Test your AI Agents with the all-new Agent to Agent Testing Platform.Learn More

How to use delete_application_credential method in tempest

Best Python code snippet using tempest_python

test_application_credential.py

Source:test_application_credential.py

...106            another domain107        """108        pass109    @abc.abstractmethod110    def test_identity_delete_application_credential(self):111        """Test identity:delete_application_credential policy.112        This test must check113          * whether the persona can delete their own application credential114          * whether the persona can delete an application credential for115            another user116          * whether the persona can delete an application credential for a user117            in another domain (if applicable)118          * whether the persona can delete an application credential for a user119            in their own domain (if applicable)120          * whether the persona can delete an application credential that does121            not exist122        """123        pass124class SystemAdminTests(125    IdentityV3RbacApplicationCredentialTest, base.BaseIdentityTest):126    credentials = ['system_admin']127    @classmethod128    def setup_clients(cls):129        super(SystemAdminTests, cls).setup_clients()130        cls.test_user_client, cls.test_user_id = cls.setup_user_client()131    def test_identity_create_application_credential(self):132        # Creating an application credential requires a project ID in the133        # token, therefore system-scoped users cannot create app creds.134        raise self.skipException(135            "Skipping identity:create_application_credential test for "136            "system user")137    def test_identity_get_application_credential(self):138        # Creating an application credential requires a project ID in the139        # token, therefore system-scoped users cannot create app creds, so skip140        # check for showing user's own app creds141        # retrieve other user's app cred142        user_app_cred_client = \143            self.test_user_client.application_credentials_client144        app_cred = user_app_cred_client.create_application_credential(145            user_id=self.test_user_id, **self.app_cred()146        )['application_credential']147        self.addCleanup(148            user_app_cred_client.delete_application_credential,149            self.test_user_id,150            app_cred['id'])151        self.do_request(152            'show_application_credential',153            user_id=self.test_user_id,154            application_credential_id=app_cred['id'])155        # retrieve app cred that does not exist156        self.do_request(157            'show_application_credential',158            expected_status=exceptions.NotFound,159            user_id=self.test_user_id,160            application_credential_id=data_utils.rand_uuid_hex())161    def test_identity_list_application_credentials(self):162        # Creating an application credential requires a project ID in the163        # token, therefore system-scoped users cannot create app creds, so skip164        # check for listing user's own app creds165        # list other user's app creds166        user_app_cred_client = \167            self.test_user_client.application_credentials_client168        app_cred = user_app_cred_client.create_application_credential(169            user_id=self.test_user_id, **self.app_cred()170        )['application_credential']171        self.addCleanup(172            user_app_cred_client.delete_application_credential,173            self.test_user_id,174            app_cred['id'])175        resp = self.do_request(176            'list_application_credentials',177            user_id=self.test_user_id)178        self.assertEqual(179            resp['application_credentials'][0]['id'],180            app_cred['id'])181    def test_identity_delete_application_credential(self):182        # Creating an application credential requires a project ID in the183        # token, therefore system-scoped users cannot create app creds, so skip184        # check for deleting user's own app creds185        # delete other user's app cred186        user_app_cred_client = \187            self.test_user_client.application_credentials_client188        app_cred = user_app_cred_client.create_application_credential(189            user_id=self.test_user_id, **self.app_cred()190        )['application_credential']191        self.do_request(192            'delete_application_credential',193            expected_status=204,194            user_id=self.test_user_id,195            application_credential_id=app_cred['id'])196        # delete app cred that does not exist197        self.do_request(198            'delete_application_credential',199            expected_status=exceptions.NotFound,200            user_id=self.test_user_id,201            application_credential_id=data_utils.rand_uuid_hex())202class SystemMemberTests(SystemAdminTests):203    credentials = ['system_member', 'system_admin']204    def test_identity_delete_application_credential(self):205        # Creating an application credential requires a project ID in the206        # token, therefore system-scoped users cannot create app creds, so skip207        # check for deleting user's own app creds208        # delete other user's app cred209        user_app_cred_client = \210            self.test_user_client.application_credentials_client211        app_cred = user_app_cred_client.create_application_credential(212            user_id=self.test_user_id, **self.app_cred()213        )['application_credential']214        self.addCleanup(215            user_app_cred_client.delete_application_credential,216            self.test_user_id,217            app_cred['id'])218        self.do_request(219            