def test_user_add_project(self):
user_create('charlie', 'secret')
api.project_create('acme-corp')
user_add_project('charlie', 'acme-corp')
user = api._must_find(User, 'charlie')
project = api._must_find(model.Project, 'acme-corp')
assert project in user.projects
assert user in project.users
def test_user_add_project(self):
user_create('charlie', 'secret')
api.project_create('acme-corp')
user_add_project('charlie', 'acme-corp')
user = api._must_find(User, 'charlie')
project = api._must_find(model.Project, 'acme-corp')
assert project in user.projects
assert user in project.users
def test_user_remove_project(self):
self.dbauth.user_create('charlie', 'secret')
api.project_create('acme-corp')
self.dbauth.user_add_project('charlie', 'acme-corp')
self.dbauth.user_remove_project('charlie', 'acme-corp')
user = api._must_find(self.dbauth.User, 'charlie')
project = api._must_find(model.Project, 'acme-corp')
assert project not in user.projects
assert user not in project.users
def user_remove_project(user, project):
"""Remove a user from a project.
If the project or user does not exist, a NotFoundError will be raised.
"""
get_auth_backend().require_admin()
user = api._must_find(User, user)
project = api._must_find(model.Project, project)
if project not in user.projects:
raise NotFoundError("User %s is not in project %s" % (user.label, project.label))
user.projects.remove(project)
db.session.commit()
def user_add_project(user, project):
"""Add a user to a project.
If the project or user does not exist, a NotFoundError will be raised.
"""
get_auth_backend().require_admin()
user = api._must_find(User, user)
project = api._must_find(model.Project, project)
if project in user.projects:
raise DuplicateError("User %s is already in project %s" % (user.label, project.label))
user.projects.append(project)
db.session.commit()
def user_add_project(user, project):
"""Add a user to a project.
If the project or user does not exist, a NotFoundError will be raised.
"""
get_auth_backend().require_admin()
user = api._must_find(User, user)
project = api._must_find(model.Project, project)
if project in user.projects:
raise DuplicateError('User %s is already in project %s' %
(user.label, project.label))
user.projects.append(project)
db.session.commit()
def user_remove_project(user, project):
"""Remove a user from a project.
If the project or user does not exist, a NotFoundError will be raised.
"""
get_auth_backend().require_admin()
user = api._must_find(User, user)
project = api._must_find(model.Project, project)
if project not in user.projects:
raise NotFoundError("User %s is not in project %s" %
(user.label, project.label))
user.projects.remove(project)
db.session.commit()
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(model.Project, 'anvil-nextgen')
nodes = project.nodes
ports = self.get_all_ports(nodes)
# Remove all nodes from their networks. We do this in two different
# ways for different ports to test the different mechanisms. For
# the first two nodes we explicity remove the attachments. For the
# latter two we call port_revert.
for node in nodes[:2]:
attachment = model.NetworkAttachment.query \
.filter_by(nic=node.nics[0]).one()
api.node_detach_network(node.label, node.nics[0].label,
attachment.network.label)
for node in nodes[2:]:
port = node.nics[0].port
api.port_revert(port.owner.label, port.label)
deferred.apply_networking()
# Assert that none of the nodes are on any network
port_networks = self.get_port_networks(ports)
for node in nodes:
assert self.get_network(node.nics[0].port, port_networks) == \
set()
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(model.Project, 'anvil-nextgen')
nodes = project.nodes
ports = self.get_all_ports(nodes)
# Remove all nodes from their networks. We first build up a list of
# the arguments to the API calls, which has no direct references to
# database objects, and then make the API calls and invoke
# deferred.apply_networking after. This is important --
# The API calls and apply_networking normally run in their own
# transaction. We get away with not doing this in the tests because
# we serialize everything ourselves, so there's no risk of
# interference. If we were to hang on to references to database
# objects across such calls however, things could get harry.
all_attachments = []
for node in nodes:
attachments = model.NetworkAttachment.query \
.filter_by(nic=node.nics[0]).all()
for attachment in attachments:
all_attachments.append((node.label,
node.nics[0].label,
attachment.network.label))
for attachment in all_attachments:
api.node_detach_network(*attachment)
deferred.apply_networking()
# Assert that none of the nodes are on any network
port_networks = self.get_port_networks(ports)
for node in nodes:
assert self.get_network(node.nics[0].port, port_networks) == set()
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(model.Project, 'anvil-nextgen')
nodes = project.nodes
ports = self.get_all_ports(nodes)
