2/test_tokens.py
@@ -28,13 +28,15 @@
# first:create a tenant
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(name=tenant_name)['tenant']
- self.data.tenants.append(tenant)
+ # Delete the tenant at the end of the test
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
# second:create a user
user = self.users_client.create_user(name=user_name,
password=user_password,
tenantId=tenant['id'],
email='')['user']
- self.data.users.append(user)
+ # Delete the user at the end of the test
+ self.addCleanup(self.users_client.delete_user, user['id'])
# then get a token for the user
body = self.token_client.auth(user_name,
user_password,
@@ -68,23 +70,27 @@
password=user_password,
tenantId=tenant_id,
email=email)['user']
- self.data.users.append(user)
+ # Delete the user at the end of the test
+ self.addCleanup(self.users_client.delete_user, user['id'])
# Create a couple tenants.
tenant1_name = data_utils.rand_name(name='tenant')
tenant1 = self.tenants_client.create_tenant(
name=tenant1_name)['tenant']
- self.data.tenants.append(tenant1)
+ # Delete the tenant at the end of the test
+ self.addCleanup(self.tenants_client.delete_tenant, tenant1['id'])
tenant2_name = data_utils.rand_name(name='tenant')
tenant2 = self.tenants_client.create_tenant(
name=tenant2_name)['tenant']
- self.data.tenants.append(tenant2)
+ # Delete the tenant at the end of the test
+ self.addCleanup(self.tenants_client.delete_tenant, tenant2['id'])
# Create a role
role_name = data_utils.rand_name(name='role')
role = self.roles_client.create_role(name=role_name)['role']
- self.data.roles.append(role)
+ # Delete the role at the end of the test
+ self.addCleanup(self.roles_client.delete_role, role['id'])
# Grant the user the role on the tenants.
self.roles_client.create_user_role_on_project(tenant1['id'],
diff --git a/tempest/api/identity/admin/v2/test_users.py b/tempest/api/identity/admin/v2/test_users.py
index 167cbc7..8e63498 100644
--- a/tempest/api/identity/admin/v2/test_users.py
+++ b/tempest/api/identity/admin/v2/test_users.py
@@ -19,6 +19,7 @@
from tempest.api.identity import base
from tempest.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest import test
@@ -35,25 +36,27 @@
@test.idempotent_id('2d55a71e-da1d-4b43-9c03-d269fd93d905')
def test_create_user(self):
# Create a user
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
user = self.users_client.create_user(name=self.alt_user,
password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)['user']
- self.data.users.append(user)
+ # Delete the User at the end of the test
+ self.addCleanup(self.users_client.delete_user, user['id'])
self.assertEqual(self.alt_user, user['name'])
@test.idempotent_id('89d9fdb8-15c2-4304-a429-48715d0af33d')
def test_create_user_with_enabled(self):
# Create a user with enabled : False
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
name = data_utils.rand_name('test_user')
user = self.users_client.create_user(name=name,
password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email,
enabled=False)['user']
- self.data.users.append(user)
+ # Delete the User at the end of the test
+ self.addCleanup(self.users_client.delete_user, user['id'])
self.assertEqual(name, user['name'])
self.assertEqual(False, user['enabled'])
self.assertEqual(self.alt_email, user['email'])
@@ -62,10 +65,10 @@
def test_update_user(self):
