def test_elevated(self):
ctxt = context.DesignateContext(user='******', tenant='54321')
admin_ctxt = ctxt.elevated()
self.assertFalse(ctxt.is_admin)
self.assertTrue(admin_ctxt.is_admin)
self.assertEqual(0, len(ctxt.roles))
def test_notify_of_fault(self):
self.config(notify_api_faults=True)
rpc.init(cfg.CONF)
app = middleware.FaultWrapperMiddleware({})
class RaisingRequest(FakeRequest):
def get_response(self, request):
raise exceptions.DuplicateDomain()
request = RaisingRequest()
ctxt = context.DesignateContext()
ctxt.request_id = 'one'
request.environ['context'] = ctxt
# Process the request
app(request)
notifications = self.get_notifications()
self.assertEqual(1, len(notifications))
ctxt, message, priority = notifications.pop()
self.assertEqual('ERROR', message['priority'])
self.assertEqual('dns.api.fault', message['event_type'])
self.assertIn('timestamp', message)
self.assertIn('publisher_id', message)
def test_sudo(self, mock_policy_check):
ctxt = context.DesignateContext(user_id='12345',
project_id='old_tenant')
ctxt.sudo('new_tenant')
self.assertTrue(mock_policy_check.called)
self.assertEqual('new_tenant', ctxt.tenant)
self.assertEqual('old_tenant', ctxt.original_tenant)
def test_all_tenants(self):
ctxt = context.DesignateContext(user='******', tenant='54321')
admin_ctxt = ctxt.elevated()
admin_ctxt.all_tenants = True
self.assertFalse(ctxt.is_admin)
self.assertTrue(admin_ctxt.is_admin)
self.assertTrue(admin_ctxt.all_tenants)
def test_sudo_fail(self):
# Set the policy to deny the authz
self.policy({'use_sudo': '!'})
ctxt = context.DesignateContext(tenant='original')
ctxt.sudo('effective')
self.assertEqual('original', ctxt.tenant_id)
self.assertEqual('original', ctxt.original_tenant_id)
def test_edit_managed_records(self):
ctxt = context.DesignateContext(user_id='12345', project_id='54321')
admin_ctxt = ctxt.elevated()
admin_ctxt.edit_managed_records = True
self.assertFalse(ctxt.is_admin)
self.assertTrue(admin_ctxt.is_admin)
self.assertTrue(admin_ctxt.edit_managed_records)
def make_context(self, request, *args, **kwargs):
req_id = request.environ.get(request_id.ENV_REQUEST_ID)
kwargs.setdefault('request_id', req_id)
ctxt = context.DesignateContext(*args, **kwargs)
local.store.context = ctxt
request.environ['context'] = ctxt
return ctxt
def setUp(self):
super(NeutronNetworkAPITest, self).setUp()
self.useFixture(cfg_fixture.Config(CONF))
CONF.set_override('endpoints', ['RegionOne|http://localhost:9696'],
'network_api:neutron')
self.api = get_network_api('neutron')
self.context = context.DesignateContext(
user_id='12345',
project_id='54321',
)
def make_context(self, request, *args, **kwargs):
req_id = request.environ.get(request_id.ENV_REQUEST_ID)
kwargs.setdefault('request_id', req_id)
ctxt = context.DesignateContext(*args, **kwargs)
try:
self._extract_sudo(ctxt, request)
self._extract_all_projects(ctxt, request)
self._extract_edit_managed_records(ctxt, request)
finally:
request.environ['context'] = ctxt
return ctxt
def test_process_request_enabled_bypass(self):
self.config(maintenance_mode=True, maintenance_mode_role='admin',
group='service:api')
request = FakeRequest()
request.environ['context'] = context.DesignateContext(roles=['admin'])
app = middleware.MaintenanceMiddleware({})
# Process the request
response = app(request)
# Ensure request was not blocked
self.assertEqual('FakeResponse', response)
def test_get_client_using_token(self, mock_client):
self.context = context.DesignateContext(
user_id='12345',
project_id='54321',
auth_token='token',
)
neutron.get_client(self.context, 'http://localhost:9696')
kwargs = mock_client.call_args.kwargs
self.assertIn('token', kwargs)
self.assertIn('auth_strategy', kwargs)
self.assertNotIn('username', kwargs)
self.assertEqual('http://localhost:9696', kwargs['endpoint_url'])
self.assertEqual(kwargs['token'], self.context.auth_token)
