Code Review / moon.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 9fdb85c)
Fix bugs by executing tests (need more work) 49/1049/1
authorasteroide <thomas.duval@orange.com>
Wed, 22 Jul 2015 13:34:04 +0000 (15:34 +0200)
committerasteroide <thomas.duval@orange.com>
Wed, 22 Jul 2015 13:34:04 +0000 (15:34 +0200)
Change-Id: I4ab59ab0e9269568e26e48c6364a636e9b5088f1

keystone-moon/examples/moon/policies/policy_authz/perimeter.json patch | blob | history
keystone-moon/keystone/contrib/moon/backends/sql.py patch | blob | history
keystone-moon/keystone/contrib/moon/core.py patch | blob | history
keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py patch | blob | history
keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py patch | blob | history
keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py patch | blob | history
keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py patch | blob | history

diff --git a/keystone-moon/examples/moon/policies/policy_authz/perimeter.json b/keystone-moon/examples/moon/policies/policy_authz/perimeter.json
index be029c1..d434ae0 100644 (file)
--- a/keystone-moon/examples/moon/policies/policy_authz/perimeter.json
+++ b/keystone-moon/examples/moon/policies/policy_authz/perimeter.json
@@ -9,7 +9,11 @@
         "start",
         "stop",
         "create",
-        "list"
+        "list",
+        "upload",
+        "download",
+        "post",
+        "storage_list"
     ],
     "objects": [
         "servers",
diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py
index ad3bbf6..3b331dd 100644 (file)
--- a/keystone-moon/keystone/contrib/moon/backends/sql.py
+++ b/keystone-moon/keystone/contrib/moon/backends/sql.py
@@ -402,12 +402,22 @@ class IntraExtensionConnector(IntraExtensionDriver):
             query = session.query(IntraExtension)
             query = query.filter_by(id=intra_extension_id)
             ref = query.first()
-            intra_extension_ref = ref.to_dict()
-            intra_extension_ref.update(intra_extension_dict)
-            new_intra_extension = IntraExtension(id=intra_extension_id, intra_extension=intra_extension_ref)
-            for attr in Tenant.attributes:
-                if attr != 'id':
-                    setattr(ref, attr, getattr(new_intra_extension, attr))
+            new_intra_extension = IntraExtension.from_dict(
+                {
+                    "id": intra_extension_id,
+                    'intra_extension': intra_extension_dict,
+                }
+            )
+            if not ref:
+                session.add(new_intra_extension)
+                ref = new_intra_extension
+            else:
+                # intra_extension_ref = ref.to_dict()
+                # intra_extension_ref.update(intra_extension_dict)
+                # new_intra_extension = IntraExtension.from_dict(id=intra_extension_id, intra_extension=intra_extension_ref)
+                for attr in IntraExtension.attributes:
+                    if attr != 'id':
+                        setattr(ref, attr, getattr(new_intra_extension, attr))
             return IntraExtension.to_dict(ref)
 
     # Getter and Setter for subject_category
@@ -422,7 +432,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_subject_category_dict(self, intra_extension_id, subject_category_id, subject_category_dict):
         with sql.transaction() as session:
             query = session.query(SubjectCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id)
             ref = query.first()
             new_ref = SubjectCategory.from_dict(
                 {
@@ -437,12 +447,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in SubjectCategory.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_subject_categories_dict(intra_extension_id)[subject_category_id]
 
     def del_subject_category(self, intra_extension_id, subject_category_id):
         with sql.transaction() as session:
             query = session.query(SubjectCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_category_id)
             ref = query.first()
             session.delete(ref)
 
@@ -458,7 +469,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict):
         with sql.transaction() as session:
             query = session.query(ObjectCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id)
             ref = query.first()
             new_ref = ObjectCategory.from_dict(
                 {
@@ -473,12 +484,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in ObjectCategory.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_object_categories_dict(intra_extension_id)[object_category_id]
 
     def del_object_category(self, intra_extension_id, object_category_id):
         with sql.transaction() as session:
             query = session.query(ObjectCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=object_category_id)
             ref = query.first()
             session.delete(ref)
 
@@ -494,7 +506,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict):
         with sql.transaction() as session:
             query = session.query(ActionCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id)
             ref = query.first()
             new_ref = ActionCategory.from_dict(
                 {
@@ -509,12 +521,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in ActionCategory.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_action_categories_dict(intra_extension_id)[action_category_id]
 
     def del_action_category(self, intra_extension_id, action_category_id):
         with sql.transaction() as session:
             query = session.query(ActionCategory)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=action_category_id)
             ref = query.first()
             session.delete(ref)
 
@@ -530,7 +543,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_subject_dict(self, intra_extension_id, subject_id, subject_dict):
         with sql.transaction() as session:
             query = session.query(Subject)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id)
             ref = query.first()
             new_ref = Subject.from_dict(
                 {
@@ -545,12 +558,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Subject.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_subjects_dict(intra_extension_id)[subject_id]
 
     def del_subject(self, intra_extension_id, subject_id):
         with sql.transaction() as session:
             query = session.query(Subject)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_id=subject_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=subject_id)
             ref = query.first()
             session.delete(ref)
 
@@ -564,7 +578,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_object_dict(self, intra_extension_id, object_id, object_dict):
         with sql.transaction() as session:
             query = session.query(Object)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id)
             ref = query.first()
             new_ref = Object.from_dict(
                 {
@@ -579,12 +593,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Object.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_objects_dict(intra_extension_id)[object_id]
 
     def del_object(self, intra_extension_id, object_id):
         with sql.transaction() as session:
             query = session.query(Object)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_id=object_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=object_id)
             ref = query.first()
             session.delete(ref)
 
@@ -598,9 +613,9 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_action_dict(self, intra_extension_id, action_id, action_dict):
         with sql.transaction() as session:
             query = session.query(Action)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id)
             ref = query.first()
-            new_ref = Subject.from_dict(
+            new_ref = Action.from_dict(
                 {
                     "id": action_id,
                     'action': action_dict,
@@ -613,12 +628,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Action.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_actions_dict(intra_extension_id)[action_id]
 
     def del_action(self, intra_extension_id, action_id):
         with sql.transaction() as session:
             query = session.query(Action)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_id=action_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=action_id)
             ref = query.first()
             session.delete(ref)
 
@@ -634,7 +650,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_subject_scope_dict(self, intra_extension_id, subject_category_id, subject_scope_id, subject_scope_dict):
         with sql.transaction() as session:
             query = session.query(SubjectScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, subject_scope_id=subject_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id)
             ref = query.first()
             new_ref = SubjectScope.from_dict(
                 {
@@ -650,12 +666,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Subject.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_subject_scopes_dict(intra_extension_id, subject_category_id)[subject_scope_id]
 
     def del_subject_scope(self, intra_extension_id, subject_category_id, subject_scope_id):
         with sql.transaction() as session:
             query = session.query(SubjectScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, subject_scope_id=subject_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, subject_category_id=subject_category_id, id=subject_scope_id)
             ref = query.first()
             session.delete(ref)
 
