def test_add_system_to_pool(self):
with session.begin():
other_system = data_setup.create_system(owner=self.owner)
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() + 'pools/%s/systems/' % self.pool.name,
session=s, data={'fqdn': other_system.fqdn})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertItemsEqual(self.pool.systems, [self.system, other_system])
self.assertEquals(self.pool.activity[-1].field_name, 'System')
self.assertEquals(self.pool.activity[-1].action, 'Added')
self.assertEquals(self.pool.activity[-1].new_value, unicode(other_system))
self.assertEquals(other_system.activity[-1].field_name, 'Pool')
self.assertEquals(other_system.activity[-1].action, 'Added')
self.assertEquals(other_system.activity[-1].new_value, unicode(self.pool))
# adding to a pool that doesn't exist is a 404
response = post_json(get_server_base() + 'pools/nosuchpool/systems/',
session=s, data={'fqdn': other_system.fqdn})
self.assertEquals(response.status_code, 404)
self.assertEquals(response.text, 'System pool nosuchpool does not exist')
# adding a system that doesn't exist is a 400
response = post_json(get_server_base() + 'pools/%s/systems/' % self.pool.name,
session=s, data={'fqdn': 'nosuchsystem'})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.text, "System 'nosuchsystem' does not exist")
def test_whitespace_only_values_are_not_accepted(self):
# Whitespace-only values also count as empty, because we strip
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/',
session=s,
data={
'user_name': ' \t\v',
'display_name': 'Bilbo Baggins',
'email_address': '*****@*****.**'
})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text, 'Username must not be empty')
response = post_json(get_server_base() + 'users/',
session=s,
data={
'user_name': 'bbaggins',
'display_name': ' \t\v',
'email_address': '*****@*****.**'
})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text, 'Display name must not be empty')
response = post_json(get_server_base() + 'users/',
session=s,
data={
'user_name': 'bbaggins',
'display_name': 'Bilbo Baggins',
'email_address': ' \t\v'
})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text, 'Email address must not be empty')
def test_empty_comment_is_rejected(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(get_server_base() +
'recipes/%s/tasks/%s/comments/' % (self.recipe.id, self.recipetask.id),
session=s, data={'comment': None})
self.assertEqual(response.status_code, 400)
# whitespace-only comment also counts as empty
response = post_json(get_server_base() +
'recipes/%s/tasks/%s/comments/' % (self.recipe.id, self.recipetask.id),
session=s, data={'comment': ' '})
self.assertEqual(response.status_code, 400)
def test_create_powertype_fails_with_duplicate(self):
"""Fail with an error if a duplicate exist when creating a new power
type"""
login(self.s, self.admin_user, self.admin_password)
expected_name = 'beerpower'
# create the same power type two times, second time should fail
post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
self.assertEqual(409, response.status_code)
def test_create_powertype_fails_with_duplicate(self):
"""Fail with an error if a duplicate exist when creating a new power
type"""
login(self.s, self.admin_user, self.admin_password)
expected_name = 'beerpower'
# create the same power type two times, second time should fail
post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
self.assertEqual(409, response.status_code)
def test_non_ascii_username_and_display_name(self):
user_name = u'ломоносов'
display_name = u'Михаил Ломоносов'
email = '*****@*****.**'
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': user_name,
'display_name': display_name,
'email_address': email})
response.raise_for_status()
# Test that search works as well
response = s.get(get_server_base() + 'users/',
params={'q': u'user_name:%s' % user_name},
headers={'Accept': 'application/json'})
response.raise_for_status()
self.assertEqual(response.json()['count'], 1)
self.assertEqual(response.json()['entries'][0]['user_name'], user_name)
# Test that typeahead works as well
response = s.get(get_server_base() + 'users/+typeahead',
params={'q': user_name[:4]},
headers={'Accept': 'application/json'})
self.assertEqual(response.json()['data'][0]['user_name'], user_name)
def test_empty_comment_is_rejected(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(get_server_base() +
'recipes/%s/tasks/%s/comments/' %
(self.recipe.id, self.recipetask.id),
session=s,
data={'comment': None})
self.assertEqual(response.status_code, 400)
# whitespace-only comment also counts as empty
response = post_json(get_server_base() +
'recipes/%s/tasks/%s/comments/' %
(self.recipe.id, self.recipetask.id),
