def test_get_resource_pool_ids_unknown_user(self): self.store.add_pool(factory.make_ResourcePool()) self.assertNotIn('user', self.store.allowed) self.assertEqual([], list( self.rbac.get_resource_pool_ids('user', 'view')['view']))
def test_remove_user_would_lose_machine_access(self): user = factory.make_User() group = factory.make_UserGroup(users=[user]) pool = factory.make_ResourcePool() factory.make_Role(pools=[pool], groups=[group]) factory.make_Node(owner=user, pool=pool) self.assertRaises(ValidationError, group.remove, user)
def test_remove_user_with_direct_access_to_machine(self): user = factory.make_User() group = factory.make_UserGroup(users=[user]) pool = factory.make_ResourcePool(users=[user]) factory.make_Role(pools=[pool], groups=[group]) group.remove(user) self.assertTrue(ResourcePool.objects.user_can_access_pool(user, pool))
def test__admin_edit_returns_resource_pool(self): admin = factory.make_admin() pool = factory.make_ResourcePool() self.assertEqual( pool, ResourcePool.objects.get_resource_pool_or_404( pool.id, admin, ResourcePoolPermission.edit))
def test_renames_pool(self): pool = factory.make_ResourcePool() new_name = factory.make_name('pool') form = ResourcePoolForm(data={'name': new_name}, instance=pool) form.save() pool = reload_object(pool) self.assertEqual(pool.name, new_name)
def test_has_perm_rbac_read_permission_on_pool(self): rbac = self.useFixture(RBACEnabled()) user = factory.make_User() rbac.store.allow( user.username, factory.make_ResourcePool(), 'view') form = DeviceForm() self.assertFalse(form.has_perm(user))
def test__user_view_returns_resource_pool(self): user = factory.make_User() pool = factory.make_ResourcePool() self.assertEqual( pool, ResourcePool.objects.get_resource_pool_or_404( pool.id, user, ResourcePoolPermission.view))
def test_DELETE_is_idempotent(self): self.become_admin() pool = factory.make_ResourcePool() response = self.client.delete( reverse('resourcepool_handler', args=[pool.id])) self.assertEqual(response.status_code, http.client.NO_CONTENT) self.assertIsNone(reload_object(pool))
def test_DELETE_removes_pool_by_name(self): self.become_admin() pool = factory.make_ResourcePool() response = self.client.delete( reverse('resourcepool_handler', args=[pool.name]), {}) self.assertEqual(response.status_code, http.client.NO_CONTENT) self.assertIsNone(reload_object(pool))
def make_resource_pools(self): rpools = [factory.make_ResourcePool() for _ in range(3)] return rpools, sorted([ Resource(identifier=rpool.id, name=rpool.name) for rpool in ResourcePool.objects.all() ], key=attrgetter('identifier'))
def test_compose_composes_with_pool(self): self.patch(pods, "post_commit_do") pod = make_pod_with_hints() # Mock the RPC client. client = MagicMock() mock_getClient = self.patch(pods, "getClientFromIdentifiers") mock_getClient.return_value = succeed(client) # Mock the result of the composed machine. composed_machine, pod_hints = make_compose_machine_result(pod) mock_compose_machine = self.patch(pods, "compose_machine") mock_compose_machine.return_value = succeed( (composed_machine, pod_hints)) # Mock start_commissioning so it doesn't use post commit hooks. self.patch(Machine, "start_commissioning") pool = factory.make_ResourcePool() response = self.client.post(get_pod_uri(pod), { "op": "compose", "pool": pool.id }) self.assertEqual(http.client.OK, response.status_code, response.content) parsed_machine = json_load_bytes(response.content) self.assertItemsEqual(parsed_machine.keys(), ["resource_uri", "system_id"]) machine = Machine.objects.get(system_id=parsed_machine["system_id"]) self.assertEqual(machine.pool, pool)
