def test():
global vm
global test_account_uuid
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm_with_volume(session_uuid=test_account_session)
vm.check()
volumes_number = len(test_lib.lib_get_all_volumes(vm.vm))
if volumes_number != 2:
test_util.test_fail(
'Did not find 2 volumes for [vm:] %s. But we assigned 1 data volume when create the vm. We only catch %s volumes'
% (vm.vm.uuid, volumes_number))
else:
test_util.test_logger('Find 2 volumes for [vm:] %s.' % vm.vm.uuid)
vm.destroy(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('Create VM with volume by normal user account Success')
def test():
#Enable twofa and check login
password = '******'
session_uuid = acc_ops.login_as_admin()
twofa_enabled = conf_ops.get_global_config_value('twofa', 'twofa.enable')
if twofa_enabled == 'false':
conf_ops.change_global_config('twofa', 'twofa.enable', 'true')
twofa = acc_ops.get_twofa_auth_secret('admin', password, session_uuid = session_uuid)
secret = twofa.secret
twofa_status = twofa.status
if twofa_status != 'NewCreated':
test_util.test_fail("The twofa auth secret statue should be 'NewCreated' but it's %s" %twofa_status)
security_code = test_stub.get_security_code(secret)
session1_uuid = acc_ops.login_by_account('admin', password, system_tags=['twofatoken::%s' %security_code])
if session1_uuid != None:
test_util.test_logger("Enable twofa and login with security code passed")
twofa_status = acc_ops.get_twofa_auth_secret('admin', password, session_uuid = session_uuid).status
if twofa_status != 'Logined':
test_util.test_fail("The twofa auth secret statue should be 'Logined' but it's %s" %twofa_status)
#Disable twofa and check login again
conf_ops.change_global_config('twofa', 'twofa.enable', 'false', session_uuid = session_uuid)
session2_uuid = acc_ops.login_as_admin()
if session2_uuid != None:
test_util.test_pass("Disable twofa and login without security code passed")
test_util.test_fail("Fail to login without security code after twofa disabled")
def test():
global vm
global test_account_uuid
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm(session_uuid = test_account_session)
vm.check()
vm.stop(session_uuid = test_account_session)
vm.check()
vm.start(session_uuid = test_account_session)
vm.check()
vm.reboot(session_uuid = test_account_session)
vm.check()
vm.destroy(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('Operate VM by normal user account Success')
def test():
global vm, test_account_uuid, test_account_session
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm(vm_name='c7-vm-no-sys-tag',
image_name="imageName_i_c7_no_tag",
session_uuid=test_account_session)
vm.check()
backup_storage_list = test_lib.lib_get_backup_storage_list_by_vm(vm.vm)
for bs in backup_storage_list:
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.SFTP_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.CEPH_BACKUP_STORAGE_TYPE:
break
else:
vm.destroy()
test_util.test_skip('Not find image store type backup storage.')
for (usr, passwd) in zip(users, passwds):
if usr not in exist_users:
test_stub.create_user_in_vm(vm.get_vm(), usr, passwd)
exist_users.append(usr)
#When vm is running:
#res_ops.enable_change_vm_password("true", vm.get_vm().uuid, 'VmInstanceVO', session_uuid = test_account_session)
vm_ops.set_vm_qga_enable(vm.get_vm().uuid,
session_uuid=test_account_session)
vm_ops.change_vm_password(vm.get_vm().uuid,
usr,
passwd,
skip_stopped_vm=None,
session_uuid=test_account_session)
if not test_lib.lib_check_login_in_vm(vm.get_vm(), usr, passwd):
test_util.test_fail("create vm with user:%s password: %s failed",
usr, passwd)
vm_ops.change_vm_password(vm.get_vm().uuid,
"root",
test_stub.original_root_password,
session_uuid=test_account_session)
vm.check()
vm.destroy(test_account_session)
vm.check()
vm.expunge(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass(
'enable and change vm password by normal user account Success')
def test():
import uuid
account_name1 = uuid.uuid1().get_hex()
account_pass1 = uuid.uuid1().get_hex()
account_pass1 = hashlib.sha512(account_name1).hexdigest()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_uuid1 = test_account1.get_account().uuid
test_account_session1 = acc_ops.login_by_account(account_name1, account_pass1)
account_name2 = uuid.uuid1().get_hex()
account_pass2 = uuid.uuid1().get_hex()
account_pass2 = hashlib.sha512(account_name2).hexdigest()
test_account2 = test_account.ZstackTestAccount()
test_account2.create(account_name2, account_pass2)
test_obj_dict.add_account(test_account2)
test_account_uuid2 = test_account2.get_account().uuid
test_account_session2 = acc_ops.login_by_account(account_name2, account_pass2)
test_stub.share_admin_resource([test_account_uuid1, test_account_uuid2])
vm1 = test_stub.create_vm(session_uuid=test_account_session1)
test_obj_dict.add_vm(vm1)
vm1.check()
vm1.stop(session_uuid=test_account_session1)
vm1.check()
vm2 = test_stub.create_vm(session_uuid=test_account_session2)
test_obj_dict.add_vm(vm2)
vm2.check()
vm1.start(session_uuid=test_account_session1)
vm1.check()
vm1.destroy(test_account_session1)
test_obj_dict.rm_vm(vm1)
vm1.check()
vm2.check()
vm2.destroy(test_account_session2)
test_obj_dict.rm_vm(vm2)
test_account1.delete()
test_obj_dict.rm_account(test_account1)
test_account2.delete()
test_obj_dict.rm_account(test_account2)
