def testUpdate(self): test_project = util.GetTestActiveProject() test_project_ref = command_lib_util.ParseProject(test_project.projectId) updated_test_project = util.GetTestActiveProject() updated_test_project.name = 'Test Project, New and Improved' self.mock_client.projects.Get.Expect( self.messages.CloudresourcemanagerProjectsGetRequest( projectId=test_project.projectId), test_project) self.mock_client.projects.Update.Expect(updated_test_project, updated_test_project) response = projects_api.Update( test_project_ref, name=updated_test_project.name) self.assertEqual(response, updated_test_project)
def testAddIamPolicyBinding(self): test_project = test_util.GetTestActiveProject() new_role = 'roles/editor' new_user = '******' start_policy = copy.deepcopy(test_util.GetTestIamPolicy()) new_policy = copy.deepcopy(start_policy) new_policy.bindings[0].members.append(new_user) new_policy.version = iam_util.MAX_LIBRARY_IAM_SUPPORTED_VERSION resource_name = test_project.projectId self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( resource=resource_name, getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion=iam_util. MAX_LIBRARY_IAM_SUPPORTED_VERSION))), start_policy) self.mock_client.projects.SetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsSetIamPolicyRequest( resource=resource_name, setIamPolicyRequest=self.messages.SetIamPolicyRequest( policy=new_policy)), new_policy) response = self.RunProjects('add-iam-policy-binding', test_project.projectId, '--role={0}'.format(new_role), '--member={0}'.format(new_user)) self.assertEqual(response, new_policy)
def testGetIamPolicyProjectOutput(self): test_project = test_util.GetTestActiveProject() self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion=iam_util. MAX_LIBRARY_IAM_SUPPORTED_VERSION)), resource=test_project.projectId), copy.deepcopy(test_util.GetTestIamPolicy())) self.RunProjects('get-iam-policy', test_project.projectId) self.AssertOutputEquals("""\ auditConfigs: - auditLogConfigs: - logType: ADMIN_READ service: allServices bindings: - members: - serviceAccount:[email protected] role: roles/editor - members: - user:[email protected] - user:[email protected] role: roles/owner etag: PDwgVW5pcXVlIHZlcnNpb25pbmcgZXRhZyBieXRlZmllbGQgPj4= """)
def testRemoveIamPolicyBinding(self): test_project = test_util.GetTestActiveProject() start_policy = copy.deepcopy(test_util.GetTestIamPolicy()) new_policy = copy.deepcopy(start_policy) remove_user = '******' remove_role = 'roles/owner' # In the test policy the first binding is for editors, second for owners. new_policy.bindings[1].members.remove(remove_user) resource_name = test_project.projectId new_policy.version = iam_util.MAX_LIBRARY_IAM_SUPPORTED_VERSION self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( resource=resource_name, getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion= iam_util.MAX_LIBRARY_IAM_SUPPORTED_VERSION))), start_policy) self.mock_client.projects.SetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsSetIamPolicyRequest( resource=resource_name, setIamPolicyRequest=self.messages.SetIamPolicyRequest( policy=new_policy)), new_policy) response = self.RunProjects( 'remove-iam-policy-binding', test_project.projectId, '--role={0}'.format(remove_role), '--member={0}'.format(remove_user)) self.assertEqual(response, new_policy)
def testBadJsonOrYamlSetIamPolicyProject(self): temp_file = self.Touch(self.temp_path, 'bad', contents='bad') with self.assertRaises(exceptions.Error): self.RunProjects('set-iam-policy', test_util.GetTestActiveProject().projectId, temp_file)
def testRoleCompletion(self): test_project = test_util.GetTestActiveProject() iam_client = mock.Client(core_apis.GetClientClass('iam', 'v1')) iam_client.Mock() self.addCleanup(iam_client.Unmock) iam_msgs = core_apis.GetMessagesModule('iam', 'v1') returned_roles = [ iam_msgs.Role( description='Read access to all resources.', name='roles/viewer', title='Viewer', ), iam_msgs.Role( description='Read-only access to GCE networking resources.', name='roles/compute.networkViewer', title='Compute Network Viewer', ), ] iam_client.roles.QueryGrantableRoles.Expect( request=iam_msgs.QueryGrantableRolesRequest(fullResourceName=( '//cloudresourcemanager.googleapis.com/projects/{0}'.format( test_project.projectId)), pageSize=100), response=iam_msgs.QueryGrantableRolesResponse( roles=returned_roles), ) self.RunCompletion( 'projects add-iam-policy-binding {0} --role '.format( test_project.projectId), ['roles/viewer', 'roles/compute.networkViewer'])
