def test_remove_user_role(self):
""" Remove all roles on a user from our project """
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {'user_id_1': ['_member_']}
user1 = mock.Mock()
user1.id = 'user_id_1'
user1.name = '*****@*****.**'
user1.password = '******'
user1.email = '*****@*****.**'
setup_temp_cache({'test_project': project}, {'user_id_1': user1})
admin_headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
# admins removes role from the test user
url = "/v1/openstack/users/%s/roles" % user1.id
data = {'roles': ["_member_"]}
response = self.client.delete(url,
data,
format='json',
headers=admin_headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.json(),
{'notes': ['Task completed successfully.']})
def test_reset_admin(self):
"""
Ensure that you cannot issue a password reset for an
admin user.
"""
user = mock.Mock()
user.id = 'user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.password = "******"
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {user.id: ['admin']}
setup_temp_cache({'test_project': project}, {user.id: user})
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['notes'],
['If user with email exists, reset token will be issued.'])
self.assertEqual(0, Token.objects.count())
def test_update_email_task_username_not_email(self):
user = mock.Mock()
user.id = 'test_user_id'
user.name = "test_user"
user.email = "*****@*****.**"
user.domain = 'default'
setup_temp_cache({}, {user.id: user})
url = "/v1/actions/UpdateEmail"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
data = {'new_email': "*****@*****.**"}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, {'notes': ['created token']})
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
data = {'confirm': True}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEquals(user.name, "test_user")
self.assertEquals(user.email, '*****@*****.**')
def test_add_default_users(self):
"""
Base case, adds admin user with admin role to project.
NOTE(adriant): both the lists of users, and the roles to add
come from test_settings. This test assumes the conf setting of:
default_users = ['admin']
default_roles = ['admin']
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({'test_project': project}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={'roles': ['admin']})
task.cache = {'project_id': "test_project_id"}
action = AddDefaultUsersToProjectAction({'domain_id': 'default'},
task=task,
order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
project = tests.temp_cache['projects']['test_project']
self.assertEquals(project.roles['user_id_0'], ['admin'])
def test_update_email_task_invalid_email(self):
user = mock.Mock()
user.id = 'test_user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
setup_temp_cache({}, {user.id: user})
url = "/v1/actions/UpdateEmail"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
data = {'new_email': "new_test@examplecom"}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data,
{'new_email': [u'Enter a valid email address.']})
def test_update_email_pre_existing_user_with_email(self):
user = mock.Mock()
user.id = 'test_user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user2 = mock.Mock()
user2.id = 'new_user_id'
user2.name = "*****@*****.**"
user2.email = "*****@*****.**"
user2.domain = 'default'
setup_temp_cache({}, {user.id: user, user2.id: user2})
url = "/v1/actions/UpdateEmail"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True,
'project_domain_id': 'default',
}
data = {'new_email': "*****@*****.**"}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data, ['actions invalid'])
self.assertEqual(len(Token.objects.all()), 0)
self.assertEqual(len(mail.outbox), 0)
def test_notification_createproject(self):
"""
CreateProject should create a notification.
We should be able to grab it.
"""
setup_temp_cache({}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
new_task = Task.objects.all()[0]
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
url = "/v1/notifications"
response = self.client.get(url, headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data['notifications'][0]['task'],
new_task.uuid)
def test_add_default_users_reapprove(self):
"""
Ensure nothing happens or changes during rerun of approve.
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({'test_project': project}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={'roles': ['admin']})
task.cache = {'project_id': "test_project_id"}
action = AddDefaultUsersToProjectAction({'domain_id': 'default'},
task=task,
order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
project = tests.temp_cache['projects']['test_project']
self.assertEquals(project.roles['user_id_0'], ['admin'])
action.post_approve()
self.assertEquals(action.valid, True)
project = tests.temp_cache['projects']['test_project']
self.assertEquals(project.roles['user_id_0'], ['admin'])
def test_new_project(self):
"""
Ensure the new project workflow goes as expected.
