keystone tests fail scope checking
Bug #1754438 reported by
Lance Bragstad
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Triaged
|
Medium
|
sonu |
Bug Description
Now that system scope is implemented and oslo.policy understands different scope types. One of two things will happen when a token of the wrong scope is used to access an API. Either a warning will be logged if oslo.policy's enforce_scope is False, or an exception will be raised.
This is apparent in keystone's unit tests because the warning spams the logs.
We should make some utilities that get system-scoped tokens for a user. This will be useful in tests that require system-scoped tokens to operate.
Example warning when tests are run: http://
Changed in keystone: | |
importance: | Undecided → Medium |
status: | New → Triaged |
tags: | added: policy |
description: | updated |
tags: | added: test-improvement |
Changed in keystone: | |
assignee: | nobody → sonu (sonu-bhumca11) |
To post a comment you must log in.
As of today - 782 tests fail when I set oslo_policy. enforce_ scope = True in keystone's unit tests [0].
[0] http:// paste.openstack .org/show/ 695634/