def testBadJsonSetIamPolicyProject(self): file_path = '/some/bad/path/to/non/existend/file' with self.assertRaisesRegex( exceptions.Error, r'Failed to load YAML from \[{}\]'.format(file_path)): self.RunProjects('set-iam-policy', test_util.GetTestActiveProject().projectId, file_path)
def testDescribeValidProjectBeta(self): properties.VALUES.core.user_output_enabled.Set(False) test_project = util.GetTestActiveProject() self.mock_client.projects.Get.Expect( self.messages.CloudresourcemanagerProjectsGetRequest( projectId=test_project.projectId), test_project) response = self.RunProjectsBeta('describe', test_project.projectId) self.assertEqual(response, test_project)
def testDeleteValidProjectWithFormat(self): test_project_id = util.GetTestActiveProject().projectId self.mock_client.projects.Delete.Expect( self.messages.CloudresourcemanagerProjectsDeleteRequest( projectId=test_project_id), self.messages.Empty()) self.WriteInput('y\n') self.RunProjectsBeta('delete', '--format=default', test_project_id) self.AssertOutputContains('projectId: {0}'.format(test_project_id)) self.AssertErrContains('Your project will be deleted')
def testUndelete(self): test_project = util.GetTestActiveProject() test_project_ref = command_lib_util.ParseProject(test_project.projectId) self.mock_client.projects.Undelete.Expect( self.messages.CloudresourcemanagerProjectsUndeleteRequest( projectId=test_project.projectId), self.messages.Empty()) response = projects_api.Undelete(test_project_ref) self.assertEqual(response.projectId, test_project.projectId)
def testListOneProject(self): test_project = util.GetTestActiveProject() self.mock_client.projects.List.Expect( self.messages.CloudresourcemanagerProjectsListRequest( pageSize=500, filter='lifecycleState:ACTIVE'), self.messages.ListProjectsResponse(projects=[test_project])) results_generator = self.RunProjects('list') results = [x for x in results_generator] self.assertEqual([test_project], results)
def createProjectWithBothFolderAndOrganizationSpecifiedHelper( self, run, name): test_project = util.GetTestActiveProject() with self.AssertRaisesExceptionMatches( exceptions.ConflictingArgumentsException, 'arguments not allowed simultaneously: --folder, --organization'): run('create', test_project.projectId, '--folder', '12345', '--organization', '2048') self.AssertOutputEquals('')
def testGetHttpError(self): test_project = util.GetTestActiveProject() test_project_ref = command_lib_util.ParseProject(test_project.projectId) self.mock_client.projects.Get.Expect( self.messages.CloudresourcemanagerProjectsGetRequest( projectId=test_project.projectId), exception=self.HttpError()) with self.assertRaises(exceptions.HttpError): projects_api.Get(test_project_ref)
def testCreateValidProjectWithNameOutput(self): test_project = util.GetTestActiveProject() self._expectCreationCall(test_project) self._expectServiceEnableCall(test_project.projectId) self.RunProjects('create', test_project.projectId, '--name', test_project.name) self.AssertOutputEquals('') self.AssertErrEquals( ProjectsCreateTest._CREATE_STDERR_FMT.format('feisty-catcher-644'))
def testGet(self): test_project = util.GetTestActiveProject() test_project_ref = command_lib_util.ParseProject(test_project.projectId) self.mock_client.projects.Get.Expect( self.messages.CloudresourcemanagerProjectsGetRequest( projectId=test_project.projectId), test_project) response = projects_api.Get(test_project_ref) self.assertEqual(response, test_project)
def testUndeleteValidProject(self): test_project_id = util.GetTestActiveProject().projectId self.mock_client.projects.Undelete.Expect( self.messages.CloudresourcemanagerProjectsUndeleteRequest( projectId=test_project_id), self.messages.Empty()) self.RunProjectsBeta('undelete', test_project_id) self.AssertOutputEquals('') self.AssertErrEquals("""\ Restored project [https://cloudresourcemanager.googleapis.com/v1/projects/feisty-catcher-644]. """)
def testListFilterWithLifecycleState(self): test_project = util.GetTestActiveProject() self.mock_client.projects.List.Expect( self.messages.CloudresourcemanagerProjectsListRequest( pageSize=500, filter='lifecycleState:DELETE_REQUESTED'), self.messages.ListProjectsResponse(projects=[test_project])) results_generator = projects_api.List( filter='lifecycleState:DELETE_REQUESTED') results = [x for x in results_generator] self.assertEqual([test_project], results)
