class SharedZoneTestContext(object):
"""
Creates multiple zones to test authorization / access to shared zones across users
"""
def __init__(self):
self.ok_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'okAccessKey', 'okSecretKey')
self.dummy_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'dummyAccessKey', 'dummySecretKey')
self.shared_zone_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'sharedZoneUserAccessKey', 'sharedZoneUserSecretKey')
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.tear_down() # ensures that the environment is clean before starting
try:
ok_group = {
'name': 'ok-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'ok'} ],
'admins': [ { 'id': 'ok'} ]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client, self.ok_group)
dummy_group = {
'name': 'dummy-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'dummy'} ],
'admins': [ { 'id': 'dummy'} ]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(dummy_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client, self.dummy_group)
shared_record_group = {
'name': 'record-ownergroup',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ],
'admins': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(shared_record_group, status=200)
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'ok.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.ok_zone = ok_zone_change['zone']
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
'name': 'dummy.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.dummy_group['id'],
'isTest': True,
'connection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.dummy_zone = dummy_zone_change['zone']
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip6_reverse_zone = ip6_reverse_zone_change['zone']
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '30.172.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip4_reverse_zone = ip4_reverse_zone_change['zone']
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_base_zone = classless_base_zone_change['zone']
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
'name': '192/30.2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_zone_delegation_zone = classless_zone_delegation_change['zone']
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'system-test.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.system_test_zone = system_test_zone_change['zone']
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'parent.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'acl': {
'rules': [
{
'accessLevel': 'Delete',
'description': 'some_test_rule',
'userId': 'dummy'
}
]
},
'connection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.parent_zone = parent_zone_change['zone']
shared_zone_change = self.set_up_shared_zone('shared-zone')
self.shared_zone = shared_zone_change['zone']
non_test_shared_zone_change = self.set_up_shared_zone('non-test-shared-zone')
self.non_test_shared_zone = non_test_shared_zone_change['zone']
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ok_zone_change)
self.dummy_vinyldns_client.wait_until_zone_exists(dummy_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip6_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip4_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_base_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_zone_delegation_change)
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(parent_zone_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_zone_change)
shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_zone_change)
non_test_shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.non_test_shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_sync_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_sync_change)
# validate all in there
zones = self.dummy_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
zones = self.ok_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(7))
zones = self.shared_zone_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
def set_up_shared_zone(self, zone_id):
# shared zones are created through test data loader, but needs connection info added here to use
get_shared_zone = self.shared_zone_vinyldns_client.get_zone(zone_id)
shared_zone = get_shared_zone['zone']
connection_info = {
'name': 'shared.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
shared_zone['connection'] = connection_info
shared_zone['transferConnection'] = connection_info
return self.shared_zone_vinyldns_client.update_zone(shared_zone, status=202)
def tear_down(self):
"""
The ok_vinyldns_client is a zone admin on _all_ the zones.