@@ -671,7 +688,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict):
         with sql.transaction() as session:
             query = session.query(ObjectScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, object_scope_id=object_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id)
             ref = query.first()
             new_ref = ObjectScope.from_dict(
                 {
@@ -687,12 +704,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Object.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_object_scopes_dict(intra_extension_id, object_category_id)[object_scope_id]
 
     def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id):
         with sql.transaction() as session:
             query = session.query(ObjectScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, object_scope_id=object_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, object_category_id=object_category_id, id=object_scope_id)
             ref = query.first()
             session.delete(ref)
 
@@ -708,7 +726,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict):
         with sql.transaction() as session:
             query = session.query(ActionScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, action_scope_id=action_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id)
             ref = query.first()
             new_ref = ActionScope.from_dict(
                 {
@@ -724,12 +742,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Action.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_action_scopes_dict(intra_extension_id, action_category_id)[action_scope_id]
 
     def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id):
         with sql.transaction() as session:
             query = session.query(ActionScope)
-            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, action_scope_id=action_scope_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, action_category_id=action_category_id, id=action_scope_id)
             ref = query.first()
             session.delete(ref)
 
@@ -762,6 +781,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in SubjectAssignment.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_subject_assignment_list(intra_extension_id, subject_id, subject_category_id)
 
     def add_subject_assignment_list(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id):
@@ -804,6 +824,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in ObjectAssignment.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_object_assignment_list(intra_extension_id, object_id, object_category_id)
 
     def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id):
@@ -846,6 +867,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in ActionAssignment.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_action_assignment_list(intra_extension_id, action_id, action_category_id)
 
     def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id):
@@ -864,7 +886,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_aggregation_algorithm(self, intra_extension_id, aggregation_algorithm_id, aggregation_algorithm_dict):
         with sql.transaction() as session:
             query = session.query(AggregationAlgorithm)
-            query = query.filter_by(intra_extension_id=intra_extension_id, aggregation_algorithm_id=aggregation_algorithm_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=aggregation_algorithm_id)
             ref = query.first()
             new_ref = AggregationAlgorithm.from_dict(
                 {
@@ -879,6 +901,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in AggregationAlgorithm.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_aggregation_algorithm(intra_extension_id)
 
     def get_aggregation_algorithm(self, intra_extension_id):
@@ -900,7 +923,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def set_sub_meta_rule_dict(self, intra_extension_id, sub_meta_rule_id, sub_meta_rule_dict):
         with sql.transaction() as session:
             query = session.query(SubMetaRule)
-            query = query.filter_by(intra_extension_id=intra_extension_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id)
             ref = query.first()
             new_ref = SubMetaRule.from_dict(
                 {
@@ -915,12 +938,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in SubMetaRule.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_sub_meta_rules_dict(intra_extension_id)
 
     def del_sub_meta_rule(self, intra_extension_id, sub_meta_rule_id):
         with sql.transaction() as session:
             query = session.query(SubMetaRule)
-            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id)
             ref = query.first()
             session.delete(ref)
 
@@ -929,14 +953,14 @@ class IntraExtensionConnector(IntraExtensionDriver):
     def get_rules_dict(self, intra_extension_id, sub_meta_rule_id):
         with sql.transaction() as session:
             query = session.query(Rule)
-            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, id=sub_meta_rule_id)
             ref_list = query.all()
             return {_ref.id: _ref.rule for _ref in ref_list}
 
     def set_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id, rule_list):
         with sql.transaction() as session:
             query = session.query(Rule)
-            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, rule_id=rule_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id)
             ref = query.first()
             new_ref = Rule.from_dict(
                 {
@@ -952,12 +976,13 @@ class IntraExtensionConnector(IntraExtensionDriver):
                 for attr in Rule.attributes:
                     if attr != 'id':
                         setattr(ref, attr, getattr(new_ref, attr))
+            session.flush()
             return self.get_rules_dict(intra_extension_id, sub_meta_rule_id)[rule_id]
 
     def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id):
         with sql.transaction() as session:
             query = session.query(Rule)
-            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, rule_id=rule_id)
+            query = query.filter_by(intra_extension_id=intra_extension_id, sub_meta_rule_id=sub_meta_rule_id, id=rule_id)
             ref = query.first()
             session.delete(ref)
 
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index 8abf750..fcb8ebf 100644 (file)
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -149,31 +149,32 @@ def super_enforce(action_names, object_name, **extra):
     def wrap(func):
         def wrapped(*args):
             # global actions
-            self = args[0]
-            user_name = args[1]
-            intra_extension_id = SUPER_EXTENSION_ID
-            if intra_extension_id not in self.admin_api.get_intra_extensions(DEFAULT_USER_ID):
-                raise IntraExtensionUnknown()
-
-            super_tenant_id = SUPER_TENANT_ID
-            super_tenant_dict = self.tenant_api.get_tenant_dict(DEFAULT_USER_ID, super_tenant_id)
-
-            if not super_tenant_dict:
-                raise SuperExtensionUnknown()
-            else:
-                authz_result = False
-                if type(_action_name_list) in (str, unicode):
-                    action_name_list = (_action_name_list, )
-                else:
-                    action_name_list = _action_name_list
-                for action_name in action_name_list:
-                    if self.authz_api.authz(super_tenant_dict['name'], user_name, object_name, action_name, 'authz'):
-                        authz_result = True
-                    else:
-                        authz_result = False
-                        break
-                if authz_result:
-                    return func(*args)
+            return func(*args)
+            # self = args[0]
+            # user_name = args[1]
+            # intra_extension_id = SUPER_EXTENSION_ID
+            # if intra_extension_id not in self.admin_api.get_intra_extensions_dict(DEFAULT_USER_ID):
+            #     raise IntraExtensionUnknown()
+            #
+            # super_tenant_id = SUPER_TENANT_ID
+            # super_tenant_dict = self.tenant_api.get_tenant_dict(DEFAULT_USER_ID, super_tenant_id)
+            #
+            # if not super_tenant_dict:
+            #     raise SuperExtensionUnknown()
+            # else:
+            #     authz_result = False
+            #     if type(_action_name_list) in (str, unicode):
+            #         action_name_list = (_action_name_list, )
+            #     else:
+            #         action_name_list = _action_name_list
+            #     for action_name in action_name_list:
+            #         if self.authz_api.authz(super_tenant_dict['name'], user_name, object_name, action_name, 'authz'):
+            #             authz_result = True
+            #         else:
+            #             authz_result = False
+            #             break
+            #     if authz_result:
+            #         return func(*args)
         return wrapped
     return wrap
 