def test_GET_nodes_hides_invisible_nodes(self): user2 = factory.make_User() node1 = factory.make_Node() node2 = factory.make_Node(status=NODE_STATUS.ALLOCATED, owner=user2) node3 = factory.make_Node(pool=factory.make_ResourcePool()) tag = factory.make_Tag() node1.tags.add(tag) node2.tags.add(tag) node3.tags.add(tag) response = self.client.get(self.get_tag_uri(tag), {'op': 'nodes'}) self.assertEqual(http.client.OK, response.status_code) parsed_result = json.loads( response.content.decode(settings.DEFAULT_CHARSET)) self.assertEqual([node1.system_id], [r['system_id'] for r in parsed_result]) # The other user can also see his node client2 = MAASSensibleOAuthClient(user2) response = client2.get(self.get_tag_uri(tag), {'op': 'nodes'}) self.assertEqual(http.client.OK, response.status_code) parsed_result = json.loads( response.content.decode(settings.DEFAULT_CHARSET)) self.assertItemsEqual([node1.system_id, node2.system_id], [r['system_id'] for r in parsed_result])
def test_PUT_updates(self): self.become_admin() pod = factory.make_Pod(pod_type='virsh') new_name = factory.make_name('pod') new_tags = [factory.make_name('tag'), factory.make_name('tag')] new_pool = factory.make_ResourcePool() new_zone = factory.make_Zone() new_power_parameters = { 'power_address': 'qemu+ssh://1.2.3.4/system', 'power_pass': factory.make_name('pass'), } discovered_pod, _, _ = self.fake_pod_discovery() response = self.client.put(get_pod_uri(pod), { 'name': new_name, 'tags': ','.join(new_tags), 'power_address': new_power_parameters['power_address'], 'power_pass': new_power_parameters['power_pass'], 'zone': new_zone.name, 'pool': new_pool.name, }) self.assertEqual( http.client.OK, response.status_code, response.content) pod.refresh_from_db() self.assertEqual(new_name, pod.name) self.assertEqual(new_pool, pod.pool) self.assertItemsEqual(new_tags, pod.tags) self.assertEqual(new_power_parameters, pod.power_parameters) self.assertEqual(new_zone, pod.zone)
def test_user_can_access_pool(self): user = factory.make_User() pool = factory.make_ResourcePool() manager = ResourcePool.objects self.assertFalse(manager.user_can_access_pool(user, pool)) pool.grant_user(user) self.assertTrue(manager.user_can_access_pool(user, pool))
def test_update(self): pool = factory.make_ResourcePool() new_name = factory.make_name('pool') handler = ResourcePoolHandler(factory.make_admin(), {}, None) handler.update({"id": pool.id, "name": new_name}) pool = reload_object(pool) self.assertEqual(new_name, pool.name)
def test_list(self): user = factory.make_User() handler = ResourcePoolHandler(user, {}, None) pool = factory.make_ResourcePool() returned_pool_names = [ data['name'] for data in handler.list({})] self.assertEqual(['default', pool.name], returned_pool_names)
def make_pod( self, cpu=0, mem=0, cpu_over_commit=1, mem_over_commit=1, pod_type="virsh", ): # Make one pod zone = factory.make_Zone() pool = factory.make_ResourcePool() ip = factory.make_ipv4_address() power_parameters = { "power_address": "qemu+ssh://%s/system" % ip, "power_pass": "******", } return factory.make_Pod( pod_type=pod_type, zone=zone, pool=pool, cores=cpu, memory=mem, cpu_over_commit_ratio=cpu_over_commit, memory_over_commit_ratio=mem_over_commit, parameters=power_parameters, )
def test_get_machine_count(self): user = factory.make_User() handler = ResourcePoolHandler(user, {}, None) pool = factory.make_ResourcePool() factory.make_Machine(pool=pool) result = handler.get({"id": pool.id}) self.assertEqual(1, result['machine_total_count'])
def test_updates_pool(self): pool = factory.make_ResourcePool() new_description = factory.make_string() form = ResourcePoolForm(data={"description": new_description}, instance=pool) form.save() pool = reload_object(pool) self.assertEqual(pool.description, new_description)