def testNotDeleteValidProject(self): test_project_id = util.GetTestActiveProject().projectId self.WriteInput('n\n') result = self.RunProjectsBeta('delete', test_project_id) self.assertEqual([], list(result)) self.AssertOutputEquals('') self.AssertErrContains('Your project will be deleted') self.AssertErrNotContains(""" You can undo this operation for a limited period by running the command below. $ gcloud projects undelete {1} {0}""".format(flags.SHUT_DOWN_PROJECTS, test_project_id))
def testDescribeValidProjectBetaOutput(self): test_project = util.GetTestActiveProject() self.mock_client.projects.Get.Expect( self.messages.CloudresourcemanagerProjectsGetRequest( projectId=test_project.projectId), test_project) self.RunProjectsBeta('describe', test_project.projectId) self.AssertOutputEquals("""\ lifecycleState: ACTIVE name: My Project 5 projectId: feisty-catcher-644 projectNumber: '925276746377' """, normalize_space=True)
def testListClientLimit(self): test_project = util.GetTestActiveProject() self.StartObjectPatch(filter_rewrite.ListRewriter, 'Rewrite', return_value=('args.filter', '')) # Expect server-side default limit of 500, as limit is applied client-side self.mock_client.projects.List.Expect( self.messages.CloudresourcemanagerProjectsListRequest( pageSize=500, filter='lifecycleState:ACTIVE'), self.messages.ListProjectsResponse(projects=[test_project])) self.RunProjects('list', '--limit=1')
def testListServerLimit(self): test_project = util.GetTestActiveProject() self.StartObjectPatch(filter_rewrite.ListRewriter, 'Rewrite', return_value=(None, '')) # Expect server-side limit to be set to 1, per the provided flag self.mock_client.projects.List.Expect( self.messages.CloudresourcemanagerProjectsListRequest( pageSize=1, filter='lifecycleState:ACTIVE'), self.messages.ListProjectsResponse(projects=[test_project])) self.RunProjects('list', '--limit=1')
def testDeleteValidProjectWithFormatDisabled(self): test_project_id = util.GetTestActiveProject().projectId self.mock_client.projects.Delete.Expect( self.messages.CloudresourcemanagerProjectsDeleteRequest( projectId=test_project_id), self.messages.Empty()) self.WriteInput('y\n') result = self.RunProjectsBeta('delete', '--format=disable', test_project_id) self.assertEqual([{ 'projectId': 'feisty-catcher-644' }], resource_projector.MakeSerializable(list(result))) self.AssertOutputEquals('') self.AssertErrContains('Your project will be deleted')
def testGetIamPolicyProject(self): properties.VALUES.core.user_output_enabled.Set(False) test_project = test_util.GetTestActiveProject() self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion=iam_util. MAX_LIBRARY_IAM_SUPPORTED_VERSION)), resource=test_project.projectId), copy.deepcopy(test_util.GetTestIamPolicy())) response = self.RunProjects('get-iam-policy', test_project.projectId) self.assertEqual(response, test_util.GetTestIamPolicy())
def testTestIamPermissions(self): requested_permissions = ['storage.buckets.create', 'storage.buckets.delete'] expected_permissions = ['storage.buckets.create'] test_project = util.GetTestActiveProject() test_project_ref = command_lib_util.ParseProject(test_project.projectId) self.mock_client.projects.TestIamPermissions.Expect( self.messages.CloudresourcemanagerProjectsTestIamPermissionsRequest( resource=test_project_ref.Name(), testIamPermissionsRequest=self.messages.TestIamPermissionsRequest( permissions=requested_permissions)), self.messages.TestIamPermissionsResponse( permissions=expected_permissions)) response = projects_api.TestIamPermissions(test_project_ref, requested_permissions) self.assertEqual(response.permissions, expected_permissions)
def testDeleteValidProject(self): test_project_id = util.GetTestActiveProject().projectId self.mock_client.projects.Delete.Expect( self.messages.CloudresourcemanagerProjectsDeleteRequest( projectId=test_project_id), self.messages.Empty()) self.WriteInput('y\n') result = self.RunProjectsBeta('delete', '--format=disable', test_project_id) self.assertEqual([{ 'projectId': 'feisty-catcher-644' }], resource_projector.MakeSerializable(list(result))) self.AssertOutputEquals('') self.AssertErrContains('Your project will be deleted') self.AssertErrContains(""" You can undo this operation for a limited period by running the command below. $ gcloud projects undelete {1} {0}""".format(flags.SHUT_DOWN_PROJECTS, test_project_id))
