commit 079c6ad6c911226251fa2a601a27296cfe15e0b3
Author: Henry Nash <email address hidden>
Date: Sun Sep 28 11:16:26 2014 +0100
Ensure sql upgrade tests can run with non-sqlite databases.
This patch fixes the issues that were preventing the running of
live sql upgrade tests (either by running test_sql_upgrade directly
or via test_sql_livetest), namely:
- Dropping the tables that were in existence before the current
scope of migration in an order that is FK friendly
- Fixing an issue where the tables were being dropped in the
wrong order in the downgrade of federation
- Ensuring we don't hold sessions open over upgrade/downgrade
steps in our test methods
commit 4ae1879a79e338e7323935fd17896ba8a4e84fb9
Author: David Stanek <email address hidden>
Date: Fri Oct 3 18:52:54 2014 +0000
Validates controller methods exist when specified
It was possible to specify an invalid controller method in a router.
This will not cause an error until runtime. This change catches the
error much earlier in the application lifecycle. In fact with this
change errors should not be able to pass unit tests even if there is
no specific test for the behavior.
commit 5caf29ad5d90a65d3b10dc55bb101c96b543e4f8
Author: David Stanek <email address hidden>
Date: Fri Oct 3 20:00:30 2014 +0000
Fixes an error deleting an endpoint group project
Deleting a endpoint group project fails because the router specifies
a controller method that doesn't exist. This returns a 500 error to
the user for what should be a successful operation.
There were tests that verified that the PKI token body could be
encrypted with CMS and compared to the token ID in the response.
This test isn't safe because the token body may be different than
the token encrypted with CMS since the order of items in the dict
can change.
The fix is to change the test to decode the PKI token ID and
compare that to the response body JSON instead.
Change-Id: Icc649b96071ff084d5c76f2ea2bcf3ecb08a0351
(cherry picked from commit 83394ba71ba06e9899aaa62f211919075f2a3d91)
Convert unicode to UTF8 when calling ldap.str2dn()
The string passed to ldap.str2dn() needs to be UTF8 encoded, otherwise
we encounter UnicodeEncodeError exceptions.
This patch adds UTF8 encoding where it was missing for ldap.str2dn()
calls as well as some unit tests to cover the functions that were
lacking this encoding step.
Change-Id: I96e718f1d43f4aad272ca4990d3905a5adf1f07d
Closes-bug: #1375139
(cherry picked from commit 09d38008aa0e7f8c6802088c807dd0ad6ba80e10)
If a non-default emulated enabled DN is specified in configuration,
the DN structure returned from python-ldap is incorrectly converted
to a string. This leads to an index error when we attempt to extract
the RDN attribute and value.
This patch removes the incorrect string conversion and instead does
the proper conversion on the RDN strings that we extract.
Change-Id: I8f0c4594cfa9a41e1875870c3eb63fae32c8c041
Resolves-bug: #1375772
(cherry picked from commit 5380ddaadb0ce34b866b097cb6ac1396d2b30100)
Handle default string values when using user_enabled_invert
When the user_enabled_invert setting is being used, values returned
from LDAP are ultimately converted to a bool type when we reach the
inversion logic. If the user_enabled_default value is used due to
no value being returned from LDAP, the type is a string. This causes
the inversion logic to be evaluated incorrectly, as 'not' will return
False for any non-empty string. This results in disabled accounts
that should be enabled.
Change-Id: Id7b024c12815748305458ca05fc8f8a6324c1908
Closes-bug: #1376053
(cherry picked from commit 50a6312ffa1f636bd74c98d9938ea4083bed2768)
Reviewed: https:/ /review. openstack. org/128930 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=b788121927a be04a1bbbd1d47e b04cd8d9311904
Committed: https:/
Submitter: Jenkins
Branch: master
commit ef8d9aa4e1ca3b5 465a5bba0cdb6dc b9be1fe9ca
Author: Dolph Mathews <email address hidden>
Date: Tue Oct 7 14:35:28 2014 +0000
updated translations
this boils down to:
$ python setup.py extract_messages -ignore- obsolete= true ./../openstack- infra/project- config/ jenkins/ scripts/ common_ translation_ update. sh
$ python setup.py update_catalog --no-fuzzy-matching \
-
$ source \
.
$ setup_loglevel_vars
$ cleanup_po_files keystone
Change-Id: I2a03f3d7eebe0b e0250d4834256df a3c634dbb48
commit 079c6ad6c911226 251fa2a601a2729 6cfe15e0b3
Author: Henry Nash <email address hidden>
Date: Sun Sep 28 11:16:26 2014 +0100
Ensure sql upgrade tests can run with non-sqlite databases.
