def test_metadata_show_nonexist_resource(self, mock_enforce):
self._mock_enforce_setup(mock_enforce, 'metadata', True)
res_name = 'wibble'
stack_identity = identifier.HeatIdentifier(self.tenant, 'wordpress',
'1')
res_identity = identifier.ResourceIdentifier(resource_name=res_name,
**stack_identity)
req = self._get(res_identity._tenant_path() + '/metadata')
error = heat_exc.ResourceNotFound(stack_name='a', resource_name='b')
self.m.StubOutWithMock(rpc_client.EngineClient, 'call')
rpc_client.EngineClient.call(req.context, ('describe_stack_resource', {
'stack_identity': stack_identity,
'resource_name': res_name,
'with_attr': None
}),
version='1.2').AndRaise(
tools.to_remote_error(error))
self.m.ReplayAll()
resp = tools.request_with_middleware(
fault.FaultWrapper,
self.controller.metadata,
req,
tenant_id=self.tenant,
stack_name=stack_identity.stack_name,
stack_id=stack_identity.stack_id,
resource_name=res_name)
self.assertEqual(404, resp.json['code'])
self.assertEqual('ResourceNotFound', resp.json['error']['type'])
self.m.VerifyAll()
def metadata_update(self, cnxt, stack_identity, resource_name, metadata):
"""
Update the metadata for the given resource.
"""
s = self._get_stack(cnxt, stack_identity)
stack = parser.Stack.load(cnxt, stack=s)
if resource_name not in stack:
raise exception.ResourceNotFound(resource_name=resource_name,
stack_name=stack.name)
resource = stack[resource_name]
resource.metadata_update(new_metadata=metadata)
# This is not "nice" converting to the stored context here,
# but this happens because the keystone user associated with the
# WaitCondition doesn't have permission to read the secret key of
# the user associated with the cfn-credentials file
user_creds = db_api.user_creds_get(s.user_creds_id)
stack_context = context.RequestContext.from_dict(user_creds)
refresh_stack = parser.Stack.load(stack_context, stack=s)
# Refresh the metadata for all other resources, since we expect
# resource_name to be a WaitCondition resource, and other
# resources may refer to WaitCondition Fn::GetAtt Data, which
# is updated here.
for res in refresh_stack:
if res.name != resource_name and res.id is not None:
res.metadata_update()
return resource.metadata
def test_show_nonexist_resource(self, mock_enforce):
self._mock_enforce_setup(mock_enforce, 'show', True)
res_name = 'Wibble'
stack_identity = identifier.HeatIdentifier(self.tenant,
'wordpress', '1')
res_identity = identifier.ResourceIdentifier(resource_name=res_name,
**stack_identity)
req = self._get(res_identity._tenant_path())
error = heat_exc.ResourceNotFound(stack_name='a', resource_name='b')
mock_call = self.patchobject(rpc_client.EngineClient, 'call',
side_effect=tools.to_remote_error(error))
resp = tools.request_with_middleware(
fault.FaultWrapper,
self.controller.show,
req, tenant_id=self.tenant,
stack_name=stack_identity.stack_name,
stack_id=stack_identity.stack_id,
resource_name=res_name)
self.assertEqual(404, resp.json['code'])
self.assertEqual('ResourceNotFound', resp.json['error']['type'])
mock_call.assert_called_once_with(
req.context,
('describe_stack_resource',
{'stack_identity': stack_identity, 'resource_name': res_name,
'with_attr': None}),
version='1.2'
)
def _get_inner_resource(resource_name):
if self.nested():
try:
return self.nested()[resource_name]
except KeyError:
raise exception.ResourceNotFound(
resource_name=resource_name,
stack_name=self.nested().name)
def handle_create(self):
resources = self.properties['AllowedResources']
# All of the provided resource names must exist in this stack
for resource in resources:
if resource not in self.stack:
logger.error("AccessPolicy resource %s not in stack" %
resource)
raise exception.ResourceNotFound(resource_name=resource,
stack_name=self.stack.name)
def handle_delete(self):
'''
Delete a Rackspace Cloud DB Instance.
'''
logger.debug("CloudDBInstance handle_delete called.")
sqlinstancename = self.properties['InstanceName']
if self.resource_id is None:
logger.debug("resource_id is null and returning without delete.")
raise exception.ResourceNotFound(resource_name=sqlinstancename,
stack_name=self.stack.name)
instances = self.cloud_db().delete(self.resource_id)
self.resource_id = None
def describe_stack_resource(self, cnxt, stack_identity, resource_name):
s = self._get_stack(cnxt, stack_identity)
stack = parser.Stack.load(cnxt, stack=s)
if cfg.CONF.heat_stack_user_role in cnxt.roles:
if not self._authorize_stack_user(cnxt, stack, resource_name):
logger.warning("Access denied to resource %s" % resource_name)
raise exception.Forbidden()
if resource_name not in stack:
raise exception.ResourceNotFound(resource_name=resource_name,
stack_name=stack.name)
resource = stack[resource_name]
if resource.id is None:
raise exception.ResourceNotAvailable(resource_name=resource_name)
return api.format_stack_resource(stack[resource_name])
def resource_signal(self, cnxt, stack_identity, resource_name, details):
s = self._get_stack(cnxt, stack_identity)
# This is not "nice" converting to the stored context here,
# but this happens because the keystone user associated with the
# signal doesn't have permission to read the secret key of
# the user associated with the cfn-credentials file
stack = parser.Stack.load(cnxt, stack=s, use_stored_context=True)
if resource_name not in stack:
raise exception.ResourceNotFound(resource_name=resource_name,
stack_name=stack.name)
resource = stack[resource_name]
if resource.id is None:
raise exception.ResourceNotAvailable(resource_name=resource_name)
if callable(stack[resource_name].signal):
stack[resource_name].signal(details)