session=s,
data={'comment': ' '})
self.assertEqual(response.status_code, 400)
def test_creating_a_system_with_hardware_essentials(self):
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.user.user_name,
'password': u'password'
}).raise_for_status()
fqdn = data_setup.unique_name(u'newsystem%s')
data = {
'fqdn': fqdn,
'lab_controller_id': self.lc.id,
'arches': [u'i386', u'x86_64'],
'location': u'dummylocation',
'lender': u'dummylender',
'kernel_type': u'highbank'
}
response = post_json(get_server_base() + 'systems/',
session=s,
data=data)
with session.begin():
system = System.by_fqdn(fqdn, self.user)
self.assertEquals(system.fqdn, fqdn)
self.assertEquals(system.lab_controller_id, self.lc.id)
self.assertTrue(Arch.by_name(u'i386') in system.arch)
self.assertTrue(Arch.by_name(u'x86_64') in system.arch)
self.assertEquals(system.location, u'dummylocation')
self.assertEquals(system.lender, u'dummylender')
self.assertEquals(system.kernel_type,
KernelType.by_name(u'highbank'))
def test_creating_a_system_with_hardware_details(self):
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.user.user_name,
'password': u'password'
}).raise_for_status()
fqdn = data_setup.unique_name(u'newsystem%s')
data = {
'fqdn': fqdn,
'hypervisor': u'KVM',
'vendor': u'dummyvendor',
'location': u'dummylocation',
'model': u'dummymodel',
'serial_number': u'dummynumber',
'mac_address': u'dummymacaddress',
'memory': 111111,
'numa_nodes': 5,
}
response = post_json(get_server_base() + 'systems/',
session=s,
data=data)
with session.begin():
system = System.by_fqdn(fqdn, self.user)
self.assertEquals(system.fqdn, fqdn)
self.assertEquals(system.hypervisor, Hypervisor.by_name(u'KVM'))
self.assertEquals(system.location, u'dummylocation')
self.assertEquals(system.serial, u'dummynumber')
self.assertEquals(system.mac_address, u'dummymacaddress')
self.assertEquals(system.memory, 111111)
self.assertEquals(system.numa.nodes, 5)
def test_cannot_add_deleted_user_to_access_policy(self):
with session.begin():
deleted_user = data_setup.create_user()
deleted_user.removed = datetime.datetime.utcnow()
bad_rule = {'user': deleted_user.user_name, 'permission': 'edit'}
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.owner.user_name,
'password': '******'
}).raise_for_status()
# Two different APIs for manipulating access policy rules
response = put_json(get_server_base() +
'pools/%s/access-policy/' % self.pool.name,
session=s,
data={'rules': [bad_rule]})
self.assertEqual(response.status_code, 400)
self.assertEqual(
response.text, 'Cannot add deleted user %s to access policy' %
deleted_user.user_name)
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
session=s,
data=bad_rule)
self.assertEqual(response.status_code, 400)
self.assertEqual(
response.text, 'Cannot add deleted user %s to access policy' %
deleted_user.user_name)
def test_non_ascii_username_and_display_name(self):
user_name = u'ломоносов'
display_name = u'Михаил Ломоносов'
email = '*****@*****.**'
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/',
session=s,
data={
'user_name': user_name,
'display_name': display_name,
'email_address': email
})
response.raise_for_status()
# Test that search works as well
response = s.get(get_server_base() + 'users/',
params={'q': u'user_name:%s' % user_name},
headers={'Accept': 'application/json'})
response.raise_for_status()
self.assertEqual(response.json()['count'], 1)
self.assertEqual(response.json()['entries'][0]['user_name'], user_name)
# Test that typeahead works as well
response = s.get(get_server_base() + 'users/+typeahead',
params={'q': user_name[:4]},
headers={'Accept': 'application/json'})
self.assertEqual(response.json()['data'][0]['user_name'], user_name)
def test_creating_a_system_with_hardware_details(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.user.user_name,
'password': u'password'}).raise_for_status()
fqdn = data_setup.unique_name(u'newsystem%s')
data = {
'fqdn': fqdn,
'hypervisor': u'KVM',
'vendor': u'dummyvendor',
'location': u'dummylocation',
'model': u'dummymodel',
'serial_number': u'dummynumber',
'mac_address': u'dummymacaddress',
'memory': 111111,
'numa_nodes': 5,
}
response = post_json(get_server_base() + 'systems/', session=s, data=data)
with session.begin():
system = System.by_fqdn(fqdn, self.user)
self.assertEquals(system.fqdn, fqdn)
self.assertEquals(system.hypervisor, Hypervisor.by_name(u'KVM'))
self.assertEquals(system.location, u'dummylocation')
self.assertEquals(system.serial, u'dummynumber')
self.assertEquals(system.mac_address, u'dummymacaddress')
self.assertEquals(system.memory, 111111)
self.assertEquals(system.numa.nodes, 5)
def test_creating_a_system_with_power_settings(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.user.user_name,
