def test_scheduler_call_target_method_with_correct_auth(self, method): method.side_effect = self.target_check_context_method default_context = base.get_context(default=True) auth_context.set_ctx(default_context) default_project_id = ( default_context.project_id ) scheduler.schedule_call( None, TARGET_METHOD_PATH, DELAY, **{'expected_project_id': default_project_id} ) second_context = base.get_context(default=False) auth_context.set_ctx(second_context) second_project_id = ( second_context.project_id ) scheduler.schedule_call( None, TARGET_METHOD_PATH, DELAY, **{'expected_project_id': second_project_id} ) self.assertNotEqual(default_project_id, second_project_id) for _ in range(2): self.assertTrue(self.queue.get())
def test_scheduler_call_target_method_with_correct_auth(self, method): method.side_effect = self.target_check_context_method default_context = base.get_context(default=True) auth_context.set_ctx(default_context) default_project_id = ( default_context.project_id ) scheduler.schedule_call( None, TARGET_METHOD_PATH, DELAY, **{'expected_project_id': default_project_id} ) second_context = base.get_context(default=False) auth_context.set_ctx(second_context) second_project_id = ( second_context.project_id ) scheduler.schedule_call( None, TARGET_METHOD_PATH, DELAY, **{'expected_project_id': second_project_id} ) self.assertNotEqual(default_project_id, second_project_id) for _ in range(2): self.assertTrue(self.queue.get())
def test_scheduler_call_target_method_with_correct_auth(self, method): method.side_effect = self.target_check_context_method default_context = base.get_context(default=True) auth_context.set_ctx(default_context) default_project_id = default_context.project_id job = sched_base.SchedulerJob( run_after=DELAY, func_name=TARGET_METHOD_PATH, func_args={'expected_project_id': default_project_id}) self.scheduler.schedule(job) second_context = base.get_context(default=False) auth_context.set_ctx(second_context) second_project_id = second_context.project_id job = sched_base.SchedulerJob( run_after=DELAY, func_name=TARGET_METHOD_PATH, func_args={'expected_project_id': second_project_id}) self.scheduler.schedule(job) self.assertNotEqual(default_project_id, second_project_id) for _ in range(2): self.assertTrue(self.queue.get())
def test_scheduler_call_target_method_with_correct_auth(self, method): default_context = base.get_context(default=True) auth_context.set_ctx(default_context) default_project_id = ( default_context._BaseContext__values['project_id']) method_args1 = {'expected_project_id': default_project_id} scheduler.schedule_call(None, CHECK_CONTEXT_METHOD_PATH, DELAY, **method_args1) second_context = base.get_context(default=False) auth_context.set_ctx(second_context) second_project_id = (second_context._BaseContext__values['project_id']) method_args2 = {'expected_project_id': second_project_id} scheduler.schedule_call(None, CHECK_CONTEXT_METHOD_PATH, DELAY, **method_args2) eventlet.sleep(WAIT) method.assert_any_call(default_project_id, default_project_id) method.assert_any_call(second_project_id, second_project_id) self.assertNotEqual(default_project_id, second_project_id)
def test_event_engine_public_trigger(self, mock_start): t = copy.deepcopy(EVENT_TRIGGER) # Create public trigger as an admin self.ctx = base.get_context(default=False, admin=True) auth_context.set_ctx(self.ctx) t['scope'] = 'public' t['project_id'] = self.ctx.tenant trigger = db_api.create_event_trigger(t) # Switch to the user. self.ctx = base.get_context(default=True) auth_context.set_ctx(self.ctx) e_engine = evt_eng.DefaultEventEngine() self.addCleanup(e_engine.handler_tg.stop) event = { 'event_type': EVENT_TYPE, 'payload': {}, 'publisher': 'fake_publisher', 'timestamp': '', 'context': { 'project_id': '%s' % self.ctx.project_id, 'user_id': 'fake_user' }, } # Moreover, assert that trigger.project_id != event.project_id self.assertNotEqual( trigger.project_id, event['context']['project_id'] ) with mock.patch.object(e_engine, 'engine_client') as client_mock: e_engine.event_queue.put(event) time.sleep(1) self.assertEqual(1, client_mock.start_workflow.call_count) args, kwargs = client_mock.start_workflow.call_args self.assertEqual( (EVENT_TRIGGER['workflow_id'], '', None, {}), args ) self.assertDictEqual( { 'service': 'fake_publisher', 'project_id': '%s' % self.ctx.project_id, 'user_id': 'fake_user', 'timestamp': '' }, kwargs['event_params'] )
