def setUp(self):
super(AdminPasswordPolicyTest, self).setUp()
self.controller = admin_password.AdminPasswordController()
self.req = fakes.HTTPRequest.blank('')
user_id = self.req.environ['nova.context'].user_id
self.rule_name = ap_policies.BASE_POLICY_NAME
self.mock_get = self.useFixture(
fixtures.MockPatch('nova.api.openstack.common.get_instance')).mock
uuid = uuids.fake_id
self.instance = fake_instance.fake_instance_obj(
self.project_member_context,
id=1,
uuid=uuid,
project_id=self.project_id,
user_id=user_id,
vm_state=vm_states.ACTIVE,
task_state=None,
launched_at=timeutils.utcnow())
self.mock_get.return_value = self.instance
# Check that admin or and server owner is able to change the password
self.admin_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context, self.project_member_context,
self.project_reader_context, self.project_foo_context
]
# Check that non-admin is not able to change the password
self.admin_unauthorized_contexts = [
self.system_member_context,
self.system_reader_context,
self.system_foo_context,
self.other_project_member_context,
self.other_project_reader_context,
]
def setUp(self):
super(AdminPasswordPolicyTest, self).setUp()
self.controller = admin_password.AdminPasswordController()
self.req = fakes.HTTPRequest.blank('')
user_id = self.req.environ['nova.context'].user_id
self.rule_name = ap_policies.BASE_POLICY_NAME
self.mock_get = self.useFixture(
fixtures.MockPatch('nova.api.openstack.common.get_instance')).mock
uuid = uuids.fake_id
self.instance = fake_instance.fake_instance_obj(
self.project_member_context,
id=1,
uuid=uuid,
project_id=self.project_id,
user_id=user_id,
vm_state=vm_states.ACTIVE,
task_state=None,
launched_at=timeutils.utcnow())
self.mock_get.return_value = self.instance
# With legacy rule and no scope checks, all admin, project members
# project reader or other project role(because legacy rule allow server
# owner- having same project id and no role check) is able to change
# the password for their server.
self.project_action_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context, self.project_member_context,
self.project_reader_context, self.project_foo_context
]
def setUp(self):
super(AdminPasswordPolicyEnforcementV21, self).setUp()
self.controller = admin_password_v21.AdminPasswordController()
self.req = fakes.HTTPRequest.blank('')
req_context = self.req.environ['nova.context']
def fake_get_instance(self, context, id):
return fake_instance.fake_instance_obj(
req_context,
uuid=id,
project_id=req_context.project_id,
user_id=req_context.user_id)
self.stub_out(
'nova.api.openstack.common.get_instance', fake_get_instance)
def _get_action(self):
return admin_password_v21.AdminPasswordController().change_password
def setUp(self):
super(AdminPasswordPolicyEnforcementV21, self).setUp()
self.controller = admin_password_v21.AdminPasswordController()
self.req = fakes.HTTPRequest.blank('')
