+ p2 = None # To prevent deletion attempts
+
+ # Add a test of 'default project' for Keystone?
+
+ if u2:
+ engine.test("Edit user U2, change password", "PUT", "/admin/v1/users/"+u2, headers_json,
+ {"password": "pw2_new"}, 204, None, None)
+
+ if p1:
+ engine.test("Change to project P1 non existing", "POST", "/admin/v1/tokens/", headers_json,
+ {"project_id": p1}, 401, r_header_json, "json")
+
+ if u2 and p1:
+ res = engine.test("Change to user U2 project P1", "POST", "/admin/v1/tokens", headers_json,
+ {"username": "U2", "password": "pw2_new", "project_id": "P1"}, (200, 201),
+ r_header_json, "json")
+ if res:
+ rj = res.json()
+ engine.set_header({"Authorization": "Bearer {}".format(rj["id"])})
+
+ engine.test("Edit user projects non admin", "PUT", "/admin/v1/users/U1", headers_json,
+ {"remove_project_role_mappings": [{"project": "P1", "role": None}]},
+ 401, r_header_json, "json")
+
+ res = engine.test("Add new project non admin", "POST", "/admin/v1/projects", headers_json,
+ {"name": "P2"}, 401, r_header_json, "json")
+ if res is None or res.status_code == 201:
+ # The project has been created even though it shouldn't
+ res = engine.test("Get project P2", "GET", "/admin/v1/projects/P2", headers_json, None,
+ 200, r_header_json, "json")
+ p2 = res.json()["_id"] if res else None
+
+ if p1:
+ data = {"username": "U3", "password": "pw3"}
+ data["project_role_mappings"] = [{"project": p1, "role": rpu}]
+ res = engine.test("Add new user non admin", "POST", "/admin/v1/users", headers_json,
+ data, 401, r_header_json, "json")
+ if res is None or res.status_code == 201:
+ # The user has been created even though it shouldn't
+ res = engine.test("Get user U3", "GET", "/admin/v1/users/U3", headers_json, None,
+ 200, r_header_json, "json")
+ u3 = res.json()["_id"] if res else None
+ else:
+ u3 = None
+
+ if padmin:
+ res = engine.test("Change to user U2 project Padmin", "POST", "/admin/v1/tokens", headers_json,
+ {"project_id": "Padmin"}, # Caused a Keystone authentication error
+ # {"username": "U2", "password": "pw2_new", "project_id": "Padmin"},
+ (200, 201), r_header_json, "json")
+ if res:
+ rj = res.json()
+ engine.set_header({"Authorization": "Bearer {}".format(rj["id"])})
+
+ res = engine.test("Add new project admin", "POST", "/admin/v1/projects", headers_json,
+ {"name": "P3"}, (201, 204),
+ {"Location": "/admin/v1/projects/", "Content-Type": "application/json"},
+ "json")
+ p3 = engine.last_id if res else None
+
+ if p1:
+ data = {"username": "U4", "password": "pw4"}
+ data["project_role_mappings"] = [{"project": p1, "role": rpa}]
+ res = engine.test("Add new user admin", "POST", "/admin/v1/users", headers_json,
+ data, (201, 204),
+ {"Location": "/admin/v1/users/", "Content-Type": "application/json"},
+ "json")
+ u4 = engine.last_id if res else None
+ else:
+ u4 = None
+
+ if u4 and p3:
+ data = {"project_role_mappings": [{"project": p3, "role": rpa}]}
+ engine.test("Edit user projects admin", "PUT", "/admin/v1/users/U4", headers_json,
+ data, 204, None, None)
+ # Project is deleted even though it shouldn't - PROVISIONAL?
+ res = engine.test("Delete project P3 conflict", "DELETE", "/admin/v1/projects/"+p3,
+ headers_json, None, 409, None, None)
+ if res and res.status_code in (200, 204):
+ p3 = None
+ if p3:
+ res = engine.test("Delete project P3 forcing", "DELETE",
+ "/admin/v1/projects/"+p3+"?FORCE=True", headers_json, None, 204,
+ None, None)
+ if res and res.status_code in (200, 204):
+ p3 = None
+
+ if u2:
+ res = engine.test("Delete user U2. Conflict deleting own user", "DELETE",
+ "/admin/v1/users/"+u2, headers_json, None, 409, r_header_json, "json")
+ if res is None or res.status_code in (200, 204):
+ u2 = None
+ if u4:
+ res = engine.test("Delete user U4", "DELETE", "/admin/v1/users/"+u4, headers_json, None,
+ 204, None, None)
+ if res and res.status_code in (200, 204):
+ u4 = None
+ if p3:
+ res = engine.test("Delete project P3", "DELETE", "/admin/v1/projects/"+p3, headers_json,
+ None, 204, None, None)
+ if res and res.status_code in (200, 204):
+ p3 = None
+
+ if u3:
+ res = engine.test("Delete user U3", "DELETE", "/admin/v1/users/"+u3, headers_json, None,
+ 204, None, None)
+ if res:
+ u3 = None
+
+ # change to admin
+ engine.remove_authorization() # To force get authorization
+ engine.get_autorization()
+ if u1:
+ engine.test("Delete user U1", "DELETE", "/admin/v1/users/"+u1, headers_json, None, 204, None, None)
+ if u2:
+ engine.test("Delete user U2", "DELETE", "/admin/v1/users/"+u2, headers_json, None, 204, None, None)
+ if u3:
+ engine.test("Delete user U3", "DELETE", "/admin/v1/users/"+u3, headers_json, None, 204, None, None)
+ if u4:
+ engine.test("Delete user U4", "DELETE", "/admin/v1/users/"+u4, headers_json, None, 204, None, None)
+ if p1:
+ engine.test("Delete project P1", "DELETE", "/admin/v1/projects/"+p1, headers_json, None, 204, None, None)
+ if p2:
+ engine.test("Delete project P2", "DELETE", "/admin/v1/projects/"+p2, headers_json, None, 204, None, None)
+ if p3:
+ engine.test("Delete project P3", "DELETE", "/admin/v1/projects/"+p3, headers_json, None, 204, None, None)
+ if padmin:
+ engine.test("Delete project Padmin", "DELETE", "/admin/v1/projects/"+padmin, headers_json, None, 204,
+ None, None)
+ if pbad:
+ engine.test("Delete bad project", "DELETE", "/admin/v1/projects/"+pbad, headers_json, None, 204,
+ None, None)
+
+ # BEGIN New Tests - Addressing Projects/Users by Name/ID
+ pid1 = pid2 = None
+ uid1 = uid2 = None
+ res = engine.test("Create new project P1", "POST", "/admin/v1/projects", headers_json, {"name": "P1"},
+ 201, {"Location": "/admin/v1/projects/", "Content-Type": "application/json"}, "json")