def test_event_engine_public_trigger(self, mock_start): t = copy.deepcopy(EVENT_TRIGGER) # Create public trigger as an admin self.ctx = base.get_context(default=False, admin=True) auth_context.set_ctx(self.ctx) t['scope'] = 'public' t['project_id'] = self.ctx.tenant trigger = db_api.create_event_trigger(t) # Switch to the user. self.ctx = base.get_context(default=True) auth_context.set_ctx(self.ctx) e_engine = evt_eng.DefaultEventEngine() self.addCleanup(e_engine.handler_tg.stop) event = { 'event_type': EVENT_TYPE, 'payload': {}, 'publisher': 'fake_publisher', 'timestamp': '', 'context': { 'project_id': '%s' % self.ctx.project_id, 'user_id': 'fake_user' }, } # Moreover, assert that trigger.project_id != event.project_id self.assertNotEqual( trigger.project_id, event['context']['project_id'] ) with mock.patch.object(e_engine, 'engine_client') as client_mock: e_engine.event_queue.put(event) time.sleep(1) self.assertEqual(1, client_mock.start_workflow.call_count) args, kwargs = client_mock.start_workflow.call_args self.assertEqual((EVENT_TRIGGER['workflow_id'], '', {}), args) self.assertDictEqual( { 'service': 'fake_publisher', 'project_id': '%s' % self.ctx.project_id, 'user_id': 'fake_user', 'timestamp': '' }, kwargs['event_params'] )
def delete_(): context.set_ctx(unit_base.get_context()) db_api.delete_workflow_execution(self.wf_ex_id) # Unlocking the "list" operation. list_lock.release()
def test_get_endpoint_for_project_noauth(self): # service_catalog is not set by default. auth_context.set_ctx(base.get_context()) self.addCleanup(auth_context.set_ctx, None) self.assertRaises(exceptions.UnauthorizedException, keystone.get_endpoint_for_project, 'keystone')
def test_admin_api_disallowed(self): auth_ctx = base.get_context(default=True) self.assertRaises( exc.NotAllowedException, acl.enforce, 'example:admin', auth_ctx, auth_ctx.to_dict() )
def test_get_endpoint_for_project_noauth(self, client): client().tokens.get_token_data.return_value = {'token': None} # service_catalog is not set by default. auth_context.set_ctx(base.get_context()) self.addCleanup(auth_context.set_ctx, None) self.assertRaises(exceptions.UnauthorizedException, keystone.get_endpoint_for_project, 'keystone')
def test_get_all_projects_admin(self, mock_context, mock_get_wf_defs): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx resp = self.app.get('/v2/workflows?all_projects=true') self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_wf_defs.call_args[1].get('insecure', False))
def test_get_all_projects_admin(self, mock_context, mock_get_wf_defs): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx resp = self.app.get('/v2/event_triggers?all_projects=true') self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_wf_defs.call_args[1].get('insecure', False))
def test_admin_or_owner_api_disallowed(self): auth_ctx = base.get_context(default=True) target = {'project_id': 'another'} self.assertRaises( exc.NotAllowedException, acl.enforce, 'example:admin_or_owner', auth_ctx, target )
def test_admin_api_disallowed(self): auth_ctx = base.get_context(default=True) self.assertRaises( exc.NotAllowedException, acl.enforce, 'example:admin', auth_ctx, auth_ctx.to_dict() )
def test_scheduler_call_target_method_with_correct_auth(self, method): default_context = base.get_context(default=True) auth_context.set_ctx(default_context) default_project_id = ( default_context._BaseContext__values['project_id'] ) method_args1 = {'expected_project_id': default_project_id} scheduler.schedule_call( None, CHECK_CONTEXT_METHOD_PATH, DELAY, **method_args1 ) second_context = base.get_context(default=False) auth_context.set_ctx(second_context) second_project_id = ( second_context._BaseContext__values['project_id'] ) method_args2 = {'expected_project_id': second_project_id} scheduler.schedule_call( None, CHECK_CONTEXT_METHOD_PATH, DELAY, **method_args2 ) eventlet.sleep(WAIT) method.assert_any_call( default_project_id, default_project_id ) method.assert_any_call( second_project_id, second_project_id ) self.assertNotEqual(default_project_id, second_project_id)
def test_admin_or_owner_api_disallowed(self): auth_ctx = base.get_context(default=True) target = {'project_id': 'another'} self.assertRaises( exc.NotAllowedException, acl.enforce, 'example:admin_or_owner', auth_ctx, target )