test_util.test_pass("Multiple normal account with VM operations test Success")
def test():
import uuid
account_name1 = uuid.uuid1().get_hex()
account_pass1 = uuid.uuid1().get_hex()
account_pass1 = hashlib.sha512(account_name1).hexdigest()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_uuid1 = test_account1.get_account().uuid
test_account_session1 = acc_ops.login_by_account(account_name1, account_pass1)
account_name2 = uuid.uuid1().get_hex()
account_pass2 = uuid.uuid1().get_hex()
account_pass2 = hashlib.sha512(account_name2).hexdigest()
test_account2 = test_account.ZstackTestAccount()
test_account2.create(account_name2, account_pass2)
test_obj_dict.add_account(test_account2)
test_account_uuid2 = test_account2.get_account().uuid
test_account_session2 = acc_ops.login_by_account(account_name2, account_pass2)
test_stub.share_admin_resource([test_account_uuid1, test_account_uuid2])
vm1 = test_stub.create_vm(session_uuid = test_account_session1)
test_obj_dict.add_vm(vm1)
vm1.check()
vm1.stop(session_uuid = test_account_session1)
vm1.check()
vm2 = test_stub.create_vm(session_uuid = test_account_session2)
test_obj_dict.add_vm(vm2)
vm2.check()
vm1.start(session_uuid = test_account_session1)
vm1.check()
vm1.destroy(test_account_session1)
test_obj_dict.rm_vm(vm1)
vm1.check()
vm2.check()
vm2.destroy(test_account_session2)
test_obj_dict.rm_vm(vm2)
test_account1.delete()
test_obj_dict.rm_account(test_account1)
test_account2.delete()
test_obj_dict.rm_account(test_account2)
test_util.test_pass('Multiple normal account with VM operations test Success')
def test():
global vm, test_account_uuid, test_account_session, image_uuid
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
img_cond = res_ops.gen_query_conditions("name", '=', "centos7-installation-no-system-tag")
img_inv = res_ops.query_resource_fields(res_ops.IMAGE, img_cond, None)
image_uuid = img_inv[0].uuid
#res_ops.enable_change_vm_password("true", image_uuid, 'ImageVO', session_uuid = test_account_session)
img_ops.set_image_qga_enable(image_uuid, session_uuid = test_account_session)
vm = test_stub.create_vm(vm_name = 'c7-vm-no-sys-tag', image_name = "imageName_i_c7_no_tag", session_uuid = test_account_session)
vm.check()
backup_storage_list = test_lib.lib_get_backup_storage_list_by_vm(vm.vm)
for bs in backup_storage_list:
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.SFTP_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.CEPH_BACKUP_STORAGE_TYPE:
break
else:
vm.destroy()
test_util.test_skip('Not find image store type backup storage.')
for (usr,passwd) in zip(users, passwds):
if usr not in exist_users:
test_stub.create_user_in_vm(vm.get_vm(), usr, passwd)
exist_users.append(usr)
#When vm is running:
vm_ops.change_vm_password(vm.get_vm().uuid, usr, passwd, skip_stopped_vm = None, session_uuid = test_account_session)
if not test_lib.lib_check_login_in_vm(vm.get_vm(), usr, passwd):
test_util.test_fail("create vm with user:%s password: %s failed", usr, passwd)
vm_ops.change_vm_password(vm.get_vm().uuid, "root", test_stub.original_root_password, session_uuid = test_account_session)
vm.check()
#res_ops.enable_change_vm_password("false", img_inv[0].uuid, 'ImageVO', session_uuid = test_account_session)
img_ops.set_image_qga_disable(img_inv[0].uuid, session_uuid = test_account_session)
vm.destroy(test_account_session)
vm.check()
vm.expunge(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('enable and change vm password by normal user account Success')
def test():
global vid_uuid, vid_uuid2
iam2_ops.clean_iam2_enviroment()
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
vid_tst_obj2 = None
if flavor['target_role'] == 'system_admin':
attributes = [{"name": "__SystemAdmin__"}]
username = "******"
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
system_admin_session_uuid = acc_ops.login_by_account(username, password)
#create systemadmin by systemadmin session
vid_tst_obj2 = test_vid.ZstackTestVid()
vid_tst_obj2.create("systemsubadmin", password, session_uuid=system_admin_session_uuid, without_default_role="true")
vid_uuid2 = vid_tst_obj2.get_vid().uuid
iam2_ops.add_attributes_to_iam2_virtual_id(vid_uuid2, attributes, session_uuid=system_admin_session_uuid)
role_uuid = iam2_ops.create_role('systemAdminSubRole').uuid
statements = [{"effect":"Allow","actions":["org.zstack.header.image.**"]}]
iam2_ops.add_policy_statements_to_role(role_uuid, statements)
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], vid_tst_obj2.get_vid().uuid)
elif flavor['target_role'] == 'security_admin':
attributes = [{"name": "__SecurityAdmin__"}]
username = "******"
vid_tst_obj.create(username, password, without_default_role="true")
vid_uuid = vid_tst_obj.get_vid().uuid
iam2_ops.add_attributes_to_iam2_virtual_id(vid_uuid, attributes)
elif flavor['target_role'] == 'audit_admin':
attributes = [{"name": "__AuditAdmin__"}]
username = "******"
vid_tst_obj.create(username, password, without_default_role="true")
vid_uuid = vid_tst_obj.get_vid().uuid
iam2_ops.add_attributes_to_iam2_virtual_id(vid_uuid, attributes)
else:
test_util.test_fail("not a candidate role")
vid_tst_obj.set_vid_attributes(attributes)
vid_tst_obj.check()
vid_tst_obj.delete()
if vid_tst_obj2:
iam2_ops.delete_iam2_virtual_id(vid_uuid2)
test_util.test_pass('success test 3 admins attributes!')