'delete_application_credential',220            expected_status=exceptions.Forbidden,221            user_id=self.test_user_id,222            application_credential_id=app_cred['id'])223        # delete app cred that does not exist224        self.do_request(225            'delete_application_credential',226            expected_status=exceptions.Forbidden,227            user_id=self.test_user_id,228            application_credential_id=data_utils.rand_uuid_hex())229class SystemReaderTests(SystemMemberTests):230    credentials = ['system_reader', 'system_admin']231class DomainAdminTests(232    IdentityV3RbacApplicationCredentialTest, base.BaseIdentityTest):233    # Domain admins cannot create their own app creds (app creds can only be234    # scoped to projects) and domain admins have no special privileges over the235    # app creds own by users in their domains.236    credentials = ['domain_admin', 'system_admin']237    @classmethod238    def setup_clients(cls):239        super(DomainAdminTests, cls).setup_clients()240        own_domain_id = cls.persona.credentials.domain_id241        cls.test_client_1, cls.test_user_1 = cls.setup_user_client(242            domain_id=own_domain_id)243    def setUp(self):244        super(DomainAdminTests, self).setUp()245        self.other_domain_id = self.admin_client.domains_client.create_domain(246            name=data_utils.rand_name())['domain']['id']247        self.addCleanup(self.admin_client.domains_client.delete_domain,248                        self.other_domain_id)249        self.addCleanup(self.admin_client.domains_client.update_domain,250                        domain_id=self.other_domain_id, enabled=False)251        self.test_client_2, self.test_user_2 = self.setup_user_client(252            domain_id=self.other_domain_id)253        client = self.test_client_1.application_credentials_client254        self.app_cred_1 = client.create_application_credential(255            user_id=self.test_user_1, **self.app_cred()256        )['application_credential']257        self.addCleanup(258            client.delete_application_credential,259            self.test_user_1,260            self.app_cred_1['id'])261        client = self.test_client_2.application_credentials_client262        self.app_cred_2 = client.create_application_credential(263            user_id=self.test_user_2, **self.app_cred()264        )['application_credential']265        self.addCleanup(266            client.delete_application_credential,267            self.test_user_2,268            self.app_cred_2['id'])269    def test_identity_create_application_credential(self):270        # Creating an application credential requires a project ID in the271        # token, therefore system-scoped users cannot create app creds.272        raise self.skipException(273            "Skipping identity:create_application_credential test for "274            "domain user")275    def test_identity_get_application_credential(self):276        # Creating an application credential requires a project ID in the277        # token, therefore domain-scoped users cannot create app creds, so skip278        # check for showing user's own app creds279        # accessing application credentials should be forbidden no matter280        # whether the owner is in the domain or outside of it281        # retrieve app cred from user in own domain282        self.do_request(283            'show_application_credential',284            expected_status=exceptions.Forbidden,285            user_id=self.test_user_1,286            application_credential_id=self.app_cred_1['id'])287        # retrieve app cred from user in other domain288        self.do_request(289            'show_application_credential',290            expected_status=exceptions.Forbidden,291            user_id=self.test_user_2,292            application_credential_id=self.app_cred_2['id'])293        # retrieve app cred that does not exist294        self.do_request(295            'show_application_credential',296            expected_status=exceptions.Forbidden,297            user_id=self.test_user_1,298            application_credential_id=data_utils.rand_uuid_hex())299    def test_identity_list_application_credentials(self):300        # Creating an application credential requires a project ID in the301        # token, therefore domain-scoped users cannot create app creds, so skip302        # check for listing user's own app creds303        # listing application credentials should be forbidden no matter304        # whether the owner is in the domain or outside of it305        # list app creds from user in own domain306        self.do_request(307            'list_application_credentials',308            expected_status=exceptions.Forbidden,309            user_id=self.test_user_1)310        # list app creds from user in other domain311        self.do_request(312            'list_application_credentials',313            expected_status=exceptions.Forbidden,314            user_id=self.test_user_2)315    def test_identity_delete_application_credential(self):316        # Creating an application credential requires a project ID in the317        # token, therefore domain-scoped users cannot create app creds, so skip318        # check for deleting user's own app creds319        # deleting application credentials should be forbidden no matter320        # whether the owner is in the domain or outside of it321        # delete app cred from user in own domain322        self.do_request(323            'delete_application_credential',324            expected_status=exceptions.Forbidden,325            user_id=self.test_user_1,326            application_credential_id=self.app_cred_1['id'])327        # delete app cred from user in other domain328        self.do_request(329            'delete_application_credential',330            expected_status=exceptions.Forbidden,331            