We shouldn't have to do any checks now, as zone admins have full rights to all zones, including
deleting all records (even in the old shared model)
"""
clear_zones(self.dummy_vinyldns_client)
clear_zones(self.ok_vinyldns_client)
clear_groups(self.dummy_vinyldns_client)
clear_groups(self.ok_vinyldns_client)
def confirm_member_in_group(self, client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))
class SharedZoneTestContext(object):
"""
Creates multiple zones to test authorization / access to shared zones across users
"""
_data_cache: MutableMapping[str, MutableMapping[str, Mapping]] = {}
def __init__(self, partition_id: str):
self.partition_id = partition_id
self.setup_started = False
self.ok_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "okAccessKey", "okSecretKey")
self.dummy_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "dummyAccessKey",
"dummySecretKey")
self.shared_zone_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "sharedZoneUserAccessKey",
"sharedZoneUserSecretKey")
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "supportUserAccessKey",
"supportUserSecretKey")
self.unassociated_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "listGroupAccessKey",
"listGroupSecretKey")
self.test_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "testUserAccessKey",
"testUserSecretKey")
self.history_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"history-key", "history-secret")
self.clients = [
self.ok_vinyldns_client, self.dummy_vinyldns_client,
self.shared_zone_vinyldns_client, self.support_user_client,
self.unassociated_client, self.test_user_client,
self.history_client
]
self.list_zones = ListZonesTestContext(partition_id)
self.list_zones_client = self.list_zones.client
self.list_records_context = ListRecordSetsTestContext(partition_id)
self.list_groups_context = ListGroupsTestContext(partition_id)
self.list_batch_summaries_context = ListBatchChangeSummariesTestContext(
partition_id)
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.history_group = None
self.group_activity_created = None
self.group_activity_updated = None
self.history_zone = None
self.ok_zone = None
self.dummy_zone = None
self.ip6_reverse_zone = None
self.ip6_16_nibble_zone = None
self.ip4_reverse_zone = None
self.classless_base_zone = None
self.classless_zone_delegation_zone = None
self.system_test_zone = None
self.parent_zone = None
self.ds_zone = None
self.requires_review_zone = None
self.shared_zone = None
self.ip4_10_prefix = None
self.ip4_classless_prefix = None
self.ip6_prefix = None
def setup(self):
if self.setup_started:
# Safeguard against reentrance
return
self.setup_started = True
partition_id = self.partition_id
try:
ok_group = {
"name": f"ok-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "ok"
}, {
"id": "support-user-id"
}],
"admins": [{
"id": "ok"
}]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group,
status=200)
# in theory this shouldn"t be needed, but getting "user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client,
self.ok_group)
dummy_group = {
"name": f"dummy-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "dummy"
}],
"admins": [{
"id": "dummy"
}]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(
dummy_group, status=200)
# in theory this shouldn"t be needed, but getting "user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client,
self.dummy_group)
shared_record_group = {
"name":
f"record-ownergroup{partition_id}",
"email":
"*****@*****.**",
"description":
"this is a description",
"members": [{
"id": "sharedZoneUser"
}, {
"id": "ok"
}, {
"id": "support-user-id"
}],
"admins": [{
"id": "sharedZoneUser"
}, {
"id": "ok"
}]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(
shared_record_group, status=200)
history_group = {
"name": f"history-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "history-id"
}],
"admins": [{
"id": "history-id"
}]
}
self.history_group = self.history_client.create_group(
history_group, status=200)
self.confirm_member_in_group(self.history_client,
self.history_group)
history_zone_change = self.history_client.create_zone(
{
"name": f"system-test-history{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.history_group["id"],
"isTest": True,
"connection": {
"name": "vinyldns.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "vinyldns.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.history_zone = history_zone_change["zone"]
# initialize history
self.history_client.wait_until_zone_active(
history_zone_change["zone"]["id"])
self.init_history()
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"ok{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ok.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ok.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ok_zone = ok_zone_change["zone"]
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
"name": f"dummy{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.dummy_group["id"],
"isTest": True,
"connection": {
"name": "dummy.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "dummy.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.dummy_zone = dummy_zone_change["zone"]
self.ip6_prefix = f"fd69:27cc:fe9{partition_id}"
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ip6.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ip6.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ip6_reverse_zone = ip6_reverse_zone_change["zone"]
ip6_16_nibble_zone_change = self.ok_vinyldns_client.create_zone(
{
"name":
f"0.0.0.1.{partition_id}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.ip6_16_nibble_zone = ip6_16_nibble_zone_change["zone"]
self.ip4_10_prefix = f"10.{partition_id}"
