def error_cleanup(): global project_uuid, project_admin_uuid, virtual_id_uuid if virtual_id_uuid: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid)
def error_cleanup(): global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \ company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \ virtual_id_uuid, platform_admin_uuid if company_uuid_01: iam2_ops.delete_iam2_organization(company_uuid_01) if company_uuid_02: iam2_ops.delete_iam2_organization(company_uuid_02) if department_01_uuid: iam2_ops.delete_iam2_organization(department_01_uuid) if department_02_uuid: iam2_ops.delete_iam2_organization(department_02_uuid) if virtual_id_group_uuid: iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if project_02_uuid: iam2_ops.delete_iam2_project(project_02_uuid) iam2_ops.expunge_iam2_project(project_02_uuid) if project_template_01_uuid: iam2_ops.delete_iam2_project_template(project_template_01_uuid) if project_template_02_uuid: iam2_ops.delete_iam2_project_template(project_template_02_uuid) if virtual_id_uuid: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if platform_admin_uuid: iam2_ops.delete_iam2_virtual_id(platform_admin_uuid) if role_uuid: iam2_ops.delete_role(role_uuid) iam2_ops.clean_iam2_enviroment()
def error_cleanup(): global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \ company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \ virtual_id_uuid if company_uuid_01: iam2_ops.delete_iam2_organization(company_uuid_01) if company_uuid_02: iam2_ops.delete_iam2_organization(company_uuid_02) if department_01_uuid: iam2_ops.delete_iam2_organization(department_01_uuid) if department_02_uuid: iam2_ops.delete_iam2_organization(department_02_uuid) if virtual_id_group_uuid: iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if project_02_uuid: iam2_ops.delete_iam2_project(project_02_uuid) iam2_ops.expunge_iam2_project(project_02_uuid) if project_template_01_uuid: iam2_ops.delete_iam2_project_template(project_template_01_uuid) if project_template_02_uuid: iam2_ops.delete_iam2_project_template(project_template_02_uuid) if virtual_id_uuid: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if role_uuid: iam2_ops.delete_role(role_uuid) iam2_ops.clean_iam2_enviroment()
def error_cleanup(): global project_uuid, project_operator_uuid, vxlan_pool_uuid, vni_range_uuid, l2_vxlan_network_uuid, account1_uuid, account2_uuid if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if vni_range_uuid: vxlan_ops.delete_vni_range(vni_range_uuid) vpc_ops.remove_all_vpc_vrouter() test_lib.lib_error_cleanup(test_obj_dict) if vxlan_pool_uuid: net_ops.delete_l2(vxlan_pool_uuid) if l2_vxlan_network_uuid: net_ops.delete_l2(l2_vxlan_network_uuid) if account1_uuid: acc_ops.delete_account(account1_uuid) if account2_uuid: acc_ops.delete_account(account2_uuid) if platform_admin_uuid: iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def error_cleanup(): global project_uuid,project_operator_uuid, vxlan_pool_uuid,vni_range_uuid,l2_vxlan_network_uuid,account1_uuid,account2_uuid if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if vni_range_uuid: vxlan_ops.delete_vni_range(vni_range_uuid) vpc_ops.remove_all_vpc_vrouter() test_lib.lib_error_cleanup(test_obj_dict) if vxlan_pool_uuid: net_ops.delete_l2(vxlan_pool_uuid) if l2_vxlan_network_uuid: net_ops.delete_l2(l2_vxlan_network_uuid) if account1_uuid: acc_ops.delete_account(account1_uuid) if account2_uuid: acc_ops.delete_account(account2_uuid) if platform_admin_uuid: iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def test(): global vm, volume iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) # 3 create volume vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) volume = test_stub.create_volume(session_uuid=project_admin_session_uuid) volume.attach(vm) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid) vol_inv = res_ops.query_resource(res_ops.VOLUME, cond) if not vol_inv: test_util.test_fail( "can't query volume after delete the project ,test fail") # 5 expunge project iam2_ops.expunge_iam2_project(project_uuid) # query volume cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid) vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)[0] if vol_inv.status != 'Deleted': test_util.test_fail( 'The volume created in project is still not deleted after the project is expunge ,now status is %s' % vol_inv.status) volume.expunge() vm.clean() iam2_ops.clean_iam2_enviroment() test_util.test_pass('success')
def error_cleanup(): test_lib.lib_error_cleanup(test_obj_dict) if affinity_group_inv: ag_ops.delete_affinity_group(affinity_group_inv[0].uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global image iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) # 3 add image bs_cond = res_ops.gen_query_conditions("status", '=', "Connected") bss = res_ops.query_resource(res_ops.BACKUP_STORAGE, bs_cond) image_option = test_util.ImageOption() image_option.set_format('iso') image_option.set_name('test_add_iso_image') image_option.set_url(os.environ.get('imageServer') + "/iso/CentOS-x86_64-7.2-Minimal.iso") image_option.set_backup_storage_uuid_list([bss[0].uuid]) image_option.set_timeout(60000) image_option.set_session_uuid(project_admin_session_uuid) image = img_ops.add_image(image_option) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) cond =res_ops.gen_query_conditions('uuid','=',image.uuid) img_inv=res_ops.query_resource(res_ops.IMAGE,cond) if not img_inv: test_util.test_fail("can't query image %s after delete the project,test fail"%image.uuid) # 5 expunge project iam2_ops.expunge_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid','=',image.uuid) img_inv = res_ops.query_resource(res_ops.IMAGE,cond)[0] if img_inv.status != 'Deleted': test_util.test_fail('The image created in project is not deleted after project is expunge, test fail') img_ops.expunge_image(image.uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass('success')
def error_cleanup(): global project_uuid, project_operator_uuid, virtual_id_uuid if virtual_id_uuid: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) iam2_ops.clean_iam2_enviroment()
def test(): global vm, volume iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name, project_admin_session_uuid).uuid res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) # 3 create volume vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) volume = test_stub.create_volume(session_uuid=project_admin_session_uuid) volume.attach(vm) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid) vol_inv = res_ops.query_resource(res_ops.VOLUME, cond) if not vol_inv: test_util.test_fail("can't query volume after delete the project ,test fail") # 5 expunge project iam2_ops.expunge_iam2_project(project_uuid) # query volume cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid) vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)[0] if vol_inv.status != 'Deleted': test_util.test_fail( 'The volume created in project is still not deleted after the project is expunge ,now status is %s' % vol_inv.status) volume.expunge() vm.clean() iam2_ops.clean_iam2_enviroment() test_util.test_pass('success')
def error_cleanup(): if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if l2_vxlan_network_uuid: net_ops.delete_l2(l2_vxlan_network_uuid) if vni_range_uuid: vxlan_ops.delete_vni_range(vni_range_uuid) if vxlan_pool_uuid: net_ops.delete_l2(vxlan_pool_uuid) if l3_vpc_network_uuid: net_ops.delete_l3(l3_vpc_network_uuid)
def error_cleanup(): if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if l2_vxlan_network_uuid: net_ops.delete_l2(l2_vxlan_network_uuid) if vni_range_uuid: vxlan_ops.delete_vni_range(vni_range_uuid) if vxlan_pool_uuid: net_ops.delete_l2(vxlan_pool_uuid) if l3_vr_network_uuid: net_ops.delete_l3(l3_vr_network_uuid)
def error_cleanup(): global project_uuid,project_operator_uuid, test_account_uuid, l2_uuid, l2_uuid1 if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_lib.lib_error_cleanup(test_obj_dict) if l2_uuid: net_ops.delete_l2(l2_uuid) if l2_uuid1: net_ops.delete_l2(l2_uuid1) if test_account_uuid: acc_ops.delete_account(test_account_uuid)
def test(): global cert iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_admin_session_uuid) acc_ops.logout(project_admin_session_uuid) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 5 check for cascade delete test_stub.check_resource_not_exist(cert.uuid, res_ops.CERTIFICATE) iam2_ops.clean_iam2_enviroment() test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test(): global cert iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_admin_session_uuid) acc_ops.logout(project_admin_session_uuid) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 5 check for cascade delete test_stub.check_resource_not_exist(cert.uuid,res_ops.CERTIFICATE) iam2_ops.clean_iam2_enviroment() test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test(): global affinity_group_inv,project_uuid,project_operator_uuid # 1 create project project_name = 'test_project6' project_uuid = iam2_ops.create_iam2_project(project_name).uuid # 2 create project operator project_operator_name = 'username6' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid # 4 create affinity group and add vm into affinity group ag1 = ag_ops.create_affinity_group(name="ag1",policy="antiHard",session_uuid=project_login_uuid) vm1 = test_stub.create_ag_vm(affinitygroup_uuid=ag1.uuid) test_obj_dict.add_vm(vm1) # 5 delete and expunge the project and check the affinity group iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) cond = res_ops.gen_query_conditions("appliance",'=',"CUSTOMER") affinity_group_inv = res_ops.query_resource(res_ops.AFFINITY_GROUP,cond) if affinity_group_inv: test_util.test_fail( "affinity_group [%s] is still exist after expunge the project[%s]" % (affinity_group_inv[0].uuid,project_login_uuid)) # 6 delete iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \ company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \ virtual_id_uuid iam2_ops.clean_iam2_enviroment() # 1 create role and add/remove policy statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid action = "org.zstack.header.image.**" statements = [{"effect": "Allow", "actions": [action]}] iam2_ops.add_policy_statements_to_role(role_uuid, statements) statement_uuid = iam2_ops.get_policy_statement_uuid_of_role( role_uuid, action) # statement_uuid= res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0].statements[0].uuid iam2_ops.remove_policy_statements_from_role(role_uuid, [statement_uuid]) # 2 create project and add/remove attributes to/from it project_name = 'test_project' project_uuid = iam2_ops.create_iam2_project(project_name).uuid zone_inv = res_ops.query_resource(res_ops.ZONE) if len(zone_inv) >= 2: attributes = [{ "name": "__ProjectRelatedZone__", "value": zone_inv[0].uuid }] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) username = '******' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' virtual_id_uuid = iam2_ops.create_iam2_virtual_id(username, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid) session_uuid = iam2_ops.login_iam2_virtual_id(username, password) session_uuid = iam2_ops.login_iam2_project(project_name, session_uuid).uuid cond = res_ops.gen_query_conditions('zoneUuid', '=', zone_inv[1].uuid) host_inv = res_ops.query_resource(res_ops.HOST, cond, session_uuid=session_uuid) if host_inv: test_util.test_fail("test Project Related Zone fail") attribute_uuid = iam2_ops.get_attribute_uuid_of_project( project_uuid, "__ProjectRelatedZone__") iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) iam2_ops.remove_attributes_from_iam2_project(project_uuid, [attribute_uuid]) # 3 create project template from project project_template_01_uuid = iam2_ops.create_iam2_project_template_from_project( 'project_template', project_uuid, 'this is a template ' 'description').uuid project_template_inv = res_ops.get_resource(res_ops.IAM2_PROJECT_TEMPLATE, uuid=project_template_01_uuid) if not project_template_inv: test_util.test_fail("create template from project fail") # 4 create project template and then create project from template project_template_02_uuid = iam2_ops.create_iam2_project_template( 'project_template_02').uuid project_02_uuid = iam2_ops.create_iam2_project_from_template( 'project_02', project_template_02_uuid).uuid project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_02_uuid) if not project_inv: test_util.test_fail("create project from template fail") # 5 create Company and Department (organization) company_uuid_01 = iam2_ops.create_iam2_organization( 'test_company_01', 'Company').uuid company_uuid_02 = iam2_ops.create_iam2_organization( 'test_company_02', 'Company').uuid department_01_uuid = iam2_ops.create_iam2_organization( 'test_department_01', 'Department', parent_uuid=company_uuid_01).uuid department_02_uuid = iam2_ops.create_iam2_organization( 'test_department_02', 'Department').uuid # 6 organization change parent iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_02_uuid]) iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_01_uuid]) department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_01_uuid)[0] if department_inv.parentUuid != company_uuid_02: test_util.test_fail('change organization parent fail') department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_02_uuid)[0] if department_inv.parentUuid != company_uuid_02: test_util.test_fail('change organization parent fail') # 7 create virtual id group and add/remove role and attributes to/from it virtual_id_group_uuid = iam2_ops.create_iam2_virtual_id_group( project_uuid, 'test_virtual_id_group').uuid iam2_ops.add_roles_to_iam2_virtual_id_group([role_uuid], virtual_id_group_uuid) iam2_ops.remove_roles_from_iam2_virtual_idgroup([role_uuid], virtual_id_group_uuid) # TODO:there is nothing to do with the below api in the first version of iam2 # iam2_ops.add_attributes_to_iam2_virtual_id_group() # iam2_ops.remove_attributes_from_iam2_virtual_id_group() # 8 create virtual id and add/remove role or attributes to/from it password = '******' virtual_id_uuid = iam2_ops.create_iam2_virtual_id('username', password).