def setUp(self): super(TestValidationResources, self).setUp() self.useFixture(registry_fixture.RegistryFixture()) self.mock_sg_compute = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('compute', 'create_security_group'), autospec=True, return_value=FAKE_SECURITY_GROUP)) self.mock_sg_network = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('network', 'create_security_group'), autospec=True, return_value=FAKE_SECURITY_GROUP)) self.mock_sgr_compute = self.useFixture( fixtures.MockPatch(SGR_CLIENT % 'compute', autospec=True)) self.mock_sgr_network = self.useFixture( fixtures.MockPatch(SGR_CLIENT % 'network', autospec=True)) self.mock_kp = self.useFixture( fixtures.MockPatch(KP_CLIENT % 'create_keypair', autospec=True, return_value=FAKE_KEYPAIR)) self.mock_fip_compute = self.useFixture( fixtures.MockPatch(FIP_CLIENT % ('compute', 'create_floating_ip'), autospec=True, return_value=FAKE_FIP_NOVA_NET)) self.mock_fip_network = self.useFixture( fixtures.MockPatch(FIP_CLIENT % ('network', 'create_floatingip'), autospec=True, return_value=FAKE_FIP_NEUTRON)) self.os = clients.ServiceClients( fake_credentials.FakeKeystoneV3Credentials(), 'fake_uri')
def test___init___plugin_service_clients_cannot_load(self): creds = fake_credentials.FakeKeystoneV3Credentials() uri = 'fake_uri' fake_service_clients = { 'service1': [{ 'name': 'client1', 'service_version': 'client1.v1', 'module_path': 'I cannot load this', 'client_names': ['SomeClient1'] }], 'service2': [{ 'name': 'client2', 'service_version': 'client2.v1', 'module_path': 'This neither', 'client_names': ['SomeClient1'] }] } msg = "(?=.*{0})(?=.*{1})".format(*[ x[1][0]['module_path'] for x in six.iteritems(fake_service_clients) ]) self.useFixture( fixtures.MockPatchObject(clients.ClientsRegistry(), 'get_service_clients', return_value=fake_service_clients)) with testtools.ExpectedException(testtools.MultipleExceptions, value_re=msg): clients.ServiceClients(creds, identity_uri=uri)
def setUp(self): super(TestClearValidationResourcesFixture, self).setUp() self.useFixture(registry_fixture.RegistryFixture()) self.mock_sg_compute = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('compute', 'delete_security_group'), autospec=True)) self.mock_sg_network = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('network', 'delete_security_group'), autospec=True)) self.mock_sg_wait_compute = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('compute', 'wait_for_resource_deletion'), autospec=True)) self.mock_sg_wait_network = self.useFixture( fixtures.MockPatch(SG_CLIENT % ('network', 'wait_for_resource_deletion'), autospec=True)) self.mock_kp = self.useFixture( fixtures.MockPatch(KP_CLIENT % 'delete_keypair', autospec=True)) self.mock_fip_compute = self.useFixture( fixtures.MockPatch(FIP_CLIENT % ('compute', 'delete_floating_ip'), autospec=True)) self.mock_fip_network = self.useFixture( fixtures.MockPatch(FIP_CLIENT % ('network', 'delete_floatingip'), autospec=True)) self.os = clients.ServiceClients( fake_credentials.FakeKeystoneV3Credentials(), 'fake_uri')
def test___init___creds_v3_uri(self): # Verify that no API request is made, since no mock # is required to run the test successfully creds = fake_credentials.FakeKeystoneV3Credentials() uri = 'fake_uri' _manager = clients.ServiceClients(creds, identity_uri=uri) self.assertIsInstance(_manager.auth_provider, auth.KeystoneV3AuthProvider)
def test_validation_resources_exists(self): cfg.CONF.set_default('run_validation', True, 'validation') creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) expected_vr = 'expected_validation_resources' self.test_test_class._validation_resources[osclients] = expected_vr obtained_vr = self.test_test_class.get_class_validation_resources( osclients) self.assertEqual(expected_vr, obtained_vr)