def test():
import uuid
test_util.test_dsc('Create an normal account and login with it')
account_name1 = uuid.uuid1().get_hex()
account_pass1 = hashlib.sha512(account_name1).hexdigest()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_session = acc_ops.login_by_account(account_name1, account_pass1)
test_util.test_dsc('Create an normal user-1 under the new account and login with it')
user_name1 = uuid.uuid1().get_hex()
user_pass1 = hashlib.sha512(user_name1).hexdigest()
test_user1 = test_user.ZstackTestUser()
test_user1.create(user_name1, user_pass1, session_uuid = test_account_session)
test_obj_dict.add_user(test_user1)
login_output = login_cli_by_user(account_name1, user_name1, user_name1)
if login_output.find('%s/%s >>>' % (account_name1, user_name1)) < 0:
test_util.test_fail('zstack-cli is not display correct name for logined user: %s' % (login_output))
test_util.test_dsc('Create an normal user-2 under the new account and login with it')
user_name2 = uuid.uuid1().get_hex()
user_pass2 = hashlib.sha512(user_name2).hexdigest()
test_user2 = test_user.ZstackTestUser()
test_user2.create(user_name2, user_pass2, session_uuid = test_account_session)
test_obj_dict.add_user(test_user2)
login_output = login_cli_by_user(account_name1, user_name2, user_name2)
if login_output.find('%s/%s >>>' % (account_name1, user_name2)) < 0:
test_util.test_fail('zstack-cli is not display correct name for logined user: %s' % (login_output))
test_util.test_dsc('Delete user-2 and check the login status')
test_user2.delete()
test_obj_dict.rm_user(test_user2)
query_output = test_query()
if query_output.find('- >>>') < 0:
test_util.test_fail('zstack-cli is not display correct after delete user: %s' % (query_output))
test_util.test_dsc('login user-1, logout user-1 and check the login status')
login_output = login_cli_by_user(account_name1, user_name1, user_name1)
if login_output.find('%s/%s >>>' % (account_name1, user_name1)) < 0:
test_util.test_fail('zstack-cli is not display correct name for logined user: %s' % (login_output))
logout_output = logout_cli()
if logout_output.find('- >>>') < 0:
test_util.test_fail('zstack-cli is not display correct after logout: %s' % (login_output))
test_user1.delete()
test_account1.delete()
test_obj_dict.rm_user(test_user1)
test_obj_dict.rm_account(test_account1)
def test():
global vm, test_account_uuid, test_account_session
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm(vm_name = 'c7-vm', image_name = "imageName_i_c7", session_uuid = test_account_session)
vm.check()
backup_storage_list = test_lib.lib_get_backup_storage_list_by_vm(vm.vm)
for bs in backup_storage_list:
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.SFTP_BACKUP_STORAGE_TYPE:
break
if bs.type == inventory.CEPH_BACKUP_STORAGE_TYPE:
break
else:
vm.destroy()
test_util.test_skip('Not find image store type backup storage.')
for (usr,passwd) in zip(users, passwds):
if usr not in exist_users:
test_stub.create_user_in_vm(vm.get_vm(), usr, passwd)
exist_users.append(usr)
#When vm is running:
vm_ops.change_vm_password(vm.get_vm().uuid, usr, passwd, skip_stopped_vm = None, session_uuid = test_account_session)
if not test_lib.lib_check_login_in_vm(vm.get_vm(), usr, passwd):
test_util.test_fail("create vm with user:%s password: %s failed", usr, passwd)
#When vm is stopped:
#vm.stop(session_uuid = test_account_session)
vm_ops.change_vm_password(vm.get_vm().uuid, "root", test_stub.original_root_password, session_uuid = test_account_session)
#vm.start(session_uuid = test_account_session)
vm.check()
vm.destroy(test_account_session)
vm.check()
vm.expunge(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('change vm password by normal user account Success')
def test():
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
global vm
bs_cond = res_ops.gen_query_conditions("status", '=', "Connected")
bss = res_ops.query_resource_fields(res_ops.BACKUP_STORAGE,
bs_cond,
None,
fields=['uuid'])
if not bss:
test_util.test_skip("not find available backup storage. Skip test")
test_util.test_dsc('Test change vm image with quota limited')
test_account_uuid = test_account.uuid
#set normal account's storage capacity as 4G
acc_ops.update_quota(test_account.uuid, "volume.capacity", "4294967296")
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm(session_uuid=test_account_session)
vm.check()
image_option = test_util.ImageOption()
image_option.set_name('8G')
image_option.set_format('qcow2')
image_option.set_url(
"http://172.20.1.15:7480/diskimages/CentOS-7-x86_64-Cloudinit-8G-official.qcow2"
)
image_option.set_backup_storage_uuid_list([bss[0].uuid])
new_image = zstack_image_header.ZstackTestImage()
new_image.set_creation_option(image_option)
new_image.add_root_volume_template()
test_stub.share_admin_resource([test_account_uuid])
vm.stop(session_uuid=test_account_session)
image_uuid = test_lib.lib_get_image_by_name("8G").uuid
try:
vm_ops.change_vm_image(vm.get_vm().uuid,
image_uuid,
session_uuid=test_account_session)
except:
acc_ops.delete_account(test_account_uuid)
img_ops.delete_image(test_lib.lib_get_image_by_name('8G').uuid)
test_util.test_pass(
'Change Vm Image With Limited Storage Quota Test Success ')
test_util.test_fail('Overstep the limit of storage capacity')
def test():
global vm, test_account_uuid, test_account_session, image_uuid
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
img_cond = res_ops.gen_query_conditions("name", '=', "centos7-installation-no-system-tag")
img_inv = res_ops.query_resource_fields(res_ops.IMAGE, img_cond, None)
image_uuid = img_inv[0].uuid
try:
img_ops.set_image_qga_enable(image_uuid, session_uuid = test_account_session)
except:
test_util.test_pass('Enable and change vm password by normal user account Success')
test_util.test_fail('It should be raise exception when setImageQga after image is shared to this normal account, however, got no exception.')
