def test_device_count_multiple_auth_sets(self, devices, management_api, device_api): """"Verify that auth sets are properly counted. Take a device, make sure it has 2 auth sets, switch each auth sets between accepted/rejected/pending states """ dev, dauth = devices[0] # pretend device rotates its keys dev.rotate_key() with deviceadm.run_fake_for_device(deviceadm.ANY_DEVICE) as server: device_auth_req(device_api.auth_requests_url, dauth, dev) # should have 2 auth sets now found_dev = management_api.find_device_by_identity(dev.identity) assert len(found_dev.auth_sets) == 2 first_aid, second_aid = found_dev.auth_sets[0].id, found_dev.auth_sets[ 1].id # device [0] has 2 auth sets, but still counts as 1 device TestDevice.verify_device_count(management_api, 'pending', 5) devid = found_dev.id with orchestrator.run_fake_for_device_id( orchestrator.ANY_DEVICE) as server: # accept first auth set management_api.accept_device(devid, first_aid) TestDevice.verify_device_count(management_api, 'pending', 4) TestDevice.verify_device_count(management_api, 'accepted', 1) TestDevice.verify_device_count(management_api, 'rejected', 0) # reject the other management_api.reject_device(devid, second_aid) TestDevice.verify_device_count(management_api, 'pending', 4) TestDevice.verify_device_count(management_api, 'accepted', 1) TestDevice.verify_device_count(management_api, 'rejected', 0) # reject both management_api.reject_device(devid, first_aid) TestDevice.verify_device_count(management_api, 'pending', 4) TestDevice.verify_device_count(management_api, 'accepted', 0) TestDevice.verify_device_count(management_api, 'rejected', 1) # switch the first back to pending, 2nd remains rejected management_api.put_device_status(devid, first_aid, 'pending') TestDevice.verify_device_count(management_api, 'pending', 5) TestDevice.verify_device_count(management_api, 'accepted', 0) TestDevice.verify_device_count(management_api, 'rejected', 0)
def test_check_device_limits( self, clean_db, cli, device_api, management_api, internal_api, test_case ): rsp_q_tadm = asyncio.Queue( maxsize=len(test_case["tenant"]["users"]) + test_case["device_count"] ) rsp_q_wflows = asyncio.Queue( maxsize=len(test_case["tenant"]["users"]) + test_case["device_count"] ) with self.init_service_mocks(wflows_rsp_q=rsp_q_wflows, tadm_rsp_q=rsp_q_tadm): tenant_token = make_fake_tenant_token(test_case["tenant"]["id"]) internal_api.put_max_devices_limit( test_case["tenant"]["id"], test_case["tenant"]["device_limit"] ) for _ in range(test_case["device_count"]): # POST /api/internal/v1/tenantadm/verify rsp_q_tadm.put_nowait( (200, {}, '{"id": "%s", "sub": "user"}' % test_case["tenant"]) ) # POST /api/v1/workflows/update_device_inventory rsp_q_wflows.put_nowait((201, {}, "")) # POST /api/v1/workflows/provision_device rsp_q_wflows.put_nowait((201, {}, "")) dev = Device() da = DevAuthorizer(tenant_token=tenant_token) rsp = device_auth_req(device_api.auth_requests_url, da, dev) assert rsp.status_code == 401 devs = management_api.list_devices( status="pending", Authorization="Bearer " + tenant_token ) for dev in devs: # POST /api/v1/workflows/update_device_status rsp_q_wflows.put_nowait((201, {}, "")) # POST /api/v1/workflows/provision_device rsp_q_wflows.put_nowait((201, {}, "")) management_api.put_device_status( dev["id"], dev["auth_sets"][0]["id"], "accepted", Authorization="Bearer " + tenant_token, ) if test_case["device_count"] >= ( (test_case["tenant"]["device_limit"] * test_case["threshold"] / 100.0) ): # GET /api/management/v1/tenantadm/users usersJSON = json.dumps(test_case["tenant"]["users"]) rsp_q_tadm.put_nowait((200, {}, usersJSON)) usernames = [user["name"] for user in test_case["tenant"]["users"]] # Verify that workflow is started for each user for i in range(len(test_case["tenant"]["users"])): def verify_workflow(handler): assert handler.request.path.endswith("device_limit_email") body_json = json.loads(handler.request.body.decode("utf-8")) assert body_json["to"] in usernames usernames.remove(body_json["to"]) handler.set_status(201) # POST /api/v1/workflows/device_limit_email rsp_q_wflows.put_nowait(verify_workflow) code, stdout, stderr = cli.check_device_limits() assert code == 0 # All pushed mock responses should be consumed at this point. assert ( rsp_q_tadm.empty() ), "TenantAdm mock responses not consumed as expected" assert ( rsp_q_wflows.empty() ), "Workflows mock responses not consumed as expected"