'password': u'password'}).raise_for_status()
fqdn = data_setup.unique_name(u'newsystem%s')
data = {
'fqdn': fqdn,
'lab_controller_id': self.lc.id,
'power_type': u'apc_snmp_then_etherwake',
'power_address': u'dummyaddress',
'power_user': u'dummyuser',
'power_password': u'dummypassword',
'power_id': u'dummyvm',
'power_quiescent_period': 5,
'release_action': u'LeaveOn',
'reprovision_distro_tree': {'id': self.distro_tree.id},
}
response = post_json(get_server_base() + 'systems/', session=s, data=data)
with session.begin():
system = System.by_fqdn(fqdn, self.user)
self.assertEquals(system.power.power_type, PowerType.by_name(u'apc_snmp_then_etherwake'))
self.assertEquals(system.power.power_address, u'dummyaddress')
self.assertEquals(system.power.power_user, u'dummyuser')
self.assertEquals(system.power.power_passwd, u'dummypassword')
self.assertEquals(system.power.power_id, u'dummyvm')
self.assertEquals(system.power.power_quiescent_period, 5)
self.assertEquals(system.release_action, ReleaseAction.leave_on)
self.assertEquals(system.reprovision_distro_tree, self.distro_tree)
def test_empty_notes_are_rejected(self):
s = requests.Session()
requests_login(s, user=self.owner.user_name, password=u'owner')
response = post_json(get_server_base() + 'systems/%s/notes/' % self.system.fqdn,
session=s, data={'text': ''})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.content, 'Note text cannot be empty')
def test_create_system_pool(self):
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.owner.user_name,
'password': '******'
}).raise_for_status()
data = {
'name': 'newtest',
'description': 'newtestdesciprtion',
}
response = post_json(get_server_base() + 'pools/',
session=s,
data=data)
self.assertEquals(response.status_code, 201)
self.assertEquals(response.json()['name'], data['name'])
self.assertEquals(response.json()['description'], data['description'])
self.assertEquals(response.headers['Location'],
get_server_base() + 'pools/newtest/')
with session.begin():
pool = SystemPool.by_name('newtest')
self.assertEquals(pool.name, 'newtest')
self.assertEquals(pool.description, 'newtestdesciprtion')
self.assertEquals(pool.owner.user_name, self.owner.user_name)
self.assertEquals(pool.access_policy.rules[0].everybody, True)
def test_add_policy_rule(self):
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.owner.user_name,
'password': '******'
}).raise_for_status()
response = post_json(
get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
session=s,
data={
'permission': 'control_system',
'everybody': True,
'user': None,
'group': None
},
)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.pool.access_policy.rules[-1].permission,
SystemPermission.control_system)
self.assertEquals(self.pool.access_policy.rules[-1].everybody,
True)
def test_unprivileged_user_cannot_add_note(self):
with session.begin():
unprivileged = data_setup.create_user(password=u'password')
s = requests.Session()
requests_login(s, user=unprivileged.user_name, password=u'password')
response = post_json(get_server_base() + 'systems/%s/notes/' % self.system.fqdn,
session=s, data={'text': 'asdf'})
self.assertEquals(response.status_code, 403)
def test_404_response_to_string_rs_id(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(get_server_base() +
'/recipes/thisisnotanint/tasks/%s/comments/'
% self.recipe.tasks[0].id,
session=s, data={'comment': 'testdata'})
self.assertEqual(response.status_code, 404)
def test_404_response_to_string_rs_id(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(get_server_base() +
'/recipes/thisisnotanint/tasks/%s/comments/' %
self.recipe.tasks[0].id,
session=s,
data={'comment': 'testdata'})
self.assertEqual(response.status_code, 404)
def test_empty_notes_are_rejected(self):
s = requests.Session()
requests_login(s, user=self.owner.user_name, password=u'owner')
response = post_json(get_server_base() +
'systems/%s/notes/' % self.system.fqdn,
session=s,
data={'text': ''})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.content, 'Note text cannot be empty')
def test_anonymous_cannot_add_delete_policy_rule(self):
# attempt to add
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
data={'rule': []})
self.assertEquals(response.status_code, 401)
# attempt to remove
response = requests.delete(get_server_base() + 'systems/%s/access-policy/rules/' % self.pool.name)
self.assertEquals(response.status_code, 401)
def test_cannot_power_when_not_logged_in(self):
b = self.browser
self.go_to_commands_tab(self.system)
pane = b.find_element_by_id("power")
pane.find_element_by_xpath('.//div[contains(@class, "alert") and ' 'text()="You are not logged in."]')