This patch fixes the issues that were preventing the running of
live sql upgrade tests (either by running test_sql_upgrade directly
or via test_sql_livetest), namely:
- Dropping the tables that were in existence before the current
scope of migration in an order that is FK friendly
- Fixing an issue where the tables were being dropped in the
wrong order in the downgrade of federation
- Ensuring we don't hold sessions open over upgrade/downgrade
steps in our test methods
Limitations:
- This patch has not been tested with DB2
Closes-Bug: 1363047 bc6f2ddcdc8a380 ea55b2a9634
Closes-Bug: 1375937
Change-Id: Ied4741a9646b57
commit 4ae1879a79e338e 7323935fd17896b a8a4e84fb9
Author: David Stanek <email address hidden>
Date: Fri Oct 3 18:52:54 2014 +0000
Validates controller methods exist when specified
It was possible to specify an invalid controller method in a router.
This will not cause an error until runtime. This change catches the
error much earlier in the application lifecycle. In fact with this
change errors should not be able to pass unit tests even if there is
no specific test for the behavior.
Related-bug: #1377304 127a8b4ac8a7434 2ef3dca7e80
Change-Id: Icc5646c143a234
commit 5caf29ad5d90a65 d3b10dc55bb101c 96b543e4f8
Author: David Stanek <email address hidden>
Date: Fri Oct 3 20:00:30 2014 +0000
Fixes an error deleting an endpoint group project
Deleting a endpoint group project fails because the router specifies
a controller method that doesn't exist. This returns a 500 error to
the user for what should be a successful operation.
Change-Id: I3b91d8023d3155 5893fb944da7363 3a69d8e286f
Closes-bug: #1377304
commit c64eae867832706 7ef22099e846d92 7bccb4a804
Author: Brant Knudson <email address hidden>
Date: Wed Oct 1 11:11:21 2014 -0500
Fix tests comparing tokens
There were tests that verified that the PKI token body could be
encrypted with CMS and compared to the token ID in the response.
This test isn't safe because the token body may be different than
the token encrypted with CMS since the order of items in the dict
can change.
The fix is to change the test to decode the PKI token ID and
compare that to the response body JSON instead.
Change-Id: Icc649b96071ff0 84d5c76f2ea2bcf 3ecb08a0351 899aaa62f211919 075f2a3d91)
(cherry picked from commit 83394ba71ba06e9
commit 508e904c7410de8 41b54e4744e43c7 470e1f13d0
Author: Nathan Kinder <email address hidden>
Date: Tue Sep 30 08:26:35 2014 -0700
Convert unicode to UTF8 when calling ldap.str2dn()
The string passed to ldap.str2dn() needs to be UTF8 encoded, otherwise
we encounter UnicodeEncodeError exceptions.
This patch adds UTF8 encoding where it was missing for ldap.str2dn()
calls as well as some unit tests to cover the functions that were
lacking this encoding step.
Change-Id: I96e718f1d43f4a ad272ca4990d390 5a5adf1f07d c6802088c807dd0 ad6ba80e10)
Closes-bug: #1375139
(cherry picked from commit 09d38008aa0e7f8
commit eefa0feaf5aa933 fb9cb6313eb58ad 3b0cb501fc
Author: Nathan Kinder <email address hidden>
Date: Tue Sep 30 07:39:33 2014 -0700
Fix parsing of emulated enabled DN
If a non-default emulated enabled DN is specified in configuration,
the DN structure returned from python-ldap is incorrectly converted
to a string. This leads to an index error when we attempt to extract
the RDN attribute and value.
This patch removes the incorrect string conversion and instead does
the proper conversion on the RDN strings that we extract.
Change-Id: I8f0c4594cfa9a4 1e1875870c3eb63 fae32c8c041 b866b097cb6ac13 96d2b30100)
Resolves-bug: #1375772
(cherry picked from commit 5380ddaadb0ce34
commit 92dffc1aff66b42 8de20c3087e974c 90bbc9f244
Author: Nathan Kinder <email address hidden>
Date: Tue Sep 30 17:36:22 2014 -0700
Handle default string values when using user_enabled_invert
When the user_enabled_invert setting is being used, values returned default value is used due to
from LDAP are ultimately converted to a bool type when we reach the
inversion logic. If the user_enabled_
no value being returned from LDAP, the type is a string. This causes
the inversion logic to be evaluated incorrectly, as 'not' will return
False for any non-empty string. This results in disabled accounts
that should be enabled.
Change-Id: Id7b024c1281574 8305458ca05fc8f 8a6324c1908 bd74c98d9938ea4 083bed2768)
Closes-bug: #1376053
(cherry picked from commit 50a6312ffa1f636