"""
setup_temp_cache({}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
new_task = Task.objects.all()[0]
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True},
format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, {'notes': ['created token']})
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
data = {'password': '******'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_reset_user(self):
"""
Ensure the reset user workflow goes as expected.
Create task + create token, submit token.
"""
user = mock.Mock()
user.id = 'user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.password = "******"
setup_temp_cache({}, {user.id: user})
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['notes'],
['If user with email exists, reset token will be issued.'])
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
data = {'password': '******'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(user.password, 'new_test_password')
def test_email_additional_action_invalid(self):
"""
The additional email actions should not send an email if the
action is invalid.
"""
setup_temp_cache({}, {})
url = "/v1/actions/InviteUser"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
data = {
'email': "*****@*****.**",
'roles': ["_member_"],
'project_id': 'test_project_id'
}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data, {'errors': ['actions invalid']})
self.assertEqual(len(mail.outbox), 0)
def test_new_project_action_rerun_post_approve(self):
"""
Tests the new project action for an existing user.
"""
user = mock.Mock()
user.id = "test_user_id"
user.name = "test_user"
user.domain = 'default'
project = mock.Mock()
project.id = "parent_project"
project.domain = "default"
setup_temp_cache({project.id: project}, {user.id: user})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
"user_id": "test_user_id",
"project_id": "parent_project",
"project_domain_id": 'default'
})
data = {
'domain_id': 'default',
'parent_id': "parent_project",
'project_name': 'test_project',
}
action = NewProjectAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['projects']['test_project'].name,
'test_project')
self.assertEquals(tests.temp_cache['projects']['test_project'].parent,
'parent_project')
action.post_approve()
# Nothing should change
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['projects']['test_project'].name,
'test_project')
self.assertEquals(tests.temp_cache['projects']['test_project'].parent,
'parent_project')
project = tests.temp_cache['projects']['test_project']
self.assertEquals(
sorted(project.roles["test_user_id"]),
sorted([
'_member_', 'project_admin', 'project_mod', 'heat_stack_owner'
]))
action.submit({})
self.assertEquals(action.valid, True)
def test_reset_user_password_no_user(self):
"""
Reset password for a non-existant user.
"""
setup_temp_cache({}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
'roles': ['admin', 'project_mod'],
'project_id': 'test_project_id',
'project_domain_id': 'default',
})
data = {
'domain_name': 'Default',
'email': '*****@*****.**',
'project_name': 'test_project',
}
action = ResetUserPasswordAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, False)
action.post_approve()
self.assertEquals(action.valid, False)
token_data = {}
action.submit(token_data)
self.assertEquals(action.valid, False)
def test_new_user_no_tenant(self):
"""
No user, no tenant.
"""
setup_temp_cache({}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
'roles': ['admin', 'project_mod'],
'project_id': 'test_project_id',
'project_domain_id': 'default',
})
data = {
'email': '*****@*****.**',
'project_id': 'test_project_id',
'roles': ['_member_'],
'domain_id': 'default',
}
action = NewUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, False)
action.post_approve()
self.assertEquals(action.valid, False)
token_data = {}
action.submit(token_data)
self.assertEquals(action.valid, False)
def test_return_task_id_if_admin_fail(self):
"""
Confirm that the task id is not returned unless admin.
"""
user = mock.Mock()
user.id = 'user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.password = "******"
setup_temp_cache({}, {user.id: user})
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertFalse(response.data.get('task'))
def test_task_complete(self):
"""
Can't approve a completed task.
