def setUp(self): super(ServicesPolicyTest, self).setUp() self.controller = services_v21.ServiceController() self.req = fakes.HTTPRequest.blank('/services') # Check that admin is able to change the service self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context] # Check that non-admin is not able to change the service self.admin_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.project_member_context, self.other_project_member_context, self.project_foo_context, self.project_reader_context ] # Check that system scoped admin, member and reader are able to # read the service data. # NOTE(gmann): Until old default rule which is admin_api is # deprecated and not removed, project admin and legacy admin # will be able to read the service data. This make sure that existing # tokens will keep working even we have changed this policy defaults # to reader role. self.reader_authorized_contexts = [ self.system_admin_context, self.system_member_context, self.system_reader_context, self.legacy_admin_context, self.project_admin_context] # Check that non-system-reader are not able to read the service # data self.reader_unauthorized_contexts = [ self.system_foo_context, self.other_project_member_context, self.project_foo_context, self.project_member_context, self.project_reader_context]
def setUp(self): super(ComputeHostAPITestCase, self).setUp() self.host_api = compute.HostAPI() self.aggregate_api = compute_api.AggregateAPI() self.ctxt = context.get_admin_context() fake_notifier.stub_notifier(self) self.addCleanup(fake_notifier.reset) self.req = fakes.HTTPRequest.blank('') self.controller = services.ServiceController()
def setUp(self): super(ComputeHostAPITestCase, self).setUp() self.host_api = compute.HostAPI() self.aggregate_api = compute.AggregateAPI() self.ctxt = context.get_admin_context() self.notifier = self.useFixture( nova_fixtures.NotificationFixture(self)) self.req = fakes.HTTPRequest.blank('') self.controller = services.ServiceController() self.useFixture(nova_fixtures.SingleCellSimple())
def setUp(self): super(ServicesPolicyTest, self).setUp() self.controller = services_v21.ServiceController() self.req = fakes.HTTPRequest.blank('/services') # With legacy rule and scope check disabled by default, system admin, # legacy admin, and project admin will be able to perform Services # Operations. self.system_admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context ]
def setUp(self): super(ServicesPolicyTest, self).setUp() self.controller = services_v21.ServiceController() self.req = fakes.HTTPRequest.blank('/services') # Check that admin is able to change the service self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context ] # Check that non-admin is not able to change the service self.admin_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.project_member_context, self.other_project_member_context, self.project_foo_context, self.project_reader_context ]
def setUp(self): super(ServicesDeprecatedPolicyTest, self).setUp() self.controller = services_v21.ServiceController() self.member_req = fakes.HTTPRequest.blank('') self.member_req.environ['nova.context'] = self.system_reader_context self.reader_req = fakes.HTTPRequest.blank('') self.reader_req.environ['nova.context'] = self.project_reader_context self.deprecated_policy = "os_compute_api:os-services" # Overridde rule with different checks than defaults so that we can # verify the rule overridden case. override_rules = {self.deprecated_policy: base_policy.SYSTEM_READER} # NOTE(gmann): Only override the deprecated rule in policy file so # that # we can verify if overridden checks are considered by oslo.policy. # Oslo.policy will consider the overridden rules if: # 1. overridden deprecated rule's checks are different than defaults # 2. new rules are not present in policy file self.policy = self.useFixture( policy_fixture.OverridePolicyFixture(rules_in_file=override_rules))
def _set_up_controller(self): self.controller = services_v21.ServiceController()
def setUp(self): super(ServicesPolicyEnforcementV21, self).setUp() self.controller = services_v21.ServiceController() self.req = fakes.HTTPRequest.blank('')