def setUp(self):
super(LimitsPolicyTest, self).setUp()
self.controller = limits.LimitsController()
self.req = fakes.HTTPRequest.blank('')
self.absolute_limits = {
'ram': 512,
'instances': 5,
'cores': 21,
'key_pairs': 10,
'floating_ips': 10,
'security_groups': 10,
'security_group_rules': 20,
}
def stub_get_project_quotas(context, project_id, usages=True):
return {
k: dict(limit=v, in_use=v // 2)
for k, v in self.absolute_limits.items()
}
mock_get_project_quotas = mock.patch.object(
quota.QUOTAS,
"get_project_quotas",
side_effect=stub_get_project_quotas)
mock_get_project_quotas.start()
# Check that everyone is able to get their limits
self.everyone_authorized_contexts = self.all_contexts
# With legacy rule, any admin is able to get other projects limit.
self.project_admin_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context
]
def setUp(self):
super(NoopLimitsControllerTest, self).setUp()
self.flags(driver=self.quota_driver, group="quota")
self.controller = limits_v21.LimitsController()
# remove policy checks
patcher = self.mock_can = mock.patch('nova.context.RequestContext.can')
self.mock_can = patcher.start()
self.addCleanup(patcher.stop)
def setUp(self):
super(LimitsPolicyTest, self).setUp()
self.controller = limits.LimitsController()
self.req = fakes.HTTPRequest.blank('')
self.absolute_limits = {
'ram': 512,
'instances': 5,
'cores': 21,
'key_pairs': 10,
'floating_ips': 10,
'security_groups': 10,
'security_group_rules': 20,
}
def stub_get_project_quotas(context, project_id, usages=True):
return {
k: dict(limit=v, in_use=v // 2)
for k, v in self.absolute_limits.items()
}
mock_get_project_quotas = mock.patch.object(
quota.QUOTAS,
"get_project_quotas",
side_effect=stub_get_project_quotas)
mock_get_project_quotas.start()
# Check that everyone is able to get their limits
self.everyone_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context, self.system_member_context,
self.system_reader_context, self.system_foo_context,
self.project_member_context, self.other_project_member_context,
self.project_foo_context, self.project_reader_context
]
self.everyone_unauthorized_contexts = []
# Check that system reader is able to get other projects limit.
# NOTE(gmann): Until old default rule which is admin_api is
# deprecated and not removed, project admin and legacy admin
# will be able to read the agent data. This make sure that existing
# tokens will keep working even we have changed this policy defaults
# to reader role.
self.reader_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context, self.system_member_context,
self.system_reader_context
]
# Check that non-admin is not able to get other projects limit.
self.reader_unauthorized_contexts = [
self.system_foo_context, self.project_member_context,
self.other_project_member_context, self.project_foo_context,
self.project_reader_context
]
def setUp(self):
"""Run before each test."""
super(LimitsControllerTest, self).setUp()
self.controller = limits.create_resource()
self.ctrler = limits.LimitsController()
def setUp(self):
super(LimitsPolicyEnforcementV21, self).setUp()
self.controller = limits_v21.LimitsController()
def setUp(self):
super(LimitsControllerTestV275, self).setUp()
self.controller = limits_v21.LimitsController()
def setUp(self):
super(LimitsControllerTestV239, self).setUp()
self.controller = limits_v21.LimitsController()
self.req = fakes.HTTPRequest.blank("/?tenant_id=faketenant",
version='2.39')