def test_get_all_filter_project(self, mock_context, mock_get_triggers): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx resp = self.app.get('/v2/cron_triggers?all_projects=true&' 'project_id=192796e61c174f718d6147b129f3f2ff') self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_triggers.call_args[1].get('insecure', False)) self.assertEqual({'eq': '192796e61c174f718d6147b129f3f2ff'}, mock_get_triggers.call_args[1].get('project_id'))
def test_get_endpoint_for_project_noauth(self, client): client().tokens.get_token_data.return_value = {'token': None} # service_catalog is not set by default. auth_context.set_ctx(base.get_context()) self.addCleanup(auth_context.set_ctx, None) self.assertRaises( exceptions.UnauthorizedException, keystone.get_endpoint_for_project, 'keystone' )
def test_get_all_filter_by_project_id(self, mock_context, mock_get_execs): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx fake_project_id = uuidutils.generate_uuid() resp = self.app.get('/v2/executions?project_id=%s' % fake_project_id) self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_execs.call_args[1].get('insecure', False)) self.assertTrue(mock_get_execs.call_args[1].get( 'project_id', fake_project_id))
def test_post_public(self, create_trigger): self.ctx = unit_base.get_context(default=False, admin=True) self.mock_ctx.return_value = self.ctx trigger = copy.deepcopy(TRIGGER) trigger['scope'] = 'public' trigger.pop('id') resp = self.app.post_json('/v2/event_triggers', trigger) self.assertEqual(201, resp.status_int) self.assertTrue(create_trigger.called) self.assertEqual('public', create_trigger.call_args[1]["scope"])
def test_post_public(self, create_trigger): self.ctx = unit_base.get_context(default=False, admin=True) self.mock_ctx.return_value = self.ctx trigger = copy.deepcopy(TRIGGER) trigger['scope'] = 'public' trigger.pop('id') resp = self.app.post_json('/v2/event_triggers', trigger) self.assertEqual(201, resp.status_int) self.assertTrue(create_trigger.called) self.assertEqual('public', create_trigger.call_args[1]["scope"])
def test_get_all_filter_by_project_id(self, mock_context, mock_get_execs): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx fake_project_id = uuidutils.generate_uuid() resp = self.app.get('/v2/executions?project_id=%s' % fake_project_id) self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_execs.call_args[1].get('insecure', False)) self.assertTrue( mock_get_execs.call_args[1].get('project_id', fake_project_id) )
def _run_correct_locking(self, wf_ex): # Set context info for the thread. auth_context.set_ctx(test_base.get_context()) self._random_sleep() with db_api.transaction(): # Lock workflow execution and get the most up-to-date object. wf_ex = db_api.acquire_lock(db_models.WorkflowExecution, wf_ex.id) # Refresh the object. db_api.get_workflow_execution(wf_ex.id) wf_ex.name = str(int(wf_ex.name) + 1) return wf_ex.name
def test_get_all_filter_project(self, mock_context, mock_get_triggers): admin_ctx = unit_base.get_context(admin=True) mock_context.return_value = admin_ctx resp = self.app.get( '/v2/cron_triggers?all_projects=true&' 'project_id=192796e61c174f718d6147b129f3f2ff' ) self.assertEqual(200, resp.status_int) self.assertTrue(mock_get_triggers.call_args[1].get('insecure', False)) self.assertEqual( {'eq': '192796e61c174f718d6147b129f3f2ff'}, mock_get_triggers.call_args[1].get('project_id') )
def _run_correct_locking(self, wf_ex): # Set context info for the thread. auth_context.set_ctx(test_base.get_context()) self._random_sleep() with db_api.transaction(): # Lock workflow execution and get the most up-to-date object. wf_ex = db_api.acquire_lock(db_models.WorkflowExecution, wf_ex.id) # Refresh the object. db_api.get_workflow_execution(wf_ex.id) wf_ex.name = str(int(wf_ex.name) + 1) return wf_ex.name
def test_admin_or_owner_api_allowed(self): auth_ctx = base.get_context(default=True) self.assertTrue( acl.enforce('example:admin_or_owner', auth_ctx, auth_ctx.to_dict()) )
def test_admin_or_owner_api_allowed(self): auth_ctx = base.get_context(default=True) self.assertTrue( acl.enforce('example:admin_or_owner', auth_ctx, auth_ctx.to_dict()))
def _switch_context(is_default, is_admin): ctx.set_ctx(get_context(is_default, is_admin))