openstack-experimental · gtema · Jan 2, 2026 · Jan 2, 2026
diff --git a/Cargo.toml b/Cargo.toml
@@ -46,6 +46,7 @@ derive_builder = { version = "0.20" }
 dyn-clone = { version = "1.0" }
 eyre = { version = "0.6" }
 fernet = { version = "0.2", default-features = false, features = ["rustcrypto"] }
+# futures = { version = "0.3" }
 futures-util = { version = "0.3" }
 itertools = { version = "0.14" }
 mockall_double = { version = "0.3" }

diff --git a/src/assignment/backend/sql/assignment/list.rs b/src/assignment/backend/sql/assignment/list.rs
diff --git a/src/identity/backends/sql/authenticate.rs b/src/identity/backends/sql/authenticate.rs
@@ -182,7 +182,7 @@ mod tests {
         let db = MockDatabase::new(DatabaseBackend::Postgres).into_connection();
         let config = Config::default();
         assert!(
-            !should_lock(&config, &db, &get_local_user_mock())
+            !should_lock(&config, &db, &get_local_user_mock("user_id"))
                 .await
                 .unwrap(),
             "Default config does not request any validation and user is not considered locked"
@@ -233,7 +233,7 @@ mod tests {
     #[tokio::test]
     async fn test_should_lock_no_failed_auth_at() {
         let db = MockDatabase::new(DatabaseBackend::Postgres)
-            .append_query_results([vec![get_local_user_mock()]])
+            .append_query_results([vec![get_local_user_mock("user_id")]])
             .into_connection();
         let mut config = Config::default();
         config.security_compliance.lockout_failure_attempts = Some(5);
@@ -273,7 +273,7 @@ mod tests {
     #[tokio::test]
     async fn test_should_lock_expired() {
         let db = MockDatabase::new(DatabaseBackend::Postgres)
-            .append_query_results([vec![get_local_user_mock()]])
+            .append_query_results([vec![get_local_user_mock("user_id")]])
             .into_connection();
         let mut config = Config::default();
         config.security_compliance.lockout_failure_attempts = Some(5);
@@ -378,7 +378,7 @@ mod tests {
         password_hash: String,
     ) -> (db_local_user::Model, db_password::Model) {
         (
-            get_local_user_mock(),
+            get_local_user_mock("user_id"),
             db_password::ModelBuilder::default()
                 .password_hash(password_hash)
                 .build()
@@ -397,6 +397,7 @@ mod tests {
                     .unwrap(),
             )]])
             .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
                 &UserOptions::default(),
             )])
             .append_query_results([vec![user::tests::get_user_mock("user_id")]])
@@ -465,6 +466,7 @@ mod tests {
                     .unwrap(),
             )]])
             .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
                 &UserOptions::default(),
             )])
             .into_connection();
@@ -515,10 +517,13 @@ mod tests {
                     .build()
                     .unwrap(),
             )]])
-            .append_query_results([user_option::tests::get_user_options_mock(&UserOptions {
-                ignore_lockout_failure_attempts: Some(true),
-                ..Default::default()
-            })])
+            .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
+                &UserOptions {
+                    ignore_lockout_failure_attempts: Some(true),
+                    ..Default::default()
+                },
+            )])
             .append_query_results([vec![user::tests::get_user_mock("user_id")]])
             .append_query_results([vec![user::tests::get_user_mock("user_id")]])
             .into_connection();
@@ -544,13 +549,14 @@ mod tests {
         let config = Config::default();
         let db = MockDatabase::new(DatabaseBackend::Postgres)
             .append_query_results([vec![(
-                get_local_user_mock(),
+                get_local_user_mock("user_id"),
                 db_password::ModelBuilder::default()
                     .password_hash("wrong_password")
                     .build()
                     .unwrap(),
             )]])
             .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
                 &UserOptions::default(),
             )])
             .into_connection();
@@ -582,7 +588,7 @@ mod tests {
         let password = String::from("foo_pass");
         let db = MockDatabase::new(DatabaseBackend::Postgres)
             .append_query_results([vec![(
-                get_local_user_mock(),
+                get_local_user_mock("user_id"),
                 db_password::ModelBuilder::default()
                     .password_hash(
                         password_hashing::hash_password(&config, &password)
@@ -594,6 +600,7 @@ mod tests {
                     .unwrap(),
             )]])
             .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
                 &UserOptions::default(),
             )])
             .into_connection();
@@ -626,7 +633,7 @@ mod tests {
         let password = String::from("foo_pass");
         let db = MockDatabase::new(DatabaseBackend::Postgres)
             .append_query_results([vec![(
-                get_local_user_mock(),
+                get_local_user_mock("user_id"),
                 db_password::ModelBuilder::expired()
                     .password_hash(
                         password_hashing::hash_password(&config, &password)
@@ -636,10 +643,13 @@ mod tests {
                     .build()
                     .unwrap(),
             )]])
-            .append_query_results([user_option::tests::get_user_options_mock(&UserOptions {
-                ignore_password_expiry: Some(true),
-                ..Default::default()
-            })])
+            .append_query_results([user_option::tests::get_user_options_mock(
+                "user_id",
+                &UserOptions {
+                    ignore_password_expiry: Some(true),
+                    ..Default::default()
+                },
+            )])
             .append_query_results([vec![user::tests::get_user_mock("user_id")]])
             .append_query_results([vec![user::tests::get_user_mock("user_id")]])
             .into_connection();