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.10.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ip4.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ip4.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ip4_reverse_zone = ip4_reverse_zone_change["zone"]
self.ip4_classless_prefix = f"192.0.{partition_id}"
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.0.192.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "classless-base.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "classless-base.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.classless_base_zone = classless_base_zone_change["zone"]
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
"name": f"192/30.{partition_id}.0.192.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "classless.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "classless.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.classless_zone_delegation_zone = classless_zone_delegation_change[
"zone"]
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"system-test{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "system-test.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "system-test.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.system_test_zone = system_test_zone_change["zone"]
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"parent.com{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"acl": {
"rules": [{
"accessLevel": "Delete",
"description": "some_test_rule",
"userId": "dummy"
}]
},
"connection": {
"name": "parent.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "parent.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.parent_zone = parent_zone_change["zone"]
# mimicking the spec example
ds_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"example.com{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "example.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "example.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ds_zone = ds_zone_change["zone"]
# zone with name configured for manual review
requires_review_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"zone.requires.review{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.requires_review_zone = requires_review_zone_change["zone"]
# Shared zone
shared_zone_change = self.support_user_client.create_zone(
{
"name": f"shared{partition_id}.",
"email": "*****@*****.**",
"shared": True,
"adminGroupId": self.shared_record_group["id"],
"isTest": True,
"connection": {
"name": "shared.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "shared.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.shared_zone = shared_zone_change["zone"]
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ok_zone_change["zone"]["id"])
self.dummy_vinyldns_client.wait_until_zone_active(
dummy_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_reverse_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_16_nibble_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip4_reverse_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
classless_base_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
classless_zone_delegation_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
parent_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ds_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
requires_review_zone_change["zone"]["id"])
self.shared_zone_vinyldns_client.wait_until_zone_active(
shared_zone_change["zone"]["id"])
# initialize group activity
self.init_group_activity()
# initialize list zones, only do this when constructing the whole!
self.list_zones.setup()
# note: there are no state to load, the tests only need the client
self.list_zones_client = self.list_zones.client
# build the list of records; note: we do need to save the test records
self.list_records_context.setup()
# build the list of groups
self.list_groups_context.setup()
except Exception:
# Cleanup if setup fails
self.tear_down()
traceback.print_exc()
raise
def init_history(self):
# Initialize the zone history
# change the zone nine times to we have update events in zone change history,
# ten total changes including creation
for i in range(2, 11):
zone_update = copy.deepcopy(self.history_zone)
zone_update["connection"]["key"] = VinylDNSTestContext.dns_key
zone_update["transferConnection"][
"key"] = VinylDNSTestContext.dns_key
zone_update[
"email"] = "i.changed.this.{0}[email protected]".format(
i)
self.history_client.update_zone(zone_update, status=202)
# create some record sets
test_a = TestData.A.copy()
test_a["zoneId"] = self.history_zone["id"]
test_aaaa = TestData.AAAA.copy()
test_aaaa["zoneId"] = self.history_zone["id"]
test_cname = TestData.CNAME.copy()
test_cname["zoneId"] = self.history_zone["id"]
a_record = self.history_client.create_recordset(
test_a, status=202)["recordSet"]
aaaa_record = self.history_client.create_recordset(
test_aaaa, status=202)["recordSet"]
cname_record = self.history_client.create_recordset(
test_cname, status=202)["recordSet"]
# wait here for all the record sets to be created
self.history_client.wait_until_recordset_exists(
a_record["zoneId"], a_record["id"])
self.history_client.wait_until_recordset_exists(
aaaa_record["zoneId"], aaaa_record["id"])
self.history_client.wait_until_recordset_exists(
cname_record["zoneId"], cname_record["id"])
# update the record sets
a_record_update = copy.deepcopy(a_record)
a_record_update["ttl"] += 100
a_record_update["records"][0]["address"] = "9.9.9.9"
a_change = self.history_client.update_recordset(a_record_update,
status=202)
aaaa_record_update = copy.deepcopy(aaaa_record)
aaaa_record_update["ttl"] += 100
aaaa_record_update["records"][0]["address"] = "2003:db8:0:0:0:0:0:4"
aaaa_change = self.history_client.update_recordset(aaaa_record_update,
status=202)
cname_record_update = copy.deepcopy(cname_record)
cname_record_update["ttl"] += 100
cname_record_update["records"][0]["cname"] = "changed-cname."