# Test case to check if updating of user attributes is successful.
test_user = data_utils.rand_name('test_user')
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
user = self.users_client.create_user(name=test_user,
password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)['user']
# Delete the User at the end of this method
self.addCleanup(self.users_client.delete_user, user['id'])
@@ -89,76 +92,85 @@
def test_delete_user(self):
# Delete a user
test_user = data_utils.rand_name('test_user')
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
user = self.users_client.create_user(name=test_user,
password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)['user']
+ # Delete the User at the end of the test
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.users_client.delete_user, user['id'])
self.users_client.delete_user(user['id'])
@test.idempotent_id('aca696c3-d645-4f45-b728-63646045beb1')
def test_user_authentication(self):
# Valid user's token is authenticated
- self.data.setup_test_user()
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
# Get a token
- self.token_client.auth(self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ self.token_client.auth(user['name'],
+ password,
+ tenant['name'])
# Re-auth
- self.token_client.auth(self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ self.token_client.auth(user['name'],
+ password,
+ tenant['name'])
@test.idempotent_id('5d1fa498-4c2d-4732-a8fe-2b054598cfdd')
def test_authentication_request_without_token(self):
# Request for token authentication with a valid token in header
- self.data.setup_test_user()
- self.token_client.auth(self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ self.token_client.auth(user['name'],
+ password,
+ tenant['name'])
# Get the token of the current client
token = self.client.auth_provider.get_token()
# Delete the token from database
self.client.delete_token(token)
# Re-auth
- self.token_client.auth(self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ self.token_client.auth(user['name'],
+ password,
+ tenant['name'])
self.client.auth_provider.clear_auth()
@test.idempotent_id('a149c02e-e5e0-4b89-809e-7e8faf33ccda')
def test_get_users(self):
# Get a list of users and find the test user
- self.data.setup_test_user()
+ user = self.setup_test_user()
users = self.users_client.list_users()['users']
self.assertThat([u['name'] for u in users],
- matchers.Contains(self.data.user['name']),
- "Could not find %s" % self.data.user['name'])
+ matchers.Contains(user['name']),
+ "Could not find %s" % user['name'])
@test.idempotent_id('6e317209-383a-4bed-9f10-075b7c82c79a')
def test_list_users_for_tenant(self):
# Return a list of all users for a tenant
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
user_ids = list()
fetched_user_ids = list()
password1 = data_utils.rand_password()
alt_tenant_user1 = data_utils.rand_name('tenant_user1')
user1 = self.users_client.create_user(name=alt_tenant_user1,
password=password1,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email='user1@123')['user']
user_ids.append(user1['id'])
- self.data.users.append(user1)
+ # Delete the User at the end of the test
+ self.addCleanup(self.users_client.delete_user, user1['id'])
password2 = data_utils.rand_password()
alt_tenant_user2 = data_utils.rand_name('tenant_user2')
user2 = self.users_client.create_user(name=alt_tenant_user2,
password=password2,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email='user2@123')['user']
user_ids.append(user2['id'])
- self.data.users.append(user2)
+ # Delete the User at the end of the test
+ self.addCleanup(self.users_client.delete_user, user2['id'])
# List of users for the respective tenant ID
- body = (self.tenants_client.list_tenant_users(self.data.tenant['id'])
+ body = (self.tenants_client.list_tenant_users(tenant['id'])
['users'])
for i in body:
fetched_user_ids.append(i['id'])
@@ -172,11 +184,9 @@
@test.idempotent_id('a8b54974-40e1-41c0-b812-50fc90827971')
def test_list_users_with_roles_for_tenant(self):
# Return list of users on tenant when roles are assigned to users
- self.data.setup_test_user()
- self.data.setup_test_role()
- user = self.get_user_by_name(self.data.user['name'])
- tenant = self.get_tenant_by_name(self.data.tenant['name'])
- role = self.get_role_by_name(self.data.role['name'])
+ user = self.setup_test_user()
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ role = self.setup_test_role()
# Assigning roles to two users
user_ids = list()
fetched_user_ids = list()
@@ -189,15 +199,15 @@
second_user = self.users_client.create_user(
name=alt_user2,
password=alt_password2,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email='user2@123')['user']
user_ids.append(second_user['id'])
- self.data.users.append(second_user)
+ # Delete the User at the end of the test
+ self.addCleanup(self.users_client.delete_user, second_user['id'])
role = self.roles_client.create_user_role_on_project(
tenant['id'], second_user['id'], role['id'])['role']
# List of users with roles for the respective tenant ID
- body = (self.tenants_client.list_tenant_users(self.data.tenant['id'])
- ['users'])
+ body = (self.tenants_client.list_tenant_users(tenant['id'])['users'])
for i in body:
fetched_user_ids.append(i['id'])
# verifying the user Id in the list
@@ -210,17 +220,18 @@
@test.idempotent_id('1aeb25ac-6ec5-4d8b-97cb-7ac3567a989f')
def test_update_user_password(self):
# Test case to check if updating of user password is successful.
- self.data.setup_test_user()
+ user = self.setup_test_user()
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
# Updating the user with new password
new_pass = data_utils.rand_password()
update_user = self.users_client.update_user_password(
- self.data.user['id'], password=new_pass)['user']
- self.assertEqual(update_user['id'], self.data.user['id'])
+ user['id'], password=new_pass)['user']
+ self.assertEqual(update_user['id'], user['id'])
# NOTE(morganfainberg): Fernet tokens are not subsecond aware and
# Keystone should only be precise to the second. Sleep to ensure
# we are passing the second boundary.
time.sleep(1)