def test():
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name,account_pass)
global vm
bs_cond = res_ops.gen_query_conditions("status", '=', "Connected")
bss = res_ops.query_resource_fields(res_ops.BACKUP_STORAGE, bs_cond, None, fields=['uuid'])
if not bss:
test_util.test_skip("not find available backup storage. Skip test")
test_util.test_dsc('Test change vm image with quota limited')
test_account_uuid = test_account.uuid
#set normal account's storage capacity as 4G
acc_ops.update_quota(test_account.uuid,"volume.capacity","4294967296")
test_account_session = acc_ops.login_by_account(account_name,account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm(session_uuid = test_account_session)
vm.check()
image_option = test_util.ImageOption()
image_option.set_name('8G')
image_option.set_format('qcow2')
image_option.set_url(os.environ.get('imageServer')+"/diskimages/CentOS-7-x86_64-Cloudinit-8G-official.qcow2")
image_option.set_backup_storage_uuid_list([bss[0].uuid])
new_image = zstack_image_header.ZstackTestImage()
new_image.set_creation_option(image_option)
new_image.add_root_volume_template()
test_stub.share_admin_resource([test_account_uuid])
vm.stop(session_uuid = test_account_session)
image_uuid = test_lib.lib_get_image_by_name("8G").uuid
try:
vm_ops.change_vm_image(vm.get_vm().uuid,image_uuid,session_uuid = test_account_session)
except:
acc_ops.delete_account(test_account_uuid)
img_ops.delete_image(test_lib.lib_get_image_by_name('8G').uuid)
test_util.test_pass('Change Vm Image With Limited Storage Quota Test Success ')
test_util.test_fail('Overstep the limit of storage capacity')
def test():
global vm
global test_account_uuid
import uuid
account_name = uuid.uuid1().get_hex()
account_pass = uuid.uuid1().get_hex()
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_stub.share_admin_resource([test_account_uuid])
vm = test_stub.create_vm_with_volume(session_uuid = test_account_session)
vm.check()
volumes_number = len(test_lib.lib_get_all_volumes(vm.vm))
if volumes_number != 2:
test_util.test_fail('Did not find 2 volumes for [vm:] %s. But we assigned 1 data volume when create the vm. We only catch %s volumes' % (vm.vm.uuid, volumes_number))
else:
test_util.test_logger('Find 2 volumes for [vm:] %s.' % vm.vm.uuid)
vm.destroy(test_account_session)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('Create VM with volume by normal user account Success')
def test():
global linked_account_uuid,project_uuid,project_operator_uuid,account_lists,l2_uuid,account1_uuid,account2_uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
# 1 create project
project_name = 'test_shared_project1'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
# 2 create project operator
project_operator_name = 'username_share1'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
l2_inv = net_ops.create_l2_vlan('L2_vlan_2221', 'eth0', zone_uuid, '2221')
l2_uuid = l2_inv.inventory.uuid
test_util.test_dsc('share admin resoure to normal account')
cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2221')
flat_l2_uuid = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid
acc_ops.share_resources([linked_account_uuid], [flat_l2_uuid])
# ut_util.test_dsc('create L3_flat_network names is L3_flat_network by normal account')
l3_inv = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network', 'L3BasicNetwork', flat_l2_uuid, 'local.com', session_uuid = project_login_uuid)
l3_uuid = l3_inv.inventory.uuid
l3_dns = '223.5.5.5'
start_ip = '192.168.123.2'
end_ip = '192.168.123.10'
gateway = '192.168.123.1'
netmask = '255.255.255.0'
test_util.test_dsc('add DNS and IP_Range for L3_flat_network')
sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid, l3_dns, session_uuid = project_login_uuid)
sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid, start_ip, end_ip, gateway, netmask, session_uuid = project_login_uuid)
test_util.test_dsc('query flat provider and attach network service to L3_flat_network')
provider_name = 'Flat Network Service Provider'
conditions = res_ops.gen_query_conditions('name', '=', provider_name)
net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = project_login_uuid).inventories[0]
pro_uuid = net_provider_list.uuid
sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid,pro_uuid, session_uuid = project_login_uuid)
test_stub.share_admin_resource_1([linked_account_uuid])
vm = test_stub.create_vm(session_uuid=project_login_uuid)
test_obj_dict.add_vm(vm)
#create normal account
test_util.test_dsc('create normal account')
account_name = 'test_abc'
#account_pass = hashlib.sha512(account_name).hexdigest()
account_pass = '******'
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_util.test_dsc('share admin resoure to normal account test_abc')
test_stub.share_admin_resource_1([test_account_uuid])
l2_inv1 = sce_ops.create_l2_vlan(zstack_management_ip, 'L2_vlan_2215', 'eth0', '2215', zone_uuid)
l2_uuid1 = l2_inv1.inventory.uuid
test_util.test_dsc('attach L2 netowrk to cluster')
sce_ops.attach_l2(zstack_management_ip, l2_uuid1, cluster_uuid)
#share admin resoure to normal account
test_util.test_dsc('share L2 L2_vlan_2215 to normal account test_a')
cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2215')
flat_l2_uuid1 = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid
acc_ops.share_resources([test_account_uuid], [flat_l2_uuid1])
test_account_session = acc_ops.login_by_account(account_name, account_pass)
l3_inv1 = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network1', 'L3BasicNetwork', flat_l2_uuid1, 'local.com', session_uuid = test_account_session)
l3_uuid1 = l3_inv1.inventory.uuid
l3_dns = '223.5.5.5'
start_ip = '192.168.126.2'
end_ip = '192.168.126.10'
gateway = '192.168.126.1'
netmask = '255.255.255.0'
test_util.test_dsc('add DNS and IP_Range for L3_flat_network1')
sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid1, l3_dns, session_uuid = test_account_session)
sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid1, start_ip, end_ip, gateway, netmask, session_uuid = test_account_session)
test_util.test_dsc('query flat provider and attach network service to L3_flat_network')
