def test__contract_authorize_management_invalid_lessee( self, mock_authorize, mock_get): mock_get.return_value = test_offer mock_authorize.side_effect = [ policy.PolicyNotAuthorized('esi_leap:contract:contract_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()), policy.PolicyNotAuthorized('esi_leap:offer:offer_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()) ] self.assertRaises(policy.PolicyNotAuthorized, utils.contract_authorize_management, test_contract_3, lessee_ctx.to_policy_values()) mock_authorize.assert_has_calls([ mock.call('esi_leap:contract:contract_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()), mock.call('esi_leap:offer:offer_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()) ]) mock_get.assert_called_with(test_contract_3.offer_uuid)
def test__contract_authorize_management_invalid_owner( self, mock_authorize, mock_gbu): mock_gbu.return_value = test_offer mock_authorize.side_effect = [ policy.PolicyNotAuthorized('esi_leap:contract:contract_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values()), policy.PolicyNotAuthorized('esi_leap:offer:offer_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values()) ] self.assertRaises(policy.PolicyNotAuthorized, ContractsController._contract_authorize_management, test_contract_3, owner_ctx_2.to_policy_values()) mock_authorize.assert_has_calls([ mock.call('esi_leap:contract:contract_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values()), mock.call('esi_leap:offer:offer_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values()) ]) mock_gbu.assert_called_with(test_contract_3.offer_uuid)
def test_policy_authorize_exception(self, mock_authorize): mock_authorize.side_effect = oslo_policy.PolicyNotAuthorized( 'esi_leap:offer:offer_admin', lessee_ctx.to_dict(), lessee_ctx.to_dict()) self.assertRaises(exception.HTTPForbidden, utils.policy_authorize, 'test_policy:test', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()) mock_authorize.assert_called_once_with('test_policy:test', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values())
def test_policy_not_authorized_exception(self): req = wsgi_resource.Request({}) language = req.best_match_language() e = oslo_policy.PolicyNotAuthorized(None, None, None) result = common.convert_exception_to_http_exc(e, {}, language) except_res = {'message': 'None is disallowed by policy', 'type': 'PolicyNotAuthorized', 'detail': ''} self.assertEqual( except_res, jsonutils.loads(result.body)["TackerError"]) self.assertEqual(500, result.code)
def test__contract_get_authorized_contract_none(self, mock_get, mock_cam): mock_get.return_value = [test_contract_3] mock_cam.side_effect = [ policy.PolicyNotAuthorized('esi_leap:offer:contract_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()) ] self.assertRaises( exception.ContractNotFound, ContractsController._contract_get_authorized_contract, 'c', lessee_ctx.to_policy_values()) mock_get.assert_called_once_with('c') mock_cam.assert_has_calls([ mock.call(test_contract_3, lessee_ctx.to_policy_values()), ])
def test__contract_authorize_management_valid_owner( self, mock_authorize, mock_get): mock_get.return_value = test_offer mock_authorize.side_effect = [ policy.PolicyNotAuthorized('esi_leap:contract:contract_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()), None ] utils.contract_authorize_management(test_contract, owner_ctx.to_policy_values()) mock_authorize.assert_called_once_with( 'esi_leap:contract:contract_admin', owner_ctx.to_policy_values(), owner_ctx.to_policy_values()) mock_get.assert_called_with(test_contract.offer_uuid)
def test__contract_get_authorized_contract_unique(self, mock_get, mock_cam): mock_get.return_value = [test_contract, test_contract_3] mock_cam.side_effect = [ None, policy.PolicyNotAuthorized('esi_leap:offer:contract_admin', lessee_ctx.to_policy_values(), lessee_ctx.to_policy_values()) ] p = ContractsController._contract_get_authorized_contract( 'c', lessee_ctx.to_policy_values()) mock_get.assert_called_once_with('c') mock_cam.assert_has_calls([ mock.call(test_contract, lessee_ctx.to_policy_values()), mock.call(test_contract_3, lessee_ctx.to_policy_values()), ]) assert p.uuid == test_contract.uuid
def test_get_offer_authorized_uuid_available_invalid_owner( self, mock_offer_get, mock_is_uuid_like, mock_authorize): mock_is_uuid_like.return_value = True mock_offer_get.return_value = test_offer mock_authorize.side_effect = [ policy.PolicyNotAuthorized('esi_leap:offer:offer_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values()) ] self.assertRaises(exception.OfferNotFound, utils.get_offer_authorized, test_offer.uuid, owner_ctx_2.to_policy_values(), statuses.AVAILABLE) mock_is_uuid_like.assert_called_once_with(test_offer.uuid) mock_offer_get.assert_called_once_with(test_offer.uuid) mock_authorize.assert_called_once_with('esi_leap:offer:offer_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values())
def test__verify_resource_permission_invalid_owner(self, mock_gro, mock_authorize, mock_is_resource_admin): mock_authorize.side_effect = policy.PolicyNotAuthorized( 'esi_leap:offer:offer_admin', owner_ctx.to_dict(), owner_ctx.to_dict()) bad_test_offer = offer.Offer(resource_type='test_node', resource_uuid=test_node_2._uuid, project_id=owner_ctx.project_id) self.assertRaises(policy.PolicyNotAuthorized, OffersController._verify_resource_permission, owner_ctx_2.to_policy_values(), bad_test_offer.to_dict()) mock_gro.assert_called_once_with(bad_test_offer.resource_type, bad_test_offer.resource_uuid) mock_is_resource_admin.assert_called_once_with( bad_test_offer.project_id) mock_authorize.assert_called_once_with('esi_leap:offer:offer_admin', owner_ctx_2.to_policy_values(), owner_ctx_2.to_policy_values())