cname_change = self.history_client.update_recordset(
cname_record_update, status=202)
self.history_client.wait_until_recordset_change_status(
a_change, "Complete")
self.history_client.wait_until_recordset_change_status(
aaaa_change, "Complete")
self.history_client.wait_until_recordset_change_status(
cname_change, "Complete")
# delete the recordsets
self.history_client.delete_recordset(a_record["zoneId"],
a_record["id"])
self.history_client.delete_recordset(aaaa_record["zoneId"],
aaaa_record["id"])
self.history_client.delete_recordset(cname_record["zoneId"],
cname_record["id"])
self.history_client.wait_until_recordset_deleted(
a_record["zoneId"], a_record["id"])
self.history_client.wait_until_recordset_deleted(
aaaa_record["zoneId"], aaaa_record["id"])
self.history_client.wait_until_recordset_deleted(
cname_record["zoneId"], cname_record["id"])
def init_group_activity(self):
client = self.ok_vinyldns_client
group_name = f"test-list-group-activity-max-item-success{self.partition_id}"
members = [{"id": "ok"}]
new_group = {
"name": group_name,
"email": "*****@*****.**",
"members": members,
"admins": [{
"id": "ok"
}]
}
created_group = client.create_group(new_group, status=200)
update_groups = []
updated_groups = []
# each update changes the member
for runner in range(0, 10):
members = [{"id": "dummy{0:0>3}".format(runner)}]
update_groups.append({
"id": created_group["id"],
"name": group_name,
"email": "*****@*****.**",
"members": members,
"admins": [{
"id": "ok"
}]
})
updated_groups.append(
client.update_group(update_groups[runner]["id"],
update_groups[runner],
status=200))
self.group_activity_created = created_group
self.group_activity_updated = updated_groups
def tear_down(self):
"""
The ok_vinyldns_client is a zone admin on _all_ the zones.
We shouldn't have to do any checks now, as zone admins have full rights to all zones, including
deleting all records (even in the old shared model)
"""
try:
self.list_zones.tear_down()
self.list_records_context.tear_down()
if self.list_batch_summaries_context:
self.list_batch_summaries_context.tear_down(self)
if self.list_groups_context:
self.list_groups_context.tear_down()
for client in self.clients:
client.clear_zones()
for client in self.clients:
client.clear_groups()
# Close all clients
for client in self.clients:
client.tear_down()
except Exception:
traceback.print_exc()
raise
@staticmethod
def confirm_member_in_group(client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))
class ZoneHistoryContext(object):
"""
Creates a zone with multiple zone changes and record set changes
"""
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'history-key', 'history-secret')
self.tear_down()
self.group = None
group = {
'name': 'history-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'history-id'
}],
'admins': [{
'id': 'history-id'
}]
}
self.group = self.client.create_group(group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.client, self.group)
zone_change = self.client.create_zone(
{
'name': 'system-test-history.',
'email': '*****@*****.**',
'shared': True,
'adminGroupId': self.group['id'],
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.zone = zone_change['zone']
self.client.wait_until_zone_exists(zone_change)
# change the zone nine times to we have update events in zone change history, ten total changes including creation
for i in range(2, 11):
zone_update = dict(self.zone)
zone_update['connection']['key'] = VinylDNSTestContext.dns_key
zone_update['transferConnection'][
'key'] = VinylDNSTestContext.dns_key
zone_update[
'email'] = 'i.changed.this.{0}[email protected]'.format(
i)
zone_update = self.client.update_zone(zone_update,
status=202)['zone']
# create some record sets
(achange, a_record) = self.create_recordset(TestData.A)
(aaaachange, aaaa_record) = self.create_recordset(TestData.AAAA)
(cnamechange, cname_record) = self.create_recordset(TestData.CNAME)
# wait here for all the record sets to be created
self.client.wait_until_recordset_exists(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_exists(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_exists(cname_record['zoneId'],
cname_record['id'])
# update the record sets
a_record_update = dict(a_record)
a_record_update['ttl'] += 100
a_record_update['records'][0]['address'] = '9.9.9.9'
(achange, a_record_update) = self.update_recordset(a_record_update)
aaaa_record_update = dict(aaaa_record)
aaaa_record_update['ttl'] += 100
aaaa_record_update['records'][0]['address'] = '2003:db8:0:0:0:0:0:4'
(aaaachange,
aaaa_record_update) = self.update_recordset(aaaa_record_update)
cname_record_update = dict(cname_record)
cname_record_update['ttl'] += 100
cname_record_update['records'][0]['cname'] = 'changed-cname.'