provider_name = 'Flat Network Service Provider'
conditions = res_ops.gen_query_conditions('name', '=', provider_name)
net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = test_account_session).inventories[0]
pro_uuid = net_provider_list.uuid
sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid1,pro_uuid, session_uuid = test_account_session)
vm2 = test_stub.create_vm(session_uuid = test_account_session)
test_util.test_dsc('test success normal acount create L3 by admin share L2 ')
test_obj_dict.add_vm(vm2)
# 9 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_lib.lib_error_cleanup(test_obj_dict)
net_ops.delete_l2(l2_uuid)
net_ops.delete_l2(l2_uuid1)
acc_ops.delete_account(test_account_uuid)
def test():
import uuid
account_name1 = uuid.uuid1().get_hex()
account_pass1 = uuid.uuid1().get_hex()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_uuid1 = test_account1.get_account().uuid
test_account_session1 = acc_ops.login_by_account(account_name1, account_pass1)
account_name2 = uuid.uuid1().get_hex()
account_pass2 = uuid.uuid1().get_hex()
test_account2 = test_account.ZstackTestAccount()
test_account2.create(account_name2, account_pass2)
test_obj_dict.add_account(test_account2)
test_account_uuid2 = test_account2.get_account().uuid
test_account_session2 = acc_ops.login_by_account(account_name2, account_pass2)
test_stub.share_admin_resource([test_account_uuid1, test_account_uuid2])
vm1 = test_stub.create_user_vlan_vm(session_uuid = test_account_session1)
test_obj_dict.add_vm(vm1)
vm1.check()
vm1.stop(session_uuid = test_account_session1)
vm1.check()
vm2 = test_stub.create_user_vlan_vm(session_uuid = test_account_session2)
test_obj_dict.add_vm(vm2)
vm2.check()
vm1.start(session_uuid = test_account_session1)
vm1.check()
test_account1.delete()
test_obj_dict.rm_account(test_account1)
vm1.set_state(test_vm_header.DESTROYED)
vm1.check()
vr_vm = test_lib.lib_find_vr_by_vm(vm2.get_vm())
if not vr_vm:
test_util.test_fail('VR is deleted, after account1 is deleted')
vm2.check()
vm2.stop(test_account_session2)
vm2.start(test_account_session2)
vm2.check()
vm2.destroy(test_account_session2)
test_obj_dict.rm_vm(vm2)
account_name3 = uuid.uuid1().get_hex()
account_pass3 = uuid.uuid1().get_hex()
test_account3 = test_account.ZstackTestAccount()
test_account3.create(account_name3, account_pass3)
test_obj_dict.add_account(test_account3)
test_account_uuid3 = test_account3.get_account().uuid
test_account_session3 = acc_ops.login_by_account(account_name3, account_pass3)
test_stub.share_admin_resource([test_account_uuid3])
vm3 = test_stub.create_user_vlan_vm(session_uuid = test_account_session3)
test_obj_dict.add_vm(vm3)
vm3.check()
vm3.destroy()
test_obj_dict.rm_vm(vm3)
test_account3.delete()
test_obj_dict.rm_account(test_account3)
test_account2.delete()
test_obj_dict.rm_account(test_account2)
test_util.test_pass('Multiple normal account with VM operations test Success')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.network.service.lb.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# certificate
cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_login_uuid)
net_ops.delete_certificate(cert.uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global vm, session_uuid
global all_volume_offering_uuid, rw_volume_offering_uuid, instance_offering_uuid
global test_account_uuid
test_util.test_dsc('Test normal account change the qos network and volume ')
#create normal account
test_util.test_dsc('create normal account')
account_name = 'a'
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
#create disk offering
test_util.test_dsc('create disk offering')
name_all = 'all_disk_offering'
volume_bandwidth = 30*1024*1024
all_volume_offering = test_lib.lib_create_disk_offering(name = name_all, volume_bandwidth = volume_bandwidth)
all_volume_offering_uuid = all_volume_offering.uuid
name_rw = 'rw_disk_offering'
volume_read_bandwidth = 90*1024*1024
volume_write_bandwidth = 100*1024*1024
rw_volume_offering = test_lib.lib_create_disk_offering(name = name_rw, read_bandwidth = volume_read_bandwidth, write_bandwidth = volume_write_bandwidth)
rw_volume_offering_uuid = rw_volume_offering.uuid
#create instance offering
test_util.test_dsc('create instance offering')
read_bandwidth = 50*1024*1024
write_bandwidth = 60*1024*1024
net_outbound_bandwidth = 70*1024*1024
net_inbound_bandwidth = 80*1024*1024
new_instance_offering = test_lib.lib_create_instance_offering(read_bandwidth = read_bandwidth, write_bandwidth=write_bandwidth, net_outbound_bandwidth = net_outbound_bandwidth, net_inbound_bandwidth = net_inbound_bandwidth)
instance_offering_uuid = new_instance_offering.uuid
#share admin resoure to normal account
test_util.test_dsc('share admin resoure to normal account')
test_stub.share_admin_resource([test_account_uuid])
acc_ops.share_resources([test_account_uuid], [all_volume_offering_uuid, rw_volume_offering_uuid])
#create vm with 2 data volumes
test_util.test_dsc('create vm with volumes qos by normal account a')
l3net_uuid = res_ops.get_resource(res_ops.L3_NETWORK, session_uuid = test_account_session)[0].uuid
cond = res_ops.gen_query_conditions('platform', '=', 'Linux')
image_uuid = res_ops.query_resource(res_ops.IMAGE, cond, session_uuid = test_account_session)[0].uuid
vm_creation_option = test_util.VmOption()
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
vm_creation_option.set_image_uuid(image_uuid)
vm_creation_option.set_l3_uuids([l3net_uuid])
vm = test_stub.create_vm_with_volume(vm_creation_option = vm_creation_option, data_volume_uuids = [all_volume_offering_uuid, rw_volume_offering_uuid], session_uuid = test_account_session)
vm_inv = vm.get_vm()
# get the nic uuid
test_util.test_dsc('get the vm_nic')
l3_uuid = vm_inv.vmNics[0].l3NetworkUuid
vm_nic = test_lib.lib_get_vm_nic_by_l3(vm_inv, l3_uuid)
# get the volume uuid
test_util.test_dsc('get the vm data volumes')
cond1 = res_ops.gen_query_conditions("diskOfferingUuid", '=', all_volume_offering_uuid)
cond2 = res_ops.gen_query_conditions("diskOfferingUuid", '=', rw_volume_offering_uuid)
all_volume_uuid = res_ops.query_resource(res_ops.VOLUME, cond1)[0].uuid