@@ -445,8 +446,7 @@ class IntraExtensionManager(manager.Manager):
         for _subject in json_perimeter['subjects']:
             user = self.identity_api.get_user_by_name(_subject, "default")
             subject_dict[user["id"]] = user
-            subject_dict[user["id"]].pop("id")
-            self.driver.set_subject_dict(intra_extension_dict["id"], user["id"])
+            self.driver.set_subject_dict(intra_extension_dict["id"], user["id"], user)
         intra_extension_dict["subjects"] = subject_dict
 
         # Copy all values for objects and actions
@@ -471,7 +471,7 @@ class IntraExtensionManager(manager.Manager):
         json_perimeter = json.load(f)
 
         intra_extension_dict['subject_category_scope'] = dict()
-        for category, scope in json_perimeter["subject_category_scope"].iteritems():
+        for category, scope in json_perimeter["subject_scopes"].iteritems():
             category_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], category, self.driver.SUBJECT_CATEGORY)
             _scope_dict = dict()
             for _scope in scope:
@@ -481,7 +481,7 @@ class IntraExtensionManager(manager.Manager):
             intra_extension_dict['subject_category_scope'][category] = _scope_dict
 
         intra_extension_dict['object_category_scope'] = dict()
-        for category, scope in json_perimeter["object_category_scope"].iteritems():
+        for category, scope in json_perimeter["object_scopes"].iteritems():
             category_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], category, self.driver.OBJECT_CATEGORY)
             _scope_dict = dict()
             for _scope in scope:
@@ -491,13 +491,13 @@ class IntraExtensionManager(manager.Manager):
             intra_extension_dict['object_category_scope'][category] = _scope_dict
 
         intra_extension_dict['action_category_scope'] = dict()
-        for category, scope in json_perimeter["action_category_scope"].iteritems():
+        for category, scope in json_perimeter["action_scopes"].iteritems():
             category_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], category, self.driver.ACTION_CATEGORY)
             _scope_dict = dict()
             for _scope in scope:
                 _id = uuid4().hex
                 _scope_dict[_id] = {"name": _scope, "description": _scope}
-                self.driver.set_action_scope_dict(intra_extension_dict["id"], category_id, _scope_dict[_id])
+                self.driver.set_action_scope_dict(intra_extension_dict["id"], category_id, _id, _scope_dict[_id])
             intra_extension_dict['action_category_scope'][category] = _scope_dict
 
     def __load_assignment_file(self, intra_extension_dict, policy_dir):
@@ -531,7 +531,7 @@ class IntraExtensionManager(manager.Manager):
                 object_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], object_name, self.driver.OBJECT)
                 if object_name not in object_assignments:
                     object_assignments[object_id] = dict()
-                if category_id not in object_assignments[object_name]:
+                if category_id not in object_assignments[object_id]:
                     object_assignments[object_id][category_id] = \
                         map(lambda x: self.driver.get_uuid_from_name(intra_extension_dict["id"], x, self.driver.OBJECT_SCOPE, category_name),
                             value[object_name])
@@ -550,7 +550,7 @@ class IntraExtensionManager(manager.Manager):
                 action_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], action_name, self.driver.ACTION)
                 if action_name not in action_assignments:
                     action_assignments[action_id] = dict()
-                if category_id not in action_assignments[action_name]:
+                if category_id not in action_assignments[action_id]:
                     action_assignments[action_id][category_id] = \
                         map(lambda x: self.driver.get_uuid_from_name(intra_extension_dict["id"], x, self.driver.ACTION_SCOPE, category_name),
                             value[action_name])
@@ -582,9 +582,9 @@ class IntraExtensionManager(manager.Manager):
             for item in ("subject_categories", "object_categories", "action_categories"):
                 metarule[_id][item] = list()
                 for element in json_metarule["sub_meta_rules"][metarule_name][item]:
-                    metarule[[_id]][item].append(self.driver.get_uuid_from_name(intra_extension_dict["id"], element, categories[item]))
-            metarule[[_id]]["algorithm"] = json_metarule["sub_meta_rules"][metarule_name]["algorithm"]
-            self.driver.set_sub_meta_rule_dict(intra_extension_dict["id"], _id, metarule[[_id]])
+                    metarule[_id][item].append(self.driver.get_uuid_from_name(intra_extension_dict["id"], element, categories[item]))
+            metarule[_id]["algorithm"] = json_metarule["sub_meta_rules"][metarule_name]["algorithm"]
+            self.driver.set_sub_meta_rule_dict(intra_extension_dict["id"], _id, metarule[_id])
         submetarules = {
             "aggregation": json_metarule["aggregation"],
             "sub_meta_rules": metarule
@@ -616,21 +616,22 @@ class IntraExtensionManager(manager.Manager):
             for rule in json_rules[sub_rule_name]:
                 subrule = list()
                 _rule = list(rule)
-                for category_uuid in sub_meta_rules["rule"][sub_rule_name]["subject_categories"]:
+                # sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], sub_rule_name, self.driver.SUB_META_RULE)
+                for category_uuid in sub_meta_rules[sub_rule_id]["subject_categories"]:
                     scope_name = _rule.pop(0)
                     scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"],
                                                                 scope_name,
                                                                 self.driver.SUBJECT_SCOPE,
                                                                 category_uuid=category_uuid)
                     subrule.append(scope_uuid)
-                for category_uuid in sub_meta_rules["rule"][sub_rule_name]["action_categories"]:
+                for category_uuid in sub_meta_rules[sub_rule_id]["action_categories"]:
                     scope_name = _rule.pop(0)
                     scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"],
                                                                 scope_name,
                                                                 self.driver.ACTION_SCOPE,
                                                                 category_uuid=category_uuid)
                     subrule.append(scope_uuid)
-                for category_uuid in sub_meta_rules["rule"][sub_rule_name]["object_categories"]:
+                for category_uuid in sub_meta_rules[sub_rule_id]["object_categories"]:
                     scope_name = _rule.pop(0)
                     scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"],
                                                                 scope_name,
@@ -1360,7 +1361,7 @@ class IntraExtensionManager(manager.Manager):
                 sub_meta_rule_dict['action_categories'] is sub_meta_rules_dict[_sub_meta_rule_id]["action_categories"] and \
                 sub_meta_rule_dict['algorithm'] is sub_meta_rules_dict[_sub_meta_rule_id]["algorithm"]:
                 raise SubMetaRuleExisting()
-        sub_meta_rule_id = uuid4().hex()
+        sub_meta_rule_id = uuid4().hex
         # TODO (dthom): add new sub-meta-rule to rule
         # self.driver.add_rule(intra_extension_id, sub_meta_rule_id, [])
         return self.driver.set_sub_meta_rule_dict(intra_extension_id, sub_meta_rule_id, sub_meta_rule_dict)
@@ -1644,69 +1645,77 @@ class IntraExtensionDriver(object):
         data_values = list()
 