(cnamechange,
cname_record_update) = self.update_recordset(cname_record_update)
self.client.wait_until_recordset_change_status(achange, 'Complete')
self.client.wait_until_recordset_change_status(aaaachange, 'Complete')
self.client.wait_until_recordset_change_status(cnamechange, 'Complete')
# delete the recordsets
self.delete_recordset(a_record)
self.delete_recordset(aaaa_record)
self.delete_recordset(cname_record)
self.client.wait_until_recordset_deleted(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_deleted(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_deleted(cname_record['zoneId'],
cname_record['id'])
# the resulting context should contain all of the parts so it makes it simple to test
self.results = {
'zone': self.zone,
'zoneUpdate': zone_update,
'creates': [a_record, aaaa_record, cname_record],
'updates':
[a_record_update, aaaa_record_update, cname_record_update]
}
# finalizer called by py.test when the simulation is torn down
def tear_down(self):
self.clear_zones()
self.clear_group()
def clear_group(self):
groups = self.client.list_all_my_groups()
group_ids = map(lambda x: x['id'], groups)
for group_id in group_ids:
self.client.delete_group(group_id, status=200)
def clear_zones(self):
# Get the groups for the ok user
groups = self.client.list_all_my_groups()
group_ids = map(lambda x: x['id'], groups)
zones = self.client.list_zones()['zones']
# we only want to delete zones that the ok user "owns"
zones_to_delete = filter(
lambda x:
(x['adminGroupId'] in group_ids) or (x['account'] in group_ids),
zones)
zone_names_to_delete = map(lambda x: x['name'], zones_to_delete)
zoneids_to_delete = map(lambda x: x['id'], zones_to_delete)
self.client.abandon_zones(zoneids_to_delete)
def create_recordset(self, rs):
rs['zoneId'] = self.zone['id']
result = self.client.create_recordset(rs, status=202)
return result, result['recordSet']
def update_recordset(self, rs):
rs['zoneId'] = self.zone['id']
result = self.client.update_recordset(rs, status=202)
return result, result['recordSet']
def delete_recordset(self, rs):
result = self.client.delete_recordset(self.zone['id'],
rs['id'],
status=202)
return result, result['recordSet']
def confirm_member_in_group(self, client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))
class SharedZoneTestContext(object):
"""
Creates multiple zones to test authorization / access to shared zones across users
"""
def __init__(self, fixture_file=None):
self.ok_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'okAccessKey', 'okSecretKey')
self.dummy_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'dummyAccessKey',
'dummySecretKey')
self.shared_zone_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'sharedZoneUserAccessKey',
'sharedZoneUserSecretKey')
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'supportUserAccessKey',
'supportUserSecretKey')
self.unassociated_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'listGroupAccessKey',
'listGroupSecretKey')
self.test_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'testUserAccessKey',
'testUserSecretKey')
self.history_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'history-key', 'history-secret')
self.list_zones = ListZonesTestContext()
self.list_zones_client = self.list_zones.client
self.list_records_context = ListRecordSetsTestContext()
self.list_groups_context = ListGroupsTestContext()
self.list_batch_summaries_context = None
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.history_group = None
self.group_activity_created = None
self.group_activity_updated = None
# if we are using an existing fixture, load the fixture file and pull all of our data from there
if fixture_file:
print "\r\n!!! FIXTURE FILE IS SET !!!"
self.load_fixture_file(fixture_file)
else:
print "\r\n!!! FIXTURE FILE NOT SET, BUILDING FIXTURE !!!"