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], virtual_id_uuid) iam2_ops.remove_roles_from_iam2_virtual_id([role_uuid], virtual_id_uuid) cond = res_ops.gen_query_conditions('virtualIDUuid', '=', virtual_id_uuid) attributes = [{"name": "__PlatformAdmin__"}] iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes) cond_01 = res_ops.gen_query_conditions('name', '=', "__PlatformAdmin__", cond) attribute_uuid = res_ops.query_resource_fields( res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_01)[0].uuid iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, [attribute_uuid]) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes) cond_02 = res_ops.gen_query_conditions('name', '=', "__ProjectAdmin__", cond) attribute_uuid = res_ops.query_resource_fields( res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_02)[0].uuid iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, [attribute_uuid]) # admin can't create Project operator # attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] # iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes) # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) # 9 add virtual id to organization and set it as OrganizationSupervisor iam2_ops.add_iam2_virtual_ids_to_organization([virtual_id_uuid], department_01_uuid) attributes = [{ "name": "__OrganizationSupervisor__", "value": virtual_id_uuid }] iam2_ops.add_attributes_to_iam2_organization(department_01_uuid, attributes) cond_03 = res_ops.gen_query_conditions('name', '=', "__OrganizationSupervisor__") cond_03 = res_ops.gen_query_conditions('value', '=', virtual_id_uuid, cond_03) attribute_uuid = res_ops.query_resource( res_ops.IAM2_ORGANIZATION_ATTRIBUTE, cond_03)[0].uuid iam2_ops.remove_attributes_from_iam2_organization(department_01_uuid, [attribute_uuid]) iam2_ops.remove_iam2_virtual_ids_from_organization([virtual_id_uuid], department_01_uuid) # 10 add virtual id to group and project iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid) iam2_ops.add_iam2_virtual_ids_to_group([virtual_id_uuid], virtual_id_group_uuid) iam2_ops.remove_iam2_virtual_ids_from_group([virtual_id_uuid], virtual_id_group_uuid) iam2_ops.remove_iam2_virtual_ids_from_project([virtual_id_uuid], project_uuid) # 11 change state disable = 'disable' enable = 'enable' Disabled = 'Disabled' iam2_ops.change_iam2_organization_state(company_uuid_01, disable) res_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_01)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 organization state fail") iam2_ops.change_iam2_organization_state(company_uuid_01, enable) iam2_ops.change_iam2_organization_state(department_01_uuid, disable) iam2_ops.change_iam2_organization_state(department_01_uuid, enable) iam2_ops.change_iam2_project_state(project_uuid, disable) res_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 project state fail") iam2_ops.change_iam2_project_state(project_uuid, enable) iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, disable) res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 virtual id state fail") iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, enable) iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, disable) res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 virtual id group state fail") iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, enable) iam2_ops.change_role_state(role_uuid, disable) res_inv = res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 role state fail") iam2_ops.change_role_state(role_uuid, enable) # 12 update virtual_id_new_name = 'virtual_id_new_name' virtual_id_new_des = 'virtual_id_new_des' virtual_id_new_password = '******' iam2_ops.update_iam2_virtual_id(virtual_id_uuid, virtual_id_new_name, virtual_id_new_des, virtual_id_new_password) virtual_id_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid)[0] if virtual_id_inv.name != virtual_id_new_name: test_util.test_fail("update iam2 virtual id name fail") try: iam2_ops.login_iam2_virtual_id('username', password) except: test_util.test_logger("the old username and password can't login") try: virtual_id_session_uuid = iam2_ops.login_iam2_virtual_id( virtual_id_new_name, virtual_id_new_password) acc_ops.logout(virtual_id_session_uuid) except: test_util.test_fail("update iam2 virtual id name or password fail.") virtual_id_group_new_name = 'virtual_id_group_new_name' virtual_id_group_new_des = 'virtual_id_group_new_des' iam2_ops.update_iam2_virtual_id_group(virtual_id_group_uuid, virtual_id_group_new_name, virtual_id_group_new_des) virtual_id_group_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid)[0] if virtual_id_group_inv.name != virtual_id_group_new_name: test_util.test_fail("update iam2 virtual id group name fail") project_new_name = 'project_new_name' project_new_dsc = 'project_new_dsc' iam2_ops.update_iam2_project(project_uuid, project_new_name, project_new_dsc) project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0] if project_inv.name != project_new_name or project_inv.description != project_new_dsc: test_util.test_fail("update project information fail") company_new_name = 'company_new_name' company_new_dsc = 'company_new_dsc' iam2_ops.update_iam2_organization(company_uuid_02, company_new_name, company_new_dsc) organization_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_02)[0] if organization_inv.name != company_new_name or organization_inv.description != company_new_dsc: test_util.test_fail("update organization name fail") # 13 delete iam2_ops.delete_iam2_organization(company_uuid_01) iam2_ops.delete_iam2_organization(company_uuid_02) iam2_ops.delete_iam2_organization(department_01_uuid) iam2_ops.delete_iam2_organization(department_02_uuid) iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.delete_iam2_project(project_02_uuid) iam2_ops.expunge_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_02_uuid) iam2_ops.delete_iam2_project_template(project_template_01_uuid) iam2_ops.delete_iam2_project_template(project_template_02_uuid) iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) iam2_ops.delete_role(role_uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass('success test iam2 login in by admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid # VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid) if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap(vm.get_vm()): vm_ops.migrate_vm(vm_uuid, candidate_hosts.inventories[0].uuid, session_uuid=project_login_uuid) vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vpc_network_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid) systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags) # 1 create project project_name = 'test_project7' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid #cond = res_ops.gen_query_conditions("name",'=',"test_project7") #linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid linked_account_uuid = project.linkedAccountUuid # 2 create project operator project_operator_name = 'username7' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid # 4 share vxlan pool to project l2vxlan_pools = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) for l2vxlan_pool in l2vxlan_pools: acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid]) # 5 create l2 vxlan l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid # 6 use l2 vxlan to create l3 vpc l3_vpc_network = create_l3_vpc('test_vpc',l2_vxlan_network_uuid,project_login_uuid) l3_vpc_network_uuid = l3_vpc_network.uuid # add ip range ir_option = test_util.IpRangeOption() ir_option.set_name('iprange2') ir_option.set_description('iprange for vpc') ir_option.set_netmask('255.255.255.0') ir_option.set_gateway('192.168.23.1') ir_option.set_l3_uuid(l3_vpc_network_uuid) ir_option.set_startIp('192.168.23.2') ir_option.set_endIp('192.168.23.254') net_ops.add_ip_range(ir_option) # add network service AttachNetworkServiceToL3Network(l3_vpc_network_uuid,allservices,session_uuid = project_login_uuid) # share the vr_offering to project and do create vpc router and vpc network cond = res_ops.gen_query_conditions("name",'=',"virtual-router-vm") vr_offering_uuid = res_ops.query_resource(res_ops.VR_OFFERING,cond)[0].uuid acc_ops.share_resources([linked_account_uuid],[vr_offering_uuid]) vpc_ops.create_vpc_vrouter(name = 'test_vpc_vr', virtualrouter_offering_uuid = vr_offering_uuid,session_uuid = project_login_uuid) vpc_vr = test_stub.query_vpc_vrouter('test_vpc_vr') vpc_vr.add_nic(l3_vpc_network_uuid) # 7 expunge the project and check the l2 vxlan iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) try: l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid except: test_util.test_pass( "l2 vxlan is delete after deleted the project " ) test_util.test_dsc('test l2 l2 cascade delete') # 8 check the vpc network and vpc_vr try: cond = res_ops.gen_query_conditions("name",'=',"test_vpc") l3_vpc_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid except: test_util.test_pass( "l3_vpc is delete after deleted the project") cond = res_ops.gen_query_conditions("name",'=',"test_vpc_vr") vpc_vr = res_ops.query_resource(res_ops.VIRTUALROUTER_VM,cond) if not vpc_vr.inv.state is 'Paused': test_util.test_fail( "vpc vr [%s] is still exist after delete and expunge the project [%s]" % (vpc_vr.uuid,project_uuid)) # 9 delete vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) net_ops.delete_l2(vxlan_pool_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global email_platform_uuid, email_endpoint_uuid, dingtalk_endpoint_uuid, http_endpoint_uuid, alarm_uuid, ps_event_sub_uuid, sns_topic_uuid, alarm_template_uuid iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 3 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 4 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid # 5 create zwatch resource smtp_server = os.environ.get('smtpServer') smtp_port = os.environ.get('smtpPort') email_platform_name = 'Alarm_email' email_username = os.environ.get('mailUsername') email_password = os.environ.get('mailPassword') email_platform_uuid = zwt_ops.create_sns_email_platform( smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_admin_session_uuid).uuid email_receiver = os.environ.get('mailUsername') email_endpoint_uuid = zwt_ops.create_sns_email_endpoint( email_receiver, 'test_email_endpoint', email_platform_uuid, session_uuid=project_admin_session_uuid).uuid url_01 = 'https://oapi.dingtalk.com/robot/send?access_token' \ '=0be899d4bd0a7629961a5ccd3035dfba30d084b57944897838f1b601006dd153' name_01 = 'dingtalkAtPerson' dingtalk_endpoint_uuid = zwt_ops.create_sns_dingtalk_endpoint( url_01, name_01, at_all=False, session_uuid=project_admin_session_uuid).uuid http_endpoint_name = 'http' url = 'http://localhost:8080/webhook-url' http_username = '******' http_password = '******' http_endpoint_uuid = zwt_ops.create_sns_http_endpoint( url, http_endpoint_name, http_username, http_password, session_uuid=project_admin_session_uuid).uuid sns_topic_uuid = zwt_ops.create_sns_topic( 'sns_topic_01', session_uuid=project_admin_session_uuid).uuid zwt_ops.subscribe_sns_topic(sns_topic_uuid, dingtalk_endpoint_uuid, session_uuid=project_admin_session_uuid) zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_admin_session_uuid) zwt_ops.subscribe_sns_topic(sns_topic_uuid, http_endpoint_uuid, session_uuid=project_admin_session_uuid) namespace = 'ZStack/Volume' actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] comparisonOperator = 'GreaterThanOrEqualTo' repeat_interval = 20 period = 10 threshold = 5 metric_name = 'TotalVolumeCount' alarm_uuid = zwt_ops.create_alarm( comparisonOperator, period, threshold, namespace, metric_name, actions=actions, repeat_interval=repeat_interval, session_uuid=project_admin_session_uuid).uuid ps_actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] ps_namespace = 'ZStack/PrimaryStorage' ps_disconnected = 'PrimaryStorageDisconnected' ps_event_sub_uuid = zwt_ops.subscribe_event(ps_namespace, ps_disconnected, ps_actions).uuid application_platform_type = 'Email' alarm_template_name = 'my-alarm-template' alarm_template = '${ALARM_NAME} Change status to ${ALARM_CURRENT_STATUS}' \ 'ALARM_UUID:${ALARM_UUID}' \ 'keyword1:ThisWordIsKeyWord' \ 'keyword2:TemplateForAlarmOn' \ '(Using for template changes email check)' alarm_template_uuid = zwt_ops.create_sns_text_template( alarm_template_name, application_platform_type, alarm_template, default_template=False).uuid acc_ops.logout(project_admin_session_uuid) # 6 delete project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 7 cascade test try: test_stub.check_resource_not_exist(email_platform_uuid, res_ops.SNS_EMAIL_PLATFORM) except: test_util.test_logger("email platform should not be delete ,success") test_stub.check_resource_not_exist(email_endpoint_uuid, res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(dingtalk_endpoint_uuid, res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(http_endpoint_uuid, res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(alarm_uuid, res_ops.ALARM) test_stub.check_resource_not_exist(ps_event_sub_uuid, res_ops.EVENT_SUBSCRIPTION) test_stub.check_resource_not_exist(sns_topic_uuid, res_ops.SNS_TOPIC) test_stub.check_resource_not_exist(alarm_template_uuid, res_ops.SNS_TEXT_TEMPLATE) zwt_ops.delete_sns_application_platform(email_platform_uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass("success test project retired")
def test(): # global test_obj_dict iam2_ops.clean_iam2_enviroment() global project_uuid,virtual_id_uuid,project_admin_uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid #create Security Group sg = test_sg_header.ZstackTestSecurityGroup() sg_creation_option = test_util.SecurityGroupOption() sg_creation_option.set_name('test_sg') sg_creation_option.session_uuid = project_admin_session_uuid sg.set_creation_option(sg_creation_option) sg.create() test_obj_dict.add_sg(sg.get_security_group().uuid) #create EIP vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) test_obj_dict.add_vm(vm) pri_l3_name = os.environ.get('l3VlanNetworkName3') pri_l3_uuid = test_lib.lib_get_l3_by_name(pri_l3_name).uuid pub_l3_name = os.environ.get('l3PublicNetworkName') pub_l3_uuid = test_lib.lib_get_l3_by_name(pub_l3_name).uuid vm_nic = vm.vm.vmNics[0] vm_nic_uuid = vm_nic.uuid vip_for_eip = test_stub.create_vip('create_eip_test', pub_l3_uuid,session_uuid=project_admin_session_uuid) test_obj_dict.add_vip(vip_for_eip) eip = test_stub.create_eip(vip_uuid=vip_for_eip.get_vip().uuid ,eip_name='create eip test', vnic_uuid=vm_nic_uuid, vm_obj=vm,session_uuid=project_admin_session_uuid) vip_for_eip.attach_eip(eip) # create LB vip_for_lb = test_stub.create_vip('create_lb_test', pub_l3_uuid,session_uuid=project_admin_session_uuid) test_obj_dict.add_vip(vip_for_lb) lb = zstack_lb_header.ZstackTestLoadBalancer() lb.create('create lb test', vip_for_lb.get_vip().uuid,session_uuid=project_admin_session_uuid) test_obj_dict.add_load_balancer(lb) vip_for_lb.attach_lb(lb) lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22) lb_creation_option.set_session_uuid(project_admin_session_uuid) lbl = lb.create_listener(lb_creation_option) # test PF vip_for_pf = test_stub.create_vip('create_pf_test', pub_l3_uuid,session_uuid=project_admin_session_uuid) test_obj_dict.add_vip(vip_for_pf) vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0] vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr) pf_creation_opt = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_for_pf.get_vip().uuid) pf_creation_opt.set_session_uuid(project_admin_session_uuid) pf = test_pf_header.ZstackTestPortForwarding() pf.set_creation_option(pf_creation_opt) pf.create() vip_for_pf.attach_pf(pf) # delete project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_stub.check_resource_not_exist(eip.get_eip().uuid,res_ops.EIP) test_stub.check_resource_not_exist(sg.get_security_group().uuid,res_ops.SECURITY_GROUP) test_stub.check_resource_not_exist(lb.get_load_balancer().uuid,res_ops.LOAD_BALANCER) test_stub.check_resource_not_exist(lbl.get_load_balancer_listener().uuid,res_ops.LOAD_BALANCER_LISTENER) test_stub.check_resource_not_exist(pf.get_port_forwarding().uuid,res_ops.PORT_FORWARDING) test_lib.lib_robot_cleanup(test_obj_dict) iam2_ops.clean_iam2_enviroment() test_util.test_pass("Test for iam2 delete project cascade net services success.")
