def _mock_gce_get_project(projectid):
if projectid in results.GCE_GET_PROJECT:
return results.GCE_GET_PROJECT[projectid]
response = httplib2.Response(
{'status': '403', 'content-type': 'application/json'})
content = results.GCE_API_NOT_ENABLED_TEMPLATE.format(id=projectid)
error_403 = errors.HttpError(response, content)
raise api_errors.ApiNotEnabledError('Access Not Configured.', error_403)
def test_enforce_policy_firewall_enforcer_gce_api_disabled(
self, mock_logger):
"""Project returns a status=PROJECT_DELETED if GCE API is disabled.
Setup:
* Switch the ListFirewalls response to be a 403 error with the reason
string set to GCE API disabled.
Expected Result:
A ProjectResult proto showing status=PROJECT_DELETED and the correct
reason string.
"""
api_disabled_403 = httplib2.Response({
'status': '403',
'content-type': 'application/json'
})
api_disabled_403.reason = (
'Access Not Configured. Compute Engine API has not been used in '
'project 1 before or it is disabled. Enable it by visiting '
'https://console.developers.google.com/apis/api/compute_component/'
'overview?project=1 then retry. If you enabled this API recently,'
'wait a few minutes for the action to propagate to our systems and '
'retry.')
error_api_disabled_403 = errors.HttpError(api_disabled_403,
''.encode(),
uri='')
err = api_errors.ApiNotEnabledError(
'https://console.developers.google.com/apis/api/compute_component/',
error_api_disabled_403)
self.gce_api_client.get_firewall_rules.side_effect = err
result = self.enforcer.enforce_firewall_policy(self.policy)
self.expected_proto.status = project_enforcer.STATUS_DELETED
# Match first part of error reason string
self.assertStartsWith(result.status_reason,
'Project has GCE API disabled')
# Copy reason string into expected proto. The reason includes a long
# error message, which would be ugly to replicate in the test.
self.expected_proto.status_reason = result.status_reason
self.validate_results(self.expected_proto, result)
self.assertTrue(mock_logger.error.called)