# No fixture file, so we have to build everything ourselves
self.tear_down(
) # ensures that the environment is clean before starting
try:
ok_group = {
'name': 'ok-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'ok'
}, {
'id': 'support-user-id'
}],
'admins': [{
'id': 'ok'
}]
}
self.ok_group = self.ok_vinyldns_client.create_group(
ok_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client,
self.ok_group)
dummy_group = {
'name': 'dummy-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'dummy'
}],
'admins': [{
'id': 'dummy'
}]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(
dummy_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client,
self.dummy_group)
shared_record_group = {
'name': 'record-ownergroup',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'sharedZoneUser'
}, {
'id': 'ok'
}],
'admins': [{
'id': 'sharedZoneUser'
}, {
'id': 'ok'
}]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(
shared_record_group, status=200)
history_group = {
'name': 'history-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'history-id'
}],
'admins': [{
'id': 'history-id'
}]
}
self.history_group = self.history_client.create_group(
history_group, status=200)
self.confirm_member_in_group(self.history_client,
self.history_group)
history_zone_change = self.history_client.create_zone(
{
'name': 'system-test-history.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.history_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.history_zone = history_zone_change['zone']
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'ok.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.ok_zone = ok_zone_change['zone']
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
'name': 'dummy.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.dummy_group['id'],
'isTest': True,
'connection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.dummy_zone = dummy_zone_change['zone']
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.ip6_reverse_zone = ip6_reverse_zone_change['zone']
ip6_16_nibble_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '0.0.0.1.1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.ip6_16_nibble_zone = ip6_16_nibble_zone_change['zone']
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '10.10.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.ip4_reverse_zone = ip4_reverse_zone_change['zone']
self.classless_base_zone_json = {
'name': '2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
self.classless_base_zone_json, status=202)
self.classless_base_zone = classless_base_zone_change['zone']
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
'name': '192/30.2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.classless_zone_delegation_zone = classless_zone_delegation_change[
'zone']
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'system-test.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.system_test_zone = system_test_zone_change['zone']
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'parent.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'acl': {
'rules': [{
'accessLevel': 'Delete',
'description': 'some_test_rule',
'userId': 'dummy'
}]
},
'connection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.parent_zone = parent_zone_change['zone']
# mimicking the spec example
ds_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'example.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'example.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'example.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.ds_zone = ds_zone_change['zone']
# zone with name configured for manual review
requires_review_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'zone.requires.review.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.requires_review_zone = requires_review_zone_change['zone']
get_shared_zones = self.shared_zone_vinyldns_client.list_zones(
status=200)['zones']
shared_zone = [
zone for zone in get_shared_zones
if zone['name'] == "shared."
]
non_test_shared_zone = [
zone for zone in get_shared_zones
if zone['name'] == "non.test.shared."
]
shared_zone_change = self.set_up_shared_zone(
shared_zone[0]['id'])
self.shared_zone = shared_zone_change['zone']
non_test_shared_zone_change = self.set_up_shared_zone(
non_test_shared_zone[0]['id'])
self.non_test_shared_zone = non_test_shared_zone_change['zone']
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
ok_zone_change[u'zone'][u'id'])
self.dummy_vinyldns_client.wait_until_zone_active(
dummy_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_reverse_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_16_nibble_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
ip4_reverse_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
classless_base_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
classless_zone_delegation_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
parent_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
ds_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(
requires_review_zone_change[u'zone'][u'id'])
self.history_client.wait_until_zone_active(
history_zone_change[u'zone'][u'id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(
shared_zone_change)
shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(
self.shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(
non_test_shared_zone_change)
non_test_shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(
self.non_test_shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(
shared_sync_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(
non_test_shared_sync_change)
# validate all in there
zones = self.dummy_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
zones = self.ok_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(10))
zones = self.shared_zone_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
# initialize history
self.init_history()
# initalize group activity
self.init_group_activity()