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernamethree', 'password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id( plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid], project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id( plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project( project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{ "effect": "Allow", "actions": ["org.zstack.header.vm.**"] }] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vm_creation_option = test_util.VmOption() pub_l3_uuid = test_lib.lib_get_l3_by_name( os.environ.get('l3PublicNetworkName')).uuid l3_net_uuid = test_lib.lib_get_l3_by_name( os.environ.get('l3VlanNetworkName3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name( os.environ.get('imageName_net')).uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name( os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid=image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid vip_option = test_util.VipOption() vip_option.set_name("vip for pm") vip_option.set_session_uuid(project_login_uuid) vip_option.set_l3_uuid(pub_l3_uuid) vm_nic = vm.vm.vmNics[0] vm_nic_uuid = vm_nic.uuid vip = net_ops.create_vip(vip_option) eip_option = test_util.EipOption() eip_option.set_name('eip for pm') eip_option.set_session_uuid(project_login_uuid) eip_option.set_vip_uuid(vip.uuid) eip_option.set_vm_nic_uuid(vm_nic_uuid) eip = net_ops.create_eip(eip_option) net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid) net_ops.attach_eip(eip.uuid, vm_nic_uuid, session_uuid=project_login_uuid) net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid) net_ops.delete_eip(eip.uuid) net_ops.delete_vip(vip.uuid) vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global image iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) # 3 add image bs_cond = res_ops.gen_query_conditions("status", '=', "Connected") bss = res_ops.query_resource(res_ops.BACKUP_STORAGE, bs_cond) image_option = test_util.ImageOption() image_option.set_format('iso') image_option.set_name('test_add_iso_image') image_option.set_url( os.environ.get('imageServer') + "/iso/CentOS-x86_64-7.2-Minimal.iso") image_option.set_backup_storage_uuid_list([bss[0].uuid]) image_option.set_timeout(60000) image_option.set_session_uuid(project_admin_session_uuid) image = img_ops.add_image(image_option) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid', '=', image.uuid) img_inv = res_ops.query_resource(res_ops.IMAGE, cond) if not img_inv: test_util.test_fail( "can't query image %s after delete the project,test fail" % image.uuid) # 5 expunge project iam2_ops.expunge_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid', '=', image.uuid) img_inv = res_ops.query_resource(res_ops.IMAGE, cond)[0] if img_inv.status != 'Deleted': test_util.test_fail( 'The image created in project is not deleted after project is expunge, test fail' ) img_ops.expunge_image(image.uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass('success')
def test(): global test_obj_dict iam2_ops.clean_iam2_enviroment() # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid zone_inv = res_ops.query_resource(res_ops.ZONE) attributes = [{"name": "__ProjectRelatedZone__", "value": zone_inv[0].uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 update project quota acc_ops.update_quota(linked_account_uuid, 'volume.data.num', '1') cond = res_ops.gen_query_conditions('identityUuid', '=', linked_account_uuid) cond = res_ops.gen_query_conditions('name', '=', 'volume.data.num', cond) project_quota = res_ops.query_resource(res_ops.QUOTA, cond) if project_quota: if project_quota[0].value != 1: test_util.test_fail("update project quata fail") # 3 create virtual id and login project username = '******' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] virtual_id_uuid = iam2_ops.create_iam2_virtual_id(username, password, attributes=attributes).uuid iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid) virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password) virtual_id_session = iam2_ops.login_iam2_project(project_name, virtual_id_session).uuid volume = test_stub.create_volume(session_uuid=virtual_id_session) test_obj_dict.add_volume(volume) try: volume = test_stub.create_volume(session_uuid=virtual_id_session) test_obj_dict.add_volume(volume) test_util.test_fail("create more than one data volume in project ,test fail") except: test_util.test_dsc("success test limit create only 1 vm") acc_ops.logout(virtual_id_session) # 4 add project retired policy attributes = [{"name": "__RetirePolicy__", "value": "NoLogin after 20s"}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) time.sleep(20) # 5 login project virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password) try: iam2_ops.login_iam2_project(project_name, session_uuid=virtual_id_session) test_util.test_fail("login project success ,the retire policy is useless") except: test_util.test_logger("can't login project,retire policy is useful") # 6 change retired policy enable = 'enable' disable = 'disable' cond = res_ops.gen_query_conditions('name', '=', '__RetirePolicy__') cond = res_ops.gen_query_conditions('value', '=', 'NoLogin after 20s', cond) attribute_uuid = res_ops.query_resource(res_ops.IAM2_PROJECT_ATTRIBUTE, cond)[0].uuid iam2_ops.remove_attributes_from_iam2_project(project_uuid, [attribute_uuid]) iam2_ops.change_iam2_project_state(project_uuid, enable) attributes = [{"name": "__RetirePolicy__", "value": "DeleteProject after 20s"}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) time.sleep(20) # 7 query project project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0] if project_inv.state != 'Deleted': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_fail("the project [%s] is still available after 20s " % project_uuid) test_lib.lib_robot_cleanup(test_obj_dict) iam2_ops.clean_iam2_enviroment() test_util.test_pass("success test project retired")
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid try: l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan") except: pass try: l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan") except: pass if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.network.l2.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vxlan_pool = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL) if vxlan_pool == None or len(vxlan_pool) == 0: test_util.test_skip('Vxlan is required for testing') vxlan_pool_uuid = vxlan_pool[0].uuid acc_ops.share_resources([project_linked_account_uuid], [vxlan_pool_uuid]) vxlan_pool_uuid = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL, session_uuid=project_login_uuid)[0].uuid vxlan_l2_uuid = vxlan_ops.create_l2_vxlan_network('vxlan_for_pm', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid net_ops.delete_l2(vxlan_l2_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project if flavor['target_role'] != 'system_admin': project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid elif flavor['target_role'] == 'system_admin': username = "******" password = '******' vid_tst_obj = test_vid.ZstackTestVid() test_stub.create_system_admin(username, password, vid_tst_obj) virtual_id_uuid = vid_tst_obj.get_vid().uuid project_login_uuid = acc_ops.login_by_account(username, password) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.network.service.lb.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) # certificate cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_login_uuid) net_ops.delete_certificate(cert.uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) if flavor['target_role'] != 'system_admin': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.header.volume.**"]}, {"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) # Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid acc_ops.share_resources([project_linked_account_uuid], [disk_offering_uuid]) volume_option = test_util.VolumeOption() volume_option.set_disk_offering_uuid(disk_offering_uuid) volume_option.set_name('data_volume_project_management') volume_option.set_session_uuid(project_login_uuid) data_volume = vol_ops.create_volume_from_offering(volume_option) vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid vol_ops.attach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.detach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global vm iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) # 3 create vm vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) cond = res_ops.gen_query_conditions('uuid', '=', vm.get_vm().uuid) vm_inv = res_ops.query_resource(res_ops.VM_INSTANCE, cond)[0] if vm_inv.state == 'Running': test_util.test_fail( "the vm is still running after delete project,test fail") # 5 recover project vm.update() iam2_ops.recover_iam2_project(project_uuid) vm.start() # 6 expunge project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) vm.update() # query vm cond = res_ops.gen_query_conditions('uuid', '=', vm.get_vm().uuid) vm_inv = res_ops.query_resource(res_ops.VM_INSTANCE, cond)[0] if vm_inv.state != 'Destroyed': test_util.test_fail( 'The vminstance created by project is not Destroyed ,the state now is %s , test fail' % vm_inv.state) vm.clean() iam2_ops.clean_iam2_enviroment() test_util.test_pass('success')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project if flavor['target_role'] != 'system_admin': project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid elif flavor['target_role'] == 'system_admin': username = "******" password = '******' vid_tst_obj = test_vid.ZstackTestVid() test_stub.create_system_admin(username, password, vid_tst_obj) virtual_id_uuid = vid_tst_obj.get_vid().uuid project_login_uuid = acc_ops.login_by_account(username, password) zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid try: l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan") except: pass try: l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan") except: pass if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.network.l2.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vxlan_pool = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL) if vxlan_pool == None or len(vxlan_pool) == 0: test_util.test_skip('Vxlan is required for testing') vxlan_pool_uuid = vxlan_pool[0].uuid if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [vxlan_pool_uuid]) vxlan_pool_uuid = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL, session_uuid=project_login_uuid)[0].uuid vxlan_l2_uuid = vxlan_ops.create_l2_vxlan_network('vxlan_for_pm', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid net_ops.delete_l2(vxlan_l2_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) if flavor['target_role'] != 'system_admin': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global vm global schd_job1 global schd_job2 global schd_trigger1 global schd_trigger2 iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid # 3 create scheduler job and trigger vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) start_date = int(time.time()) schd_job1 = schd_ops.create_scheduler_job( 'simple_stop_vm_scheduler', 'simple_stop_vm_scheduler', vm.get_vm().uuid, 'stopVm', None, session_uuid=project_admin_session_uuid) schd_trigger1 = schd_ops.create_scheduler_trigger( 'simple_stop_vm_scheduler', start_date + 60, None, 120, 'simple', session_uuid=project_admin_session_uuid) schd_ops.add_scheduler_job_to_trigger( schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_admin_session_uuid) schd_job2 = schd_ops.create_scheduler_job( 'simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_admin_session_uuid) schd_trigger2 = schd_ops.create_scheduler_trigger( 'simple_start_vm_scheduler', start_date + 120, None, 120, 'simple', session_uuid=project_admin_session_uuid) schd_ops.add_scheduler_job_to_trigger( schd_trigger2.uuid, schd_job2.uuid, session_uuid=project_admin_session_uuid) acc_ops.logout(project_admin_session_uuid) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) try: schd_job1_inv = res_ops.get_resource(res_ops.SCHEDULERJOB, uuid=schd_job1.uuid)[0] except: test_util.test_fail( "delete project but not expunge,the schedulerjob [%s] is lost" % schd_job1.uuid) try: res_ops.get_resource(res_ops.SCHEDULERJOB, uuid=schd_job2.uuid)[0] except: test_util.test_fail( "delete project but not expunge,the schedulerjob [%s] is lost" % schd_job2.uuid) try: schd_trigger1_inv = res_ops.get_resource(res_ops.SCHEDULERTRIGGER, uuid=schd_trigger1.uuid)[0] except: test_util.test_fail( "delete project but not expunge,the scheduler trigger [%s] is lost" % schd_job1.uuid) try: res_ops.get_resource(res_ops.SCHEDULERTRIGGER, uuid=schd_trigger2.uuid)[0] except: test_util.test_fail( "delete project but not expunge,the scheduler trigger [%s] is lost" % schd_job1.uuid) iam2_ops.recover_iam2_project(project_uuid) try: project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, password) project_admin_session_uuid = iam2_ops.login_iam2_project( project_name, project_admin_session_uuid).uuid except: test_util.test_fail("recover the deleted project , but can't login in") iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 5 check for cascade delete test_stub.check_resource_not_exist(schd_job1.uuid, res_ops.SCHEDULERJOB) test_stub.check_resource_not_exist(schd_job2.uuid, res_ops.SCHEDULERJOB) test_stub.check_resource_not_exist(schd_trigger1.uuid, res_ops.SCHEDULERTRIGGER) test_stub.check_resource_not_exist(schd_trigger2.uuid, res_ops.SCHEDULERTRIGGER) vm.clean() iam2_ops.clean_iam2_enviroment() test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test(): global linked_account_uuid, project_uuid, project_operator_uuid, account_lists, vni_range_uuid, vxlan_pool_uuid, l2_vxlan_network_uuid, account1_uuid, account2_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool( vxlan_pool_name, zone_uuid).uuid vxlan_ops.create_vni_range('vni_range', 20, 40, vxlan_pool_uuid) systemTags = [ "l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}" % (vxlan_pool_uuid, cluster_uuid) ] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid, cluster_uuid, systemTags) # 1 create project project_name = 'test_share_project1' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid cond = res_ops.gen_query_conditions("name", '=', "test_share_project1") linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT, cond)[0].uuid # 2 create project operator project_operator_name = 'share_username1' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid # todo:use the shared resources # 4 share admin resources to project test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # use the shared resources to create vm vm = test_stub.create_vm(session_uuid=project_login_uuid) volume = test_stub.create_volume(session_uuid=project_login_uuid) test_obj_dict.add_volume(volume) test_obj_dict.add_vm(vm) l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network( 'l2_vxlan', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid virtual_router_offering_uuid = res_ops.get_resource( res_ops.VR_OFFERING)[0].uuid vpc_ops.create_vpc_vrouter('vpc_router', virtual_router_offering_uuid, session_uuid=project_login_uuid) # 5 revoke admin resources from project test_stub.revoke_admin_resource([linked_account_uuid]) # 6 share to all #create_account account1_uuid = acc_ops.create_account('user1', 'password', 'Normal').uuid account2_uuid = acc_ops.create_account('user2', 'password', 'Normal').uuid account_lists = res_ops.query_resource(res_ops.ACCOUNT) for account in account_lists: test_stub.share_admin_resource_include_vxlan_pool([account.uuid]) # 7 revoke resources from all for account in account_lists: test_stub.revoke_admin_resource([account.uuid]) # 8 Negative test test_util.test_dsc( 'Doing negative test.Try to use the resources not shared to create vm') try: test_stub.create_vm(session_uuid=project_login_uuid) except: test_util.test_logger( 'Catch excepted excepttion.can not use the resources not shared to create vm' ) else: test_util.test_fail( 'Catch wrong logic:create vm success with the resources not shared ' ) test_util.test_dsc( 'Doing negative test.Try to use the resources not shared to create volume' ) try: test_stub.create_volume(session_uuid=project_login_uuid) except: test_util.test_logger( 'Catch excepted excepttion.can not use the resources not shared to create volume' ) else: test_util.test_fail( 'Catch wrong logic:create volume success with the resources not shared ' ) test_util.test_dsc( 'Doing negative test.Try to use the resources not shared to create vxlan network' ) try: vxlan_ops.create_l2_vxlan_network('l2_vxlan', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid) except: test_util.test_logger( 'Catch excepted excepttion.can not use the resources not shared to create l2 vxlan' ) else: test_util.test_fail( 'Catch wrong logic:create l2 vxlan success with the resources not shared ' ) test_util.test_dsc( 'Doing negative test.Try to use the resources not shared to create vpc_vrouter ' ) try: vpc_ops.create_vpc_vrouter('vpc_router', virtual_router_offerings, session_uuid=project_login_uuid) except: test_util.test_logger( 'Catch excepted excepttion.can not use the resources not shared to create vpc_router' ) else: test_util.test_fail( 'Catch wrong logic:create vpc_router success with the resources not shared ' ) # 9 delete acc_ops.logout(project_login_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) vpc_ops.remove_all_vpc_vrouter() test_lib.lib_error_cleanup(test_obj_dict) net_ops.delete_l2(vxlan_pool_uuid) net_ops.delete_l2(l2_vxlan_network_uuid) acc_ops.delete_account(account1_uuid) acc_ops.delete_account(account2_uuid)
