)]}'
{"keystone/common/ldap/core.py":[{"author":{"_account_id":220,"name":"Haneef Ali","email":"haneef.ali@hp.com","username":"haneef"},"change_message_id":"2873cf9fe8017654f090ef16d6e325423f825001","unresolved":false,"context_lines":[{"line_number":581,"context_line":"    # The certificate trust options apply for both LDAPS and TLS."},{"line_number":582,"context_line":"    if use_tls or using_ldaps:"},{"line_number":583,"context_line":"        if not ldap.TLS_AVAIL:"},{"line_number":584,"context_line":"            raise ValueError(_(\u0027Invalid LDAP TLS_AVAIL option: %s. TLS \u0027"},{"line_number":585,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"},{"line_number":586,"context_line":"        if tls_cacertfile:"},{"line_number":587,"context_line":"            # NOTE(topol)"}],"source_content_type":"text/x-python","patch_set":1,"id":"fa98f980_789bfc17","line":584,"updated":"2014-09-12 18:34:40.000000000","message":"Does this check also valid for LDAP?\n\nldap.TLS_AVAIL","commit_id":"09decf013f76d506496abbe44d92780335043fd7"},{"author":{"_account_id":220,"name":"Haneef Ali","email":"haneef.ali@hp.com","username":"haneef"},"change_message_id":"3468c685535aaff4a18b3eadeb2a5dd41bf73b89","unresolved":false,"context_lines":[{"line_number":581,"context_line":"    # The certificate trust options apply for both LDAPS and TLS."},{"line_number":582,"context_line":"    if use_tls or using_ldaps:"},{"line_number":583,"context_line":"        if not ldap.TLS_AVAIL:"},{"line_number":584,"context_line":"            raise ValueError(_(\u0027Invalid LDAP TLS_AVAIL option: %s. TLS \u0027"},{"line_number":585,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"},{"line_number":586,"context_line":"        if tls_cacertfile:"},{"line_number":587,"context_line":"            # NOTE(topol)"}],"source_content_type":"text/x-python","patch_set":1,"id":"fa98f980_98b34099","line":584,"in_reply_to":"fa98f980_789bfc17","updated":"2014-09-12 18:35:43.000000000","message":"is that valid for ldaps too?","commit_id":"09decf013f76d506496abbe44d92780335043fd7"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"4e203a358f4044bc24b6965bd95bb7b4f1b8ffb7","unresolved":false,"context_lines":[{"line_number":581,"context_line":"    # The certificate trust options apply for both LDAPS and TLS."},{"line_number":582,"context_line":"    if use_tls or using_ldaps:"},{"line_number":583,"context_line":"        if not ldap.TLS_AVAIL:"},{"line_number":584,"context_line":"            raise ValueError(_(\u0027Invalid LDAP TLS_AVAIL option: %s. TLS \u0027"},{"line_number":585,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"},{"line_number":586,"context_line":"        if tls_cacertfile:"},{"line_number":587,"context_line":"            # NOTE(topol)"}],"source_content_type":"text/x-python","patch_set":1,"id":"fa98f980_69fa4976","line":584,"in_reply_to":"fa98f980_98b34099","updated":"2014-09-12 23:16:09.000000000","message":"Yes.  This checks if SSL/TLS (for LDAPS or startTLS) support was compiled into the LDAP libraries.  The name is misleading.","commit_id":"09decf013f76d506496abbe44d92780335043fd7"},{"author":{"_account_id":6460,"name":"Brad Topol","email":"btopol@us.ibm.com","username":"btopol"},"change_message_id":"3b24408d3b129e04d069255389896e5c86aed59b","unresolved":false,"context_lines":[{"line_number":583,"context_line":"        raise AssertionError(_(\u0027Invalid TLS / LDAPS combination\u0027))"},{"line_number":584,"context_line":""},{"line_number":585,"context_line":"    # The certificate trust options apply for both LDAPS and TLS."},{"line_number":586,"context_line":"    if use_tls or using_ldaps:"},{"line_number":587,"context_line":"        if not ldap.TLS_AVAIL:"},{"line_number":588,"context_line":"            raise ValueError(_(\u0027Invalid LDAP TLS_AVAIL option: %s. TLS \u0027"},{"line_number":589,"context_line":"                               \u0027not available\u0027) % ldap.TLS_AVAIL)"}],"source_content_type":"text/x-python","patch_set":5,"id":"fa98f980_acd4b1bb","line":586,"updated":"2014-09-23 01:26:51.000000000","message":"Nice catch!","commit_id":"ca50b6315909faf92db9eaf2981782bcd80cfab8"}],"keystone/tests/test_backend_ldap.py":[{"author":{"_account_id":6486,"name":"Brant Knudson","email":"blk@acm.org","username":"blk-u"},"change_message_id":"f7792a309825733b5c2df591f54019ff9ba4eb08","unresolved":false,"context_lines":[{"line_number":1285,"context_line":"        # is as expected."