# Validate the updated password through getting a token.
- body = self.token_client.auth(self.data.user['name'], new_pass,
- self.data.tenant['name'])
+ body = self.token_client.auth(user['name'], new_pass,
+ tenant['name'])
self.assertTrue('id' in body['token'])
diff --git a/tempest/api/identity/admin/v2/test_users_negative.py b/tempest/api/identity/admin/v2/test_users_negative.py
index 78b89fa..597413e 100644
--- a/tempest/api/identity/admin/v2/test_users_negative.py
+++ b/tempest/api/identity/admin/v2/test_users_negative.py
@@ -32,43 +32,45 @@
@test.idempotent_id('60a1f5fa-5744-4cdf-82bf-60b7de2d29a4')
def test_create_user_by_unauthorized_user(self):
# Non-administrator should not be authorized to create a user
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
self.assertRaises(lib_exc.Forbidden,
self.non_admin_users_client.create_user,
name=self.alt_user, password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)
@test.attr(type=['negative'])
@test.idempotent_id('d80d0c2f-4514-4d1e-806d-0930dfc5a187')
def test_create_user_with_empty_name(self):
# User with an empty name should not be created
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
self.assertRaises(lib_exc.BadRequest, self.users_client.create_user,
name='', password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)
@test.attr(type=['negative'])
@test.idempotent_id('7704b4f3-3b75-4b82-87cc-931d41c8f780')
def test_create_user_with_name_length_over_255(self):
# Length of user name filed should be restricted to 255 characters
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
self.assertRaises(lib_exc.BadRequest, self.users_client.create_user,
name='a' * 256, password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)
@test.attr(type=['negative'])
@test.idempotent_id('57ae8558-120c-4723-9308-3751474e7ecf')
def test_create_user_with_duplicate_name(self):
# Duplicate user should not be created
- self.data.setup_test_user()
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
self.assertRaises(lib_exc.Conflict, self.users_client.create_user,
- name=self.data.user['name'],
- password=self.data.user_password,
- tenantId=self.data.tenant['id'],
- email=self.data.user['email'])
+ name=user['name'],
+ password=password,
+ tenantId=tenant['id'],
+ email=user['email'])
@test.attr(type=['negative'])
@test.idempotent_id('0132cc22-7c4f-42e1-9e50-ac6aad31d59a')
@@ -84,7 +86,7 @@
@test.idempotent_id('55bbb103-d1ae-437b-989b-bcdf8175c1f4')
def test_create_user_request_without_a_token(self):
# Request to create a user without a valid token should fail
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
# Get the token of the current client
token = self.client.auth_provider.get_token()
# Delete the token from database
@@ -95,18 +97,18 @@
self.assertRaises(lib_exc.Unauthorized, self.users_client.create_user,
name=self.alt_user, password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email)
@test.attr(type=['negative'])
@test.idempotent_id('23a2f3da-4a1a-41da-abdd-632328a861ad')
def test_create_user_with_enabled_non_bool(self):
# Attempt to create a user with valid enabled para should fail
- self.data.setup_test_tenant()
+ tenant = self.setup_test_tenant()
name = data_utils.rand_name('test_user')
self.assertRaises(lib_exc.BadRequest, self.users_client.create_user,
name=name, password=self.alt_password,
- tenantId=self.data.tenant['id'],
+ tenantId=tenant['id'],
email=self.alt_email, enabled=3)
@test.attr(type=['negative'])
@@ -138,7 +140,6 @@
@test.idempotent_id('424868d5-18a7-43e1-8903-a64f95ee3aac')
def test_update_user_by_unauthorized_user(self):
# Non-administrator should not be authorized to update user
- self.data.setup_test_tenant()
self.assertRaises(lib_exc.Forbidden,
self.non_admin_users_client.update_user,
self.alt_user)
@@ -147,10 +148,10 @@
@test.idempotent_id('d45195d5-33ed-41b9-a452-7d0d6a00f6e9')
def test_delete_users_by_unauthorized_user(self):
# Non-administrator user should not be authorized to delete a user
- self.data.setup_test_user()
+ user = self.setup_test_user()
self.assertRaises(lib_exc.Forbidden,
self.non_admin_users_client.delete_user,
- self.data.user['id'])
+ user['id'])
@test.attr(type=['negative'])
@test.idempotent_id('7cc82f7e-9998-4f89-abae-23df36495867')
@@ -179,57 +180,62 @@
@test.idempotent_id('593a4981-f6d4-460a-99a1-57a78bf20829')
def test_authentication_for_disabled_user(self):
# Disabled user's token should not get authenticated
- self.data.setup_test_user()
- self.disable_user(self.data.user['name'])