def testAuditConfigsPreservedSetIamPolicyProject(self): start_policy = test_util.GetTestIamPolicy() new_policy = test_util.GetTestIamPolicy(clear_fields=['auditConfigs']) json = encoding.MessageToJson(new_policy) temp_file = self.Touch(self.temp_path, 'good.json', contents=json) # set the expected version to 3 new_policy.version = iam_util.MAX_LIBRARY_IAM_SUPPORTED_VERSION test_project = test_util.GetTestActiveProject() self.mock_client.projects.SetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsSetIamPolicyRequest( resource=test_project.projectId, setIamPolicyRequest=self.messages.SetIamPolicyRequest( policy=new_policy, updateMask='bindings,etag')), start_policy) response = self.RunProjects('set-iam-policy', test_project.projectId, temp_file) self.assertEqual(response, start_policy)
def testListCommandFilter(self): test_project = test_util.GetTestActiveProject() self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion=iam_util. MAX_LIBRARY_IAM_SUPPORTED_VERSION)), resource=test_project.projectId), copy.deepcopy(test_util.GetTestIamPolicy())) command = [ 'get-iam-policy', test_project.projectId, '--flatten=bindings[].members', '--filter=bindings.role:roles/owner', '--format=table[no-heading](bindings.members:sort=1)', ] self.RunProjects(*command) self.AssertOutputEquals( 'user:[email protected]\nuser:[email protected]\n')
def testBindingWithoutConditionPolicyWithCondition_CannotPrompt(self): self.StartPatch( 'googlecloudsdk.core.console.console_io.CanPrompt', return_value=False) test_project = test_util.GetTestActiveProject() start_policy = copy.deepcopy(self.test_iam_policy_with_condition) remove_user = '******' remove_role = 'roles/non-primitive' self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( resource=test_project.projectId, getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion= iam_util.MAX_LIBRARY_IAM_SUPPORTED_VERSION))), start_policy) with self.AssertRaisesExceptionRegexp( iam_util.IamPolicyBindingIncompleteError, '.*Removing a binding without specifying a condition from a policy.*'): self.RunProjects('remove-iam-policy-binding', test_project.projectId, '--role={0}'.format(remove_role), '--member={0}'.format(remove_user))
def testPromptForCondition_CannotPrompt(self): self.StartPatch('googlecloudsdk.core.console.console_io.CanPrompt', return_value=False) test_project = test_util.GetTestActiveProject() new_role = 'roles/another-non-primitive' new_user = '******' start_policy = self.test_iam_policy_with_condition self.mock_client.projects.GetIamPolicy.Expect( self.messages.CloudresourcemanagerProjectsGetIamPolicyRequest( resource=test_project.projectId, getIamPolicyRequest=self.messages.GetIamPolicyRequest( options=self.messages.GetPolicyOptions( requestedPolicyVersion=iam_util. MAX_LIBRARY_IAM_SUPPORTED_VERSION))), start_policy) with self.AssertRaisesExceptionRegexp( iam_util.IamPolicyBindingIncompleteError, '.*Adding a binding without specifying a condition to a policy.*' ): self.RunProjects('add-iam-policy-binding', test_project.projectId, '--role={0}'.format(new_role), '--member={0}'.format(new_user))
def testDeleteFails400(self): exception = http_error.MakeDetailedHttpError( url='https://cloudresourcemanager.googleapis.com/v1/projects/p123', reason='FAILED_PRECONDITION', message='Precondition check failed.', details=[{ '@type': 'type.googleapis.com/google.rpc.PreconditionFailure', 'violations': [{ 'type': 'LIEN', 'subject': 'liens/p123-l4c552089-e37c-4db7-bfee-cfaf268f1038', 'description': ('A lien to prevent deletion was placed on the' ' project by [buck]. Remove the lien to allow' ' deletion.') }] }]) test_project_id = util.GetTestActiveProject().projectId self.mock_client.projects.Delete.Expect( self.messages.CloudresourcemanagerProjectsDeleteRequest( projectId=test_project_id), exception=exception) self.WriteInput('y\n') with self.assertRaises(api_exceptions.HttpException): self.RunProjects('delete', test_project_id) self.AssertErrContains("""\ ERROR: (gcloud.projects.delete) FAILED_PRECONDITION: Precondition check failed. - '@type': type.googleapis.com/google.rpc.PreconditionFailure violations: - description: A lien to prevent deletion was placed on the project by [buck]. Remove the lien to allow deletion. subject: liens/p123-l4c552089-e37c-4db7-bfee-cfaf268f1038 type: LIEN """, normalize_space=True)