rw_volume_uuid = res_ops.query_resource(res_ops.VOLUME, cond2)[0].uuid
#set root disk qos
test_util.test_dsc('set read*2, read/2, write*2, write/2 and del the root disk read and write qos')
try:
vm_ops.set_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, volumeBandwidth = read_bandwidth*2, mode = 'read', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del the root disk read qos')
try:
vm_ops.del_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, mode = 'read', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
vm_ops.set_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, volumeBandwidth = read_bandwidth/2, mode = 'read', session_uuid = test_account_session)
test_util.test_dsc('set 2 times the root disk write qos')
try:
vm_ops.set_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, volumeBandwidth = write_bandwidth*2, mode = 'write', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del the root disk write qos')
try:
vm_ops.del_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, mode = 'write', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('set below the root disk write qos')
vm_ops.set_vm_disk_qos(test_lib.lib_get_root_volume(vm_inv).uuid, volumeBandwidth = write_bandwidth/2, mode = 'write', session_uuid = test_account_session)
#set data disk all_volume_uuid qos
test_util.test_dsc('set read*2, read/2, write*2, write/2 and del the volume1 disk read and write qos')
try:
vm_ops.set_vm_disk_qos(all_volume_uuid, volumeBandwidth = volume_bandwidth*2, session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del the data volume qos')
try:
vm_ops.del_vm_disk_qos(all_volume_uuid, session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
vm_ops.set_vm_disk_qos(all_volume_uuid, volumeBandwidth = volume_bandwidth/2, session_uuid = test_account_session)
#set data disk rw_volume_uuid write qos
test_util.test_dsc('set 2 times the data rw_volume_uuid write qos')
try:
vm_ops.set_vm_disk_qos(rw_volume_uuid, volumeBandwidth = volume_write_bandwidth*2, mode = 'write', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del the data rw_volume_uuid write qos')
try:
vm_ops.del_vm_disk_qos(rw_volume_uuid, mode = 'write', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
vm_ops.set_vm_disk_qos(rw_volume_uuid, volumeBandwidth = volume_write_bandwidth/2, mode = 'write', session_uuid = test_account_session)
#set data disk rw_volume_uuid read qos
test_util.test_dsc('set 2 times the data rw_volume_uuid read qos')
try:
vm_ops.set_vm_disk_qos(rw_volume_uuid, volumeBandwidth = volume_read_bandwidth*2, mode = 'read', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del the data rw_volume_uuid read qos')
try:
vm_ops.del_vm_disk_qos(rw_volume_uuid, mode = 'read', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
vm_ops.set_vm_disk_qos(rw_volume_uuid, volumeBandwidth = volume_read_bandwidth/2, mode = 'read', session_uuid = test_account_session)
# set the vm nic qos
test_util.test_dsc('set higher than net out and in ')
try:
vm_ops.set_vm_nic_qos(vm_nic.uuid, outboundBandwidth = net_outbound_bandwidth*2, inboundBandwidth = net_inbound_bandwidth*2, session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('set higher than net out and equal in ')
try:
vm_ops.set_vm_nic_qos(vm_nic.uuid, outboundBandwidth = net_outbound_bandwidth*2, inboundBandwidth = net_inbound_bandwidth, session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del net in ')
try:
vm_ops.del_vm_nic_qos(vm_nic.uuid, direction = 'in', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('del net out ')
try:
vm_ops.del_vm_nic_qos(vm_nic.uuid, direction = 'out', session_uuid = test_account_session)
except:
print "Test results were in line with expectations"
pass
test_util.test_dsc('set equal net out and in ')
try:
vm_ops.set_vm_nic_qos(vm_nic.uuid, outboundBandwidth = net_outbound_bandwidth, inboundBandwidth = net_inbound_bandwidth, session_uuid = test_account_session)
#except:
except Exception as e:
test_util.test_logger(e)
test_util.test_dsc('set below net out and in ')
vm_ops.set_vm_nic_qos(vm_nic.uuid, outboundBandwidth = net_outbound_bandwidth/2, inboundBandwidth = net_inbound_bandwidth/2, session_uuid = test_account_session)
vm.check()
vm.destroy(test_account_session)
vm.check()
vol_ops.delete_disk_offering(all_volume_offering_uuid)
vol_ops.delete_disk_offering(rw_volume_offering_uuid)
vol_ops.delete_volume(all_volume_uuid, test_account_session)
vol_ops.delete_volume(rw_volume_uuid, test_account_session)
acc_ops.delete_account(test_account_uuid)
vm_ops.delete_instance_offering(instance_offering_uuid)
test_util.test_pass('Create VM Test Success')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.image.**"]}, {"effect": "Allow", "actions": ["org.zstack.header.storage.backup.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0]
image_option = test_util.ImageOption()
image_option.set_name('fake_image')
image_option.set_description('fake image')
image_option.set_format('raw')
image_option.set_mediaType('RootVolumeTemplate')
image_option.set_backup_storage_uuid_list([bs.uuid])
image_option.url = "http://fake/fake.raw"
image_option.set_session_uuid(project_login_uuid)
image_uuid = img_ops.add_image(image_option).uuid
img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid)
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
img_ops.export_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.delete_exported_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('name', '=', "fake_image")
image = res_ops.query_resource(res_ops.IMAGE, cond, session_uuid=project_login_uuid)
if image == None:
test_util.test_fail('fail to query image just added')
img_ops.delete_image(image_uuid, session_uuid=project_login_uuid)
img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.sns.**"]}, {"effect": "Allow", "actions": ["org.zstack.zwatch.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# create platform
smtp_server = os.environ.get('smtpServer')
smtp_port = os.environ.get('smtpPort')
email_platform_name = 'Alarm_email'
email_username = os.environ.get('mailUsername')
email_password = os.environ.get('mailPassword')