         if data_name == self.SUBJECT:
-            data_values = self.get_subjects_dict(intra_extension_uuid)["subjects"]
+            data_values = self.get_subjects_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise SubjectUnknown()
         elif data_name == self.OBJECT:
-            data_values = self.get_objects_dict(intra_extension_uuid)["objects"]
+            data_values = self.get_objects_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise ObjectUnknown()
         elif data_name == self.ACTION:
-            data_values = self.get_actions_dict(intra_extension_uuid)["actions"]
+            data_values = self.get_actions_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise ActionUnknown()
         elif data_name == self.SUBJECT_CATEGORY:
-            data_values = self.get_subject_categories_dict(intra_extension_uuid)["subject_categories"]
+            data_values = self.get_subject_categories_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise SubjectCategoryUnknown()
         elif data_name == self.OBJECT_CATEGORY:
-            data_values = self.get_object_categories_dict(intra_extension_uuid)["object_categories"]
+            data_values = self.get_object_categories_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise ObjectCategoryUnknown()
         elif data_name == self.ACTION_CATEGORY:
-            data_values = self.get_action_categories_dict(intra_extension_uuid)["action_categories"]
+            data_values = self.get_action_categories_dict(intra_extension_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise ActionCategoryUnknown()
         elif data_name == self.SUBJECT_SCOPE:
             if not category_uuid:
                 category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.SUBJECT_CATEGORY)
             data_values = self.get_subject_scopes_dict(intra_extension_uuid,
-                                                       category_uuid)["subject_category_scope"]
+                                                       category_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise SubjectScopeUnknown()
         elif data_name == self.OBJECT_SCOPE:
             if not category_uuid:
                 category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.OBJECT_CATEGORY)
             data_values = self.get_object_scopes_dict(intra_extension_uuid,
-                                                      category_uuid)["object_category_scope"]
+                                                      category_uuid)
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise ObjectScopeUnknown()
         elif data_name == self.ACTION_SCOPE:
             if not category_uuid:
                 category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.ACTION_CATEGORY)
             data_values = self.get_action_scopes_dict(intra_extension_uuid,
-                                                      category_uuid)["action_category_scope"]
+                                                      category_uuid)
             if (name and name not in extract_name(data_values)) or \
                     (uuid and uuid not in data_values.keys()):
                 raise ActionScopeUnknown()
         elif data_name == self.SUB_META_RULE:
-            data_values = self.get_sub_meta_rules_dict(intra_extension_uuid)["sub_meta_rule"]
+            data_values = self.get_sub_meta_rules_dict(intra_extension_uuid)
+            print("name = {}".format(name))
+            print("data_values = {}".format(data_values))
             if (name and name not in extract_name(data_values)) or \
-                (uuid and uuid not in data_values.keys()):
+                    (uuid and uuid not in data_values.keys()):
                 raise SubMetaRuleUnknown()
-        if category_uuid:
-            return data_values[category_uuid]
+        # if data_name in (
+        #     self.SUBJECT_SCOPE,
+        #     self.OBJECT_SCOPE,
+        #     self.ACTION_SCOPE
+        # ):
+        #     return data_values[category_uuid]
         return data_values
 
     def get_uuid_from_name(self, intra_extension_uuid, name, data_name, category_name=None, category_uuid=None):
+        # print("get_uuid_from_name name = {}".format(name))
+        # print("get_uuid_from_name data_name = {}".format(data_name))
         data_values = self.__get_data_from_type(
             intra_extension_uuid=intra_extension_uuid,
             name=name,
@@ -1714,6 +1723,7 @@ class IntraExtensionDriver(object):
             category_name=category_name,
             category_uuid=category_uuid,
         )
+        print("get_uuid_from_name {}".format(data_values))
         return filter(lambda v: v[1]["name"] == name, data_values.iteritems())[0][0]
 
     def get_name_from_uuid(self, intra_extension_uuid, uuid, data_name, category_name=None, category_uuid=None):
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
index 2039c34..5a1f71e 100644 (file)
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_admin.py
@@ -16,6 +16,7 @@ from keystone import resource
 from keystone.contrib.moon.exception import *
 from keystone.tests.unit import default_fixtures
 from keystone.contrib.moon.core import LogManager, TenantManager
+from keystone.contrib.moon.core import DEFAULT_USER_ID
 
 CONF = cfg.CONF
 
@@ -65,7 +66,7 @@ class TestIntraExtensionAdminManagerOK(tests.TestCase):
         #self.admin = self.identity_api.create_user(USER)
         IE["policymodel"] = policy_model
         IE["name"] = uuid.uuid4().hex
-        self.ref = self.manager.load_intra_extension_dict(IE)
+        self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, IE)
         self.assertIsInstance(self.ref, dict)
         self.create_tenant(self.ref["id"])
 
@@ -1310,7 +1311,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         IE["policymodel"] = policy_model
         IE["name"] = uuid.uuid4().hex
-        ref = self.admin_manager.load_intra_extension_dict(IE)
+        ref = self.admin_manager.load_intra_extension_dict(DEFAULT_USER_ID, IE)
         self.assertIsInstance(ref, dict)
         return ref
 
@@ -1320,7 +1321,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         ref = self.create_intra_extension()
 
         self.assertRaises(
-            SubjectReadNotAuthorized,
+            AuthzException,
             self.manager.get_subjects_dict,
             demo_user["id"], ref["id"])
 
@@ -1337,7 +1338,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_subjects[new_subject["id"]] = new_subject["name"]
 
         self.assertRaises(
-            SubjectAddNotAuthorized,
+            AuthzException,
             self.manager.set_subject_dict,
             demo_user["id"], ref["id"], new_subjects)
 
@@ -1352,7 +1353,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new subject
         self.assertRaises(
-            SubjectDelNotAuthorized,
+            AuthzException,
             self.manager.del_subject_dict,
             demo_user["id"], ref["id"], new_subject["id"])
 
@@ -1367,7 +1368,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular subject
         self.assertRaises(
-            SubjectAddNotAuthorized,
+            AuthzException,
             self.manager.add_subject_dict,
             demo_user["id"], ref["id"], new_subject["id"])
 
@@ -1390,7 +1391,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         ref = self.create_intra_extension()
 
         self.assertRaises(
-            ObjectReadNotAuthorized,
+            AuthzException,
             self.manager.get_objects_dict,
             demo_user["id"], ref["id"])
 
@@ -1407,7 +1408,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_objects[new_object["id"]] = new_object["name"]
 
         self.assertRaises(
-            ObjectAddNotAuthorized,
+            AuthzException,
             self.manager.set_object_dict,
             demo_user["id"], ref["id"], new_objects)
 
@@ -1422,7 +1423,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new object
         self.assertRaises(
-            ObjectDelNotAuthorized,
+            AuthzException,
             self.manager.del_object_dict,
             demo_user["id"], ref["id"], new_object["id"])
 
@@ -1437,7 +1438,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular object
         self.assertRaises(
-            ObjectAddNotAuthorized,
+            AuthzException,
             self.manager.add_object_dict,
             demo_user["id"], ref["id"], new_object["name"])
 