# try issuing the request directly also
response = post_json(get_server_base() + "systems/%s/commands/" % self.system.fqdn, data=dict(action="on"))
self.assertEquals(response.status_code, 401)
self.assertEquals(response.text, "Authenticated user required")
def test_does_not_create_user_with_empty_email_address(self):
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': 'fbagginsone',
'display_name': 'Frodo Baggins pne',
'email_address': ''})
self.assertEqual(response.status_code, 400)
self.assertIn('Email address must not be empty', response.text)
def test_add_system_to_pool(self):
with session.begin():
other_system = data_setup.create_system(owner=self.owner)
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.owner.user_name,
'password': '******'
}).raise_for_status()
response = post_json(get_server_base() +
'pools/%s/systems/' % self.pool.name,
session=s,
data={'fqdn': other_system.fqdn})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertItemsEqual(self.pool.systems,
[self.system, other_system])
self.assertEquals(self.pool.activity[-1].field_name, 'System')
self.assertEquals(self.pool.activity[-1].action, 'Added')
self.assertEquals(self.pool.activity[-1].new_value,
unicode(other_system))
self.assertEquals(other_system.activity[-1].field_name, 'Pool')
self.assertEquals(other_system.activity[-1].action, 'Added')
self.assertEquals(other_system.activity[-1].new_value,
unicode(self.pool))
# adding to a pool that doesn't exist is a 404
response = post_json(get_server_base() + 'pools/nosuchpool/systems/',
session=s,
data={'fqdn': other_system.fqdn})
self.assertEquals(response.status_code, 404)
self.assertEquals(response.text,
'System pool nosuchpool does not exist')
# adding a system that doesn't exist is a 400
response = post_json(get_server_base() +
'pools/%s/systems/' % self.pool.name,
session=s,
data={'fqdn': 'nosuchsystem'})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.text,
"System 'nosuchsystem' does not exist")
def test_does_not_create_user_with_empty_display_name(self):
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': 'fbagginsone',
'display_name': '',
'email_address': '*****@*****.**'})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text,
'Display name must not be empty')
def test_unprivileged_user_cannot_add_note(self):
with session.begin():
unprivileged = data_setup.create_user(password=u'password')
s = requests.Session()
requests_login(s, user=unprivileged.user_name, password=u'password')
response = post_json(get_server_base() +
'systems/%s/notes/' % self.system.fqdn,
session=s,
data={'text': 'asdf'})
self.assertEquals(response.status_code, 403)
def test_user_with_edit_permission_can_add_note(self):
with session.begin():
user = data_setup.create_user(password='******')
self.system.custom_access_policy.add_rule(
permission=SystemPermission.edit_system, user=user)
s = requests.Session()
requests_login(s, user=user.user_name, password=u'password')
response = post_json(get_server_base() + 'systems/%s/notes/' % self.system.fqdn,
session=s, data={'text': 'asdf'})
response.raise_for_status()
def test_submit_inventory_job(self):
s = requests.Session()
response = s.post(get_server_base() + 'jobs/+inventory')
self.assertEquals(response.status_code, 401)
s.post(get_server_base() + 'login',
data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() + 'jobs/+inventory',
session=s,
data={'fqdn': self.system1.fqdn})
response.raise_for_status()
self.assertIn('recipe_id', response.text)
# Non-existent system
response = post_json(get_server_base() + 'jobs/+inventory',
session=s,
data={'fqdn': 'i.donotexist.name'})
self.assertEquals(response.status_code, 400)
self.assertIn('System not found: i.donotexist.name', response.text)
def test_anonymous_cannot_add_delete_policy_rule(self):
# attempt to add
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
data={'rule': []})
self.assertEquals(response.status_code, 401)
# attempt to remove
response = requests.delete(get_server_base() +
'systems/%s/access-policy/rules/' %
self.pool.name)
self.assertEquals(response.status_code, 401)
def test_cannot_lend_to_deleted_user(self):
with session.begin():
system = data_setup.create_system()
deleted_user = data_setup.create_user()
deleted_user.removed = datetime.datetime.utcnow()
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'systems/%s/loans/' % system.fqdn,
session=s, data={'recipient': {'user_name': deleted_user.user_name}})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.text,
'Cannot lend to deleted user %s' % deleted_user.user_name)
def test_user_with_edit_permission_can_add_note(self):
with session.begin():
user = data_setup.create_user(password='******')
self.system.custom_access_policy.add_rule(
