def test_reset_quotas_other_project(self):
LOG.info("Using 'alt' project id to set quotas on.")
project_id = self.alt_client.tenant_id
self._store_quotas(project_id=project_id)
LOG.info("Resetting quotas to default for %s ", project_id)
self.admin_client.delete_quotas(
project_id=project_id,
headers=self.all_projects_header)
default_quotas = self.admin_client.show_quotas(
project_id=project_id,
headers=self.all_projects_header)[1]
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
self.admin_client.update_quotas(
project_id=project_id,
headers=self.all_projects_header,
**request)
self.admin_client.delete_quotas(
project_id=project_id,
headers=self.all_projects_header)
final_quotas = self.admin_client.show_quotas(
project_id=project_id,
headers=self.all_projects_header)[1]
self.assertExpected(default_quotas, final_quotas, [])
def test_reset_quotas_other_project(self):
# Use a fake project for this
project_id = '21e45d30-dbc1-4173-9d6b-9b6813ef514b'
_, original_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
_, body = self.admin_client.update_quotas(**request)
self.addCleanup(self.admin_client.delete_quotas, project_id=project_id)
self.admin_client.delete_quotas(
project_id=project_id,
headers={'X-Auth-All-Projects': True})
_, final_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
self.assertExpected(original_quotas, final_quotas, [])
def test_reset_quotas_other_project(self):
LOG.info("Using 'alt' project id to set quotas on.")
project_id = self.alt_client.tenant_id
self._store_quotas(project_id=project_id)
LOG.info("Resetting quotas to default for %s ", project_id)
self.admin_client.delete_quotas(
project_id=project_id,
headers={'X-Auth-All-Projects': True})
_, default_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
_, body = self.admin_client.update_quotas(**request)
self.admin_client.delete_quotas(
project_id=project_id,
headers={'X-Auth-All-Projects': True})
_, final_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
self.assertExpected(default_quotas, final_quotas, [])
def test_update_quotas(self):
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
_, body = self.admin_client.update_quotas(**quotas['quota'])
self.addCleanup(self.admin_client.delete_quotas)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas['quota'], body['quota'], self.excluded_keys)
def test_update_quotas(self):
self._store_quotas()
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
_, body = self.admin_client.update_quotas(**quotas)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
def test_update_quotas(self):
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
_, body = self.admin_client.update_quotas(**quotas)
self.addCleanup(self.admin_client.delete_quotas)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
def test_update_quotas(self):
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
_, body = self.admin_client.update_quotas(
project_id=self.quotas_client.project_id, **quotas)
self.addCleanup(self.admin_client.delete_quotas,
project_id=self.quotas_client.project_id)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body['quota'], self.excluded_keys)
def test_show_quotas(self):
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
_, body = self.admin_client.update_quotas(**quotas['quota'])
self.addCleanup(self.admin_client.delete_quotas)
LOG.info("Fetching quotas")
_, body = self.admin_client.show_quotas()
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas['quota'], body['quota'], self.excluded_keys)
def test_admin_sets_invalid_quota_values(self):
primary_project_id = self.quotas_client.project_id
for item in quotas_types:
quota = dns_data_utils.rand_quotas()
quota[item] = data_utils.rand_name()
self.assertRaises(
lib_exc.BadRequest, self.admin_client.set_quotas,
project_id=primary_project_id,
quotas=quota,
headers=self.all_projects_header)
def test_admin_sets_not_existing_quota_type(self):
LOG.info('Try to set quota using not existing quota type in its body')
primary_project_id = self.quotas_client.project_id
quota = dns_data_utils.rand_quotas()
quota[data_utils.rand_name()] = 777
with self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400):
self.admin_client.set_quotas(
project_id=primary_project_id,
quotas=quota, headers=self.all_projects_header)
def test_primary_fails_to_set_quota(self):
primary_project_id = self.quotas_client.project_id
LOG.info('Try to set quota as Primary user')
self.assertRaises(
lib_exc.Forbidden, self.quotas_client.set_quotas,
project_id=primary_project_id,
quotas=dns_data_utils.rand_quotas())
LOG.info('Try to set quota as Primary user using '
'"x-auth-sudo-project-id" HTTP header')
self.assertRaises(
lib_exc.Forbidden, self.quotas_client.set_quotas,
project_id=self.quotas_client.project_id,
quotas=dns_data_utils.rand_quotas(),
headers={'x-auth-sudo-project-id': primary_project_id})
LOG.info('Try to set quota as Primary user using '
'"x-auth-all-projects" HTTP header')
self.assertRaises(
lib_exc.Forbidden, self.quotas_client.set_quotas,
project_id=self.quotas_client.project_id,
quotas=dns_data_utils.rand_quotas(),
headers=self.all_projects_header)
def update_quotas(self,
zones=None,
zone_records=None,
zone_recordsets=None,
recordset_records=None,
api_export_size=None,
project_id=None,
params=None,
headers=None):
"""Update the quotas for the project id
:param zones: The limit on zones per tenant
Default: Random Value
:param zone_records: The limit on records per zone
Default: Random Value
:param zone_recordsets: The limit recordsets per zone
Default: Random Value
:param recordset_records: The limit on records per recordset
Default: Random Value
:param api_export_size: The limit on size of on exported zone
Default: Random Value
:param project_id: Apply the quotas to this project id
Default: The project id of this client
:param params: A Python dict that represents the query paramaters to
include in the request URI.