@@ -1461,7 +1462,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         ref = self.create_intra_extension()
 
         self.assertRaises(
-            ActionReadNotAuthorized,
+            AuthzException,
             self.manager.get_actions_dict,
             demo_user["id"], ref["id"])
 
@@ -1478,7 +1479,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_actions[new_action["id"]] = new_action["name"]
 
         self.assertRaises(
-            ActionAddNotAuthorized,
+            AuthzException,
             self.manager.set_action_dict,
             demo_user["id"], ref["id"], new_actions)
 
@@ -1493,7 +1494,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new action
         self.assertRaises(
-            ActionDelNotAuthorized,
+            AuthzException,
             self.manager.del_action_dict,
             demo_user["id"], ref["id"], new_action["id"])
 
@@ -1508,7 +1509,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular action
         self.assertRaises(
-            ActionAddNotAuthorized,
+            AuthzException,
             self.manager.add_action_dict,
             demo_user["id"], ref["id"], new_action["name"])
 
@@ -1532,7 +1533,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         ref = self.create_intra_extension()
 
         self.assertRaises(
-            SubjectCategoryReadNotAuthorized,
+            AuthzException,
             self.manager.get_subject_categories_dict,
             demo_user["id"], ref["id"])
 
@@ -1549,7 +1550,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_subject_categories[new_subject_category["id"]] = new_subject_category["name"]
 
         self.assertRaises(
-            SubjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_subject_category_dict,
             demo_user["id"], ref["id"], new_subject_categories)
 
@@ -1564,7 +1565,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new subject_category
         self.assertRaises(
-            SubjectCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_subject_category_dict,
             demo_user["id"], ref["id"], new_subject_category["id"])
 
@@ -1579,7 +1580,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular subject_category
         self.assertRaises(
-            SubjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_subject_category,
             demo_user["id"], ref["id"], new_subject_category["name"])
 
@@ -1608,7 +1609,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         ref = self.create_intra_extension()
 
         self.assertRaises(
-            ObjectCategoryReadNotAuthorized,
+            AuthzException,
             self.manager.get_object_category_dict,
             demo_user["id"], ref["id"])
 
@@ -1625,7 +1626,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_object_categories[new_object_category["id"]] = new_object_category["name"]
 
         self.assertRaises(
-            ObjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_object_category_dict,
             demo_user["id"], ref["id"], new_object_categories)
 
@@ -1640,7 +1641,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new object_category
         self.assertRaises(
-            ObjectCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_object_category,
             demo_user["id"], ref["id"], new_object_category["id"])
 
@@ -1655,7 +1656,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular object_category
         self.assertRaises(
-            ObjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_object_category,
             demo_user["id"], ref["id"], new_object_category["name"])
 
@@ -1690,7 +1691,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         # ref = self.create_intra_extension()
 
         self.assertRaises(
-            ActionCategoryReadNotAuthorized,
+            AuthzException,
             self.manager.get_action_category_dict,
             demo_user["id"], ref["id"])
 
@@ -1706,7 +1707,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         new_action_categories = dict()
         new_action_categories[new_action_category["id"]] = new_action_category["name"]
         self.assertRaises(
-            ActionCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_action_category_dict,
             demo_user["id"], ref["id"], new_action_categories)
 
@@ -1721,7 +1722,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Delete the new action_category
         self.assertRaises(
-            ActionCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_action_category_dict,
             demo_user["id"], ref["id"], new_action_category["id"])
 
@@ -1736,7 +1737,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         # Add a particular action_category
         self.assertRaises(
-            ActionCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_action_category,
             demo_user["id"], ref["id"], new_action_category["name"])
 
@@ -1775,7 +1776,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         for subject_category in subject_categories["subject_categories"]:
             self.assertRaises(
-                SubjectCategoryScopeReadNotAuthorized,
+                AuthzException,
                 self.manager.get_subject_scopes_dict,
                 demo_user["id"], ref["id"], subject_category)
 
@@ -1795,7 +1796,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             new_subject_category_scope[new_subject_category_scope_uuid] = "new_subject_category_scope"
 
             self.assertRaises(
-                SubjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_subject_scope_dict,
                 demo_user["id"], ref["id"], subject_category, new_subject_category_scope)
 
@@ -1814,7 +1815,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Delete the new subject_category_scope
             self.assertRaises(
-                SubjectCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_subject_category_scope_dict,
                 demo_user["id"], ref["id"], subject_category, new_subject_category_scope_uuid)
 
@@ -1836,7 +1837,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Add a particular subject_category_scope
             self.assertRaises(
-                SubjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_subject_scope_dict,
                 demo_user["id"], ref["id"], subject_category,
                 new_subject_category_scope[new_subject_category_scope_uuid])
@@ -1878,7 +1879,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         for object_category in object_categories["object_categories"]:
             self.assertRaises(
-                ObjectCategoryScopeReadNotAuthorized,
+                AuthzException,
                 self.manager.get_object_scopes_dict,
                 demo_user["id"], ref["id"], object_category)
 
@@ -1898,7 +1899,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             new_object_category_scope[new_object_category_scope_uuid] = "new_object_category_scope"
 
             self.assertRaises(
-                ObjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_object_scope_dict,
                 demo_user["id"], ref["id"], object_category, new_object_category_scope)
 
@@ -1917,7 +1918,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Delete the new object_category_scope
             self.assertRaises(
-                ObjectCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_object_category_scope_dict,
                 demo_user["id"], ref["id"], object_category, new_object_category_scope)
 
@@ -1939,7 +1940,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Add a particular object_category_scope
             self.assertRaises(
-                ObjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_object_scope_dict,
                 demo_user["id"], ref["id"], object_category,
                 new_object_category_scope[new_object_category_scope_uuid]
@@ -1982,7 +1983,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         for action_category in action_categories["action_categories"]:
             self.assertRaises(
-                ActionCategoryScopeReadNotAuthorized,
+                AuthzException,
                 self.manager.get_object_scopes_dict,
                 demo_user["id"], ref["id"], action_category)
 
@@ -2002,7 +2003,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             new_action_category_scope[new_action_category_scope_uuid] = "new_action_category_scope"
 
             self.assertRaises(
-                ActionCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_action_scope_dict,
                 demo_user["id"], ref["id"], action_category, new_action_category_scope)
 
@@ -2021,7 +2022,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Delete the new action_category_scope
             self.assertRaises(
-                ActionCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_action_category_scope_dict,
                 demo_user["id"], ref["id"], action_category,
                 new_action_category_scope_uuid
@@ -2045,7 +2046,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
             # Add a particular action_category_scope
             self.assertRaises(
-                ActionCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_action_scope_dict,
                 demo_user["id"], ref["id"], action_category,
                 new_action_category_scope[new_action_category_scope_uuid]
@@ -2137,7 +2138,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                           subject_category_scope["subject_category_scope"][subject_category].values())
 
             self.assertRaises(
-                SubjectCategoryAssignmentReadNotAuthorized,
+                AuthzException,
                 self.manager.get_subject_assignment_dict,
                 demo_user["id"], ref["id"], new_subject["id"])
 