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}, {"effect": "Allow", "actions": ["org.zstack.scheduler.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid) # scheduler ops: start_date = int(time.time()) schd_job1 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_login_uuid) schd_trigger1 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+5, None, 15, 'simple', session_uuid=project_login_uuid) schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.change_scheduler_state(schd_job1.uuid, 'disable', session_uuid=project_login_uuid) schd_ops.change_scheduler_state(schd_job1.uuid, 'enable', session_uuid=project_login_uuid) schd_ops.remove_scheduler_job_from_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.del_scheduler_job(schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.del_scheduler_trigger(schd_trigger1.uuid, session_uuid=project_login_uuid) schd_ops.get_current_time() vm_ops.destroy_vm(vm.get_vm().uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm.get_vm().uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project if flavor['target_role'] != 'system_admin': project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid elif flavor['target_role'] == 'system_admin': username = "******" password = '******' vid_tst_obj = test_vid.ZstackTestVid() test_stub.create_system_admin(username, password, vid_tst_obj) virtual_id_uuid = vid_tst_obj.get_vid().uuid project_login_uuid = acc_ops.login_by_account(username, password) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.sns.**"]}, {"effect": "Allow", "actions": ["org.zstack.zwatch.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) # create platform smtp_server = os.environ.get('smtpServer') smtp_port = os.environ.get('smtpPort') email_platform_name = 'Alarm_email' email_username = os.environ.get('mailUsername') email_password = os.environ.get('mailPassword') email_platform = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_login_uuid) email_platform_uuid = email_platform.uuid cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_EMAIL_PLATFORM,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns email platform failed') try: zwt_ops.validate_sns_email_platform(email_platform_uuid) except: test_util.test_fail('Validate SNS Email Platform Failed, Email Plarform: %s' % email_platform_uuid) # create endpoint email_receiver = os.environ.get('mailUsername') email_endpoint_name = os.environ.get('mailPassword') email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, email_endpoint_name, email_platform_uuid, session_uuid=project_login_uuid).uuid cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_EMAIL_ENDPOINT,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns email endpoint failed') http_endpoint_name='http' url = 'http://localhost:8080/webhook-url' http_username='******' http_password='******' http_endpoint=zwt_ops.create_sns_http_endpoint(url,http_endpoint_name,http_username,http_password, session_uuid=project_login_uuid) http_endpoint_uuid=http_endpoint.uuid cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_HTTP_ENDPOINT,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns http endpoint failed') # create sns topic and query system-in topic sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01', session_uuid=project_login_uuid).uuid zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create and subscribe snstopic failed') cond = res_ops.gen_query_conditions('name', '=', 'system-alarm') system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0] system_alarm_topic_uuid=system_alarm_topic.uuid if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [system_alarm_topic_uuid]) cond = res_ops.gen_query_conditions('name', '=', 'system-alarm') system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0] system_alarm_topic_uuid=system_alarm_topic.uuid zwt_ops.subscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('subscribe system-alarm topic failed') cond = res_ops.gen_query_conditions('name','=','api') api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond)[0] api_topic_uuid=api_topic.uuid if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [api_topic_uuid]) cond = res_ops.gen_query_conditions('name','=','api') api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] api_topic_uuid=api_topic.uuid zwt_ops.subscribe_sns_topic(api_topic_uuid,http_endpoint_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid) cond = res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('subscribe api topic failed') # subscribe event namespace = 'ZStack/VM' actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] labels = [{"key": "NewState", "op": "Equal", "value": "Disconnected"}] event_name = 'VMStateChangedOnHost' event_sub_uuid = zwt_ops.subscribe_event(namespace, event_name, actions, labels, session_uuid=project_login_uuid).uuid cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid) event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid) if not event_subscription: test_util.test_fail('Subscribe event failed') #update endpoint new_name='endpointNewName' new_description='endpoint new description' zwt_ops.update_sns_application_endpoint(email_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name or inv.description!=new_description: test_util.test_fail('test update email endpoint failed') zwt_ops.update_sns_application_endpoint(http_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name or inv.description!=new_description: test_util.test_fail('test update http endpoint failed') new_name_platform='platformNewName' new_description_platform='platformNewName' zwt_ops.update_sns_application_platform(email_platform_uuid,new_name_platform,new_description_platform, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name_platform or inv.description!=new_description_platform: test_util.test_fail('test update email platform failed') #change state state_event = 'disable' state_result = 'Disabled' zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] if inv.state!=state_result: test_util.test_fail('change system alarm topic state failed') zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change api topic state failed') zwt_ops.change_sns_application_endpoint_state(email_endpoint_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', email_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change email endpoint state failed') zwt_ops.change_sns_application_endpoint_state(http_endpoint_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', http_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change http endpoint state failed') zwt_ops.change_sns_application_platform_state(email_platform_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change email platform state failed') # test recover and delete state_event='enable' state_result='Enabled' zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] if inv.state!=state_result: test_util.test_fail('change system alarm topic state failed') zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change api topic state failed') zwt_ops.unsubscribe_event(event_sub_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid) event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid) if event_subscription: test_util.test_fail('unsubscribe event failed') zwt_ops.unsubscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',sns_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe sns topic failed') zwt_ops.unsubscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',system_alarm_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe system alarm topic failed') zwt_ops.unsubscribe_sns_topic(api_topic_uuid, http_endpoint_uuid, session_uuid=project_login_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe api topic failed') zwt_ops.delete_sns_topic(sns_topic_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',sns_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete sns topic failed') zwt_ops.delete_sns_application_endpoint(http_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete http endpoint failed') zwt_ops.delete_sns_application_endpoint(email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete email endpoint failed') zwt_ops.delete_sns_application_platform(email_platform_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete email platform failed') # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) if flavor['target_role'] != 'system_admin': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.sns.**"]}, {"effect": "Allow", "actions": ["org.zstack.zwatch.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) # create platform smtp_server = os.environ.get('smtpServer') smtp_port = os.environ.get('smtpPort') email_platform_name = 'Alarm_email' email_username = os.environ.get('mailUsername') email_password = os.environ.get('mailPassword') email_platform = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_login_uuid) email_platform_uuid = email_platform.uuid cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_EMAIL_PLATFORM,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns email platform failed') try: zwt_ops.validate_sns_email_platform(email_platform_uuid) except: test_util.test_fail('Validate SNS Email Platform Failed, Email Plarform: %s' % email_platform_uuid) # create endpoint email_receiver = os.environ.get('mailUsername') email_endpoint_name = os.environ.get('mailPassword') email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, email_endpoint_name, email_platform_uuid, session_uuid=project_login_uuid).uuid cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_EMAIL_ENDPOINT,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns email endpoint failed') http_endpoint_name='http' url = 'http://localhost:8080/webhook-url' http_username='******' http_password='******' http_endpoint=zwt_ops.create_sns_http_endpoint(url,http_endpoint_name,http_username,http_password, session_uuid=project_login_uuid) http_endpoint_uuid=http_endpoint.uuid cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_HTTP_ENDPOINT,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create sns http endpoint failed') # create sns topic and query system-in topic sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01', session_uuid=project_login_uuid).uuid zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('create and subscribe snstopic failed') cond = res_ops.gen_query_conditions('name', '=', 'system-alarm') system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0] system_alarm_topic_uuid=system_alarm_topic.uuid acc_ops.share_resources([project_linked_account_uuid], [system_alarm_topic_uuid]) cond = res_ops.gen_query_conditions('name', '=', 'system-alarm') system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0] system_alarm_topic_uuid=system_alarm_topic.uuid zwt_ops.subscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('subscribe system-alarm topic failed') cond = res_ops.gen_query_conditions('name','=','api') api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond)[0] api_topic_uuid=api_topic.uuid acc_ops.share_resources([project_linked_account_uuid], [api_topic_uuid]) cond = res_ops.gen_query_conditions('name','=','api') api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] api_topic_uuid=api_topic.uuid zwt_ops.subscribe_sns_topic(api_topic_uuid,http_endpoint_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid) cond = res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if not inv: test_util.test_fail('subscribe api topic failed') # subscribe event namespace = 'ZStack/VM' actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] labels = [{"key": "NewState", "op": "Equal", "value": "Disconnected"}] event_name = 'VMStateChangedOnHost' event_sub_uuid = zwt_ops.subscribe_event(namespace, event_name, actions, labels, session_uuid=project_login_uuid).uuid cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid) event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid) if not event_subscription: test_util.test_fail('Subscribe event failed') #update endpoint new_name='endpointNewName' new_description='endpoint new description' zwt_ops.update_sns_application_endpoint(email_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name or inv.description!=new_description: test_util.test_fail('test update email endpoint failed') zwt_ops.update_sns_application_endpoint(http_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name or inv.description!=new_description: test_util.test_fail('test update http endpoint failed') new_name_platform='platformNewName' new_description_platform='platformNewName' zwt_ops.update_sns_application_platform(email_platform_uuid,new_name_platform,new_description_platform, session_uuid=project_login_uuid) cond= res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv =res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM,cond, session_uuid=project_login_uuid)[0] if inv.name!=new_name_platform or inv.description!=new_description_platform: test_util.test_fail('test update email platform failed') #change state state_event = 'disable' state_result = 'Disabled' zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] if inv.state!=state_result: test_util.test_fail('change system alarm topic state failed') zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change api topic state failed') zwt_ops.change_sns_application_endpoint_state(email_endpoint_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', email_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change email endpoint state failed') zwt_ops.change_sns_application_endpoint_state(http_endpoint_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', http_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change http endpoint state failed') zwt_ops.change_sns_application_platform_state(email_platform_uuid,state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change email platform state failed') # test recover and delete state_event='enable' state_result='Enabled' zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid) inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0] if inv.state!