permission=SystemPermission.edit_system, user=user)
s = requests.Session()
requests_login(s, user=user.user_name, password=u'password')
response = post_json(get_server_base() +
'systems/%s/notes/' % self.system.fqdn,
session=s,
data={'text': 'asdf'})
response.raise_for_status()
def test_add_submission_delegate(self):
with session.begin():
user = data_setup.create_user()
other_user = data_setup.create_user()
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/%s/submission-delegates/' % user.user_name,
session=s, data={'user_name': other_user.user_name})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertItemsEqual(user.submission_delegates, [other_user])
def test_no_permission(self):
with session.begin():
user = data_setup.create_user(password='******')
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': user.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() +
'systems/%s/installations/' % self.system.fqdn,
session=s, data={'distro_tree': {'id': -1}})
self.assertEquals(response.status_code, 403)
self.assertEquals(response.text,
'Insufficient permissions: Cannot provision system')
def test_cannot_power_when_not_logged_in(self):
b = self.browser
self.go_to_commands_tab(self.system)
pane = b.find_element_by_id('power')
pane.find_element_by_xpath('.//div[contains(@class, "alert") and '
'text()="You are not logged in."]')
# try issuing the request directly also
response = post_json(get_server_base() +
'systems/%s/commands/' % self.system.fqdn,
data=dict(action='on'))
self.assertEquals(response.status_code, 401)
self.assertEquals(response.text, 'Authenticated user required')
def test_create_user(self):
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': 'fbaggins',
'display_name': 'Frodo Baggins',
'email_address': '*****@*****.**'})
response.raise_for_status()
with session.begin():
session.expire_all()
user = User.by_user_name(u'fbaggins')
self.assertEqual(response.json()['id'], user.user_id)
self.assertEqual(response.json()['user_name'], 'fbaggins')
def test_whitespace_only_values_are_not_accepted(self):
# Whitespace-only values also count as empty, because we strip
s = requests.Session()
requests_login(s)
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': ' \t\v',
'display_name': 'Bilbo Baggins',
'email_address': '*****@*****.**'})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text, 'Username must not be empty')
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': 'bbaggins',
'display_name': ' \t\v',
'email_address': '*****@*****.**'})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text, 'Display name must not be empty')
response = post_json(get_server_base() + 'users/', session=s, data={
'user_name': 'bbaggins',
'display_name': 'Bilbo Baggins',
'email_address': ' \t\v'})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text,
'Email address must not be empty')
def check_cannot_clear_netboot(self, user, password, system, error_message):
b = self.browser
login(b, user.user_name, password)
self.go_to_commands_tab(system)
pane = b.find_element_by_id("power")
pane.find_element_by_xpath('.//div[contains(@class, "alert") and text()="%s."]' % error_message)
# try issuing the request directly also
s = requests.Session()
requests_login(s, user.user_name, password)
response = post_json(
get_server_base() + "systems/%s/commands/" % system.fqdn, session=s, data=dict(action="clear_netboot")
)
self.assertGreaterEqual(response.status_code, 400)
self.assertIn(error_message, response.text)
def test_add_note(self):
note_text = 'sometimes it breaks'
s = requests.Session()
requests_login(s, user=self.owner.user_name, password=u'owner')
response = post_json(get_server_base() + 'systems/%s/notes/' % self.system.fqdn,
session=s, data={'text': note_text})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.system.notes[0].user, self.owner)
self.assertEquals(self.system.notes[0].text, note_text)
assert_datetime_within(self.system.notes[0].created,
reference=datetime.datetime.utcnow(),
tolerance=datetime.timedelta(seconds=10))
def test_post_recipetask_comment(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(get_server_base() +
'recipes/%s/tasks/%s/comments/' % (self.recipe.id, self.recipetask.id),
session=s, data={'comment': 'we unite on common solutions'})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(len(self.recipetask.comments), 1)
self.assertEqual(self.recipetask.comments[0].user, self.owner)
self.assertEqual(self.recipetask.comments[0].comment,
u'we unite on common solutions')
self.assertEqual(response.json()['id'],
self.recipetask.comments[0].id)
def test_nonadmins_cannot_create_powertypes(self):
"""Users missing admin privileges should not be allowed to create
powertypes."""