},{"line_number":1286,"context_line":"        self.assertTrue(mocked_fakeldap.call_args[-1][\u0027chase_referrals\u0027])"},{"line_number":1287,"context_line":""},{"line_number":1288,"context_line":"    def test_certfile_trust_tls(self):"},{"line_number":1289,"context_line":"        # We need this to actually exist, so we create a tempfile."},{"line_number":1290,"context_line":"        (handle, certfile) \u003d tempfile.mkstemp()"},{"line_number":1291,"context_line":"        self.config_fixture.config(group\u003d\u0027ldap\u0027,"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_5043616b","line":1288,"updated":"2014-09-13 16:26:52.000000000","message":"these are testing the backend. Move it to a different file... probably ldap unit tests.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"a9e8d00aedc3e491594acca39355c215a1e9bd89","unresolved":false,"context_lines":[{"line_number":1285,"context_line":"        # is as expected."},{"line_number":1286,"context_line":"        self.assertTrue(mocked_fakeldap.call_args[-1][\u0027chase_referrals\u0027])"},{"line_number":1287,"context_line":""},{"line_number":1288,"context_line":"    def test_certfile_trust_tls(self):"},{"line_number":1289,"context_line":"        # We need this to actually exist, so we create a tempfile."},{"line_number":1290,"context_line":"        (handle, certfile) \u003d tempfile.mkstemp()"},{"line_number":1291,"context_line":"        self.config_fixture.config(group\u003d\u0027ldap\u0027,"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_f77d246e","line":1288,"in_reply_to":"fa98f980_5043616b","updated":"2014-09-14 16:34:59.000000000","message":"Done","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":6486,"name":"Brant Knudson","email":"blk@acm.org","username":"blk-u"},"change_message_id":"d5b927d2b515ce25c546e3ebaeaf4ba4e6afc937","unresolved":false,"context_lines":[{"line_number":1298,"context_line":"        try:"},{"line_number":1299,"context_line":"            base_ldap.get_connection()"},{"line_number":1300,"context_line":"        except ldap.SERVER_DOWN:"},{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_705ce57d","line":1301,"updated":"2014-09-13 16:03:13.000000000","message":"the test shouldn\u0027t be guessing if it\u0027s going to get an exception or not. Remove the try/except or assert that it raises.\n\nAlso, this code is copy-pasted around. Make it a function.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"c18b3a136c7001f164dc2752aa6914a72c0695c7","unresolved":false,"context_lines":[{"line_number":1298,"context_line":"        try:"},{"line_number":1299,"context_line":"            base_ldap.get_connection()"},{"line_number":1300,"context_line":"        except ldap.SERVER_DOWN:"},{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_e842a966","line":1301,"in_reply_to":"fa98f980_705ce57d","updated":"2014-09-14 00:36:40.000000000","message":"I didn\u0027t want to make the tests fail if there happens to be an LDAP server listening locally on the test system.  If I assert that ldap.SERVER_DOWN is raised, then the tests results will be influenced by the presence of a local LDAP server.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9983,"name":"Richard Megginson","email":"rmeggins@redhat.com","username":"rmeggins"},"change_message_id":"97aaffde16adbdf15ae26da5c2d363d1b62575d8","unresolved":false,"context_lines":[{"line_number":1298,"context_line":"        try:"},{"line_number":1299,"context_line":"            base_ldap.get_connection()"},{"line_number":1300,"context_line":"        except ldap.SERVER_DOWN:"},{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_579190ef","line":1301,"in_reply_to":"fa98f980_e842a966","updated":"2014-09-14 18:44:25.000000000","message":"I think what Brant means is that, if you expect get_connection() to always fail and throw SERVER_DOWN, then use assertRaises, or perhaps assertThat with some sort of exception matcher.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"a9e8d00aedc3e491594acca39355c215a1e9bd89","unresolved":false,"context_lines":[{"line_number":1298,"context_line":"        try:"},{"line_number":1299,"context_line":"            base_ldap.get_connection()"},{"line_number":1300,"context_line":"        except ldap.SERVER_DOWN:"},{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_1798e8be","line":1301,"in_reply_to":"fa98f980_e842a966","updated":"2014-09-14 16:34:59.000000000","message":"The next patch pulls this logic into a function to allow for reuse.\n\nI\u0027m leaving the exception swallowing code, but I added a comment in the code explaining why I think that it\u0027s necessary.