"""
setup_temp_cache({}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
new_task = Task.objects.all()[0]
new_task.completed = True
new_task.save()
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True},
format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data,
{'errors': ['This task has already been completed.']})
def test_user_detail(self):
"""
Confirm that the user detail view functions as expected
"""
user = mock.Mock()
user.id = 'test_user_id'
user.name = '*****@*****.**'
user.email = '*****@*****.**'
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {user.id: ['_member_']}
setup_temp_cache({'test_project': project}, {user.id: user})
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
url = "/v1/openstack/users/%s" % user.id
response = self.client.get(url, headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.json()['username'], '*****@*****.**')
self.assertEqual(response.json()['roles'], ["_member_"])
def test_new_project_invalid_domain_id(self):
""" Create a project using an invalid domain """
setup_temp_cache({}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
'roles': ['admin', 'project_mod'],
'project_id': 'test_project_id',
'project_domain_id': 'default',
})
data = {
'domain_id': 'not_default_id',
'parent_id': None,
'email': '*****@*****.**',
'project_name': 'test_project',
}
action = NewProjectWithUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, False)
action.post_approve()
self.assertEquals(action.valid, False)
def test_new_project_existing_project(self):
"""
Create a project that already exists.
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({project.name: project}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
'roles': ['admin', 'project_mod'],
'project_id': 'test_project_id',
'project_domain_id': 'default',
})
data = {
'domain_id': 'default',
'parent_id': None,
'email': '*****@*****.**',
'project_name': 'test_project',
}
action = NewProjectWithUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, False)
action.post_approve()
self.assertEquals(action.valid, False)
def test_token_expired_get(self):
"""
Expired token should do nothing, then delete itself.
"""
user = mock.Mock()
user.id = 'user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.password = "******"
setup_temp_cache({}, {user.id: user})
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['notes'],
['If user with email exists, reset token will be issued.'])
new_token = Token.objects.all()[0]
new_token.expires = timezone.now() - timedelta(hours=24)
new_token.save()
url = "/v1/tokens/" + new_token.token
response = self.client.get(url)
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
self.assertEqual(
response.data,
{'errors': ['This token does not exist or has expired.']})
self.assertEqual(0, Token.objects.count())
def test_add_default_users_invalid_project(self):
"""Add default users to a project that doesn't exist.
Action should become invalid at the post_approve state, it's ok if
the project isn't created yet during pre_approve.
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({'test_project': project}, {})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={'roles': ['admin']})
task.cache = {'project_id': "invalid_project_id"}
action = AddDefaultUsersToProjectAction({'domain_id': 'default'},
task=task,
order=1)
action.pre_approve()
# No need to test project yet - it's ok if it doesn't exist
self.assertEquals(action.valid, True)
action.post_approve()
# Now the missing project should make the action invalid
self.assertEquals(action.valid, False)
def test_cancel_task_sent_token(self):
"""
Ensure the ability to cancel a task after the token is sent.
"""
setup_temp_cache({}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
new_task = Task.objects.all()[0]
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True},
format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
response = self.client.delete(url, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
data = {'password': '******'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_new_project_disabled_user(self):
"""
Create a project for a user that is disabled.
"""
user = mock.Mock()
user.id = 'user_id_1'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.enabled = False
# create disabled user
setup_temp_cache({}, {user.id: user})
task = Task.objects.create(ip_address="0.0.0.0", keystone_user={})
data = {
'domain_id': 'default',
'parent_id': None,
'email': '*****@*****.**',
'project_name': 'test_project',
}
# Sign up, approve
action = NewProjectWithUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['projects']['test_project'].name,
'test_project')
self.assertEquals(
task.cache, {
'user_id': 'user_id_1',
'project_id': 'project_id_1',
'user_state': 'disabled'
})
self.assertEquals(action.action.cache["token_fields"], ['password'])
# submit password reset
token_data = {'password': '******'}
action.submit(token_data)
self.assertEquals(action.valid, True)
# check that user has been created correctly
self.assertEquals(tests.temp_cache['users'][user.id].email,
'*****@*****.**')
self.assertEquals(tests.temp_cache['users'][user.id].enabled, True)
# Check user has correct roles in new project
project = tests.temp_cache['projects']['test_project']
self.assertEquals(
sorted(project.roles[user.id]),
sorted([
'_member_', 'project_admin', 'project_mod', 'heat_stack_owner'
]))
def test_token_expired_delete(self):
"""
test deleting of expired tokens.