:param headers (dict): The headers to use for the request.
:return: A tuple with the server response and the created quota.
"""
project_id = project_id or self.tenant_id
quotas = dns_data_utils.rand_quotas(
zones=zones,
zone_records=zone_records,
zone_recordsets=zone_recordsets,
recordset_records=recordset_records,
api_export_size=api_export_size,
)
resp, body = self._update_request('quotas',
project_id,
quotas,
params=params,
headers=headers,
extra_headers=True)
self.expected_success(200, resp.status)
return resp, body
def test_update_quotas_other_project(self):
project_id = self.quotas_client.tenant_id
self._store_quotas(project_id=project_id)
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
_, body = self.admin_client.update_quotas(**request)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
_, client_body = self.quotas_client.show_quotas()
self.assertExpected(quotas, client_body, [])
def test_update_quotas(self):
self._store_quotas(project_id=self.quotas_client.project_id)
LOG.info("Updating quotas")
quotas = dns_data_utils.rand_quotas()
body = self.admin_client.update_quotas(
project_id=self.quotas_client.project_id,
**quotas, headers=self.all_projects_header)[1]
expected_allowed = ['os_admin']
if CONF.dns_feature_enabled.enforce_new_defaults:
expected_allowed.extend(['os_system_admin'])
self.check_CUD_RBAC_enforcement(
'QuotasClient', 'update_quotas', expected_allowed, False,
project_id=self.quotas_client.project_id,
**quotas, headers=self.all_projects_header)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
def test_update_quotas_other_project(self):
project_id = self.quotas_client.tenant_id
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
_, body = self.admin_client.update_quotas(**request)
self.addCleanup(self.admin_client.delete_quotas, project_id=project_id)
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
_, client_body = self.quotas_client.show_quotas()
self.assertExpected(quotas, client_body, [])
def test_update_quotas_other_project(self):
project_id = self.quotas_client.project_id
self._store_quotas(project_id=project_id)
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
body = self.admin_client.update_quotas(
project_id=project_id,
headers=self.all_projects_header,
**request)[1]
LOG.info("Ensuring the response has all quota types")
self.assertExpected(quotas, body, [])
client_body = self.quotas_client.show_quotas(project_id=project_id)[1]
self.assertExpected(quotas, client_body, [])
def test_admin_sets_quota_for_a_project(self):
primary_project_id = self.quotas_client.project_id
http_headers_to_use = [self.all_projects_header,
{'x-auth-sudo-project-id': primary_project_id}]
for http_header in http_headers_to_use:
LOG.info('As Admin user set Zones quota for a Primary user and {} '
'HTTP header'.format(http_header))
quotas = dns_data_utils.rand_quotas()
self.admin_client.set_quotas(
project_id=primary_project_id,
quotas=quotas, headers=http_header)
self.addCleanup(self.admin_client.delete_quotas,
project_id=primary_project_id)
LOG.info("As Admin fetch the quotas for a Primary user")
body = self.admin_client.show_quotas(
project_id=primary_project_id, headers=http_header)[1]
LOG.info('Ensuring that the "set" and "shown" quotas are same')
self.assertExpected(quotas, body, [])
def update_quotas(self, zones=None, zone_records=None,
zone_recordsets=None, recordset_records=None,
api_export_size=None, project_id=None, params=None,
headers=None):
"""Update the quotas for the project id
:param zones: The limit on zones per tenant
Default: Random Value
:param zone_records: The limit on records per zone
Default: Random Value
:param zone_recordsets: The limit recordsets per zone
Default: Random Value
:param recordset_records: The limit on records per recordset
Default: Random Value
:param api_export_size: The limit on size of on exported zone
Default: Random Value
:param project_id: Apply the quotas to this project id
Default: The project id of this client
:param params: A Python dict that represents the query paramaters to
include in the request URI.
:param headers (dict): The headers to use for the request.
:return: A tuple with the server response and the created quota.