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":6486,"name":"Brant Knudson","email":"blk@acm.org","username":"blk-u"},"change_message_id":"d5b927d2b515ce25c546e3ebaeaf4ba4e6afc937","unresolved":false,"context_lines":[{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"},{"line_number":1305,"context_line":"        os.unlink(certfile)"},{"line_number":1306,"context_line":""},{"line_number":1307,"context_line":"        # Ensure the cert trust option is set."}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_307fbde1","line":1304,"updated":"2014-09-13 16:03:13.000000000","message":"if any of the previous statements raises then this isn\u0027t going to happen. self.addCleanup() can be used to get rid of it.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"a9e8d00aedc3e491594acca39355c215a1e9bd89","unresolved":false,"context_lines":[{"line_number":1301,"context_line":"            pass"},{"line_number":1302,"context_line":""},{"line_number":1303,"context_line":"        # Cleanup tempfile."},{"line_number":1304,"context_line":"        os.close(handle)"},{"line_number":1305,"context_line":"        os.unlink(certfile)"},{"line_number":1306,"context_line":""},{"line_number":1307,"context_line":"        # Ensure the cert trust option is set."}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_b7871c60","line":1304,"in_reply_to":"fa98f980_307fbde1","updated":"2014-09-14 16:34:59.000000000","message":"Done","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":6486,"name":"Brant Knudson","email":"blk@acm.org","username":"blk-u"},"change_message_id":"d5b927d2b515ce25c546e3ebaeaf4ba4e6afc937","unresolved":false,"context_lines":[{"line_number":1323,"context_line":"            pass"},{"line_number":1324,"context_line":""},{"line_number":1325,"context_line":"        # Cleanup tempdir."},{"line_number":1326,"context_line":"        shutil.rmtree(certdir)"},{"line_number":1327,"context_line":""},{"line_number":1328,"context_line":"        # Ensure the cert trust option is set."},{"line_number":1329,"context_line":"        self.assertEqual(certdir, ldap.get_option(ldap.OPT_X_TLS_CACERTDIR))"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_10639942","line":1326,"updated":"2014-09-13 16:03:13.000000000","message":"same comment here. This applies throughout all these changes.","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"},{"author":{"_account_id":9098,"name":"Nathan Kinder","email":"nkinder@redhat.com","username":"nkinder"},"change_message_id":"a9e8d00aedc3e491594acca39355c215a1e9bd89","unresolved":false,"context_lines":[{"line_number":1323,"context_line":"            pass"},{"line_number":1324,"context_line":""},{"line_number":1325,"context_line":"        # Cleanup tempdir."},{"line_number":1326,"context_line":"        shutil.rmtree(certdir)"},{"line_number":1327,"context_line":""},{"line_number":1328,"context_line":"        # Ensure the cert trust option is set."},{"line_number":1329,"context_line":"        self.assertEqual(certdir, ldap.get_option(ldap.OPT_X_TLS_CACERTDIR))"}],"source_content_type":"text/x-python","patch_set":3,"id":"fa98f980_d77ae075","line":1326,"in_reply_to":"fa98f980_10639942","updated":"2014-09-14 16:34:59.000000000","message":"Done","commit_id":"e83ee905c245d4f94f69b8e38d28dfd210a4a022"}],"keystone/tests/unit/common/test_ldap.py":[{"author":{"_account_id":6486,"name":"Brant Knudson","email":"blk@acm.org","username":"blk-u"},"change_message_id":"0a48b60f62fbc2053a0200687830ec68adf56c6b","unresolved":false,"context_lines":[{"line_number":190,"context_line":"            base_ldap.get_connection()"},{"line_number":191,"context_line":"        except ldap.SERVER_DOWN:"},{"line_number":192,"context_line":"            # The tests should not require that an actual LDAP server be"},{"line_number":193,"context_line":"            # available to connect to, but we also want to be tolerant of"},{"line_number":194,"context_line":"            # the existance of an LDAP server on the local test system.  With"},{"line_number":195,"context_line":"            # this aim, we swallow the SERVER_DOWN exception since we really"},{"line_number":196,"context_line":"            # just want to initialize the LDAP library and don\u0027t care about"}],"source_content_type":"text/x-python","patch_set":4,"id":"fa98f980_02d344d5","line":193,"updated":"2014-09-14 23:05:25.000000000","message":"to have a test not require an actual server, fake out the functionality. This test should fake out the connect function.","commit_id":"d2203cb5c3767cf1dbfd3ff072c9419297cef4a2"}]}