def test_remove_security_service(self): security_dict1 = {'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type'} db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) db_api.share_network_remove_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) result = sqlalchemy_api.model_query( self.fake_context, models.ShareNetworkSecurityServiceAssociation).\ filter_by(security_service_id=security_dict1['id']).\ filter_by(share_network_id=self.share_nw_dict['id']).first() self.assertTrue(result is None) share_nw_ref = db_api.share_network_get(self.fake_context, self.share_nw_dict['id']) self.assertEqual(len(share_nw_ref['security_services']), 0)
def test_remove_security_service(self): security_dict1 = { 'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type' } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) db_api.share_network_remove_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) result = sqlalchemy_api.model_query( self.fake_context, models.ShareNetworkSecurityServiceAssociation).\ filter_by(security_service_id=security_dict1['id']).\ filter_by(share_network_id=self.share_nw_dict['id']).first() self.assertTrue(result is None) share_nw_ref = db_api.share_network_get(self.fake_context, self.share_nw_dict['id']) self.assertEqual(len(share_nw_ref['security_services']), 0)
def test_get_with_two_security_services(self): security_dict1 = { 'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type' } security_dict2 = { 'id': 'fake security service id2', 'project_id': self.fake_context.project_id, 'type': 'fake type' } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.security_service_create(self.fake_context, security_dict2) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict2['id']) result = db_api.share_network_get(self.fake_context, self.share_nw_dict['id']) self.assertEqual(len(result['security_services']), 2)
def test_get_with_one_security_service(self): security_dict1 = { "id": "fake security service id1", "project_id": self.fake_context.project_id, "type": "fake type", } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict["id"], security_dict1["id"]) result = db_api.share_network_get(self.fake_context, self.share_nw_dict["id"]) self.assertEqual(len(result["security_services"]), 1) self._check_fields(expected=security_dict1, actual=result["security_services"][0])
def _add_security_service(self, req, id, data): """Associate share network with a given security service.""" context = req.environ['manila.context'] policy.check_policy(context, RESOURCE_NAME, 'add_security_service') share_network = db_api.share_network_get(context, id) if share_network['share_servers']: msg = _("Cannot add security services. Share network is used.") raise exc.HTTPForbidden(explanation=msg) security_service = db_api.security_service_get( context, data['security_service_id']) for attached_service in share_network['security_services']: if attached_service['type'] == security_service['type']: msg = _("Cannot add security service to share network. " "Security service with '%(ss_type)s' type already " "added to '%(sn_id)s' share network") % { 'ss_type': security_service['type'], 'sn_id': share_network['id']} raise exc.HTTPConflict(explanation=msg) try: share_network = db_api.share_network_add_security_service( context, id, data['security_service_id']) except KeyError: msg = "Malformed request body" raise exc.HTTPBadRequest(explanation=msg) except exception.NotFound as e: raise exc.HTTPNotFound(explanation=six.text_type(e)) except exception.ShareNetworkSecurityServiceAssociationError as e: raise exc.HTTPBadRequest(explanation=six.text_type(e)) return self._view_builder.build_share_network(share_network)
def test_add_security_service_association_error_already_associated(self): security_dict1 = { 'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type' } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) self.assertRaises( exception.ShareNetworkSecurityServiceAssociationError, db_api.share_network_add_security_service, self.fake_context, self.share_nw_dict['id'], security_dict1['id'])
def test_get_with_one_security_service(self): security_dict1 = {'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type'} db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) result = db_api.share_network_get(self.fake_context, self.share_nw_dict['id']) self.assertEqual(len(result['security_services']), 1) self._check_fields(expected=security_dict1, actual=result['security_services'][0])
def test_add_security_service_association_error_already_associated(self): security_dict1 = {'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type'} db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) self.assertRaises( exception.ShareNetworkSecurityServiceAssociationError, db_api.share_network_add_security_service, self.fake_context, self.share_nw_dict['id'], security_dict1['id'])
def test_add_security_service_association_error_already_associated(self): security_dict1 = { "id": "fake security service id1", "project_id": self.fake_context.project_id, "type": "fake type", } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict["id"], security_dict1["id"]) self.assertRaises( exception.ShareNetworkSecurityServiceAssociationError, db_api.share_network_add_security_service, self.fake_context, self.share_nw_dict["id"], security_dict1["id"], )
