def adcm_client(adcm_repo, adcm_credentials, adcm_tag, volumes, init=False): """ Run ADCM container from image {adcm_repo}:{adcm_tag}. If init=True new initialised image will be generated. If we use 'image' fixture we don't need to initialize it one more time. """ if init: with allure.step( f"Create isolated image copy from {adcm_repo}:{adcm_tag}"): new_image = get_initialized_adcm_image(adcm_repo=adcm_repo, adcm_tag=adcm_tag, pull=True) repo, tag = new_image["repo"], new_image["tag"] else: repo, tag = adcm_repo, adcm_tag with allure.step(f"Run ADCM from image {repo}:{tag}"): dw = DockerWrapper() adcm = dw.run_adcm(image=repo, tag=tag, volumes=volumes, pull=False) adcm.api.auth(**adcm_credentials) yield ADCMClient(api=adcm.api) with allure.step(f"Stop ADCM from image {repo}:{tag}"): adcm.container.kill() try: adcm.container.wait(condition="removed", timeout=30) except (ConnectionError, NotFound): # https://github.com/docker/docker-py/issues/1966 workaround pass if init: with allure.step(f"Remove ADCM image {repo}:{tag}"): dw.client.images.remove(f'{repo}:{tag}', force=True)
def _check_login_failed(url: str, username: str, password: str) -> None: """Check that login to ADCM client fails with wrong credentials""" failed_auth_error_args = ('AUTH_ERROR', 'Wrong user or password') with pytest.raises(ADCMApiError) as e: ADCMClient(url=url, user=username, password=password) assert ( e.value.args == failed_auth_error_args ), f'Expected error message is {e.value}, but {failed_auth_error_args} was expected'
def test_service_in_cluster_hierarchy(user, prepare_objects, sdk_client_fs, second_objects): """ Test that service related role can be parametrized by cluster """ cluster_via_admin, *_ = prepare_objects cluster_via_admin.service_add(name="new_service") service_role = { "id": sdk_client_fs.role(name=BusinessRoles.RemoveService.value.role_name).id } cluster_role = { "id": sdk_client_fs.role(name=BusinessRoles.AddService.value.role_name).id } common_role = sdk_client_fs.role_create("Common role", display_name="Common role", child=[service_role, cluster_role]) sdk_client_fs.policy_create(name="Common policy", role=common_role, objects=[cluster_via_admin], user=[user], group=[]) username, password = TEST_USER_CREDENTIALS user_sdk = ADCMClient(url=sdk_client_fs.url, user=username, password=password) cluster, service, *_ = as_user_objects(user_sdk, *prepare_objects) second_cluster, *_ = as_user_objects(user_sdk, *second_objects) for service in cluster.service_list(): is_allowed(cluster, BusinessRoles.RemoveService, service) for service in second_cluster.service_list(): is_denied(second_cluster, BusinessRoles.RemoveService, service)
def new_client_instance(user: str, password: str, url: str) -> Generator[ADCMClient, None, None]: """ Creates new ADCM client instance. Use it to "refresh" permissions. """ yield ADCMClient(user=user, password=password, url=url)
def new_user_client(new_user: User, sdk_client_fs: ADCMClient) -> ADCMClient: """Create client for user""" return ADCMClient(url=sdk_client_fs.url, user=new_user.username, password=PASSWORD)
def login_as_user(url: str, username: str, password: str) -> ADCMClient: """Login as given user into ADCM instance""" try: return ADCMClient(url=url, user=username, password=password) except ADCMApiError as e: raise AssertionError('Login failed') from e
def user_sdk(user, adcm_fs) -> ADCMClient: """Returns ADCMClient object from adcm_client with testing user""" username, password = TEST_USER_CREDENTIALS return ADCMClient(url=adcm_fs.url, user=username, password=password)
def _init_adcm_cli(self): if not self._adcm_cli: self._adcm_cli = ADCMClient(url=self._adcm.url, **self.adcm_api_credentials)
def superuser_sdk(superuser, adcm_fs) -> ADCMClient: # pylint: disable=unused-argument """Returns ADCMClient for superuser""" creds = SUPERUSER_CREDENTIALS return ADCMClient(url=adcm_fs.url, user=creds['username'], password=creds['password'])
def sdk_client_ss(adcm_ss: ADCM, adcm_api_credentials) -> ADCMClient: """Returns ADCMClient object from adcm_client""" return ADCMClient(url=adcm_ss.url, **adcm_api_credentials)