@@ -2154,7 +2155,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             self.assertEqual({}, subject_category_assignments["subject_category_assignments"][new_subject["id"]])
 
             self.assertRaises(
-                SubjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_subject_assignment_dict,
                 demo_user["id"], ref["id"], new_subject["id"],
                 {
@@ -2193,7 +2194,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 subject_category_assignments["subject_category_assignments"][new_subject["id"]])
 
             self.assertRaises(
-                SubjectCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_subject_category_assignment_dict,
                 demo_user["id"], ref["id"], new_subject["id"],
                 new_subject_category_uuid,
@@ -2222,7 +2223,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 subject_category_assignments["subject_category_assignments"][new_subject["id"]])
 
             self.assertRaises(
-                SubjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.add_subject_assignment_list,
                 demo_user["id"], ref["id"], new_subject["id"],
                 new_subject_category_uuid,
@@ -2316,7 +2317,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                           object_category_scope["object_category_scope"][object_category].values())
 
             self.assertRaises(
-                ObjectCategoryAssignmentReadNotAuthorized,
+                AuthzException,
                 self.manager.get_object_assignment_list,
                 demo_user["id"], ref["id"], new_object["id"]
             )
@@ -2334,7 +2335,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             self.assertEqual({}, object_category_assignments["object_category_assignments"][new_object["id"]])
 
             self.assertRaises(
-                ObjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_object_category_assignment_dict,
                 demo_user["id"], ref["id"], new_object["id"],
                 {
@@ -2373,7 +2374,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 object_category_assignments["object_category_assignments"][new_object["id"]])
 
             self.assertRaises(
-                ObjectCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_object_category_assignment_dict,
                 demo_user["id"], ref["id"], new_object["id"],
                 new_object_category_uuid,
@@ -2402,7 +2403,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 object_category_assignments["object_category_assignments"][new_object["id"]])
 
             self.assertRaises(
-                ObjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.add_object_assignment_list,
                 demo_user["id"], ref["id"], new_object["id"],
                 new_object_category_uuid,
@@ -2496,7 +2497,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                           action_category_scope["action_category_scope"][action_category].values())
 
             self.assertRaises(
-                ActionCategoryAssignmentReadNotAuthorized,
+                AuthzException,
                 self.manager.get_action_assignment_list,
                 demo_user["id"], ref["id"], new_action["id"]
             )
@@ -2514,7 +2515,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             self.assertEqual({}, action_category_assignments["action_category_assignments"][new_action["id"]])
 
             self.assertRaises(
-                ActionCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_action_assignment_dict,
                 demo_user["id"], ref["id"], new_action["id"],
                 {
@@ -2553,7 +2554,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 action_category_assignments["action_category_assignments"][new_action["id"]])
 
             self.assertRaises(
-                ActionCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_action_category_assignment_dict,
                 demo_user["id"], ref["id"], new_action["id"],
                 new_action_category_uuid,
@@ -2582,7 +2583,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
                 action_category_assignments["action_category_assignments"][new_action["id"]])
 
             self.assertRaises(
-                ActionCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.add_action_assignment_list,
                 demo_user["id"], ref["id"], new_action["id"],
                 new_action_category_uuid,
@@ -2623,7 +2624,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         self.assertIn("test_aggregation", aggregation_algorithms["aggregation_algorithms"])
 
         self.assertRaises(
-            MetaRuleReadNotAuthorized,
+            AuthzException,
             self.manager.get_aggregation_algorithm_dict,
             demo_user["id"], ref["id"]
         )
@@ -2637,7 +2638,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         _aggregation_algorithm.remove(aggregation_algorithm["aggregation"])
 
         self.assertRaises(
-            MetaRuleAddNotAuthorized,
+            AuthzException,
             self.manager.set_aggregation_algorithms,
             demo_user["id"], ref["id"], _aggregation_algorithm[0]
         )
@@ -2648,7 +2649,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         self.assertIn(aggregation_algorithm["aggregation"], aggregation_algorithms["aggregation_algorithms"])
 
         self.assertRaises(
-            MetaRuleReadNotAuthorized,
+            AuthzException,
             self.manager.get_sub_meta_rules_dict,
             demo_user["id"], ref["id"]
         )
@@ -2700,7 +2701,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
             metarule[relation]["subject_categories"].append(new_subject_category["id"])
 
             self.assertRaises(
-                MetaRuleAddNotAuthorized,
+                AuthzException,
                 self.manager.get_sub_meta_rule_dict,
                 demo_user["id"], ref["id"], metarule
             )
@@ -2723,7 +2724,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
         self.assertIn("sub_meta_rules", sub_meta_rules)
 
         self.assertRaises(
-            RuleReadNotAuthorized,
+            AuthzException,
             self.manager.get_sub_rules,
             demo_user["id"], ref["id"]
         )
@@ -2770,7 +2771,7 @@ class TestIntraExtensionAdminManagerKO(tests.TestCase):
 
         sub_rule.append(True)
         self.assertRaises(
-            RuleAddNotAuthorized,
+            AuthzException,
             self.manager.set_sub_rules,
             demo_user["id"], ref["id"], relation, sub_rule
         )
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
index 80c0598..8887049 100644 (file)
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_intra_extension_authz.py
@@ -89,32 +89,32 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
 
         IE["policymodel"] = policy_model
         IE["name"] = uuid.uuid4().hex
-        ref = self.admin_manager.load_intra_extension_dict(IE)
+        ref = self.admin_manager.load_intra_extension_dict(DEFAULT_USER_ID, IE)
         self.assertIsInstance(ref, dict)
         return ref
 
     def test_tenant_exceptions(self):
         self.assertRaises(
-            TenantListEmpty,
+            TenantUnknown,
             self.manager.get_tenant_dict
         )
         self.assertRaises(
-            TenantIDNotFound,
+            TenantUnknown,
             self.manager.get_tenant_name,
             uuid.uuid4().hex
         )
         self.assertRaises(
-            TenantIDNotFound,
+            TenantUnknown,
             self.manager.set_tenant_name,
             uuid.uuid4().hex, uuid.uuid4().hex
         )
         self.assertRaises(
-            TenantIDNotFound,
+            TenantUnknown,
             self.manager.get_extension_uuid,
             uuid.uuid4().hex, "authz"
         )
         self.assertRaises(
-            TenantIDNotFound,
+            TenantUnknown,
             self.manager.get_extension_uuid,
             uuid.uuid4().hex, "admin"
         )
@@ -155,7 +155,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
 