user_id=self.test_user_2,332            application_credential_id=self.app_cred_2['id'])333        # delete app cred that does not exist334        self.do_request(335            'delete_application_credential',336            expected_status=exceptions.Forbidden,337            user_id=self.test_user_1,338            application_credential_id=data_utils.rand_uuid_hex())339class DomainMemberTests(DomainAdminTests):340    credentials = ['domain_member', 'system_admin']341class DomainReaderTests(DomainAdminTests):342    credentials = ['domain_reader', 'system_admin']343class ProjectAdminTests(IdentityV3RbacApplicationCredentialTest,344                        base.BaseIdentityTest):345    credentials = ['project_admin', 'system_admin']346    @classmethod347    def setup_clients(cls):348        super(ProjectAdminTests, cls).setup_clients()349        cls.test_user_client, cls.test_user_id = cls.setup_user_client()350    def test_identity_create_application_credential(self):351        # user can create their own app cred352        user_id = self.persona.credentials.user_id353        resp = self.do_request(354            'create_application_credential',355            expected_status=201,356            user_id=user_id,357            **self.app_cred())['application_credential']358        self.addCleanup(359            self.client.delete_application_credential,360            user_id, resp['id'])361        # user cannot create app cred for another user362        user_id = self.test_user_id363        self.do_request(364            'create_application_credential',365            expected_status=exceptions.Forbidden,366            user_id=user_id,367            **self.app_cred())368    def test_identity_get_application_credential(self):369        # user can retrieve their own app cred370        user_id = self.persona.credentials.user_id371        app_cred = self.client.create_application_credential(372            user_id=user_id, **self.app_cred())['application_credential']373        self.addCleanup(374            self.client.delete_application_credential,375            user_id=user_id, application_credential_id=app_cred['id'])376        self.do_request(377            'show_application_credential',378            user_id=user_id, application_credential_id=app_cred['id'])379        # retrieving non-existent app cred for self should return 404380        self.do_request(381            'show_application_credential',382            expected_status=exceptions.NotFound,383            user_id=user_id,384            application_credential_id=data_utils.rand_uuid_hex())385        # user cannot retrieve another user's app cred by using the victim's386        # user ID in the request or by trying to bypass the user ownership387        # check by crafting a path the the attacker's user ID388        user_id = self.test_user_id389        client = self.test_user_client.application_credentials_client390        app_cred = client.create_application_credential(391            user_id=user_id, **self.app_cred())['application_credential']392        self.addCleanup(393            client.delete_application_credential,394            user_id=user_id, application_credential_id=app_cred['id'])395        self.do_request(396            'show_application_credential',397            expected_status=exceptions.Forbidden,398            user_id=self.persona.credentials.user_id,399            application_credential_id=app_cred['id'])400        self.do_request(401            'show_application_credential',402            expected_status=exceptions.Forbidden,403            user_id=user_id, application_credential_id=app_cred['id'])404        # retrieving non-existent app cred for another user should return 403405        self.do_request(406            'show_application_credential',407            expected_status=exceptions.Forbidden,408            user_id=user_id,409            application_credential_id=data_utils.rand_uuid_hex())410    def test_identity_list_application_credentials(self):411        # user can list their own app creds412        user_id = self.persona.credentials.user_id413        app_cred = self.client.create_application_credential(414            user_id=user_id, **self.app_cred())['application_credential']415        self.addCleanup(416            self.client.delete_application_credential,417            user_id=user_id, application_credential_id=app_cred['id'])418        self.do_request(419            'list_application_credentials', user_id=user_id)420        # user cannot list another user's app creds421        user_id = self.test_user_id422        client = self.test_user_client.application_credentials_client423        app_cred = client.create_application_credential(424            user_id=user_id, **self.app_cred())['application_credential']425        self.addCleanup(426            client.delete_application_credential,427            user_id=user_id, application_credential_id=app_cred['id'])428        self.do_request(429            'list_application_credentials',430            expected_status=exceptions.Forbidden, user_id=user_id)431    def test_identity_delete_application_credential(self):432        # user can delete their own app cred433        user_id = self.persona.credentials.user_id434        app_cred = self.client.create_application_credential(435            user_id=user_id, **self.app_cred())['application_credential']436        self.do_request(437            'delete_application_credential',438            expected_status=204,439            user_id=user_id, application_credential_id=app_cred['id'])440        # deleting non-existent app cred for self should return 404441        self.do_request(442            'delete_application_credential',443            expected_status=exceptions.NotFound,444            user_id=user_id,445            application_credential_id=data_utils.rand_uuid_hex())...

