def setUp(self): super(ServerMetadataPolicyTest, self).setUp() self.controller = server_metadata.ServerMetadataController() self.req = fakes.HTTPRequest.blank('') self.mock_get = self.useFixture( fixtures.MockPatch('nova.api.openstack.common.get_instance')).mock self.instance = fake_instance.fake_instance_obj( self.project_member_context, id=1, uuid=uuids.fake_id, project_id=self.project_id) self.mock_get.return_value = self.instance # With legacy rule and no scope checks, all admin, project members # project reader or other project role(because legacy rule allow server # owner- having same project id and no role check) is able to create, # update, and delete the server metadata. self.project_member_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context, self.project_member_context, self.project_reader_context, self.project_foo_context ] # and they can get their own server metadata. self.project_reader_authorized_contexts = ( self.project_member_authorized_contexts)
def setUp(self): super(ServerMetadataPolicyTest, self).setUp() self.controller = server_metadata.ServerMetadataController() self.req = fakes.HTTPRequest.blank('') self.mock_get = self.useFixture( fixtures.MockPatch('nova.api.openstack.common.get_instance')).mock self.instance = fake_instance.fake_instance_obj( self.project_member_context, id=1, uuid=uuids.fake_id, project_id=self.project_id) self.mock_get.return_value = self.instance # Check that admin or and server owner is able to CRUD # the server metadata. self.admin_or_owner_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context, self.project_member_context, self.project_reader_context, self.project_foo_context ] # Check that non-admin/owner is not able to CRUD # the server metadata self.admin_or_owner_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.other_project_member_context, self.other_project_reader_context ] # Check that admin or and server owner is able to get # the server metadata. self.reader_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.system_member_context, self.system_reader_context, self.project_admin_context, self.project_member_context, self.project_reader_context, self.project_foo_context ] # Check that non-admin/owner is not able to get # the server metadata. self.reader_unauthorized_contexts = [ self.system_foo_context, self.other_project_member_context, self.other_project_reader_context ]
def setUp(self): super(ServerMetaPolicyEnforcementV21, self).setUp() self.controller = server_metadata_v21.ServerMetadataController() self.req = fakes.HTTPRequest.blank('')
def _set_up_resources(self): self.controller = server_metadata_v21.ServerMetadataController() self.uuid = uuids.fake self.url = '/fake/servers/%s/metadata' % self.uuid
def _set_up_resources(self): self.controller = server_metadata_v21.ServerMetadataController() self.uuid = uuids.fake self.url = '/%s/servers/%s/metadata' % (fakes.FAKE_PROJECT_ID, self.uuid)