=state_result: test_util.test_fail('change system alarm topic state failed') zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0] if inv.state != state_result: test_util.test_fail('change api topic state failed') zwt_ops.unsubscribe_event(event_sub_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid) event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid) if event_subscription: test_util.test_fail('unsubscribe event failed') zwt_ops.unsubscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',sns_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe sns topic failed') zwt_ops.unsubscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',system_alarm_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe system alarm topic failed') zwt_ops.unsubscribe_sns_topic(api_topic_uuid, http_endpoint_uuid, session_uuid=project_login_uuid) cond =res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid) cond=res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid,cond) inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('unsubscribe api topic failed') zwt_ops.delete_sns_topic(sns_topic_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',sns_topic_uuid) inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete sns topic failed') zwt_ops.delete_sns_application_endpoint(http_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete http endpoint failed') zwt_ops.delete_sns_application_endpoint(email_endpoint_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete email endpoint failed') zwt_ops.delete_sns_application_platform(email_platform_uuid, session_uuid=project_login_uuid) cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid) inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid) if inv: test_util.test_fail('delete email platform failed') # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \ company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \ virtual_id_uuid, platform_admin_uuid iam2_ops.clean_iam2_enviroment() # 1 create platformAdmin username = '******' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' platform_admin_uuid = iam2_ops.create_iam2_virtual_id(username, password).uuid attributes = [{"name": "__PlatformAdmin__"}] iam2_ops.add_attributes_to_iam2_virtual_id(platform_admin_uuid, attributes) platform_admin_session_uuid = iam2_ops.login_iam2_virtual_id(username, password) # 2 create role statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}] role_uuid = iam2_ops.create_role('test_role', statements, platform_admin_session_uuid).uuid action = "org.zstack.header.image.**" statements = [{"effect": "Allow", "actions": [action]}] iam2_ops.add_policy_statements_to_role(role_uuid, statements, platform_admin_session_uuid) statement_uuid = iam2_ops.get_policy_statement_uuid_of_role(role_uuid, action) # statement_uuid= res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0].statements[0].uuid iam2_ops.remove_policy_statements_from_role(role_uuid, [statement_uuid], platform_admin_session_uuid) # 3 create project and and add/remove role and attributes to/from it project_name = 'test_project' project_uuid = iam2_ops.create_iam2_project(project_name, session_uuid=platform_admin_session_uuid).uuid zone_inv=res_ops.query_resource(res_ops.ZONE) if len(zone_inv)>=2: attributes = [{"name":"__ProjectRelatedZone__", "value":zone_inv[0].uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid,attributes,session_uuid=platform_admin_session_uuid) username='******' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' virtual_id_uuid=iam2_ops.create_iam2_virtual_id(username,password,session_uuid=platform_admin_session_uuid).uuid iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid],project_uuid,session_uuid=platform_admin_session_uuid) session_uuid=iam2_ops.login_iam2_virtual_id(username,password) session_uuid=iam2_ops.login_iam2_project(project_name,session_uuid).uuid cond=res_ops.gen_query_conditions('zoneUuid','=',zone_inv[1].uuid) host_inv=res_ops.query_resource(res_ops.HOST,cond,session_uuid=session_uuid) if host_inv: test_util.test_fail("test Project Related Zone fail") attribute_uuid=iam2_ops.get_attribute_uuid_of_project(project_uuid,"__ProjectRelatedZone__") iam2_ops.delete_iam2_virtual_id(virtual_id_uuid,session_uuid=platform_admin_session_uuid) iam2_ops.remove_attributes_from_iam2_project(project_uuid,[attribute_uuid],session_uuid=platform_admin_session_uuid) # iam2_ops.add_attributes_to_iam2_project(project_uuid,attributes='') # iam2_ops.remove_attributes_from_iam2_project(project_uuid,attributes='') # 4 create project template from project project_template_01_uuid = iam2_ops.create_iam2_project_template_from_project('project_template', project_uuid, 'this is a template description', platform_admin_session_uuid).uuid project_template_inv = res_ops.get_resource(res_ops.IAM2_PROJECT_TEMPLATE, uuid=project_template_01_uuid, session_uuid=platform_admin_session_uuid)[0] if not project_template_inv: test_util.test_fail("create template from project fail") # 5 create project template and then create project from template project_template_02_uuid = iam2_ops.create_iam2_project_template('project_template_02', session_uuid=platform_admin_session_uuid).uuid project_02_uuid = iam2_ops.create_iam2_project_from_template('project_02', project_template_02_uuid, session_uuid=platform_admin_session_uuid).uuid project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_02_uuid, session_uuid=platform_admin_session_uuid) if not project_inv: test_util.test_fail("create project from template fail") # 6 create Company and Department company_uuid_01 = iam2_ops.create_iam2_organization('test_company_01', 'Company', session_uuid=platform_admin_session_uuid).uuid company_uuid_02 = iam2_ops.create_iam2_organization('test_company_02', 'Company', session_uuid=platform_admin_session_uuid).uuid department_01_uuid = iam2_ops.create_iam2_organization('test_department_01', 'Department', parent_uuid=company_uuid_01, session_uuid=platform_admin_session_uuid).uuid department_02_uuid = iam2_ops.create_iam2_organization('test_department_02', 'Department', session_uuid=platform_admin_session_uuid).uuid # 7 organization change parent iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_02_uuid], session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_01_uuid], session_uuid=platform_admin_session_uuid) department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_01_uuid, session_uuid=platform_admin_session_uuid)[0] if department_inv.parentUuid != company_uuid_02: test_util.test_fail('change organization parent fail') department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_02_uuid, session_uuid=platform_admin_session_uuid)[0] if department_inv.parentUuid != company_uuid_02: test_util.test_fail('change organization parent fail') # 8 create virtual id group and add/remove role and attributes to/from it virtual_id_group_uuid = iam2_ops.create_iam2_virtual_id_group(project_uuid, 'test_virtual_id_group', session_uuid=platform_admin_session_uuid).uuid iam2_ops.add_roles_to_iam2_virtual_id_group([role_uuid], virtual_id_group_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.remove_roles_from_iam2_virtual_idgroup([role_uuid], virtual_id_group_uuid, session_uuid=platform_admin_session_uuid) # TODO:there is nothing to do with the below api in the first version of iam2 # iam2_ops.add_attributes_to_iam2_virtual_id_group() # iam2_ops.remove_attributes_from_iam2_virtual_id_group() # 9 create virtual id and add/remove role or attributes to/from it virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', password, session_uuid=platform_admin_session_uuid).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], virtual_id_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.remove_roles_from_iam2_virtual_id([role_uuid], virtual_id_uuid, session_uuid=platform_admin_session_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes, session_uuid=platform_admin_session_uuid) cond = res_ops.gen_query_conditions('virtualIDUuid', '=', virtual_id_uuid) cond_02 = res_ops.gen_query_conditions('name', '=', "__ProjectAdmin__", cond) attribute_uuid = res_ops.query_resource_fields(res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_02)[0].uuid iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, [attribute_uuid], session_uuid=platform_admin_session_uuid) # attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] # iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes, session_uuid=platform_admin_session_uuid) # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes, # session_uuid=platform_admin_session_uuid) iam2_ops.add_iam2_virtual_ids_to_organization([virtual_id_uuid], department_01_uuid, session_uuid=platform_admin_session_uuid) attributes = [{"name": "__OrganizationSupervisor__", "value": virtual_id_uuid}] iam2_ops.add_attributes_to_iam2_organization(department_01_uuid, attributes, session_uuid=platform_admin_session_uuid) cond_03 = res_ops.gen_query_conditions('name', '=', "__OrganizationSupervisor__") cond_03 = res_ops.gen_query_conditions('value', '=', virtual_id_uuid, cond_03) attribute_uuid = \ res_ops.query_resource(res_ops.IAM2_ORGANIZATION_ATTRIBUTE, cond_03, session_uuid=platform_admin_session_uuid)[ 0].uuid iam2_ops.remove_attributes_from_iam2_organization(department_01_uuid, [attribute_uuid], session_uuid=platform_admin_session_uuid) iam2_ops.remove_iam2_virtual_ids_from_organization([virtual_id_uuid], department_01_uuid, session_uuid=platform_admin_session_uuid) # 10 add virtual id to group and project iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.add_iam2_virtual_ids_to_group([virtual_id_uuid], virtual_id_group_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.remove_iam2_virtual_ids_from_group([virtual_id_uuid], virtual_id_group_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.remove_iam2_virtual_ids_from_project([virtual_id_uuid], project_uuid, session_uuid=platform_admin_session_uuid) # 11 change state disable = 'disable' enable = 'enable' Disabled = 'Disabled' iam2_ops.change_iam2_organization_state(company_uuid_01, disable, session_uuid=platform_admin_session_uuid) res_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_01, session_uuid=platform_admin_session_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 organization state fail") iam2_ops.change_iam2_organization_state(company_uuid_01, enable, session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_organization_state(department_01_uuid, disable, session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_organization_state(department_01_uuid, enable, session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_project_state(project_uuid, disable, session_uuid=platform_admin_session_uuid) res_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid, session_uuid=platform_admin_session_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 project state fail") iam2_ops.change_iam2_project_state(project_uuid, enable, session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, disable, session_uuid=platform_admin_session_uuid) res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid, session_uuid=platform_admin_session_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 virtual id state fail") iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, enable, session_uuid=platform_admin_session_uuid) iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, disable, session_uuid=platform_admin_session_uuid) res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid, session_uuid=platform_admin_session_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 virtual id group state fail") iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, enable, session_uuid=platform_admin_session_uuid) iam2_ops.change_role_state(role_uuid, disable, session_uuid=platform_admin_session_uuid) res_inv = res_ops.get_resource(res_ops.ROLE, uuid=role_uuid, session_uuid=platform_admin_session_uuid)[0] if res_inv.state != Disabled: test_util.test_fail("test change iam2 role state fail") iam2_ops.change_role_state(role_uuid, enable, session_uuid=platform_admin_session_uuid) # 12 update virtual_id_new_name = 'virtual_id_new_name' virtual_id_new_des = 'virtual_id_new_des' virtual_id_new_password = '******' iam2_ops.update_iam2_virtual_id(virtual_id_uuid, virtual_id_new_name, virtual_id_new_des, virtual_id_new_password, session_uuid=platform_admin_session_uuid) virtual_id_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid, session_uuid=platform_admin_session_uuid)[0] if virtual_id_inv.name != virtual_id_new_name: test_util.test_fail("update iam2 virtual id name fail") try: virtual_id_session_uuid = iam2_ops.login_iam2_virtual_id(virtual_id_new_name, virtual_id_new_password) except: test_util.test_fail("update iam2 virtual id name or password fail.") virtual_id_group_new_name = 'virtual_id_group_new_name' virtual_id_group_new_des = 'virtual_id_group_new_des' iam2_ops.update_iam2_virtual_id_group(virtual_id_group_uuid, virtual_id_group_new_name, virtual_id_group_new_des, session_uuid=platform_admin_session_uuid) virtual_id_group_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid, session_uuid=platform_admin_session_uuid)[0] if virtual_id_group_inv.name != virtual_id_group_new_name: test_util.test_fail("update iam2 virtual id group name fail") project_new_name = 'project_new_name' project_new_dsc = 'project_new_dsc' iam2_ops.update_iam2_project(project_uuid, project_new_name, project_new_dsc, session_uuid=platform_admin_session_uuid) project_inv = \ res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid, session_uuid=platform_admin_session_uuid)[0] if project_inv.name != project_new_name or project_inv.description != project_new_dsc: test_util.test_fail("update project information fail") company_new_name = 'company_new_name' company_new_dsc = 'company_new_dsc' iam2_ops.update_iam2_organization(company_uuid_02, company_new_name, company_new_dsc, session_uuid=platform_admin_session_uuid) organization_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_02, session_uuid=platform_admin_session_uuid)[0] if organization_inv.name != company_new_name or organization_inv.description != company_new_dsc: test_util.test_fail("update organization name fail") # 13 delete iam2_ops.delete_iam2_organization(company_uuid_01, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_organization(company_uuid_02, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_organization(department_01_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_organization(department_02_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_project(project_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_project(project_02_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.expunge_iam2_project(project_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.expunge_iam2_project(project_02_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_project_template(project_template_01_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_project_template(project_template_02_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_virtual_id(virtual_id_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_role(role_uuid, session_uuid=platform_admin_session_uuid) iam2_ops.delete_iam2_virtual_id(platform_admin_uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass('success test iam2 login in by admin!')