"""
user = mock.Mock()
user.id = 'user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.password = "******"
user2 = mock.Mock()
user2.id = 'user_id2'
user2.name = "*****@*****.**"
user2.email = "*****@*****.**"
user2.domain = 'default'
user2.password = "******"
setup_temp_cache({}, {user.id: user, user2.name: user2})
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['notes'],
['If user with email exists, reset token will be issued.'])
url = "/v1/actions/ResetPassword"
data = {'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['notes'],
['If user with email exists, reset token will be issued.'])
tokens = Token.objects.all()
self.assertEqual(len(tokens), 2)
new_token = tokens[0]
new_token.expires = timezone.now() - timedelta(hours=24)
new_token.save()
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
url = "/v1/tokens/"
response = self.client.delete(url, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data,
{'notes': ['Deleted all expired tokens.']})
self.assertEqual(Token.objects.count(), 1)
def test_new_project_user_disabled_during_signup(self):
"""
Create a project for a user that is created and disabled during signup.
This exercises the tasks ability to correctly act based on changed
circumstances between two states.
"""
# Start with nothing created
setup_temp_cache({}, {})
# Sign up for the project+user, validate.
task = Task.objects.create(ip_address="0.0.0.0", keystone_user={})
data = {
'domain_id': 'default',
'parent_id': None,
'email': '*****@*****.**',
'project_name': 'test_project',
}
# Sign up
action = NewProjectWithUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
# Create the disabled user directly with the Identity Manager.
fm = FakeManager()
user = fm.create_user(name="*****@*****.**",
password='******',
email="*****@*****.**",
created_on=None,
domain='default',
default_project=None)
fm.disable_user(user.id)
# approve previous signup
action.post_approve()
self.assertEquals(action.valid, True)
project = tests.temp_cache['projects']['test_project']
self.assertEquals(project.name, 'test_project')
self.assertEquals(task.cache, {
'user_id': user.id,
'project_id': project.id,
'user_state': 'disabled'
})
# check that user has been re-enabled with a generated password.
self.assertEquals(user.enabled, True)
self.assertNotEquals(user.password, 'origpass')
# submit password reset
token_data = {'password': '******'}
action.submit(token_data)
self.assertEquals(action.valid, True)
# Ensure user has new password:
self.assertEquals(user.password, '123456')
def test_new_project_reapprove(self):
"""
Project created at post_approve step,
ensure reapprove does nothing.
"""
setup_temp_cache({}, {})
task = Task.objects.create(ip_address="0.0.0.0", keystone_user={})
data = {
'domain_id': 'default',
'parent_id': None,
'email': '*****@*****.**',
'project_name': 'test_project',
}
action = NewProjectWithUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['projects']['test_project'].name,
'test_project')
self.assertEquals(
task.cache, {
'project_id': 'project_id_1',
'user_id': 'user_id_1',
'user_state': 'default'
})
action.post_approve()
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['projects']['test_project'].name,
'test_project')
self.assertEquals(
task.cache, {
'project_id': 'project_id_1',
'user_id': 'user_id_1',
'user_state': 'default'
})
token_data = {'password': '******'}
action.submit(token_data)
self.assertEquals(action.valid, True)
self.assertEquals(tests.temp_cache['users']["user_id_1"].email,
'*****@*****.**')
project = tests.temp_cache['projects']['test_project']
self.assertEquals(
sorted(project.roles["user_id_1"]),
sorted([
'_member_', 'project_admin', 'project_mod', 'heat_stack_owner'
]))
def test_task_list(self):
"""
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({'test_project': project}, {})
url = "/v1/actions/InviteUser"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
data = {
'email': "*****@*****.**",
'roles': ["_member_"],
'project_id': 'test_project_id'
}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
data = {
'email': "*****@*****.**",
'roles': ["_member_"],
'project_id': 'test_project_id'
}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
data = {
'email': "*****@*****.**",
'roles': ["_member_"],
'project_id': 'test_project_id'
}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
url = "/v1/tasks"
response = self.client.get(url, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data['tasks']), 3)
def test_new_user_disabled(self):
"""
Disabled user, valid existing tenant, no role.