# initialize list zones, only do this when constructing the whole!
self.list_zones.build()
# note: there are no state to load, the tests only need the client
self.list_zones_client = self.list_zones.client
# build the list of records; note: we do need to save the test records
self.list_records_context.build()
# build the list of groups
self.list_groups_context.build()
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
# We need to load somethings AFTER we are all initialized, do that here
self.list_batch_summaries_context = ListBatchChangeSummariesTestContext(
self)
def init_history(self):
from test_data import TestData
import copy
# Initialize the zone history
# change the zone nine times to we have update events in zone change history,
# ten total changes including creation
for i in range(2, 11):
zone_update = copy.deepcopy(self.history_zone)
zone_update['connection']['key'] = VinylDNSTestContext.dns_key
zone_update['transferConnection'][
'key'] = VinylDNSTestContext.dns_key
zone_update[
'email'] = 'i.changed.this.{0}[email protected]'.format(
i)
zone_update = self.history_client.update_zone(zone_update,
status=202)['zone']
# create some record sets
test_a = TestData.A.copy()
test_a['zoneId'] = self.history_zone['id']
test_aaaa = TestData.AAAA.copy()
test_aaaa['zoneId'] = self.history_zone['id']
test_cname = TestData.CNAME.copy()
test_cname['zoneId'] = self.history_zone['id']
a_record = self.history_client.create_recordset(
test_a, status=202)['recordSet']
aaaa_record = self.history_client.create_recordset(
test_aaaa, status=202)['recordSet']
cname_record = self.history_client.create_recordset(
test_cname, status=202)['recordSet']
# wait here for all the record sets to be created
self.history_client.wait_until_recordset_exists(
a_record['zoneId'], a_record['id'])
self.history_client.wait_until_recordset_exists(
aaaa_record['zoneId'], aaaa_record['id'])
self.history_client.wait_until_recordset_exists(
cname_record['zoneId'], cname_record['id'])
# update the record sets
a_record_update = copy.deepcopy(a_record)
a_record_update['ttl'] += 100
a_record_update['records'][0]['address'] = '9.9.9.9'
a_change = self.history_client.update_recordset(a_record_update,
status=202)
aaaa_record_update = copy.deepcopy(aaaa_record)
aaaa_record_update['ttl'] += 100
aaaa_record_update['records'][0]['address'] = '2003:db8:0:0:0:0:0:4'
aaaa_change = self.history_client.update_recordset(aaaa_record_update,
status=202)
cname_record_update = copy.deepcopy(cname_record)
cname_record_update['ttl'] += 100
cname_record_update['records'][0]['cname'] = 'changed-cname.'
cname_change = self.history_client.update_recordset(
cname_record_update, status=202)
self.history_client.wait_until_recordset_change_status(
a_change, 'Complete')
self.history_client.wait_until_recordset_change_status(
aaaa_change, 'Complete')
self.history_client.wait_until_recordset_change_status(
cname_change, 'Complete')
# delete the recordsets
self.history_client.delete_recordset(a_record['zoneId'],
a_record['id'])
self.history_client.delete_recordset(aaaa_record['zoneId'],
aaaa_record['id'])
self.history_client.delete_recordset(cname_record['zoneId'],
cname_record['id'])
self.history_client.wait_until_recordset_deleted(
a_record['zoneId'], a_record['id'])
self.history_client.wait_until_recordset_deleted(
aaaa_record['zoneId'], aaaa_record['id'])
self.history_client.wait_until_recordset_deleted(
cname_record['zoneId'], cname_record['id'])
def init_group_activity(self):
client = self.ok_vinyldns_client
created_group = None
group_name = 'test-list-group-activity-max-item-success'
# cleanup existing group if it's already in there
groups = client.list_all_my_groups()
existing = [grp for grp in groups if grp['name'] == group_name]
for grp in existing:
client.delete_group(grp['id'], status=200)
members = [{'id': 'ok'}]
new_group = {
'name': group_name,
'email': '*****@*****.**',
'members': members,
'admins': [{
'id': 'ok'
}]
}
created_group = client.create_group(new_group, status=200)
update_groups = []
updated_groups = []