def test_validation_resources_invalid_config(self): invalid_version = 999 cfg.CONF.set_default('run_validation', True, 'validation') cfg.CONF.set_default('ip_version_for_ssh', invalid_version, 'validation') cfg.CONF.set_default('neutron', True, 'service_available') creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) with testtools.ExpectedException( lib_exc.InvalidConfiguration, value_re='^.*\n.*' + str(invalid_version)): self.test_test_class.get_class_validation_resources(osclients)
def test_validation_resources_fixture(self, mock_clean_vr, mock_create_vr): class TestWithRun(self.test_test_class): def runTest(self): pass cfg.CONF.set_default('run_validation', True, 'validation') test_case = TestWithRun() creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) test_case.get_test_validation_resources(osclients) self.assertEqual(1, mock_create_vr.call_count) self.assertEqual(0, mock_clean_vr.call_count)
def _create_cmd_service(self, service_type, is_save_state=False, is_preserve=False, is_dry_run=False): creds = fake_credentials.FakeKeystoneV3Credentials() os = clients.Manager(creds) return getattr(cleanup_service, service_type)(os, is_save_state=is_save_state, is_preserve=is_preserve, is_dry_run=is_dry_run, data={}, saved_state_json=self.saved_state)
class TestKeystoneV3AuthProvider_DomainScope(BaseAuthTestsSetUp): _endpoints = fake_identity.IDENTITY_V3_RESPONSE['token']['catalog'] _auth_provider_class = auth.KeystoneV3AuthProvider credentials = fake_credentials.FakeKeystoneV3Credentials() def setUp(self): super(TestKeystoneV3AuthProvider_DomainScope, self).setUp() self.patchobject(v3_client.V3TokenClient, 'raw_request', fake_identity._fake_v3_response_domain_scope) def test_get_auth_with_domain_scope(self): self.auth_provider.scope = 'domain' _, auth_data = self.auth_provider.get_auth() self.assertIn('domain', auth_data) self.assertNotIn('project', auth_data)
def test_validation_resources_invalid_config_nova_net(self, mock_create_vr): invalid_version = 999 cfg.CONF.set_default('run_validation', True, 'validation') cfg.CONF.set_default('ip_version_for_ssh', invalid_version, 'validation') cfg.CONF.set_default('neutron', False, 'service_available') creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) expected_vr = {'expected_validation_resources': None} mock_create_vr.return_value = expected_vr obtained_vr = self.test_test_class.get_class_validation_resources( osclients) self.assertEqual(mock_create_vr.call_count, 1) self.assertIn(osclients, mock_create_vr.call_args_list[0][0]) self.assertEqual(expected_vr, obtained_vr) self.assertIn(osclients, self.test_test_class._validation_resources) self.assertEqual(expected_vr, self.test_test_class._validation_resources[osclients])
def test___init___plugin_service_clients_name_conflict(self): creds = fake_credentials.FakeKeystoneV3Credentials() uri = 'fake_uri' fake_service_clients = { 'serviceA': [{ 'name': 'client1', 'service_version': 'client1.v1', 'module_path': 'fake_path_1', 'client_names': ['SomeClient1'] }], 'serviceB': [{ 'name': 'client1', 'service_version': 'client1.v2', 'module_path': 'fake_path_2', 'client_names': ['SomeClient2'] }], 'serviceC': [{ 'name': 'client1', 'service_version': 'client1.v1', 'module_path': 'fake_path_2', 'client_names': ['SomeClient1'] }], 'serviceD': [{ 'name': 'client1', 'service_version': 'client1.v2', 'module_path': 'fake_path_2', 'client_names': ['SomeClient2'] }] } msg = "(?=.*{0})(?=.*{1})".format( * [x[1][0]['service_version'] for x in fake_service_clients.items()]) self.useFixture( fixtures.MockPatchObject(clients.ClientsRegistry(), 'get_service_clients', return_value=fake_service_clients)) with testtools.ExpectedException(testtools.MultipleExceptions, value_re=msg): clients.ServiceClients(creds, identity_uri=uri)
