2018-03-08 18:44:00 |
Lance Bragstad |
description |
Now that system scope is implemented and oslo.policy understands different scope types. One of two things will happen when a token of the wrong scope is used to access an API. Either a warning will be logged if oslo.policy's enforce_scope is False, or an exception will be raised.
This is apparent in keystone's unit tests because the warning spams the logs.
We should make some utilities that get system-scoped tokens for a user. This will be useful in tests that require system-scoped tokens to operate. |
Now that system scope is implemented and oslo.policy understands different scope types. One of two things will happen when a token of the wrong scope is used to access an API. Either a warning will be logged if oslo.policy's enforce_scope is False, or an exception will be raised.
This is apparent in keystone's unit tests because the warning spams the logs.
We should make some utilities that get system-scoped tokens for a user. This will be useful in tests that require system-scoped tokens to operate.
Example warning when tests are run: http://paste.openstack.org/raw/695596/ |
|