def test(): global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vr_network_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid) systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags) # 1 create project project_name = 'test_project7' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid #cond = res_ops.gen_query_conditions("name",'=',"test_project7") #linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid linked_account_uuid = project.linkedAccountUuid # 2 create project operator project_operator_name = 'username7' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid # 4 share vxlan pool to project l2vxlan_pools = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL) for l2vxlan_pool in l2vxlan_pools: acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid]) # 5 create l2 vxlan l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid # 6 use the l2 vxlan to create l3 # 6.1 create l3_vr_network l3_vr_network_uuid = net_ops.create_l3('l3_vr_network',l2_vxlan_network_uuid,session_uuid=project_login_uuid).uuid cond = res_ops.gen_query_conditions('name','=','virtual-router-vm') vr_instance_uuid = res_ops.query_resource(res_ops.INSTANCE_OFFERING,cond)[0].uuid tag = "guestL3Network::" + l3_vr_network_uuid tag_ops.create_system_tag("InstanceOfferingVO",vr_instance_uuid,tag) # add ip range ir_option = test_util.IpRangeOption() ir_option.set_name('iprange1') ir_option.set_description('iprange for vrouter network') ir_option.set_netmask('255.255.255.0') ir_option.set_gateway('192.168.22.1') ir_option.set_l3_uuid(l3_vr_network_uuid) ir_option.set_startIp('192.168.22.2') ir_option.set_endIp('192.168.22.254') net_ops.add_ip_range(ir_option) # add dns AddDnsToL3Network(l3_vr_network_uuid,dns_text,session_uuid = project_login_uuid) # add network service AttachNetworkServiceToL3Network(l3_vr_network_uuid,allservices,session_uuid = project_login_uuid) # create vrouter vm test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) vr_vm = test_stub.create_vr_vm(test_obj_dict, l3_vr_network_uuid,session_uuid=project_login_uuid) test_stub.check_resource_not_exist(vr_vm.uuid,res_ops.VM_INSTANCE) #6 expunge the project and check the l2 vxlan iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) try: l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid except: test_util.test_pass( "l2 vxlan is delete after delete the project " ) test_util.test_dsc('test l2 l2 cascade delete') # 7 check the l3 vrouter network try: cond = res_ops.gen_query_conditions("name",'=',"l3_vr_network") l3_vrouter_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid except: test_util.test_pass( "l3_vrouter network is deleted after delete the project") # todo:check the virtual router vm # 8 delete vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) net_ops.delete_l2(vxlan_pool_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project if flavor['target_role'] != 'system_admin': project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid elif flavor['target_role'] == 'system_admin': username = "******" password = '******' vid_tst_obj = test_vid.ZstackTestVid() test_stub.create_system_admin(username, password, vid_tst_obj) virtual_id_uuid = vid_tst_obj.get_vid().uuid project_login_uuid = acc_ops.login_by_account(username, password) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}, {"effect": "Allow", "actions": ["org.zstack.scheduler.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) if flavor['target_role'] != 'system_admin': acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid) # scheduler ops: start_date = int(time.time()) schd_job1 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_login_uuid) schd_trigger1 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+5, None, 15, 'simple', session_uuid=project_login_uuid) schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.change_scheduler_state(schd_job1.uuid, 'disable', session_uuid=project_login_uuid) schd_ops.change_scheduler_state(schd_job1.uuid, 'enable', session_uuid=project_login_uuid) schd_ops.remove_scheduler_job_from_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.del_scheduler_job(schd_job1.uuid, session_uuid=project_login_uuid) schd_ops.del_scheduler_trigger(schd_trigger1.uuid, session_uuid=project_login_uuid) schd_ops.get_current_time() vm_ops.destroy_vm(vm.get_vm().uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm.get_vm().uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) if flavor['target_role'] != 'system_admin': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # 4 login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0] image_option = test_util.ImageOption() image_option.set_name('fake_image') image_option.set_description('fake image') image_option.set_format('raw') image_option.set_mediaType('RootVolumeTemplate') image_option.set_backup_storage_uuid_list([bs.uuid]) image_option.url = "http://fake/fake.raw" image_option.set_session_uuid(project_login_uuid) image_uuid = img_ops.add_image(image_option).uuid img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid) if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE: img_ops.export_image_from_backup_storage( image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.delete_exported_image_from_backup_storage( image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid) img_ops.delete_image(image_uuid, session_uuid=project_login_uuid) img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid) # Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid acc_ops.share_resources([project_linked_account_uuid], [disk_offering_uuid]) volume_option = test_util.VolumeOption() volume_option.set_disk_offering_uuid(disk_offering_uuid) volume_option.set_name('data_volume_project_management') volume_option.set_session_uuid(project_login_uuid) data_volume = vol_ops.create_volume_from_offering(volume_option) vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name( os.environ.get('l3VlanNetwork3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name( os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid=image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid vol_ops.attach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.detach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid) # VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid) if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap( vm.get_vm()): vm_ops.migrate_vm(vm_uuid, candidate_hosts.inventories[0].uuid, session_uuid=project_login_uuid) vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid) # L2 related ops: create, delete zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid try: l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid) test_util.test_fail( "Expect exception: project admin not allowed to create Novlan L2 except vxlan" ) except: pass try: l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid) test_util.test_fail( "Expect exception: project admin not allowed to create vlan L2 except vxlan" ) except: pass #net_ops.delete_l2(l2.uuid, session_uuid=project_login_uuid) # L3 related ops: # network service ops: # zwatch ops: # scheduler ops: # certificate # 11 delete acc_ops.logout(project_login_uuid) iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) iam2_ops.delete_iam2_virtual_id(project_admin_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global l2_vxlan_network_uuid, project_uuid, project_operator_uuid, vni_range_uuid, vxlan_pool_uuid, l3_vr_network_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool( vxlan_pool_name, zone_uuid).uuid vxlan_ops.create_vni_range('vni_range', 20, 40, vxlan_pool_uuid) systemTags = [ "l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}" % (vxlan_pool_uuid, cluster_uuid) ] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid, cluster_uuid, systemTags) # 1 create project project_name = 'test_project7' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid cond = res_ops.gen_query_conditions("name", '=', "test_project7") linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT, cond)[0].uuid # 2 create project operator project_operator_name = 'username7' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid # 4 share vxlan pool to project l2vxlan_pools = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL) for l2vxlan_pool in l2vxlan_pools: acc_ops.share_resources([linked_account_uuid], [l2vxlan_pool.uuid]) # 5 create l2 vxlan l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network( 'l2_vxlan', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid # 6 use the l2 vxlan to create l3 # 6.1 create l3_vr_network l3_vr_network_uuid = net_ops.create_l3( 'l3_vr_network', l2_vxlan_network_uuid, session_uuid=project_login_uuid).uuid cond = res_ops.gen_query_conditions('name', '=', 'virtual-router-vm') vr_instance_uuid = res_ops.query_resource(res_ops.INSTANCE_OFFERING, cond)[0].uuid tag = "guestL3Network::" + l3_vr_network_uuid tag_ops.create_system_tag("InstanceOfferingVO", vr_instance_uuid, tag) # add ip range ir_option = test_util.IpRangeOption() ir_option.set_name('iprange1') ir_option.set_description('iprange for vrouter network') ir_option.set_netmask('255.255.255.0') ir_option.set_gateway('192.168.22.1') ir_option.set_l3_uuid(l3_vr_network_uuid) ir_option.set_startIp('192.168.22.2') ir_option.set_endIp('192.168.22.254') net_ops.add_ip_range(ir_option) # add dns AddDnsToL3Network(l3_vr_network_uuid, dns_text, session_uuid=project_login_uuid) # add network service AttachNetworkServiceToL3Network(l3_vr_network_uuid, allservices, session_uuid=project_login_uuid) # create vrouter vm test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) vr_vm = test_stub.create_vr_vm(test_obj_dict, l3_vr_network_uuid, session_uuid=project_login_uuid) test_stub.check_resource_not_exist(vr_vm.uuid, res_ops.VM_INSTANCE) #6 expunge the project and check the l2 vxlan iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) try: l2_vxlan_network_test_uuid = res_ops.query_resource( res_ops.L2_VXLAN_NETWORK)[0].uuid except: test_util.test_pass("l2 vxlan is delete after delete the project ") test_util.test_dsc('test l2 l2 cascade delete') # 7 check the l3 vrouter network try: cond = res_ops.gen_query_conditions("name", '=', "l3_vr_network") l3_vrouter_network_uuid = res_ops.query_resource( res_ops.L3_NETWORK, cond)[0].uuid except: test_util.test_pass( "l3_vrouter network is deleted after delete the project") # todo:check the virtual router vm # 8 delete vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) net_ops.delete_l2(vxlan_pool_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project if flavor['target_role'] != 'system_admin': project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid elif flavor['target_role'] == 'system_admin': username = "******" password = '******' vid_tst_obj = test_vid.ZstackTestVid() test_stub.create_system_admin(username, password, vid_tst_obj) virtual_id_uuid = vid_tst_obj.get_vid().uuid project_login_uuid = acc_ops.login_by_account(username, password) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{"effect": "Allow", "actions": ["org.zstack.header.image.**"]}, {"effect": "Allow", "actions": ["org.zstack.header.storage.backup.**"]}] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0] image_option = test_util.ImageOption() image_option.set_name('fake_image') image_option.set_description('fake image') image_option.set_format('raw') image_option.set_mediaType('RootVolumeTemplate') image_option.set_backup_storage_uuid_list([bs.uuid]) image_option.url = "http://fake/fake.raw" image_option.set_session_uuid(project_login_uuid) image_uuid = img_ops.add_image(image_option).uuid img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid) if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE: img_ops.export_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.delete_exported_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('name', '=', "fake_image") image = res_ops.query_resource(res_ops.IMAGE, cond, session_uuid=project_login_uuid) if image == None: test_util.test_fail('fail to query image just added') img_ops.delete_image(image_uuid, session_uuid=project_login_uuid) img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) if flavor['target_role'] != 'system_admin': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # 4 login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0] image_option = test_util.ImageOption() image_option.set_name('fake_image') image_option.set_description('fake image') image_option.set_format('raw') image_option.set_mediaType('RootVolumeTemplate') image_option.set_backup_storage_uuid_list([bs.uuid]) image_option.url = "http://fake/fake.raw" image_option.set_session_uuid(project_login_uuid) image_uuid = img_ops.add_image(image_option).uuid img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid) if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE: img_ops.export_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.delete_exported_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid) img_ops.delete_image(image_uuid, session_uuid=project_login_uuid) img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid) # Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid acc_ops.share_resources([project_linked_account_uuid], [disk_offering_uuid]) volume_option = test_util.VolumeOption() volume_option.set_disk_offering_uuid(disk_offering_uuid) volume_option.set_name('data_volume_project_management') volume_option.set_session_uuid(project_login_uuid) data_volume = vol_ops.create_volume_from_offering(volume_option) vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid) vm_creation_option = test_util.VmOption() l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid]) vm_creation_option.set_l3_uuids([l3_net_uuid]) image_uuid = test_lib.lib_get_image_by_name("centos").uuid vm_creation_option.set_image_uuid(image_uuid) acc_ops.share_resources([project_linked_account_uuid], [image_uuid]) instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid vm_creation_option.set_instance_offering_uuid(instance_offering_uuid) acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid]) vm_creation_option.set_name('vm_for_project_management') vm_creation_option.set_session_uuid(project_login_uuid) vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid) vm_uuid = vm.get_vm().uuid vol_ops.attach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.detach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid) vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid) vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid) # VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid) if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap(vm.get_vm()): vm_ops.migrate_vm(vm_uuid, candidate_hosts.inventories[0].uuid, session_uuid=project_login_uuid) vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid) vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid) vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid) # L2 related ops: create, delete zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid try: l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan") except: pass try: l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid) test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan") except: pass #net_ops.delete_l2(l2.uuid, session_uuid=project_login_uuid) # L3 related ops: # network service ops: # zwatch ops: # scheduler ops: # certificate # 11 delete acc_ops.logout(project_login_uuid) iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) iam2_ops.delete_iam2_virtual_id(project_admin_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernamethree', 'password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id( plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid], project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id( plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project( project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{ "effect": "Allow", "actions": ["org.zstack.network.service.lb.