test_access_rule.py

Source:test_access_rule.py

...137        self.access_rule_id = app_cred['access_rules'][0]['id']138        def try_delete_app_cred(id):139            app_cred_client = self.admin_client.application_credentials_client140            try:141                app_cred_client.delete_application_credential(142                    user_id=self.test_user_id,143                    application_credential_id=id)144            except exceptions.NotFound:145                pass146        def try_delete_access_rule(id):147            try:148                self.admin_client.access_rules_client.delete_access_rule(149                    user_id=self.test_user_id,150                    access_rule_id=id)151            except exceptions.NotFound:152                pass153        self.addCleanup(try_delete_access_rule, self.access_rule_id)154        self.addCleanup(try_delete_app_cred, self.app_cred_id)155    def test_identity_get_access_rule(self):156        # system admin cannot create app creds and therefore cannot create157        # access rules, so skip retrieval of own access rule158        # retrieve other user's access rules159        self.do_request(160            'show_access_rule',161            user_id=self.test_user_id, access_rule_id=self.access_rule_id)162        # retrieving a non-existent access rule should return a 404163        self.do_request(164            'show_access_rule', expected_status=exceptions.NotFound,165            user_id=self.test_user_id,166            access_rule_id=data_utils.rand_uuid_hex())167    def test_identity_list_access_rules(self):168        # system admin cannot create app creds and therefore cannot create169        # access rules, so skip listing of own access rule170        # list other user's access rules171        self.do_request('list_access_rules', user_id=self.test_user_id)172    def test_identity_delete_access_rule(self):173        # system admin cannot create app creds and therefore cannot create174        # access rules, so skip deletion of own access rule175        # delete other user's access rules176        app_cred_client = self.admin_client.application_credentials_client177        app_cred_client.delete_application_credential(178            user_id=self.test_user_id,179            application_credential_id=self.app_cred_id)180        self.do_request(181            'delete_access_rule', expected_status=204,182            user_id=self.test_user_id, access_rule_id=self.access_rule_id)183        # deleting a non-existent access rule should return a 404184        self.do_request(185            'delete_access_rule', expected_status=exceptions.NotFound,186            user_id=self.test_user_id,187            access_rule_id=data_utils.rand_uuid_hex())188class SystemMemberTests(SystemAdminTests):189    credentials = ['system_member', 'system_admin']190    def test_identity_delete_access_rule(self):191        app_cred_client = self.admin_client.application_credentials_client192        app_cred_client.delete_application_credential(193            user_id=self.test_user_id,194            application_credential_id=self.app_cred_id)195        self.do_request(196            'delete_access_rule', expected_status=exceptions.Forbidden,197            user_id=self.test_user_id, access_rule_id=self.access_rule_id)198        # retrieving a non-existent access rule should return a 404199        self.do_request(200            'show_access_rule', expected_status=exceptions.NotFound,201            user_id=self.test_user_id,202            access_rule_id=data_utils.rand_uuid_hex())203class SystemReaderTests(SystemMemberTests):204    credentials = ['system_reader', 'system_admin']205class DomainAdminTests(IdentityV3RbacAccessRuleTest, base.BaseIdentityTest):206    # Domain admins cannot create their own app creds (app creds can only be207    # scoped to projects) and domain admins have no special privileges over the208    # app creds own by users in their domains.209    credentials = ['domain_admin', 'system_admin']210    @classmethod211    def setup_clients(cls):212        super(DomainAdminTests, cls).setup_clients()213        own_domain_id = cls.persona.credentials.domain_id214        cls.test_client_1, cls.test_user_1 = cls.setup_user_client(215            domain_id=own_domain_id)216    def setUp(self):217        super(DomainAdminTests, self).setUp()218        self.other_domain_id = self.admin_client.domains_client.create_domain(219            name=data_utils.rand_name())['domain']['id']220        self.addCleanup(self.admin_client.domains_client.delete_domain,221                        self.other_domain_id)222        self.addCleanup(self.admin_client.domains_client.update_domain,223                        