"""
project_id = project_id or self.tenant_id
quotas = dns_data_utils.rand_quotas(
zones=zones,
zone_records=zone_records,
zone_recordsets=zone_recordsets,
recordset_records=recordset_records,
api_export_size=api_export_size,
)
resp, body = self._update_request('quotas', project_id, quotas,
params=params, headers=headers,
extra_headers=True)
self.expected_success(200, resp.status)
return resp, body
def test_update_quotas_invalid_project(self):
if not CONF.dns_feature_enabled.api_v2_quotas_verify_project:
raise self.skipException("Project ID in quotas "
"is not being verified.")
project_id = 'project-that-does-not-exist'
original_quotas = self._store_quotas(project_id=project_id,
cleanup=False)
LOG.info("Updating quotas for non-existing %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
with self.assertRaisesDns(lib_exc.BadRequest, 'invalid_project', 400):
self.admin_client.update_quotas(**request)
_, client_body = self.quotas_client.show_quotas()
self.assertExpected(original_quotas, client_body, [])
def test_update_quotas_invalid_project(self):
if not CONF.dns_feature_enabled.api_v2_quotas_verify_project:
raise self.skipException("Project ID in quotas "
"is not being verified.")
original_quotas = self.quotas_client.show_quotas(
project_id=self.quotas_client.project_id)[1]
project_id = 'project-that-does-not-exist'
LOG.info("Updating quotas for non-existing %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
with self.assertRaisesDns(lib_exc.BadRequest, 'invalid_project', 400):
self.admin_client.update_quotas(
project_id=project_id,
headers=self.all_projects_header,
**request)
LOG.info("Make sure that the quotas weren't changed")
client_body = self.quotas_client.show_quotas(
project_id=self.quotas_client.project_id)[1]
self.assertExpected(original_quotas, client_body, [])
def test_alt_reaches_zones_quota(self):
alt_project_id = self.alt_client.project_id
http_header = {'x-auth-sudo-project-id': alt_project_id}
limit_zones_quota = 3
LOG.info('As Admin user set Zones quota for Alt user '
'to:{} '.format(limit_zones_quota))
quotas = dns_data_utils.rand_quotas()
quotas['zones'] = limit_zones_quota
self.admin_client.set_quotas(project_id=alt_project_id,
quotas=quotas,
headers=http_header)
self.addCleanup(self.admin_client.delete_quotas,
project_id=alt_project_id)
LOG.info('As Alt user try to create zones, up untill'
' "zones" quota (status code 413) is reached')
attempt_number = 0
while attempt_number <= limit_zones_quota + 1:
attempt_number += 1
LOG.info('Attempt No:{} '.format(attempt_number))
try:
zone_name = dns_data_utils.rand_zone_name(
name="alt_reaches_zones_quota", suffix=self.tld_name)
zone = self.alt_zone_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.alt_zone_client,
zone['id'])
except Exception as err:
raised_error = str(err).replace(' ', '')
if not "'code':413" and "'type':'over_quota'" in raised_error \
and attempt_number == limit_zones_quota + 1:
raise (
"Failed, expected status code 413 (type:over_quota) "
"was not raised or maybe it has been raised mistakenly"
"(bug) before the quota was actually reached."
" Test failed with: {} ".format(err))
def test_reset_quotas_other_project(self):
LOG.info("Using 'alt' project id to set quotas on.")
project_id = self.alt_client.tenant_id
_, original_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
LOG.info("Updating quotas for %s ", project_id)
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
_, body = self.admin_client.update_quotas(**request)
self.addCleanup(self.admin_client.delete_quotas, project_id=project_id)
self.admin_client.delete_quotas(project_id=project_id,
headers={'X-Auth-All-Projects': True})
_, final_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
self.assertExpected(original_quotas, final_quotas, [])
def test_update_quotas_invalid_project(self):
if not CONF.dns_feature_enabled.api_v2_quotas_verify_project:
raise self.skipException("Project ID in quotas "
"is not being verified.")
project_id = 'project-that-does-not-exist'
LOG.info("Updating quotas for non-existing %s ", project_id)
_, original_quotas = self.admin_client.show_quotas(
project_id=project_id, headers={'X-Auth-All-Projects': True})
quotas = dns_data_utils.rand_quotas()
request = quotas.copy()
request['project_id'] = project_id
request['headers'] = {'X-Auth-All-Projects': True}
with self.assertRaisesDns(lib_exc.BadRequest, 'invalid_project', 400):
self.admin_client.update_quotas(**request)
self.addCleanup(self.admin_client.delete_quotas, project_id=project_id)
_, client_body = self.quotas_client.show_quotas()
self.assertExpected(original_quotas, client_body, [])