# Remove all nodes from their networks. We first build up a list of
# the arguments to the API calls, which has no direct references to
# database objects, and then make the API calls and invoke
# deferred.apply_networking after. This is important --
# The API calls and apply_networking normally run in their own
# transaction. We get away with not doing this in the tests because
# we serialize everything ourselves, so there's no risk of
# interference. If we were to hang on to references to database
# objects across such calls however, things could get harry.
all_attachments = []
for node in nodes:
attachments = model.NetworkAttachment.query \
.filter_by(nic=node.nics[0]).all()
for attachment in attachments:
all_attachments.append((node.label, node.nics[0].label,
attachment.network.label))
for attachment in all_attachments:
api.node_detach_network(*attachment)
deferred.apply_networking()
# Assert that none of the nodes are on any network
port_networks = self.get_port_networks(ports)
for node in nodes:
assert self.get_network(node.nics[0].port, port_networks) == \
set()
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')
def user_delete(user):
"""Delete user.
If the user does not exist, a NotFoundError will be raised.
"""
get_auth_backend().require_admin()
# XXX: We need to do a bit of refactoring, so this is available outside of
# haas.api:
user = api._must_find(User, user)
db.session.delete(user)
db.session.commit()
def authenticate(self):
local.auth = None
if local.request.authorization is None:
return False
authorization = local.request.authorization
if authorization.password is None:
return False
user = api._must_find(User, authorization.username)
if user.verify_password(authorization.password):
local.auth = user
return True
else:
return False
def authenticate(self):
local.auth = None
if flask.request.authorization is None:
return False
authorization = flask.request.authorization
if authorization.password is None:
return False
user = api._must_find(User, authorization.username)
if user.verify_password(authorization.password):
local.auth = user
return True
else:
return False
def authenticate(self):
local.auth = None
if flask.request.authorization is None:
return False
authorization = flask.request.authorization
if authorization.password is None:
return False
user = api._must_find(User, authorization.username)
if user.verify_password(authorization.password):
local.auth = user
logger.info("Successful authentication for user %r" % user.label)
return True
else:
logger.info("Failed authentication for user %r" % user.label)
return False
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(db, model.Project, 'anvil-nextgen')
nodes = project.nodes
# Remove all nodes from their networks
for node in nodes:
if node.nics[0].network is not None:
api.node_detach_network(node.label, node.nics[0].label)
deferred.apply_networking()
# Assert that none of the nodes are on any network
vlan_cfgs = get_switch_vlans()
for node in nodes:
assert get_network(node.nics[0].label, vlan_cfgs) == []
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(db, model.Project, 'anvil-nextgen')
nodes = project.nodes
# Remove all nodes from their networks
for node in nodes:
if node.nics[0].network is not None:
api.node_detach_network(node.label, node.nics[0].label)
deferred.apply_networking()
# Assert that none of the nodes are on any network
vlan_cfgs = get_switch_vlans()
for node in nodes:
assert get_network(node.nics[0].label, vlan_cfgs) == []
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(db, model.Project, "anvil-nextgen")
nodes = project.nodes
ports = self.get_all_ports(nodes)
# Remove all nodes from their networks
for node in nodes:
attachment = db.query(model.NetworkAttachment).filter_by(nic=node.nics[0]).one()
api.node_detach_network(node.label, node.nics[0].label, attachment.network.label)
deferred.apply_networking()
# Assert that none of the nodes are on any network
port_networks = self.get_port_networks(ports)
for node in nodes:
assert self.get_network(node.nics[0].port, port_networks) == set()
# Delete the networks
api.network_delete("net-0")
api.network_delete("net-1")
def delete_networks():
# Query the DB for nodes on this project
project = api._must_find(model.Project, 'anvil-nextgen')
nodes = project.nodes
ports = self.get_all_ports(nodes)
# Remove all nodes from their networks
for node in nodes:
attachment = model.NetworkAttachment.query \
.filter_by(nic=node.nics[0]).one()
api.node_detach_network(node.label, node.nics[0].label,
attachment.network.label)
deferred.apply_networking()
# Assert that none of the nodes are on any network
port_networks = self.get_port_networks(ports)
for node in nodes:
assert self.get_network(node.nics[0].port, port_networks) == \
set()
# Delete the networks
api.network_delete('net-0')
api.network_delete('net-1')