domain_id=self.other_domain_id, enabled=False)224        self.test_client_2, self.test_user_2 = self.setup_user_client(225            domain_id=self.other_domain_id)226        client = self.test_client_1.application_credentials_client227        app_cred_1 = client.create_application_credential(228            user_id=self.test_user_1, **self.app_cred()229        )['application_credential']230        self.access_rule_1 = app_cred_1['access_rules'][0]['id']231        self.addCleanup(232            self.test_client_1.access_rules_client.delete_access_rule,233            self.test_user_1,234            self.access_rule_1)235        self.addCleanup(236            client.delete_application_credential,237            self.test_user_1,238            app_cred_1['id'])239        client = self.test_client_2.application_credentials_client240        app_cred_2 = client.create_application_credential(241            user_id=self.test_user_2, **self.app_cred()242        )['application_credential']243        self.access_rule_2 = app_cred_2['access_rules'][0]['id']244        self.addCleanup(245            self.test_client_2.access_rules_client.delete_access_rule,246            self.test_user_2,247            self.access_rule_2)248        self.addCleanup(249            client.delete_application_credential,250            self.test_user_2,251            app_cred_2['id'])252    def test_identity_get_access_rule(self):253        # accessing access rules should be forbidden no matter whether the254        # owner is in the domain or outside of it255        # retrieve access rule from user in own domain256        self.do_request(257            'show_access_rule', expected_status=exceptions.Forbidden,258            user_id=self.test_user_1, access_rule_id=self.access_rule_1)259        # retrieve access rule from user in other domain260        self.do_request(261            'show_access_rule', expected_status=exceptions.Forbidden,262            user_id=self.test_user_2, access_rule_id=self.access_rule_2)263        # retrieving a non-existent access rule should return a 403264        self.do_request(265            'show_access_rule', expected_status=exceptions.Forbidden,266            user_id=self.test_user_1,267            access_rule_id=data_utils.rand_uuid_hex())268        self.do_request(269            'show_access_rule', expected_status=exceptions.Forbidden,270            user_id=self.test_user_2,271            access_rule_id=data_utils.rand_uuid_hex())272    def test_identity_list_access_rules(self):273        # listing access rules should be forbidden no matter whether the274        # owner is in the domain or outside of it275        self.do_request(276            'list_access_rules', expected_status=exceptions.Forbidden,277            user_id=self.test_user_1)278        self.do_request(279            'list_access_rules', expected_status=exceptions.Forbidden,280            user_id=self.test_user_2)281    def test_identity_delete_access_rule(self):282        # deleting access rules should be forbidden no matter whether the283        # owner is in the domain or outside of it284        # delete access rule from user in own domain285        self.do_request(286            'delete_access_rule', expected_status=exceptions.Forbidden,287            user_id=self.test_user_1, access_rule_id=self.access_rule_1)288        # delete access rule from user in other domain289        self.do_request(290            'delete_access_rule', expected_status=exceptions.Forbidden,291            user_id=self.test_user_2, access_rule_id=self.access_rule_2)292        # deleting a non-existent access rule should return a 403293        self.do_request(294            'delete_access_rule', expected_status=exceptions.Forbidden,295            user_id=self.test_user_1,296            access_rule_id=data_utils.rand_uuid_hex())297        self.do_request(298            'delete_access_rule', expected_status=exceptions.Forbidden,299            user_id=self.test_user_2,300            access_rule_id=data_utils.rand_uuid_hex())301class DomainMemberTests(DomainAdminTests):302    credentials = ['domain_member', 'system_admin']303class DomainReaderTests(DomainAdminTests):304    credentials = ['domain_reader', 'system_admin']305class ProjectAdminTests(IdentityV3RbacAccessRuleTest, base.BaseIdentityTest):306    credentials = ['project_admin', 'system_admin']307    @classmethod308    def setup_clients(cls):309        super(ProjectAdminTests, cls).setup_clients()310        cls.test_user_client, cls.test_user_id = cls.setup_user_client()311    def setUp(self):312        super(ProjectAdminTests, self).setUp()313        app_cred_client = self.persona.application_credentials_client314        user_id = self.persona.credentials.user_id315        self.app_cred_1 = app_cred_client.create_application_credential(316            user_id, **self.app_cred())['application_credential']317        self.access_rule_1 = self.app_cred_1['access_rules'][0]['id']318        def try_delete_own_app_cred(id):319            app_cred_client = self.persona.application_credentials_client320            try:321                app_cred_client.delete_application_credential(322                    self.persona.credentials.user_id, id)323            except exceptions.NotFound:324                pass325        def try_delete_own_access_rule(id):326            try:327                self.persona.access_rules_client.delete_access_rule(328                    self.persona.credentials.user_id, id)329            except exceptions.NotFound:330                pass331        self.addCleanup(try_delete_own_access_rule, self.access_rule_1)332        self.addCleanup(try_delete_own_app_cred, self.app_cred_1['id'])333        app_cred_client = self.test_user_client.application_credentials_client334        self.app_cred_2 = app_cred_client.create_application_credential(335            self.test_user_id, **self.app_cred())['application_credential']336        self.access_rule_2 = self.app_cred_2['access_rules'][0]['id']337        self.addCleanup(338            self.test_user_client.access_rules_client.delete_access_rule,339            self.test_user_id, self.access_rule_2)340        self.addCleanup(341            app_cred_client.delete_application_credential,342            self.test_user_id, self.app_cred_2['id'])343    def test_identity_get_access_rule(self):344        # should be able to access own credential345        self.do_request(346            'show_access_rule',347            user_id=self.persona.credentials.user_id,348            access_rule_id=self.access_rule_1)349        # retrieving non-existent access rule for self should return 404350        self.do_request(351            'show_access_rule', expected_status=exceptions.NotFound,352            user_id=self.persona.credentials.user_id,353            access_rule_id=data_utils.rand_uuid_hex())354        # should not be able to access another user's credential355        self.do_request(356            'show_access_rule', expected_status=exceptions.Forbidden,357            user_id=self.test_user_id, access_rule_id=self.access_rule_2)358        # retrieving non-existent access rule for other user should return 403359        self.do_request(360            'show_access_rule', expected_status=exceptions.Forbidden,361            user_id=self.test_user_id,362            access_rule_id=data_utils.rand_uuid_hex())363    def test_identity_list_access_rules(self):364        # should be able to list own credentials365        self.do_request(366            'list_access_rules', user_id=self.persona.credentials.user_id)367        # should not be able to list another user's credentials368        self.do_request(369            'list_access_rules', expected_status=exceptions.Forbidden,370            user_id=self.test_user_id)371    def test_identity_delete_access_rule(self):372        # should be able to delete own credential373        app_cred_client = self.persona.application_credentials_client374        app_cred_client.delete_application_credential(375            user_id=self.persona.credentials.user_id,376            application_credential_id=self.app_cred_1['id'])377        self.do_request(378            'delete_access_rule', expected_status=204,379            user_id=self.persona.credentials.user_id,380            access_rule_id=self.access_rule_1)381        # deleting non-existent access rule for self should return 404382        self.do_request(383            'delete_access_rule', expected_status=exceptions.NotFound,384            user_id=self.persona.credentials.user_id,385            access_rule_id=data_utils.rand_uuid_hex())386        # should not be able to delete another user's credential387        self.do_request(388            'delete_access_rule', expected_status=exceptions.Forbidden,...

test_application_credentials_rbac.py

Source:test_application_credentials_rbac.py

...68    @decorators.idempotent_id('521b7c0f-1dd5-47a6-ae95-95c0323d7735')69    @rbac_rule_validation.action(70        service="keystone",71        rules=["identity:delete_application_credential"])72    def test_delete_application_credential(self):73        app_cred = self._create_application_credential()74        with self.override_role():75            self.application_credentials_client.delete_application_credential(...

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.