def test_validation_resources_new(self, mock_create_vr): cfg.CONF.set_default('run_validation', True, 'validation') cfg.CONF.set_default('neutron', True, 'service_available') creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) expected_vr = {'expected_validation_resources': None} mock_create_vr.return_value = expected_vr with mock.patch.object( self.test_test_class, 'addClassResourceCleanup') as mock_add_class_cleanup: obtained_vr = self.test_test_class.get_class_validation_resources( osclients) self.assertEqual(1, mock_add_class_cleanup.call_count) self.assertEqual(mock.call(vr.clear_validation_resources, osclients, use_neutron=True, **expected_vr), mock_add_class_cleanup.call_args) self.assertEqual(mock_create_vr.call_count, 1) self.assertIn(osclients, mock_create_vr.call_args_list[0][0]) self.assertEqual(expected_vr, obtained_vr) self.assertIn(osclients, self.test_test_class._validation_resources) self.assertEqual(expected_vr, self.test_test_class._validation_resources[osclients])
class TestKeystoneV3AuthProvider(TestKeystoneV2AuthProvider): _endpoints = fake_identity.IDENTITY_V3_RESPONSE['token']['catalog'] _auth_provider_class = auth.KeystoneV3AuthProvider credentials = fake_credentials.FakeKeystoneV3Credentials() def setUp(self): super(TestKeystoneV3AuthProvider, self).setUp() self.stubs.Set(v3_client.V3TokenClient, 'raw_request', fake_identity._fake_v3_response) def _get_fake_identity(self): return fake_identity.IDENTITY_V3_RESPONSE['token'] def _get_fake_alt_identity(self): return fake_identity.ALT_IDENTITY_V3['token'] def _get_result_url_from_endpoint(self, ep, replacement=None): if replacement: return ep['url'].replace('v3', replacement) return ep['url'] def _auth_data_with_expiry(self, date_as_string): token, access = self.auth_provider.auth_data access['expires_at'] = date_as_string return token, access def _get_from_fake_identity(self, attr): token = fake_identity.IDENTITY_V3_RESPONSE['token'] if attr == 'user_id': return token['user']['id'] elif attr == 'project_id': return token['project']['id'] elif attr == 'user_domain_id': return token['user']['domain']['id'] elif attr == 'project_domain_id': return token['project']['domain']['id'] def test_check_credentials_missing_attribute(self): # reset credentials to fresh ones self.credentials.reset() for attr in [ 'username', 'password', 'user_domain_name', 'project_domain_name' ]: cred = copy.copy(self.credentials) del cred[attr] self.assertFalse(self.auth_provider.check_credentials(cred), "Credentials should be invalid without %s" % attr) def test_check_domain_credentials_missing_attribute(self): # reset credentials to fresh ones self.credentials.reset() domain_creds = fake_credentials.FakeKeystoneV3DomainCredentials() for attr in ['username', 'password', 'user_domain_name']: cred = copy.copy(domain_creds) del cred[attr] self.assertFalse(self.auth_provider.check_credentials(cred), "Credentials should be invalid without %s" % attr) def test_fill_credentials(self): self.auth_provider.fill_credentials() creds = self.auth_provider.credentials for attr in [ 'user_id', 'project_id', 'user_domain_id', 'project_domain_id' ]: self.assertEqual(self._get_from_fake_identity(attr), getattr(creds, attr)) # Overwrites v2 test def test_base_url_to_get_admin_endpoint(self): self.filters = { 'service': 'compute', 'endpoint_type': 'admin', 'region': 'MiddleEarthRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][2]) self._test_base_url_helper(expected, self.filters) # Overwrites v2 test def test_base_url_with_unversioned_endpoint(self): auth_data = { 'catalog': [{ 'type': 'identity', 'endpoints': [{ 'region': 'FakeRegion', 'url': 'http://fake_url', 'interface': 'public' }] }] } filters = { 'service': 'identity', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v3' } expected = 'http://fake_url/v3' self._test_base_url_helper(expected, filters, ('token', auth_data))