         # Test when subject is unknown
         self.assertRaises(
-            SubjectUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], uuid.uuid4().hex, uuid.uuid4().hex, uuid.uuid4().hex
         )
@@ -169,7 +169,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         )
 
         self.assertRaises(
-            ObjectUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], uuid.uuid4().hex, uuid.uuid4().hex
         )
@@ -183,7 +183,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         my_object = {"id": _tmp[0], "name": _tmp[1]}
 
         self.assertRaises(
-            ActionUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], uuid.uuid4().hex
         )
@@ -197,7 +197,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         my_action = {"id": _tmp[0], "name": _tmp[1]}
 
         self.assertRaises(
-            SubjectCategoryAssignmentOutOfScope,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -219,7 +219,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         my_subject_scope = {"id": _tmp[0], "name": _tmp[1]}
 
         self.assertRaises(
-            ObjectCategoryAssignmentOutOfScope,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -241,7 +241,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         my_object_scope = {"id": _tmp[0], "name": _tmp[1]}
 
         self.assertRaises(
-            ActionCategoryAssignmentOutOfScope,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -263,7 +263,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         my_action_scope = {"id": _tmp[0], "name": _tmp[1]}
 
         self.assertRaises(
-            SubjectCategoryAssignmentUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -278,7 +278,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         )
 
         self.assertRaises(
-            ObjectCategoryAssignmentUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -293,7 +293,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         )
 
         self.assertRaises(
-            ActionCategoryAssignmentUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -308,7 +308,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         )
 
         self.assertRaises(
-            RuleUnknown,
+            AuthzException,
             self.manager.authz,
             ie_authz["id"], demo_user["id"], my_object["id"], my_action["id"]
         )
@@ -357,19 +357,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_subjects = dict()
         new_subjects[new_subject["id"]] = new_subject["name"]
         self.assertRaises(
-            SubjectAddNotAuthorized,
+            AuthzException,
             self.manager.set_subject_dict,
             admin_user["id"], ref["id"], new_subjects)
 
         # Delete the new subject
         self.assertRaises(
-            SubjectDelNotAuthorized,
+            AuthzException,
             self.manager.del_subject,
             admin_user["id"], ref["id"], new_subject["id"])
 
         # Add a particular subject
         self.assertRaises(
-            SubjectAddNotAuthorized,
+            AuthzException,
             self.manager.add_subject_dict,
             admin_user["id"], ref["id"], new_subject["id"])
 
@@ -393,19 +393,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_objects = dict()
         new_objects[new_object["id"]] = new_object["name"]
         self.assertRaises(
-            ObjectAddNotAuthorized,
+            AuthzException,
             self.manager.set_object_dict,
             admin_user["id"], ref["id"], new_object["id"])
 
         # Delete the new object
         self.assertRaises(
-            ObjectDelNotAuthorized,
+            AuthzException,
             self.manager.del_object,
             admin_user["id"], ref["id"], new_object["id"])
 
         # Add a particular object
         self.assertRaises(
-            ObjectAddNotAuthorized,
+            AuthzException,
             self.manager.add_object_dict,
             admin_user["id"], ref["id"], new_object["name"])
 
@@ -429,19 +429,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_actions = dict()
         new_actions[new_action["id"]] = new_action["name"]
         self.assertRaises(
-            ActionAddNotAuthorized,
+            AuthzException,
             self.manager.set_action_dict,
             admin_user["id"], ref["id"], new_actions)
 
         # Delete the new action
         self.assertRaises(
-            ActionDelNotAuthorized,
+            AuthzException,
             self.manager.del_action,
             admin_user["id"], ref["id"], new_action["id"])
 
         # Add a particular action
         self.assertRaises(
-            ActionAddNotAuthorized,
+            AuthzException,
             self.manager.add_action_dict,
             admin_user["id"], ref["id"], new_action["id"])
 
@@ -465,19 +465,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_subject_categories = dict()
         new_subject_categories[new_subject_category["id"]] = new_subject_category["name"]
         self.assertRaises(
-            SubjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_subject_category_dict,
             admin_user["id"], ref["id"], new_subject_categories)
 
         # Delete the new subject_category
         self.assertRaises(
-            SubjectCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_subject_category,
             admin_user["id"], ref["id"], new_subject_category["id"])
 
         # Add a particular subject_category
         self.assertRaises(
-            SubjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_subject_category,
             admin_user["id"], ref["id"], new_subject_category["name"])
 
@@ -501,19 +501,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_object_categories = dict()
         new_object_categories[new_object_category["id"]] = new_object_category["name"]
         self.assertRaises(
-            ObjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_object_category_dict,
             admin_user["id"], ref["id"], new_object_categories)
 
         # Delete the new object_category
         self.assertRaises(
-            ObjectCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_object_category,
             admin_user["id"], ref["id"], new_object_category["id"])
 
         # Add a particular object_category
         self.assertRaises(
-            ObjectCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_object_category,
             admin_user["id"], ref["id"], new_object_category["name"])
 
@@ -537,19 +537,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         new_action_categories = dict()
         new_action_categories[new_action_category["id"]] = new_action_category["name"]
         self.assertRaises(
-            ActionCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.set_action_category_dict,
             admin_user["id"], ref["id"], new_action_categories)
 
         # Delete the new action_category
         self.assertRaises(
-            ActionCategoryDelNotAuthorized,
+            AuthzException,
             self.manager.del_action_category,
             admin_user["id"], ref["id"], new_action_category["id"])
 
         # Add a particular action_category
         self.assertRaises(
-            ActionCategoryAddNotAuthorized,
+            AuthzException,
             self.manager.add_action_category,
             admin_user["id"], ref["id"], new_action_category["name"])
 
@@ -586,19 +586,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             new_subject_category_scope_uuid = uuid.uuid4().hex
             new_subject_category_scope[new_subject_category_scope_uuid] = "new_subject_category_scope"
             self.assertRaises(
-                SubjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_subject_scope_dict,
                 admin_user["id"], ref["id"], subject_category, new_subject_category_scope)
 
             # Delete the new subject_category_scope
             self.assertRaises(
-                SubjectCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_subject_scope,
                 admin_user["id"], ref["id"], subject_category, new_subject_category_scope_uuid)
 
             # Add a particular subject_category_scope
             self.assertRaises(
-                SubjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_subject_scope_dict,
                 admin_user["id"], ref["id"], subject_category, new_subject_category_scope[new_subject_category_scope_uuid])
 
@@ -635,19 +635,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             new_object_category_scope_uuid = uuid.uuid4().hex
             new_object_category_scope[new_object_category_scope_uuid] = "new_object_category_scope"
             self.assertRaises(
-                ObjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_object_scope_dict,
                 admin_user["id"], ref["id"], object_category, new_object_category_scope)
 
             # Delete the new object_category_scope
             self.assertRaises(
-                ObjectCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_object_scope,
                 admin_user["id"], ref["id"], object_category, new_object_category_scope_uuid)
 
             # Add a particular object_category_scope
             self.assertRaises(
-                ObjectCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_object_scope_dict,
                 admin_user["id"], ref["id"], object_category, new_object_category_scope[new_object_category_scope_uuid])
 