**"] }] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) # certificate cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_login_uuid) net_ops.delete_certificate(cert.uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid flavor = case_flavor[os.environ.get('CASE_FLAVOR')] # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid project_linked_account_uuid = project.linkedAccountUuid if flavor['target_role'] == 'project_admin': # 2 create virtual id project_admin_name = 'username' project_admin_password = '******' project_admin_uuid = iam2_ops.create_iam2_virtual_id( project_admin_name, project_admin_password).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernametwo', 'password').uuid # 3 create project admin iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) # login in project by project admin project_admin_session_uuid = iam2_ops.login_iam2_virtual_id( project_admin_name, project_admin_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_admin_session_uuid).uuid # iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes) elif flavor['target_role'] == 'project_operator': project_operator_name = 'username2' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id( project_operator_name, project_operator_password, attributes=attributes).uuid virtual_id_uuid = iam2_ops.create_iam2_virtual_id( 'usernamethree', 'password').uuid # login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid], project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id( project_operator_name, project_operator_password) project_login_uuid = iam2_ops.login_iam2_project( project_name, session_uuid=project_operator_session_uuid).uuid elif flavor['target_role'] == 'project_member': plain_user_name = 'username' plain_user_password = '******' plain_user_uuid = iam2_ops.create_iam2_virtual_id( plain_user_name, plain_user_password, project_uuid=project_uuid).uuid # 3 add virtual id to project iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid], project_uuid) # 4 login in project by plain user plain_user_session_uuid = iam2_ops.login_iam2_virtual_id( plain_user_name, plain_user_password) # 4 login in project #project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid) project_login_uuid = iam2_ops.login_iam2_project( project_name, plain_user_session_uuid).uuid # Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge if flavor['target_role'] == 'project_member': statements = [{ "effect": "Allow", "actions": ["org.zstack.header.image.**"] }, { "effect": "Allow", "actions": ["org.zstack.header.storage.backup.**"] }] role_uuid = iam2_ops.create_role('test_role', statements).uuid iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid) bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0] image_option = test_util.ImageOption() image_option.set_name('fake_image') image_option.set_description('fake image') image_option.set_format('raw') image_option.set_mediaType('RootVolumeTemplate') image_option.set_backup_storage_uuid_list([bs.uuid]) image_option.url = "http://fake/fake.raw" image_option.set_session_uuid(project_login_uuid) image_uuid = img_ops.add_image(image_option).uuid img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid) img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid) if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE: img_ops.export_image_from_backup_storage( image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.delete_exported_image_from_backup_storage( image_uuid, bs.uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid) img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid) cond = res_ops.gen_query_conditions('name', '=', "fake_image") image = res_ops.query_resource(res_ops.IMAGE, cond, session_uuid=project_login_uuid) if image == None: test_util.test_fail('fail to query image just added') img_ops.delete_image(image_uuid, session_uuid=project_login_uuid) img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid) # 11 delete acc_ops.logout(project_login_uuid) if virtual_id_uuid != None: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_admin_uuid != None: iam2_ops.delete_iam2_virtual_id(project_admin_uuid) if project_operator_uuid != None: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if plain_user_uuid != None: iam2_ops.delete_iam2_virtual_id(plain_user_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_pass('success test iam2 login in by project admin!')
def test(): global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vpc_network_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid) systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags) # 1 create project project_name = 'test_project7' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid cond = res_ops.gen_query_conditions("name",'=',"test_project7") linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid # 2 create project operator project_operator_name = 'username7' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid # 4 share vxlan pool to project l2vxlan_pools = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL) for l2vxlan_pool in l2vxlan_pools: acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid]) # 5 create l2 vxlan l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid # 6 use l2 vxlan to create l3 vpc l3_vpc_network = create_l3_vpc('test_vpc',l2_vxlan_network_uuid,project_login_uuid) l3_vpc_network_uuid = l3_vpc_network.uuid # add ip range ir_option = test_util.IpRangeOption() ir_option.set_name('iprange2') ir_option.set_description('iprange for vpc') ir_option.set_netmask('255.255.255.0') ir_option.set_gateway('192.168.23.1') ir_option.set_l3_uuid(l3_vpc_network_uuid) ir_option.set_startIp('192.168.23.2') ir_option.set_endIp('192.168.23.254') net_ops.add_ip_range(ir_option) # add network service AttachNetworkServiceToL3Network(l3_vpc_network_uuid,allservices,session_uuid = project_login_uuid) # share the vr_offering to project and do create vpc router and vpc network cond = res_ops.gen_query_conditions("name",'=',"virtual-router-vm") vr_offering_uuid = res_ops.query_resource(res_ops.VR_OFFERING,cond)[0].uuid acc_ops.share_resources([linked_account_uuid],[vr_offering_uuid]) vpc_ops.create_vpc_vrouter(name = 'test_vpc_vr', virtualrouter_offering_uuid = vr_offering_uuid,session_uuid = project_login_uuid) vpc_vr = test_stub.query_vpc_vrouter('test_vpc_vr') vpc_vr.add_nic(l3_vpc_network_uuid) # 7 expunge the project and check the l2 vxlan iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) try: l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid except: test_util.test_pass( "l2 vxlan is delete after deleted the project " ) test_util.test_dsc('test l2 l2 cascade delete') # 8 check the vpc network and vpc_vr try: cond = res_ops.gen_query_conditions("name",'=',"test_vpc") l3_vpc_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid except: test_util.test_pass( "l3_vpc is delete after deleted the project") cond = res_ops.gen_query_conditions("name",'=',"test_vpc_vr") vpc_vr = res_ops.query_resource(res_ops.VIRTUALROUTER_VM,cond) if not vpc_vr.inv.state is 'Paused': test_util.test_fail( "vpc vr [%s] is still exist after delete and expunge the project [%s]" % (vpc_vr.uuid,project_uuid)) # 9 delete vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) net_ops.delete_l2(vxlan_pool_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test(): global vm global schd_job1 global schd_job2 global schd_trigger1 global schd_trigger2 iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 1 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid # 3 create scheduler job and trigger vm = test_stub.create_vm(session_uuid=project_admin_session_uuid) start_date = int(time.time()) schd_job1 = schd_ops.create_scheduler_job('simple_stop_vm_scheduler', 'simple_stop_vm_scheduler', vm.get_vm().uuid, 'stopVm', None,session_uuid=project_admin_session_uuid) schd_trigger1 = schd_ops.create_scheduler_trigger('simple_stop_vm_scheduler', start_date+60, None, 120, 'simple',session_uuid=project_admin_session_uuid) schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid,session_uuid=project_admin_session_uuid) schd_job2 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None,session_uuid=project_admin_session_uuid) schd_trigger2 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+120, None, 120, 'simple',session_uuid=project_admin_session_uuid) schd_ops.add_scheduler_job_to_trigger(schd_trigger2.uuid, schd_job2.uuid,session_uuid=project_admin_session_uuid) acc_ops.logout(project_admin_session_uuid) # 4 delete project iam2_ops.delete_iam2_project(project_uuid) try: schd_job1_inv = res_ops.get_resource(res_ops.SCHEDULERJOB,uuid=schd_job1.uuid)[0] except: test_util.test_fail("delete project but not expunge,the schedulerjob [%s] is lost"%schd_job1.uuid) try: res_ops.get_resource(res_ops.SCHEDULERJOB,uuid=schd_job2.uuid)[0] except: test_util.test_fail("delete project but not expunge,the schedulerjob [%s] is lost"%schd_job2.uuid) try: schd_trigger1_inv = res_ops.get_resource(res_ops.SCHEDULERTRIGGER,uuid=schd_trigger1.uuid)[0] except: test_util.test_fail("delete project but not expunge,the scheduler trigger [%s] is lost"%schd_job1.uuid) try: res_ops.get_resource(res_ops.SCHEDULERTRIGGER,uuid=schd_trigger2.uuid)[0] except: test_util.test_fail("delete project but not expunge,the scheduler trigger [%s] is lost"%schd_job1.uuid) iam2_ops.recover_iam2_project(project_uuid) try: project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid except: test_util.test_fail("recover the deleted project , but can't login in") iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 5 check for cascade delete test_stub.check_resource_not_exist(schd_job1.uuid,res_ops.SCHEDULERJOB) test_stub.check_resource_not_exist(schd_job2.uuid,res_ops.SCHEDULERJOB) test_stub.check_resource_not_exist(schd_trigger1.uuid,res_ops.SCHEDULERTRIGGER) test_stub.check_resource_not_exist(schd_trigger2.uuid,res_ops.SCHEDULERTRIGGER) vm.clean() iam2_ops.clean_iam2_enviroment() test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test(): global test_obj_dict iam2_ops.clean_iam2_enviroment() # 1 create project project_name = 'test_project' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid zone_inv = res_ops.query_resource(res_ops.ZONE) attributes = [{ "name": "__ProjectRelatedZone__", "value": zone_inv[0].uuid }] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 2 update project quota acc_ops.update_quota(linked_account_uuid, 'volume.data.num', '1') cond = res_ops.gen_query_conditions('identityUuid', '=', linked_account_uuid) cond = res_ops.gen_query_conditions('name', '=', 'volume.data.num', cond) project_quota = res_ops.query_resource(res_ops.QUOTA, cond) if project_quota: if project_quota[0].value != 1: test_util.test_fail("update project quata fail") # 3 create virtual id and login project username = '******' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] virtual_id_uuid = iam2_ops.create_iam2_virtual_id( username, password, attributes=attributes).uuid iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid) virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password) virtual_id_session = iam2_ops.login_iam2_project(project_name, virtual_id_session).uuid volume = test_stub.create_volume(session_uuid=virtual_id_session) test_obj_dict.add_volume(volume) try: volume = test_stub.create_volume(session_uuid=virtual_id_session) test_obj_dict.add_volume(volume) test_util.test_fail( "create more than one data volume in project ,test fail") except: test_util.test_dsc("success test limit create only 1 vm") acc_ops.logout(virtual_id_session) # 4 add project retired policy attributes = [{"name": "__RetirePolicy__", "value": "NoLogin after 20s"}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) time.sleep(20) # 5 login project virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password) try: iam2_ops.login_iam2_project(project_name, session_uuid=virtual_id_session) test_util.test_fail( "login project success ,the retire policy is useless") except: test_util.test_logger("can't login project,retire policy is useful") # 6 change retired policy enable = 'enable' disable = 'disable' cond = res_ops.gen_query_conditions('name', '=', '__RetirePolicy__') cond = res_ops.gen_query_conditions('value', '=', 'NoLogin after 20s', cond) attribute_uuid = res_ops.query_resource(res_ops.IAM2_PROJECT_ATTRIBUTE, cond)[0].uuid iam2_ops.remove_attributes_from_iam2_project(project_uuid, [attribute_uuid]) iam2_ops.change_iam2_project_state(project_uuid, enable) attributes = [{ "name": "__RetirePolicy__", "value": "DeleteProject after 20s" }] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) time.sleep(20) # 7 query project project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0] if project_inv.state != 'Deleted': iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_util.test_fail("the project [%s] is still available after 20s " % project_uuid) test_lib.lib_robot_cleanup(test_obj_dict) iam2_ops.clean_iam2_enviroment() test_util.test_pass("success test project retired")