diff --git a/src/identity/backends/sql/federated_user.rs b/src/identity/backends/sql/federated_user.rs
@@ -48,3 +48,19 @@ impl UserResponseBuilder {
         self
     }
 }
+
+#[cfg(test)]
+pub(crate) mod tests {
+    use crate::db::entity::federated_user as db_federated_user;
+
+    pub fn get_federated_user_mock<UID: Into<String>>(user_id: UID) -> db_federated_user::Model {
+        db_federated_user::Model {
+            id: 1,
+            user_id: user_id.into(),
+            idp_id: "idp_id".into(),
+            protocol_id: "protocol_id".into(),
+            unique_id: "uid".into(),
+            display_name: Some("foo".into()),
+        }
+    }
+}
diff --git a/src/identity/backends/sql/local_user.rs b/src/identity/backends/sql/local_user.rs
@@ -32,15 +32,15 @@ impl UserResponseBuilder {
 }
 
 #[cfg(test)]
-pub(super) mod tests {
+pub(crate) mod tests {
     use chrono::Utc;
 
     use crate::db::entity::{local_user as db_local_user, password as db_password};
 
-    pub fn get_local_user_mock() -> db_local_user::Model {
+    pub fn get_local_user_mock<UID: Into<String>>(user_id: UID) -> db_local_user::Model {
         db_local_user::Model {
             id: 1,
-            user_id: "user_id".into(),
+            user_id: user_id.into(),
             domain_id: "foo_domain".into(),
             name: "foo_domain".into(),
             failed_auth_count: Some(0),

diff --git a/src/identity/backends/sql/local_user/load.rs b/src/identity/backends/sql/local_user/load.rs
@@ -63,7 +63,7 @@ pub async fn load_local_user_with_passwords<S1: AsRef<str>, S2: AsRef<str>, S3:
 ///
 /// Returns vector of optional vectors with passwords in the same order as
 /// requested keeping None in place where local_user was empty.
-pub async fn load_local_users_passwords<L: IntoIterator<Item = Option<i32>>>(
+pub async fn load_local_users_passwords<L: IntoIterator<Item = Option<i32>> + std::fmt::Debug>(
     db: &DatabaseConnection,
     user_ids: L,
 ) -> Result<Vec<Option<Vec<password::Model>>>, IdentityDatabaseError> {

diff --git a/src/identity/backends/sql/nonlocal_user.rs b/src/identity/backends/sql/nonlocal_user.rs
@@ -21,3 +21,16 @@ impl UserResponseBuilder {
         self
     }
 }
+
+#[cfg(test)]
+pub(crate) mod tests {
+    use crate::db::entity::nonlocal_user as db_nonlocal_user;
+
+    pub fn get_nonlocal_user_mock<UID: Into<String>>(user_id: UID) -> db_nonlocal_user::Model {
+        db_nonlocal_user::Model {
+            user_id: user_id.into(),
+            domain_id: "foo_domain".into(),
+            name: "foo".into(),
+        }
+    }
+}