def test__sets_up_pool_default(self): request = MagicMock() pod = make_pod_with_hints() pool = factory.make_ResourcePool() pod.pool = pool pod.save() form = ComposeMachineForm(request=request, pod=pod) self.assertEqual(pool, form.initial['pool'])
def test_DELETE_forbidden(self): self.become_admin() pool = factory.make_ResourcePool() self.store.add_pool(pool) self.store.allow(self.user.username, pool, 'view') response = self.client.delete( reverse('resourcepool_handler', args=[pool.name]), {}) self.assertEqual(response.status_code, http.client.FORBIDDEN)
def test_revoke_group_with_machine_other_group_access(self): user = factory.make_User() group1 = factory.make_UserGroup(users=[user]) group2 = factory.make_UserGroup(users=[user]) pool = factory.make_ResourcePool(groups=[group1, group2]) factory.make_Node(owner=user, pool=pool) pool.revoke_group(group1) self.assertIn(pool, ResourcePool.objects.get_user_resource_pools(user))
def test_get_rbac_fails(self): self.enable_rbac() user = factory.make_User() handler = ResourcePoolHandler(user, {}, None) pool = factory.make_ResourcePool() self.rbac_store.add_pool(pool) self.assertRaises( HandlerDoesNotExistError, handler.get, {"id": pool.id})
def test_user_cannot_view_node_other_pool(self): self.enable_rbac() user = factory.make_User() node = factory.make_Node() pool = factory.make_ResourcePool() self.rbac_store.add_pool(pool) self.rbac_store.allow(user.username, pool, 'view') backend = MAASAuthorizationBackend() self.assertFalse(backend.has_perm(user, NodePermission.view, node))
def test_edit_requires_admin(self): backend = MAASAuthorizationBackend() pool = factory.make_ResourcePool() user = factory.make_User() admin = factory.make_admin() self.assertFalse( backend.has_perm(user, ResourcePoolPermission.edit, pool)) self.assertTrue( backend.has_perm(admin, ResourcePoolPermission.edit, pool))
def test_view_always_viewable(self): backend = MAASAuthorizationBackend() pool = factory.make_ResourcePool() user = factory.make_User() admin = factory.make_admin() self.assertTrue( backend.has_perm(user, ResourcePoolPermission.view, pool)) self.assertTrue( backend.has_perm(admin, ResourcePoolPermission.view, pool))
def test_user_sees_all_nodes_in_own_pools(self): user = factory.make_User() own_node = make_allocated_node(owner=user) other_owned_node = make_allocated_node() unowned_node = factory.make_Node() factory.make_Node(pool=factory.make_ResourcePool()) self.assertItemsEqual([own_node, unowned_node, other_owned_node], Node.objects.get_nodes(own_node.owner, NODE_PERMISSION.VIEW))
def test_creates_pod_with_pool(self): self.fake_pod_discovery() pod_info = self.make_pod_info() pool = factory.make_ResourcePool() pod_info['pool'] = pool.name form = PodForm(data=pod_info, request=self.request) self.assertTrue(form.is_valid(), form._errors) pod = form.save() self.assertEqual(pool.id, pod.pool.id)
def test_DELETE_removes_pool(self): self.become_admin() pool = factory.make_ResourcePool() self.store.add_pool(pool) self.store.allow(self.user.username, pool, 'edit') response = self.client.delete( reverse('resourcepool_handler', args=[pool.id]), {}) self.assertEqual(response.status_code, http.client.NO_CONTENT) self.assertIsNone(reload_object(pool))
def test_get_machine_ready_count(self): user = factory.make_User() handler = ResourcePoolHandler(user, {}, None) pool = factory.make_ResourcePool() factory.make_Machine(pool=pool, status=NODE_STATUS.NEW) factory.make_Machine(pool=pool, status=NODE_STATUS.READY) result = handler.get({"id": pool.id}) self.assertEqual(2, result['machine_total_count']) self.assertEqual(1, result['machine_ready_count'])