def test_validation_resources_no_validation(self): cfg.CONF.set_default('run_validation', False, 'validation') creds = fake_credentials.FakeKeystoneV3Credentials() osclients = clients.Manager(creds) vr = self.test_test_class.get_class_validation_resources(osclients) self.assertIsNone(vr)
class TestKeystoneV3AuthProvider(TestKeystoneV2AuthProvider): _endpoints = fake_identity.IDENTITY_V3_RESPONSE['token']['catalog'] _auth_provider_class = auth.KeystoneV3AuthProvider credentials = fake_credentials.FakeKeystoneV3Credentials() def setUp(self): super(TestKeystoneV3AuthProvider, self).setUp() self.patchobject(v3_client.V3TokenClient, 'raw_request', fake_identity._fake_v3_response) def _get_fake_identity(self): return fake_identity.IDENTITY_V3_RESPONSE['token'] def _get_fake_alt_identity(self): return fake_identity.ALT_IDENTITY_V3['token'] def _get_result_url_from_endpoint(self, ep, replacement=None): if replacement: return ep['url'].replace('v3', replacement) return ep['url'] def _auth_data_with_expiry(self, date_as_string): token, access = self.auth_provider.auth_data access['expires_at'] = date_as_string return token, access def _get_from_fake_identity(self, attr): token = fake_identity.IDENTITY_V3_RESPONSE['token'] if attr == 'user_id': return token['user']['id'] elif attr == 'project_id': return token['project']['id'] elif attr == 'user_domain_id': return token['user']['domain']['id'] elif attr == 'project_domain_id': return token['project']['domain']['id'] def test_check_credentials_missing_attribute(self): # reset credentials to fresh ones self.credentials.reset() for attr in ['username', 'password', 'user_domain_name', 'project_domain_name']: cred = copy.copy(self.credentials) del cred[attr] self.assertFalse(self.auth_provider.check_credentials(cred), "Credentials should be invalid without %s" % attr) def test_check_domain_credentials_missing_attribute(self): # reset credentials to fresh ones self.credentials.reset() domain_creds = fake_credentials.FakeKeystoneV3DomainCredentials() for attr in ['username', 'password', 'user_domain_name']: cred = copy.copy(domain_creds) del cred[attr] self.assertFalse(self.auth_provider.check_credentials(cred), "Credentials should be invalid without %s" % attr) def test_fill_credentials(self): self.auth_provider.fill_credentials() creds = self.auth_provider.credentials for attr in ['user_id', 'project_id', 'user_domain_id', 'project_domain_id']: self.assertEqual(self._get_from_fake_identity(attr), getattr(creds, attr)) # Overwrites v2 test def test_base_url_to_get_admin_endpoint(self): self.filters = { 'service': 'compute', 'endpoint_type': 'admin', 'region': 'MiddleEarthRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][2]) self._test_base_url_helper(expected, self.filters) # Overwrites v2 test def test_base_url_with_unversioned_endpoint(self): auth_data = { 'catalog': [ { 'type': 'identity', 'endpoints': [ { 'region': 'FakeRegion', 'url': 'http://fake_url', 'interface': 'public' } ] } ] } filters = { 'service': 'identity', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v3' } expected = 'http://fake_url/v3' self._test_base_url_helper(expected, filters, ('token', auth_data)) def test_base_url_with_extra_path_endpoint(self): auth_data = { 'catalog': [ { 'type': 'compute', 'endpoints': [ { 'region': 'FakeRegion', 'url': 'http://fake_url/some_path/v2.0', 'interface': 'public' } ] } ] } filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v2.0' } expected = 