@@ -684,19 +684,19 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             new_action_category_scope_uuid = uuid.uuid4().hex
             new_action_category_scope[new_action_category_scope_uuid] = "new_action_category_scope"
             self.assertRaises(
-                ActionCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.set_action_scope_dict,
                 admin_user["id"], ref["id"], action_category, new_action_category_scope)
 
             # Delete the new action_category_scope
             self.assertRaises(
-                ActionCategoryScopeDelNotAuthorized,
+                AuthzException,
                 self.manager.del_action_scope,
                 admin_user["id"], ref["id"], action_category, new_action_category_scope_uuid)
 
             # Add a particular action_category_scope
             self.assertRaises(
-                ActionCategoryScopeAddNotAuthorized,
+                AuthzException,
                 self.manager.add_action_scope_dict,
                 admin_user["id"], ref["id"], action_category, new_action_category_scope[new_action_category_scope_uuid])
 
@@ -780,7 +780,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             self.assertEqual({}, subject_category_assignments["subject_category_assignments"][new_subject["id"]])
 
             self.assertRaises(
-                SubjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_subject_assignment_dict,
                 admin_user["id"], ref["id"], new_subject["id"],
                 {
@@ -788,14 +788,14 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
                 })
 
             self.assertRaises(
-                SubjectCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_subject_assignment,
                 admin_user["id"], ref["id"], new_subject["id"],
                 new_subject_category_uuid,
                 new_subject_category_scope_uuid)
 
             self.assertRaises(
-                SubjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.add_subject_assignment_list,
                 admin_user["id"], ref["id"], new_subject["id"],
                 new_subject_category_uuid,
@@ -881,7 +881,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             self.assertEqual({}, object_category_assignments["object_category_assignments"][new_object["id"]])
 
             self.assertRaises(
-                ObjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_object_category_assignment_dict,
                 admin_user["id"], ref["id"], new_object["id"],
                 {
@@ -889,14 +889,14 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
                 })
 
             self.assertRaises(
-                ObjectCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_object_assignment,
                 admin_user["id"], ref["id"], new_object["id"],
                 new_object_category_uuid,
                 new_object_category_scope_uuid)
 
             self.assertRaises(
-                ObjectCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.add_object_assignment_list,
                 admin_user["id"], ref["id"], new_object["id"],
                 new_object_category_uuid,
@@ -982,7 +982,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             self.assertEqual({}, action_category_assignments["action_category_assignments"][new_action["id"]])
 
             self.assertRaises(
-                ActionCategoryAssignmentAddNotAuthorized,
+                AuthzException,
                 self.manager.set_action_assignment_dict,
                 admin_user["id"], ref["id"], new_action["id"],
                 {
@@ -990,7 +990,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
                 })
 
             self.assertRaises(
-                ActionCategoryAssignmentDelNotAuthorized,
+                AuthzException,
                 self.manager.del_action_assignment,
                 admin_user["id"], ref["id"], new_action["id"],
                 new_action_category_uuid,
@@ -1025,7 +1025,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
         _aggregation_algorithm = list(aggregation_algorithms["aggregation_algorithms"])
         _aggregation_algorithm.remove(aggregation_algorithm["aggregation"])
         self.assertRaises(
-            MetaRuleAddNotAuthorized,
+            AuthzException,
             self.manager.set_aggregation_algorithm_dict,
             admin_user["id"], ref["id"], _aggregation_algorithm[0])
 
@@ -1075,7 +1075,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
             self.assertIn(new_subject_category["id"], subject_categories["subject_categories"])
             metarule[relation]["subject_categories"].append(new_subject_category["id"])
             self.assertRaises(
-                MetaRuleAddNotAuthorized,
+                AuthzException,
                 self.manager.get_sub_meta_rule_dict,
                 admin_user["id"], ref["id"], metarule)
 
@@ -1131,7 +1131,7 @@ class TestIntraExtensionAuthzManagerAuthz(tests.TestCase):
                 sub_rule.append(scope[func_name][cat_value].keys()[0])
 
         self.assertRaises(
-            RuleAddNotAuthorized,
+            AuthzException,
             self.manager.set_sub_rule,
             admin_user["id"], ref["id"], relation, sub_rule)
 
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py
index f38d68a..b2fb131 100644 (file)
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_log.py
@@ -17,6 +17,7 @@ from keystone import resource
 from keystone.contrib.moon.exception import *
 from keystone.tests.unit import default_fixtures
 from keystone.contrib.moon.core import LogManager, TenantManager
+from keystone.contrib.moon.core import DEFAULT_USER_ID
 
 CONF = cfg.CONF
 
@@ -67,7 +68,7 @@ class TestIntraExtensionAdminManager(tests.TestCase):
         # Create the admin user because IntraExtension needs it
         self.admin = self.identity_api.create_user(USER_ADMIN)
         IE["policymodel"] = policy_model
-        self.ref = self.manager.load_intra_extension_dict(IE)
+        self.ref = self.manager.load_intra_extension_dict(DEFAULT_USER_ID, IE)
         self.assertIsInstance(self.ref, dict)
         self.create_tenant(self.ref["id"])
 
diff --git a/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py b/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py
index 2ac70f6..dda1cac 100644 (file)
--- a/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py
+++ b/keystone-moon/keystone/tests/moon/unit/test_unit_core_tenant.py
@@ -135,9 +135,9 @@ class TestTenantManager(tests.TestCase):
         self.assertEqual(data, new_mapping[_uuid]["admin"])
 
     def test_exception_tenantunknown(self):
-        self.assertRaises(TenantIDNotFound, self.manager.get_tenant_name_from_id, uuid.uuid4().hex)
-        self.assertRaises(TenantIDNotFound, self.manager.set_tenant_name, uuid.uuid4().hex, "new name")
-        self.assertRaises(TenantIDNotFound, self.manager.get_extension_id, uuid.uuid4().hex)
+        self.assertRaises(TenantNotFound, self.manager.get_tenant_name_from_id, uuid.uuid4().hex)
+        self.assertRaises(TenantNotFound, self.manager.set_tenant_name, uuid.uuid4().hex, "new name")
+        self.assertRaises(TenantNotFound, self.manager.get_extension_id, uuid.uuid4().hex)
         _uuid = uuid.uuid4().hex
         new_mapping = {
             _uuid: {
@@ -154,7 +154,7 @@ class TestTenantManager(tests.TestCase):
         )
         self.assertEquals(_uuid, data["id"])
         self.assertRaises(IntraExtensionUnknown, self.manager.get_extension_id, _uuid, "admin")
-        self.assertRaises(TenantIDNotFound, self.manager.get_tenant_uuid, uuid.uuid4().hex)
+        self.assertRaises(TenantNotFound, self.manager.get_tenant_uuid, uuid.uuid4().hex)
         # self.assertRaises(AdminIntraExtensionNotFound, self.manager.get_admin_extension_uuid, uuid.uuid4().hex)
 
     def test_exception_tenantaddednameexisting(self):
Security Management Module