def test(): global linked_account_uuid,project_uuid,project_operator_uuid,account_lists,vni_range_uuid,vxlan_pool_uuid,l2_vxlan_network_uuid,account1_uuid,account2_uuid,platform_admin_uuid # create vxlan pool and vni range zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid vxlan_pool_name = 'vxlan_pool_name' vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid) systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)] net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags) # 1 create project project_name = 'test_share_project1' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid #cond = res_ops.gen_query_conditions("name",'=',"test_share_project1") #linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid linked_account_uuid = project.linkedAccountUuid # 2 create project operator project_operator_name = 'share_username1' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid # todo:use the shared resources # 4 create platformAdmin and login username = '******' password = '******' platform_admin_uuid = iam2_ops.create_iam2_virtual_id(username, password).uuid attributes = [{"name":"__PlatformAdmin__"}] iam2_ops.add_attributes_to_iam2_virtual_id(platform_admin_uuid, attributes) platform_admin_session_uuid = iam2_ops.login_iam2_virtual_id(username, password) # 5 share platform admin resources to project test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid],platform_admin_session_uuid) # use the shared resources to create vm vm = test_stub.create_vm(session_uuid=project_login_uuid) volume = test_stub.create_volume(session_uuid=project_login_uuid) test_obj_dict.add_volume(volume) test_obj_dict.add_vm(vm) l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid virtual_router_offering_uuid = res_ops.get_resource(res_ops.VR_OFFERING)[0].uuid vpc_ops.create_vpc_vrouter('vpc_router',virtual_router_offering_uuid,session_uuid=project_login_uuid) # 6 revoke platform admin resources from project test_stub.revoke_admin_resource([linked_account_uuid],platform_admin_session_uuid) # 7 share to all #create_account account1_uuid = acc_ops.create_account('user1','password','Normal').uuid account2_uuid = acc_ops.create_account('user2','password','Normal').uuid account_lists = res_ops.query_resource(res_ops.ACCOUNT) for account in account_lists: test_stub.share_admin_resource_include_vxlan_pool([account.uuid],platform_admin_session_uuid) # 8 revoke resources from all for account in account_lists: test_stub.revoke_admin_resource([account.uuid],platform_admin_session_uuid) # 9 Negative test test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vm') try: test_stub.create_vm(session_uuid=project_login_uuid) except: test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create vm') else: test_util.test_fail('Catch wrong logic:create vm success with the resources not shared ') test_util.test_dsc('Doing negative test.Try to use the resources not shared to create volume') try: test_stub.create_volume(session_uuid=project_login_uuid) except: test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create volume') else: test_util.test_fail('Catch wrong logic:create volume success with the resources not shared ') test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vxlan network') try: vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid) except: test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create l2 vxlan') else: test_util.test_fail('Catch wrong logic:create l2 vxlan success with the resources not shared ') test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vpc_vrouter ') try: vpc_ops.create_vpc_vrouter('vpc_router',virtual_router_offerings,session_uuid=project_login_uuid) except: test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create vpc_router') else: test_util.test_fail('Catch wrong logic:create vpc_router success with the resources not shared ') # 10 delete acc_ops.logout(project_login_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid vxlan_ops.delete_vni_range(vni_range_uuid) vpc_ops.remove_all_vpc_vrouter() test_lib.lib_error_cleanup(test_obj_dict) net_ops.delete_l2(vxlan_pool_uuid) net_ops.delete_l2(l2_vxlan_network_uuid) acc_ops.delete_account(account1_uuid) acc_ops.delete_account(account2_uuid) iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def test(): global linked_account_uuid,project_uuid,project_operator_uuid,account_lists,l2_uuid,account1_uuid,account2_uuid zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid # 1 create project project_name = 'test_shared_project1' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid # 2 create project operator project_operator_name = 'username_share1' project_operator_password = '******' attributes = [{"name": "__ProjectOperator__", "value": project_uuid}] project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid # 3 login in project by project operator iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid) project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password) project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid l2_inv = net_ops.create_l2_vlan('L2_vlan_2221', 'eth0', zone_uuid, '2221') l2_uuid = l2_inv.inventory.uuid test_util.test_dsc('share admin resoure to normal account') cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2221') flat_l2_uuid = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid acc_ops.share_resources([linked_account_uuid], [flat_l2_uuid]) # ut_util.test_dsc('create L3_flat_network names is L3_flat_network by normal account') l3_inv = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network', 'L3BasicNetwork', flat_l2_uuid, 'local.com', session_uuid = project_login_uuid) l3_uuid = l3_inv.inventory.uuid l3_dns = '223.5.5.5' start_ip = '192.168.123.2' end_ip = '192.168.123.10' gateway = '192.168.123.1' netmask = '255.255.255.0' test_util.test_dsc('add DNS and IP_Range for L3_flat_network') sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid, l3_dns, session_uuid = project_login_uuid) sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid, start_ip, end_ip, gateway, netmask, session_uuid = project_login_uuid) test_util.test_dsc('query flat provider and attach network service to L3_flat_network') provider_name = 'Flat Network Service Provider' conditions = res_ops.gen_query_conditions('name', '=', provider_name) net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = project_login_uuid).inventories[0] pro_uuid = net_provider_list.uuid sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid,pro_uuid, session_uuid = project_login_uuid) test_stub.share_admin_resource_1([linked_account_uuid]) vm = test_stub.create_vm(session_uuid=project_login_uuid) test_obj_dict.add_vm(vm) #create normal account test_util.test_dsc('create normal account') account_name = 'test_abc' #account_pass = hashlib.sha512(account_name).hexdigest() account_pass = '******' test_account = acc_ops.create_normal_account(account_name, account_pass) test_account_uuid = test_account.uuid test_account_session = acc_ops.login_by_account(account_name, account_pass) test_util.test_dsc('share admin resoure to normal account test_abc') test_stub.share_admin_resource_1([test_account_uuid]) l2_inv1 = sce_ops.create_l2_vlan(zstack_management_ip, 'L2_vlan_2215', 'eth0', '2215', zone_uuid) l2_uuid1 = l2_inv1.inventory.uuid test_util.test_dsc('attach L2 netowrk to cluster') sce_ops.attach_l2(zstack_management_ip, l2_uuid1, cluster_uuid) #share admin resoure to normal account test_util.test_dsc('share L2 L2_vlan_2215 to normal account test_a') cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2215') flat_l2_uuid1 = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid acc_ops.share_resources([test_account_uuid], [flat_l2_uuid1]) test_account_session = acc_ops.login_by_account(account_name, account_pass) l3_inv1 = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network1', 'L3BasicNetwork', flat_l2_uuid1, 'local.com', session_uuid = test_account_session) l3_uuid1 = l3_inv1.inventory.uuid l3_dns = '223.5.5.5' start_ip = '192.168.126.2' end_ip = '192.168.126.10' gateway = '192.168.126.1' netmask = '255.255.255.0' test_util.test_dsc('add DNS and IP_Range for L3_flat_network1') sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid1, l3_dns, session_uuid = test_account_session) sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid1, start_ip, end_ip, gateway, netmask, session_uuid = test_account_session) test_util.test_dsc('query flat provider and attach network service to L3_flat_network') provider_name = 'Flat Network Service Provider' conditions = res_ops.gen_query_conditions('name', '=', provider_name) net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = test_account_session).inventories[0] pro_uuid = net_provider_list.uuid sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid1,pro_uuid, session_uuid = test_account_session) vm2 = test_stub.create_vm(session_uuid = test_account_session) test_util.test_dsc('test success normal acount create L3 by admin share L2 ') test_obj_dict.add_vm(vm2) # 9 delete acc_ops.logout(project_login_uuid) iam2_ops.delete_iam2_virtual_id(project_operator_uuid) iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) test_lib.lib_error_cleanup(test_obj_dict) net_ops.delete_l2(l2_uuid) net_ops.delete_l2(l2_uuid1) acc_ops.delete_account(test_account_uuid)
def test(): global email_platform_uuid,email_endpoint_uuid,dingtalk_endpoint_uuid,http_endpoint_uuid,alarm_uuid,ps_event_sub_uuid,sns_topic_uuid,alarm_template_uuid iam2_ops.clean_iam2_enviroment() zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid # 3 create project project_name = 'test_project' password = \ 'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86' project = iam2_ops.create_iam2_project(project_name) project_uuid = project.uuid linked_account_uuid = project.linkedAccountUuid attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}] iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes) test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid]) # 4 create projectAdmin into project project_admin_name = 'projectadmin' project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid) attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}] iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes) project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password) project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid # 5 create zwatch resource smtp_server = os.environ.get('smtpServer') smtp_port = os.environ.get('smtpPort') email_platform_name = 'Alarm_email' email_username = os.environ.get('mailUsername') email_password = os.environ.get('mailPassword') email_platform_uuid = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password,session_uuid=project_admin_session_uuid).uuid email_receiver = os.environ.get('mailUsername') email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, 'test_email_endpoint', email_platform_uuid,session_uuid=project_admin_session_uuid).uuid url_01 = 'https://oapi.dingtalk.com/robot/send?access_token' \ '=0be899d4bd0a7629961a5ccd3035dfba30d084b57944897838f1b601006dd153' name_01 = 'dingtalkAtPerson' dingtalk_endpoint_uuid = zwt_ops.create_sns_dingtalk_endpoint(url_01, name_01, at_all=False,session_uuid=project_admin_session_uuid).uuid http_endpoint_name = 'http' url = 'http://localhost:8080/webhook-url' http_username = '******' http_password = '******' http_endpoint_uuid = zwt_ops.create_sns_http_endpoint(url, http_endpoint_name, http_username, http_password,session_uuid=project_admin_session_uuid).uuid sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01',session_uuid=project_admin_session_uuid).uuid zwt_ops.subscribe_sns_topic(sns_topic_uuid, dingtalk_endpoint_uuid,session_uuid=project_admin_session_uuid) zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid,session_uuid=project_admin_session_uuid) zwt_ops.subscribe_sns_topic(sns_topic_uuid, http_endpoint_uuid,session_uuid=project_admin_session_uuid) namespace = 'ZStack/Volume' actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] comparisonOperator = 'GreaterThanOrEqualTo' repeat_interval = 20 period = 10 threshold = 5 metric_name = 'TotalVolumeCount' alarm_uuid = zwt_ops.create_alarm(comparisonOperator, period, threshold, namespace, metric_name, actions=actions,repeat_interval=repeat_interval,session_uuid=project_admin_session_uuid).uuid ps_actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}] ps_namespace = 'ZStack/PrimaryStorage' ps_disconnected = 'PrimaryStorageDisconnected' ps_event_sub_uuid = zwt_ops.subscribe_event(ps_namespace, ps_disconnected, ps_actions, session_uuid=project_admin_session_uuid).uuid application_platform_type = 'Email' alarm_template_name = 'my-alarm-template' alarm_template = '${ALARM_NAME} Change status to ${ALARM_CURRENT_STATUS}' \ 'ALARM_UUID:${ALARM_UUID}' \ 'keyword1:ThisWordIsKeyWord' \ 'keyword2:TemplateForAlarmOn' \ '(Using for template changes email check)' alarm_template_uuid = zwt_ops.create_sns_text_template(alarm_template_name, application_platform_type, alarm_template, default_template=False, session_uuid=project_admin_session_uuid).uuid acc_ops.logout(project_admin_session_uuid) # 6 delete project iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) # 7 cascade test try: test_stub.check_resource_not_exist(email_platform_uuid,res_ops.SNS_EMAIL_PLATFORM) except: test_util.test_logger("email platform should not be delete ,success") test_stub.check_resource_not_exist(email_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(dingtalk_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(http_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT) test_stub.check_resource_not_exist(alarm_uuid,res_ops.ALARM) test_stub.check_resource_not_exist(ps_event_sub_uuid,res_ops.EVENT_SUBSCRIPTION) test_stub.check_resource_not_exist(sns_topic_uuid,res_ops.SNS_TOPIC) test_stub.check_resource_not_exist(alarm_template_uuid,res_ops.SNS_TEXT_TEMPLATE) zwt_ops.delete_sns_application_platform(email_platform_uuid) iam2_ops.clean_iam2_enviroment() test_util.test_pass("success test project retired")