def setUp(self):
super(SchedulerFilterTest, self).setUp()
self.context = context.DesignateContext()
self.zone = objects.Zone(name="example.com.",
type="PRIMARY",
email="*****@*****.**")
attrs = {
'get_pool.return_value':
objects.Pool(id="6c346011-e581-429b-a7a2-6cdf0aba91c3")
}
mock_storage = Mock(**attrs)
self.test_filter = self.FILTER(storage=mock_storage)
def make_context(self, request, *args, **kwargs):
req_id = request.environ.get(request_id.ENV_REQUEST_ID)
kwargs.setdefault('request_id', req_id)
ctxt = context.DesignateContext(*args, **kwargs)
headers = request.headers
params = request.params
try:
if headers.get('X-Auth-Sudo-Tenant-ID') or \
headers.get('X-Auth-Sudo-Project-ID'):
ctxt.sudo(
headers.get('X-Auth-Sudo-Tenant-ID')
or headers.get('X-Auth-Sudo-Project-ID'))
if headers.get('X-Auth-All-Projects'):
ctxt.all_tenants = \
strutils.bool_from_string(
headers.get('X-Auth-All-Projects'))
elif 'all_projects' in params:
ctxt.all_tenants = \
strutils.bool_from_string(params['all_projects'])
elif 'all_tenants' in params:
ctxt.all_tenants = \
strutils.bool_from_string(params['all_tenants'])
else:
ctxt.all_tenants = False
if 'edit_managed_records' in params:
ctxt.edit_managed_records = \
strutils.bool_from_string(params['edit_managed_records'])
elif headers.get('X-Designate-Edit-Managed-Records'):
ctxt.edit_managed_records = \
strutils.bool_from_string(
headers.get('X-Designate-Edit-Managed-Records'))
else:
ctxt.edit_managed_records = False
finally:
request.environ['context'] = ctxt
return ctxt
def test_notify_of_fault(self, mock_notifier):
self.config(notify_api_faults=True)
rpc.init(cfg.CONF)
app = middleware.FaultWrapperMiddleware({})
class RaisingRequest(FakeRequest):
def get_response(self, request):
raise exceptions.DuplicateZone()
request = RaisingRequest()
ctxt = context.DesignateContext()
ctxt.request_id = 'one'
request.environ['context'] = ctxt
# Process the request
app(request)
self.assertEqual(1, mock_notifier.call_count)
mock_notifier.call_args(
ctxt,
'dns.api.fault',
{"url": None, "status": 409, "exception": ""})
def make_context(self, request, *args, **kwargs):
req_id = request.environ.get(request_id.ENV_REQUEST_ID)
kwargs.setdefault('request_id', req_id)
ctxt = context.DesignateContext(*args, **kwargs)
headers = request.headers
params = request.params
if headers.get('X-Auth-All-Projects'):
ctxt.all_tenants = \
strutils.bool_from_string(headers.get('X-Auth-All-Projects'))
elif 'all_projects' in params:
ctxt.all_tenants = \
strutils.bool_from_string(params['all_projects'])
elif 'all_tenants' in params:
ctxt.all_tenants = \
strutils.bool_from_string(params['all_tenants'])
else:
ctxt.all_tenants = False
request.environ['context'] = ctxt
return ctxt
def test_elevated_with_show_deleted(self):
ctxt = context.DesignateContext(user_id='12345', project_id='54321')
admin_ctxt = ctxt.elevated(show_deleted=True)
self.assertTrue(admin_ctxt.show_deleted)
def test_all_tenants_policy_failure(self):
ctxt = context.DesignateContext(user='******', tenant='54321')
with testtools.ExpectedException(exceptions.Forbidden):
ctxt.all_tenants = True
def setUp(self):
super(SchedulerTest, self).setUp()
self.context = context.DesignateContext()
self.CONF = self.useFixture(cfg_fixture.Config(cfg.CONF)).conf
def test_deepcopy(self):
orig = context.DesignateContext(user='******', tenant='54321')
copy = orig.deepcopy()
self.assertEqual(orig.to_dict(), copy.to_dict())
def test_tsigkey_id_override(self):
orig = context.DesignateContext(tsigkey_id='12345', project_id='54321')
copy = orig.to_dict()
self.assertEqual('TSIG:12345 54321 - - -', copy['user_identity'])
def test_edit_managed_records_failure(self):
ctxt = context.DesignateContext(user_id='12345', project_id='54321')
with testtools.ExpectedException(exceptions.Forbidden):
ctxt.edit_managed_records = True
