bug 832. Fixing non-authorized configuration for testing

[osm/NBI.git] / osm_nbi / auth.py

diff --git a/osm_nbi/auth.py b/osm_nbi/auth.py
index 94eb1e9..c320d50 100644 (file)
--- a/osm_nbi/auth.py
+++ b/osm_nbi/auth.py
@@ -259,6 +259,8 @@ class Authenticator:
         pid = self.create_admin_project()
         self.create_admin_user(pid)
 
+        # self.backend.update_user({"_id": "admin",
+        #                           "add_project_role_mappings": {"project": "admin", "role": "system_admin"}})
         if self.config["authentication"]["backend"] == "keystone":
             try:
                 self.backend.assign_role_to_user("admin", "admin", "system_admin")
@@ -346,6 +348,12 @@ class Authenticator:
                 if cherrypy.session.get('Authorization'):
                     del cherrypy.session['Authorization']
                 cherrypy.response.headers["WWW-Authenticate"] = 'Bearer realm="{}"'.format(e)
+            elif self.config.get("user_not_authorized"):
+                # TODO provide user_id, roles id (not name), project_id
+                return {"id": "fake-token-id-for-test",
+                        "project_id": self.config.get("project_not_authorized", "admin"),
+                        "username": self.config["user_not_authorized"],
+                        "roles": ["system_admin"]}
             raise
 
     def new_token(self, token_info, indata, remote):