email_platform = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_login_uuid)
email_platform_uuid = email_platform.uuid
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_EMAIL_PLATFORM,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email platform failed')
try:
zwt_ops.validate_sns_email_platform(email_platform_uuid)
except:
test_util.test_fail('Validate SNS Email Platform Failed, Email Plarform: %s' % email_platform_uuid)
# create endpoint
email_receiver = os.environ.get('mailUsername')
email_endpoint_name = os.environ.get('mailPassword')
email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, email_endpoint_name, email_platform_uuid, session_uuid=project_login_uuid).uuid
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_EMAIL_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email endpoint failed')
http_endpoint_name='http'
url = 'http://localhost:8080/webhook-url'
http_username='******'
http_password='******'
http_endpoint=zwt_ops.create_sns_http_endpoint(url,http_endpoint_name,http_username,http_password, session_uuid=project_login_uuid)
http_endpoint_uuid=http_endpoint.uuid
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_HTTP_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns http endpoint failed')
# create sns topic and query system-in topic
sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01', session_uuid=project_login_uuid).uuid
zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create and subscribe snstopic failed')
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [system_alarm_topic_uuid])
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
zwt_ops.subscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe system-alarm topic failed')
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond)[0]
api_topic_uuid=api_topic.uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [api_topic_uuid])
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
api_topic_uuid=api_topic.uuid
zwt_ops.subscribe_sns_topic(api_topic_uuid,http_endpoint_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond = res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe api topic failed')
# subscribe event
namespace = 'ZStack/VM'
actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
labels = [{"key": "NewState", "op": "Equal", "value": "Disconnected"}]
event_name = 'VMStateChangedOnHost'
event_sub_uuid = zwt_ops.subscribe_event(namespace, event_name, actions, labels, session_uuid=project_login_uuid).uuid
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if not event_subscription:
test_util.test_fail('Subscribe event failed')
#update endpoint
new_name='endpointNewName'
new_description='endpoint new description'
zwt_ops.update_sns_application_endpoint(email_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update email endpoint failed')
zwt_ops.update_sns_application_endpoint(http_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update http endpoint failed')
new_name_platform='platformNewName'
new_description_platform='platformNewName'
zwt_ops.update_sns_application_platform(email_platform_uuid,new_name_platform,new_description_platform, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name_platform or inv.description!=new_description_platform:
test_util.test_fail('test update email platform failed')
#change state
state_event = 'disable'
state_result = 'Disabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.change_sns_application_endpoint_state(email_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email endpoint state failed')
zwt_ops.change_sns_application_endpoint_state(http_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change http endpoint state failed')
zwt_ops.change_sns_application_platform_state(email_platform_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email platform state failed')
# test recover and delete
state_event='enable'
state_result='Enabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.unsubscribe_event(event_sub_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if event_subscription:
test_util.test_fail('unsubscribe event failed')
zwt_ops.unsubscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',sns_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe sns topic failed')
zwt_ops.unsubscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',system_alarm_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe system alarm topic failed')
zwt_ops.unsubscribe_sns_topic(api_topic_uuid, http_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe api topic failed')
zwt_ops.delete_sns_topic(sns_topic_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',sns_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete sns topic failed')
zwt_ops.delete_sns_application_endpoint(http_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete http endpoint failed')
zwt_ops.delete_sns_application_endpoint(email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email endpoint failed')
zwt_ops.delete_sns_application_platform(email_platform_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email platform failed')
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
import uuid
test_util.test_dsc('Create an normal account and login with it')
account_name1 = uuid.uuid1().get_hex()
account_pass1 = hashlib.sha512(account_name1).hexdigest()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_session = acc_ops.login_by_account(account_name1,
account_pass1)
test_util.test_dsc(
'Create an normal user-1 under the new account and login with it')
user_name1 = uuid.uuid1().get_hex()
user_pass1 = hashlib.sha512(user_name1).hexdigest()
test_user1 = test_user.ZstackTestUser()
test_user1.create(user_name1,
user_pass1,
session_uuid=test_account_session)
test_obj_dict.add_user(test_user1)
login_output = login_cli_by_user(account_name1, user_name1, user_name1)
if login_output.find('%s/%s >>>' % (account_name1, user_name1)) < 0:
test_util.test_fail(
'zstack-cli is not display correct name for logined user: %s' %
(login_output))
test_util.test_dsc(
'Create an normal user-2 under the new account and login with it')