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ self.disable_user(user['name'])
self.assertRaises(lib_exc.Unauthorized, self.token_client.auth,
- self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ user['name'],
+ password,
+ tenant['name'])
@test.attr(type=['negative'])
@test.idempotent_id('440a7a8d-9328-4b7b-83e0-d717010495e4')
def test_authentication_when_tenant_is_disabled(self):
# User's token for a disabled tenant should not be authenticated
- self.data.setup_test_user()
- self.disable_tenant(self.data.tenant['name'])
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
+ self.disable_tenant(tenant['name'])
self.assertRaises(lib_exc.Unauthorized, self.token_client.auth,
- self.data.user['name'],
- self.data.user_password,
- self.data.tenant['name'])
+ user['name'],
+ password,
+ tenant['name'])
@test.attr(type=['negative'])
@test.idempotent_id('921f1ad6-7907-40b8-853f-637e7ee52178')
def test_authentication_with_invalid_tenant(self):
# User's token for an invalid tenant should not be authenticated
- self.data.setup_test_user()
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
self.assertRaises(lib_exc.Unauthorized, self.token_client.auth,
- self.data.user['name'],
- self.data.user_password,
+ user['name'],
+ password,
'junktenant1234')
@test.attr(type=['negative'])
@test.idempotent_id('bde9aecd-3b1c-4079-858f-beb5deaa5b5e')
def test_authentication_with_invalid_username(self):
# Non-existent user's token should not get authenticated
- self.data.setup_test_user()
+ password = data_utils.rand_password()
+ user = self.setup_test_user(password)
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
self.assertRaises(lib_exc.Unauthorized, self.token_client.auth,
- 'junkuser123', self.data.user_password,
- self.data.tenant['name'])
+ 'junkuser123', password, tenant['name'])
@test.attr(type=['negative'])
@test.idempotent_id('d5308b33-3574-43c3-8d87-1c090c5e1eca')
def test_authentication_with_invalid_password(self):
# User's token with invalid password should not be authenticated
- self.data.setup_test_user()
+ user = self.setup_test_user()
+ tenant = self.tenants_client.show_tenant(user['tenantId'])['tenant']
self.assertRaises(lib_exc.Unauthorized, self.token_client.auth,
- self.data.user['name'], 'junkpass1234',
- self.data.tenant['name'])
+ user['name'], 'junkpass1234', tenant['name'])
@test.attr(type=['negative'])
@test.idempotent_id('284192ce-fb7c-4909-a63b-9a502e0ddd11')
def test_get_users_by_unauthorized_user(self):
# Non-administrator user should not be authorized to get user list
- self.data.setup_test_user()
self.assertRaises(lib_exc.Forbidden,
self.non_admin_users_client.list_users)
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index df39390..433109e 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -64,6 +64,23 @@
if len(role) > 0:
return role[0]
+ def _create_test_user(self, **kwargs):
+ if kwargs['password'] is None:
+ user_password = data_utils.rand_password()
+ kwargs['password'] = user_password
+ user = self.users_client.create_user(**kwargs)['user']
+ # Delete the user at the end of the test
+ self.addCleanup(self.users_client.delete_user, user['id'])
+ return user
+
+ def setup_test_role(self):
+ """Set up a test role."""
+ role = self.roles_client.create_role(
+ name=data_utils.rand_name('test_role'))['role']
+ # Delete the role at the end of the test
+ self.addCleanup(self.roles_client.delete_role, role['id'])
+ return role
+
class BaseIdentityV2Test(BaseIdentityTest):
@@ -104,14 +121,30 @@
@classmethod
def resource_setup(cls):
super(BaseIdentityV2AdminTest, cls).resource_setup()
- cls.data = DataGeneratorV2(cls.tenants_client, cls.users_client,
- cls.roles_client)
+ cls.projects_client = cls.tenants_client
@classmethod
def resource_cleanup(cls):
- cls.data.teardown_all()
super(BaseIdentityV2AdminTest, cls).resource_cleanup()
+ def setup_test_user(self, password=None):
+ """Set up a test user."""
+ tenant = self.setup_test_tenant()
+ username = data_utils.rand_name('test_user')
+ email = username + '@testmail.tm'
+ user = self._create_test_user(name=username, email=email,
+ tenantId=tenant['id'], password=password)
+ return user
+
+ def setup_test_tenant(self):
+ """Set up a test tenant."""
+ tenant = self.projects_client.create_tenant(
+ name=data_utils.rand_name('test_tenant'),
+ description=data_utils.rand_name('desc'))['tenant']
+ # Delete the tenant at the end of the test
+ self.addCleanup(self.tenants_client.delete_tenant, tenant['id'])
+ return tenant
+
class BaseIdentityV3Test(BaseIdentityTest):