'http://fake_url/some_path/v2.0' self._test_base_url_helper(expected, filters, ('token', auth_data)) def test_base_url_with_unversioned_extra_path_endpoint(self): auth_data = { 'catalog': [ { 'type': 'compute', 'endpoints': [ { 'region': 'FakeRegion', 'url': 'http://fake_url/some_path', 'interface': 'public' } ] } ] } filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion', 'api_version': 'v2.0' } expected = 'http://fake_url/some_path/v2.0' self._test_base_url_helper(expected, filters, ('token', auth_data)) # Base URL test with scope only for V3 def test_base_url_scope_project(self): self.auth_provider.scope = 'project' self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } expected = self._get_result_url_from_endpoint( self._endpoints[0]['endpoints'][1]) self._test_base_url_helper(expected, self.filters) # Base URL test with scope only for V3 def test_base_url_unscoped_identity(self): self.auth_provider.scope = 'unscoped' self.patchobject(v3_client.V3TokenClient, 'raw_request', fake_identity._fake_v3_response_no_scope) self.filters = { 'service': 'identity', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } expected = fake_identity.FAKE_AUTH_URL self._test_base_url_helper(expected, self.filters) # Base URL test with scope only for V3 def test_base_url_unscoped_other(self): self.auth_provider.scope = 'unscoped' self.patchobject(v3_client.V3TokenClient, 'raw_request', fake_identity._fake_v3_response_no_scope) self.filters = { 'service': 'compute', 'endpoint_type': 'publicURL', 'region': 'FakeRegion' } self.assertRaises(exceptions.EndpointNotFound, self.auth_provider.base_url, auth_data=self.auth_provider.auth_data, filters=self.filters) def test_auth_parameters_with_scope_unset(self): # No scope defaults to 'project' all_creds = fake_credentials.FakeKeystoneV3AllCredentials() self.auth_provider.credentials = all_creds auth_params = self.auth_provider._auth_params() self.assertNotIn('scope', auth_params.keys()) for attr in all_creds.get_init_attributes(): if attr.startswith('domain_'): self.assertNotIn(attr, auth_params.keys()) else: self.assertIn(attr, auth_params.keys()) self.assertEqual(getattr(all_creds, attr), auth_params[attr]) def test_auth_parameters_with_project_scope(self): all_creds = fake_credentials.FakeKeystoneV3AllCredentials() self.auth_provider.credentials = all_creds self.auth_provider.scope = 'project' auth_params = self.auth_provider._auth_params() self.assertNotIn('scope', auth_params.keys()) for attr in all_creds.get_init_attributes(): if attr.startswith('domain_'): self.assertNotIn(attr, auth_params.keys()) else: self.assertIn(attr, auth_params.keys()) self.assertEqual(getattr(all_creds, attr), auth_params[attr]) def test_auth_parameters_with_domain_scope(self): all_creds = fake_credentials.FakeKeystoneV3AllCredentials() self.auth_provider.credentials = all_creds self.auth_provider.scope = 'domain' auth_params = self.auth_provider._auth_params() self.assertNotIn('scope', auth_params.keys()) for attr in all_creds.get_init_attributes(): if attr.startswith('project_'): self.assertNotIn(attr, auth_params.keys()) else: self.assertIn(attr, auth_params.keys()) self.assertEqual(getattr(all_creds, attr), auth_params[attr]) def test_auth_parameters_unscoped(self): all_creds = fake_credentials.FakeKeystoneV3AllCredentials() self.auth_provider.credentials = all_creds self.auth_provider.scope = 'unscoped' auth_params = self.auth_provider._auth_params() self.assertNotIn('scope', auth_params.keys()) for attr in all_creds.get_init_attributes(): if attr.startswith('project_') or attr.startswith('domain_'): self.assertNotIn(attr, auth_params.keys()) else: self.assertIn(attr, auth_params.keys()) self.assertEqual(getattr(all_creds, attr), auth_params[attr])