def test_add_security_service(self): security_dict1 = { "id": "fake security service id1", "project_id": self.fake_context.project_id, "type": "fake type", } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict["id"], security_dict1["id"]) result = ( sqlalchemy_api.model_query(self.fake_context, models.ShareNetworkSecurityServiceAssociation) .filter_by(security_service_id=security_dict1["id"]) .filter_by(share_network_id=self.share_nw_dict["id"]) .first() ) self.assertTrue(result is not None)
def test_get_with_two_security_services(self): security_dict1 = { "id": "fake security service id1", "project_id": self.fake_context.project_id, "type": "fake type", } security_dict2 = { "id": "fake security service id2", "project_id": self.fake_context.project_id, "type": "fake type", } db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.security_service_create(self.fake_context, security_dict2) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict["id"], security_dict1["id"]) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict["id"], security_dict2["id"]) result = db_api.share_network_get(self.fake_context, self.share_nw_dict["id"]) self.assertEqual(len(result["security_services"]), 2)
def test_get_with_two_security_services(self): security_dict1 = {'id': 'fake security service id1', 'project_id': self.fake_context.project_id, 'type': 'fake type'} security_dict2 = {'id': 'fake security service id2', 'project_id': self.fake_context.project_id, 'type': 'fake type'} db_api.share_network_create(self.fake_context, self.share_nw_dict) db_api.security_service_create(self.fake_context, security_dict1) db_api.security_service_create(self.fake_context, security_dict2) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict1['id']) db_api.share_network_add_security_service(self.fake_context, self.share_nw_dict['id'], security_dict2['id']) result = db_api.share_network_get(self.fake_context, self.share_nw_dict['id']) self.assertEqual(len(result['security_services']), 2)
def add_security_service(self, req, id, body): """Associate share network with a given security service.""" context = req.environ['manila.context'] share_network = db_api.share_network_get(context, id) policy.check_policy(context, RESOURCE_NAME, 'add_security_service', target_obj=share_network) try: data = body['add_security_service'] security_service = db_api.security_service_get( context, data['security_service_id']) except KeyError: msg = "Malformed request body" raise exc.HTTPBadRequest(explanation=msg) contain_share_servers = ( self._share_network_subnets_contain_share_servers(share_network)) support_adding_to_in_use_networks = ( req.api_version_request >= api_version.APIVersionRequest("2.63")) if contain_share_servers: if not support_adding_to_in_use_networks: msg = _("Cannot add security services. Share network is used.") raise exc.HTTPForbidden(explanation=msg) try: self.share_api.update_share_network_security_service( context, share_network, security_service) except exception.ServiceIsDown as e: raise exc.HTTPConflict(explanation=e.msg) except exception.InvalidShareNetwork as e: raise exc.HTTPBadRequest(explanation=e.msg) except exception.InvalidSecurityService as e: raise exc.HTTPConflict(explanation=e.msg) try: share_network = db_api.share_network_add_security_service( context, id, data['security_service_id']) except exception.NotFound as e: raise exc.HTTPNotFound(explanation=e.msg) except exception.ShareNetworkSecurityServiceAssociationError as e: raise exc.HTTPBadRequest(explanation=e.msg) return self._view_builder.build_share_network(req, share_network)
def _add_security_service(self, req, id, data): """Associate share network with a given security service.""" context = req.environ["manila.context"] policy.check_policy(context, RESOURCE_NAME, "add_security_service") try: share_network = db_api.share_network_add_security_service(context, id, data["security_service_id"]) except KeyError: msg = "Malformed request body" raise exc.HTTPBadRequest(explanation=msg) except exception.NotFound as e: msg = "%s" % e raise exc.HTTPNotFound(explanation=msg) except exception.ShareNetworkSecurityServiceAssociationError as e: msg = "%s" % e raise exc.HTTPBadRequest(explanation=msg) return self._view_builder.build_share_network(share_network)
def _add_security_service(self, req, id, data): """Associate share network with a given security service.""" context = req.environ['manila.context'] policy.check_policy(context, RESOURCE_NAME, 'add_security_service') share_network = db_api.share_network_get(context, id) if share_network['share_servers']: msg = _("Cannot add security services. Share network is used.") raise exc.HTTPForbidden(explanation=msg) try: share_network = db_api.share_network_add_security_service( context, id, data['security_service_id']) except KeyError: msg = "Malformed request body" raise exc.HTTPBadRequest(explanation=msg) except exception.NotFound as e: msg = "%s" % e raise exc.HTTPNotFound(explanation=msg) except exception.ShareNetworkSecurityServiceAssociationError as e: msg = "%s" % e raise exc.HTTPBadRequest(explanation=msg) return self._view_builder.build_share_network(share_network)