# each update changes the member
for runner in range(0, 10):
id = "dummy{0:0>3}".format(runner)
members = [{'id': id}]
update_groups.append({
'id': created_group['id'],
'name': group_name,
'email': '*****@*****.**',
'members': members,
'admins': [{
'id': 'ok'
}]
})
updated_groups.append(
client.update_group(update_groups[runner]['id'],
update_groups[runner],
status=200))
self.group_activity_created = created_group
self.group_activity_updated = updated_groups
def load_fixture_file(self, fixture_file):
# The fixture file contains all of the groups and zones,
# The format is simply json where groups = [] and zones = []
import json
with open(fixture_file) as json_file:
data = json.load(json_file)
self.ok_group = data['ok_group']
self.ok_zone = data['ok_zone']
self.dummy_group = data['dummy_group']
self.shared_record_group = data['shared_record_group']
self.dummy_zone = data['dummy_zone']
self.ip6_reverse_zone = data['ip6_reverse_zone']
self.ip6_16_nibble_zone = data['ip6_16_nibble_zone']
self.ip4_reverse_zone = data['ip4_reverse_zone']
self.classless_base_zone = data['classless_base_zone']
self.classless_zone_delegation_zone = data[
'classless_zone_delegation_zone']
self.system_test_zone = data['system_test_zone']
self.parent_zone = data['parent_zone']
self.ds_zone = data['ds_zone']
self.requires_review_zone = data['requires_review_zone']
self.shared_zone = data['shared_zone']
self.non_test_shared_zone = data['non_test_shared_zone']
self.history_zone = data['history_zone']
self.history_group = data['history_group']
self.group_activity_created = data['group_activity_created']
self.group_activity_updated = data['group_activity_updated']
def out_fixture_file(self, fixture_file):
print "\r\n!!! PRINTING OUT FIXTURE FILE !!!"
import json
# output the fixture file, be sure to be in sync with the load_fixture_file
data = {
'ok_group': self.ok_group,
'ok_zone': self.ok_zone,
'dummy_group': self.dummy_group,
'shared_record_group': self.shared_record_group,
'dummy_zone': self.dummy_zone,
'ip6_reverse_zone': self.ip6_reverse_zone,
'ip6_16_nibble_zone': self.ip6_16_nibble_zone,
'ip4_reverse_zone': self.ip4_reverse_zone,
'classless_base_zone': self.classless_base_zone,
'classless_zone_delegation_zone':
self.classless_zone_delegation_zone,
'system_test_zone': self.system_test_zone,
'parent_zone': self.parent_zone,
'ds_zone': self.ds_zone,
'requires_review_zone': self.requires_review_zone,
'shared_zone': self.shared_zone,
'non_test_shared_zone': self.non_test_shared_zone,
'history_zone': self.history_zone,
'history_group': self.history_group,
'group_activity_created': self.group_activity_created,
'group_activity_updated': self.group_activity_updated
}
with open(fixture_file, 'w') as out_file:
json.dump(data, out_file)
def set_up_shared_zone(self, zone_id):
# shared zones are created through test data loader, but needs connection info added here to use
get_shared_zone = self.shared_zone_vinyldns_client.get_zone(zone_id)
shared_zone = get_shared_zone['zone']
connection_info = {
'name': 'shared.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
shared_zone['connection'] = connection_info
shared_zone['transferConnection'] = connection_info
return self.shared_zone_vinyldns_client.update_zone(shared_zone,
status=202)
def tear_down(self):
"""
The ok_vinyldns_client is a zone admin on _all_ the zones.
We shouldn't have to do any checks now, as zone admins have full rights to all zones, including
deleting all records (even in the old shared model)
"""
self.list_zones.tear_down()
self.list_records_context.tear_down()
if self.list_batch_summaries_context:
self.list_batch_summaries_context.tear_down(self)
if self.list_groups_context:
self.list_groups_context.tear_down()
clear_zones(self.dummy_vinyldns_client)
clear_zones(self.ok_vinyldns_client)
clear_zones(self.history_client)
clear_groups(self.dummy_vinyldns_client, "global-acl-group-id")
clear_groups(self.ok_vinyldns_client, "global-acl-group-id")
clear_groups(self.history_client)
@staticmethod
def confirm_member_in_group(client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))