user_password = '******'
with session.begin():
user = data_setup.create_user(password=user_password)
powertypes_amount = session.query(PowerType).count()
login(self.s, user, user_password)
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name='ignored'))
self.assertEqual(403, response.status_code)
with session.begin():
self.assertEqual(powertypes_amount, session.query(PowerType).count())
def test_unprivileged_user_cannot_add_remove_policy_rule(self):
with session.begin():
user = data_setup.create_user(password='******')
# attempt to add
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': user.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
session=s,
data={'rule': {} })
self.assertEquals(response.status_code, 403)
# attempt to remove
response = s.delete(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name)
self.assertEquals(response.status_code, 403)
def test_nonadmins_cannot_create_powertypes(self):
"""Users missing admin privileges should not be allowed to create
powertypes."""
user_password = '******'
with session.begin():
user = data_setup.create_user(password=user_password)
powertypes_amount = session.query(PowerType).count()
login(self.s, user, user_password)
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name='ignored'))
self.assertEqual(403, response.status_code)
with session.begin():
self.assertEqual(powertypes_amount,
session.query(PowerType).count())
def test_add_note(self):
note_text = 'sometimes it breaks'
s = requests.Session()
requests_login(s, user=self.owner.user_name, password=u'owner')
response = post_json(get_server_base() +
'systems/%s/notes/' % self.system.fqdn,
session=s,
data={'text': note_text})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.system.notes[0].user, self.owner)
self.assertEquals(self.system.notes[0].text, note_text)
assert_datetime_within(self.system.notes[0].created,
reference=datetime.datetime.utcnow(),
tolerance=datetime.timedelta(seconds=10))
def test_create_new_powertype_successfully(self):
with session.begin():
activity_count = Activity.query.count()
login(self.s, self.admin_user, self.admin_password)
expected_name = 'beerpower'
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
self.assertEqual(201, response.status_code)
self.assertEqual(expected_name, response.json()['name'])
with session.begin():
powertype = PowerType.by_name(expected_name)
self.assertEqual(expected_name, powertype.name)
self.assertEqual(activity_count + 1, Activity.query.count())
def test_post_recipe_task_result_comment(self):
s = requests.Session()
requests_login(s, user=self.owner, password=u'theowner')
response = post_json(
get_server_base() + 'recipes/%s/tasks/%s/results/%s/comments/' %
(self.recipe.id, self.recipetask.id, self.result.id),
session=s,
data={'comment': 'we unite on common solutions'})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(len(self.result.comments), 1)
self.assertEqual(self.result.comments[0].user, self.owner)
self.assertEqual(self.result.comments[0].comment,
u'we unite on common solutions')
self.assertEqual(response.json()['id'], self.result.comments[0].id)
def test_create_new_powertype_successfully(self):
with session.begin():
activity_count = Activity.query.count()
login(self.s, self.admin_user, self.admin_password)
expected_name = 'beerpower'
response = post_json(get_server_base() + 'powertypes/',
session=self.s,
data=dict(name=expected_name))
self.assertEqual(201, response.status_code)
self.assertEqual(expected_name, response.json()['name'])
with session.begin():
powertype = PowerType.by_name(expected_name)
self.assertEqual(expected_name, powertype.name)
self.assertEqual(activity_count + 1, Activity.query.count())
def test_cannot_create_system_pool_owned_by_deleted_user(self):
with session.begin():
self.owner.removed = datetime.datetime.utcnow()
s = requests.Session()
send_login(s)
response = post_json(get_server_base() + 'pools/',
session=s,
data={
'name': 'asdf',
'owner': {
'user_name': self.owner.user_name
}
})
self.assertEquals(response.status_code, 400)
self.assertEquals(
response.text, 'System pool cannot be owned by deleted user %s' %
self.owner.user_name)
def check_cannot_power(self, user, password, system, error_message):