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
user = mock.Mock()
user.id = 'user_id_1'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
user.enabled = False
setup_temp_cache({'test_project': project}, {user.id: user})
task = Task.objects.create(ip_address="0.0.0.0",
keystone_user={
'roles': ['admin', 'project_mod'],
'project_id': 'test_project_id',
'project_domain_id': 'default',
})
data = {
'email': '*****@*****.**',
'project_id': 'test_project_id',
'roles': ['_member_'],
'domain_id': 'default',
}
action = NewUserAction(data, task=task, order=1)
action.pre_approve()
self.assertEquals(action.valid, True)
action.post_approve()
self.assertEquals(action.valid, True)
token_data = {'password': '******'}
action.submit(token_data)
self.assertEquals(action.valid, True)
self.assertEquals(len(tests.temp_cache['users']), 2)
# The new user id in this case will be "user_id_1"
self.assertEquals(tests.temp_cache['users']["user_id_1"].email,
'*****@*****.**')
self.assertEquals(tests.temp_cache['users']["user_id_1"].password,
'123456')
self.assertEquals(tests.temp_cache['users']["user_id_1"].enabled, True)
self.assertEquals(project.roles["user_id_1"], ['_member_'])
def test_email_additional_addresses(self):
"""
Tests the sending of additional emails an admin email set in
the conf
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
user = mock.Mock()
user.id = 'test_user_id'
user.name = "*****@*****.**"
user.email = "*****@*****.**"
user.domain = 'default'
project.roles = {user.id: ['project_admin', '_member_']}
setup_temp_cache({'test_project': project}, {
user.id: user,
})
url = "/v1/actions/InviteUser"
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "project_admin,_member_,project_mod",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
data = {'email': "*****@*****.**", 'roles': ['_member_']}
response = self.client.post(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, {'notes': ['created token']})
self.assertEqual(len(mail.outbox), 2)
self.assertEqual(set(mail.outbox[0].to), set(['*****@*****.**']))
self.assertEqual(mail.outbox[0].subject, 'invite_user_additional')
# Test that the token email gets sent to the other addresses
self.assertEqual(mail.outbox[1].to[0], '*****@*****.**')
new_token = Token.objects.all()[0]
url = "/v1/tokens/" + new_token.token
data = {'password': '******'}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_task_update(self):
"""
Creates a invalid task.
Updates it and attempts to reapprove.
"""
project = mock.Mock()
project.id = 'test_project_id'
project.name = 'test_project'
project.domain = 'default'
project.roles = {}
setup_temp_cache({'test_project': project}, {})
url = "/v1/actions/CreateProject"
data = {'project_name': "test_project", 'email': "*****@*****.**"}
response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
headers = {
'project_name': "test_project",
'project_id': "test_project_id",
'roles': "admin,_member_",
'username': "******",
'user_id': "test_user_id",
'authenticated': True
}
new_task = Task.objects.all()[0]
url = "/v1/tasks/" + new_task.uuid
response = self.client.post(url, {'approved': True},
format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
data = {
'project_name': "test_project2",
'email': "*****@*****.**",
'region': 'RegionOne',
}
response = self.client.put(url, data, format='json', headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data,
{'notes': ['Task successfully updated.']})
response = self.client.post(url, {'approved': True},
format='json',
headers=headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, {'notes': ['created token']})