user_name2 = uuid.uuid1().get_hex()
user_pass2 = hashlib.sha512(user_name2).hexdigest()
test_user2 = test_user.ZstackTestUser()
test_user2.create(user_name2,
user_pass2,
session_uuid=test_account_session)
test_obj_dict.add_user(test_user2)
login_output = login_cli_by_user(account_name1, user_name2, user_name2)
if login_output.find('%s/%s >>>' % (account_name1, user_name2)) < 0:
test_util.test_fail(
'zstack-cli is not display correct name for logined user: %s' %
(login_output))
test_util.test_dsc('Delete user-2 and check the login status')
test_user2.delete()
test_obj_dict.rm_user(test_user2)
query_output = test_query()
if query_output.find('- >>>') < 0:
test_util.test_fail(
'zstack-cli is not display correct after delete user: %s' %
(query_output))
test_util.test_dsc(
'login user-1, logout user-1 and check the login status')
login_output = login_cli_by_user(account_name1, user_name1, user_name1)
if login_output.find('%s/%s >>>' % (account_name1, user_name1)) < 0:
test_util.test_fail(
'zstack-cli is not display correct name for logined user: %s' %
(login_output))
logout_output = logout_cli()
if logout_output.find('- >>>') < 0:
test_util.test_fail(
'zstack-cli is not display correct after logout: %s' %
(login_output))
test_user1.delete()
test_account1.delete()
test_obj_dict.rm_user(test_user1)
test_obj_dict.rm_account(test_account1)
def test():
global vm, session_uuid
global test_account_uuid, test_account_session
test_util.test_dsc('Test normal account change the qos network and volume ')
#create normal account
test_util.test_dsc('create normal account')
account_name = 'test_a'
account_pass = hashlib.sha512(account_name).hexdigest()
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
#create L3 flat network
test_util.test_dsc('create L2_vlan network names is L2_vlan')
zone_uuid = res_ops.query_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.query_resource(res_ops.CLUSTER)[0].uuid
l2_inv = sce_ops.create_l2_vlan(zstack_management_ip, 'L2_vlan_2215', 'eth0', '2215', zone_uuid)
l2_uuid = l2_inv.inventory.uuid
test_util.test_dsc('attach L2 netowrk to cluster')
sce_ops.attach_l2(zstack_management_ip, l2_uuid, cluster_uuid)
#share admin resoure to normal account
test_util.test_dsc('share admin resoure to normal account')
cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2215')
flat_l2_uuid = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid
acc_ops.share_resources([test_account_uuid], [flat_l2_uuid])
test_util.test_dsc('create L3_flat_network names is L3_flat_network by normal account')
l3_inv = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network', 'L3BasicNetwork', l2_uuid, 'local.com', session_uuid = test_account_session)
l3_uuid = l3_inv.inventory.uuid
l3_dns = '223.5.5.5'
start_ip = '192.168.129.2'
end_ip = '192.168.129.10'
gateway = '192.168.129.1'
netmask = '255.255.255.0'
test_util.test_dsc('add DNS and IP_Range for L3_flat_network')
sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid, l3_dns, session_uuid = test_account_session)
sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid, start_ip, end_ip, gateway, netmask, session_uuid = test_account_session)
test_util.test_dsc('query flat provider and attach network service to L3_flat_network')
provider_name = 'Flat Network Service Provider'
conditions = res_ops.gen_query_conditions('name', '=', provider_name)
net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = test_account_session).inventories[0]
pro_uuid = net_provider_list.uuid
sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid, pro_uuid, session_uuid = test_account_session)
instance_offerings = res_ops.get_resource(res_ops.INSTANCE_OFFERING)
for instance_offering in instance_offerings:
acc_ops.share_resources([test_account_uuid], [instance_offering.uuid])
#acc_ops.share_resources([test_account_uuid], [instance_offering_uuid])
cond = res_ops.gen_query_conditions('mediaType', '!=', 'ISO')
images = res_ops.query_resource(res_ops.IMAGE, cond)
for image in images:
acc_ops.share_resources([test_account_uuid], [image.uuid])
#create vm
test_util.test_dsc('create vm by normal account test_a')
vm = test_stub.create_vm(session_uuid = test_account_session)
vm.check()
vm.destroy(test_account_session)
net_ops.delete_l2(l2_uuid)
vm.check()
acc_ops.delete_account(test_account_uuid)
test_util.test_pass('normal account create eip by admin shared vip Test Success')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}, {"effect": "Allow", "actions": ["org.zstack.scheduler.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
# scheduler ops:
start_date = int(time.time())
schd_job1 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_login_uuid)
schd_trigger1 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+5, None, 15, 'simple', session_uuid=project_login_uuid)
schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'disable', session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'enable', session_uuid=project_login_uuid)
schd_ops.remove_scheduler_job_from_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_job(schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_trigger(schd_trigger1.uuid, session_uuid=project_login_uuid)
schd_ops.get_current_time()
vm_ops.destroy_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
try:
l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan")
except:
pass
try:
l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan")
except:
pass
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.network.l2.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vxlan_pool = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL)
if vxlan_pool == None or len(vxlan_pool) == 0:
test_util.test_skip('Vxlan is required for testing')
vxlan_pool_uuid = vxlan_pool[0].uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [vxlan_pool_uuid])
vxlan_pool_uuid = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL, session_uuid=project_login_uuid)[0].uuid
vxlan_l2_uuid = vxlan_ops.create_l2_vxlan_network('vxlan_for_pm', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid
net_ops.delete_l2(vxlan_l2_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