b = self.browser
login(b, user.user_name, password)
self.go_to_commands_tab(system)
pane = b.find_element_by_id('power')
pane.find_element_by_xpath(
'.//div[contains(@class, "alert") and text()="%s."]' %
error_message)
# try issuing the request directly also
s = requests.Session()
requests_login(s, user.user_name, password)
response = post_json(get_server_base() +
'systems/%s/commands/' % system.fqdn,
session=s,
data=dict(action='on'))
self.assertGreaterEqual(response.status_code, 400)
self.assertIn(error_message, response.text)
def test_creating_a_system_with_scheduler_settings(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.user.user_name,
'password': u'password'}).raise_for_status()
fqdn = data_setup.unique_name(u'newsystem%s')
data = {
'fqdn': fqdn,
'status': u'Broken',
'status_reason': u'Currently is broken',
'type': u'Laptop',
}
response = post_json(get_server_base() + 'systems/', session=s, data=data)
with session.begin():
system = System.by_fqdn(fqdn, self.user)
self.assertEquals(system.status, SystemStatus.broken)
self.assertEquals(system.status_reason, u'Currently is broken')
self.assertEquals(system.type, SystemType.laptop)
def test_add_policy_rule(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name, session=s,
data={'permission': 'control_system',
'everybody': True,
'user': None,
'group': None},
)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.pool.access_policy.rules[-1].permission,
SystemPermission.control_system)
self.assertEquals(self.pool.access_policy.rules[-1].everybody, True)
def test_no_permission(self):
with session.begin():
user = data_setup.create_user(password='******')
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': user.user_name,
'password': '******'
}).raise_for_status()
response = post_json(get_server_base() +
'systems/%s/installations/' % self.system.fqdn,
session=s,
data={'distro_tree': {
'id': -1
}})
self.assertEquals(response.status_code, 403)
self.assertEquals(response.text,
'Insufficient permissions: Cannot provision system')
def test_unprivileged_user_cannot_add_remove_policy_rule(self):
with session.begin():
user = data_setup.create_user(password='******')
# attempt to add
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': user.user_name,
'password': '******'
}).raise_for_status()
response = post_json(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
session=s,
data={'rule': {}})
self.assertEquals(response.status_code, 403)
# attempt to remove
response = s.delete(get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name)
self.assertEquals(response.status_code, 403)
def test_create_system_pool(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
data = {
'name': 'newtest',
'description': 'newtestdesciprtion',
}
response = post_json(get_server_base() + 'pools/', session=s, data=data)
self.assertEquals(response.status_code, 201)
self.assertEquals(response.json()['name'], data['name'])
self.assertEquals(response.json()['description'], data['description'])
self.assertEquals(response.headers['Location'],
get_server_base() + 'pools/newtest/')
with session.begin():
pool = SystemPool.by_name('newtest')
self.assertEquals(pool.name, 'newtest')
self.assertEquals(pool.description, 'newtestdesciprtion')
self.assertEquals(pool.owner.user_name, self.owner.user_name)
self.assertEquals(pool.access_policy.rules[0].everybody, True)
def test_cannot_add_deleted_user_to_access_policy(self):
with session.begin():
deleted_user = data_setup.create_user()
deleted_user.removed = datetime.datetime.utcnow()
bad_rule = {'user': deleted_user.user_name, 'permission': 'edit'}
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
# Two different APIs for manipulating access policy rules
response = put_json(get_server_base() +
'systems/%s/access-policy' % self.system.fqdn, session=s,
data={'rules': [bad_rule]})
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text,
'Cannot add deleted user %s to access policy' % deleted_user.user_name)
response = post_json(get_server_base() +
'systems/%s/access-policy/rules/' % self.system.fqdn, session=s,
data=bad_rule)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.text,
'Cannot add deleted user %s to access policy' % deleted_user.user_name)
