def setUp(self): super(AgentsPolicyTest, self).setUp() self.controller = agents.AgentController() self.req = fakes.HTTPRequest.blank('') # Check that admin is able to perform the CRUD operation # on agents. self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context] # Check that non-admin is not able to perform the CRUD operation # on agents. self.admin_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.project_member_context, self.other_project_member_context, self.project_foo_context, self.project_reader_context ] # Check that system scoped admin, member and reader are able to # read the agent data. # NOTE(gmann): Until old default rule which is admin_api is # deprecated and not removed, project admin and legacy admin # will be able to read the agent data. This make sure that existing # tokens will keep working even we have changed this policy defaults # to reader role. self.reader_authorized_contexts = [ self.system_admin_context, self.system_member_context, self.system_reader_context, self.legacy_admin_context, self.project_admin_context] # Check that non-system-reader are not able to read the agent # data self.reader_unauthorized_contexts = [ self.system_foo_context, self.other_project_member_context, self.project_foo_context, self.project_member_context, self.project_reader_context]
def setUp(self): super(AgentsPolicyTest, self).setUp() self.controller = agents.AgentController() self.req = fakes.HTTPRequest.blank('') # Check that admin is able to perform the CRUD operation # on agents. self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context] # Check that non-admin is not able to perform the CRUD operation # on agents. self.admin_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.project_member_context, self.other_project_member_context, self.project_foo_context, self.project_reader_context ]
def setUp(self): super(AgentsDeprecatedPolicyTest, self).setUp() self.controller = agents.AgentController() self.admin_req = fakes.HTTPRequest.blank('') self.admin_req.environ['nova.context'] = self.project_admin_context self.reader_req = fakes.HTTPRequest.blank('') self.reader_req.environ['nova.context'] = self.project_reader_context self.deprecated_policy = "os_compute_api:os-agents" # Overridde rule with different checks than defaults so that we can # verify the rule overridden case. override_rules = {self.deprecated_policy: base_policy.RULE_ADMIN_API} # NOTE(gmann): Only override the deprecated rule in policy file so # that we can verify if overridden checks are considered by # oslo.policy. Oslo.policy will consider the overridden rules if: # 1. overridden deprecated rule's checks are different than defaults # 2. new rules are not present in policy file self.policy = self.useFixture( policy_fixture.OverridePolicyFixture(rules_in_file=override_rules))
class AgentsTestV21(test.NoDBTestCase): controller = agents_v21.AgentController() validation_error = exception.ValidationError def setUp(self): super(AgentsTestV21, self).setUp() self.stub_out("nova.db.agent_build_get_all", fake_agent_build_get_all) self.stub_out("nova.db.agent_build_update", fake_agent_build_update) self.stub_out("nova.db.agent_build_destroy", fake_agent_build_destroy) self.stub_out("nova.db.agent_build_create", fake_agent_build_create) self.req = self._get_http_request() def _get_http_request(self): return fakes.HTTPRequest.blank('') def test_agents_create(self): body = { 'agent': { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } response = { 'agent': { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545', 'agent_id': 1 } } res_dict = self.controller.create(self.req, body=body) self.assertEqual(res_dict, response) def _test_agents_create_key_error(self, key): body = { 'agent': { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'xxx://xxxx/xxx/xxx', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } body['agent'].pop(key) self.assertRaises(self.validation_error, self.controller.create, self.req, body=body) def test_agents_create_without_hypervisor(self): self._test_agents_create_key_error('hypervisor') def test_agents_create_without_os(self): self._test_agents_create_key_error('os') def test_agents_create_without_architecture(self): self._test_agents_create_key_error('architecture') def test_agents_create_without_version(self): self._test_agents_create_key_error('version') def test_agents_create_without_url(self): self._test_agents_create_key_error('url') def test_agents_create_without_md5hash(self): self._test_agents_create_key_error('md5hash') def test_agents_create_with_wrong_type(self): body = {'agent': None} self.assertRaises(self.validation_error, self.controller.create, self.req, body=body) def test_agents_create_with_empty_type(self): body = {} self.assertRaises(self.validation_error, self.controller.create, self.req, body=body) def test_agents_create_with_existed_agent(self): def fake_agent_build_create_with_exited_agent(context, values): raise exception.AgentBuildExists(**values) self.stub_out('nova.db.agent_build_create', fake_agent_build_create_with_exited_agent) body = { 'agent': { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'xxx://xxxx/xxx/xxx', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } self.assertRaises(webob.exc.HTTPConflict, self.controller.create, self.req, body=body) def _test_agents_create_with_invalid_length(self, key): body = { 'agent': { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } body['agent'][key] = 'x' * 256 self.assertRaises(self.validation_error, self.controller.create, self.req, body=body) def test_agents_create_with_invalid_length_hypervisor(self): self._test_agents_create_with_invalid_length('hypervisor') def test_agents_create_with_invalid_length_os(self): self._test_agents_create_with_invalid_length('os') def test_agents_create_with_invalid_length_architecture(self): self._test_agents_create_with_invalid_length('architecture') def test_agents_create_with_invalid_length_version(self): self._test_agents_create_with_invalid_length('version') def test_agents_create_with_invalid_length_url(self): self._test_agents_create_with_invalid_length('url') def test_agents_create_with_invalid_length_md5hash(self): self._test_agents_create_with_invalid_length('md5hash') def test_agents_delete(self): self.controller.delete(self.req, 1) def test_agents_delete_with_id_not_found(self): with mock.patch.object(db, 'agent_build_destroy', side_effect=exception.AgentBuildNotFound(id=1)): self.assertRaises(webob.exc.HTTPNotFound, self.controller.delete, self.req, 1) def test_agents_delete_string_id(self): self.assertRaises(webob.exc.HTTPBadRequest, self.controller.delete, self.req, 'string_id') def _test_agents_list(self, query_string=None): req = fakes.HTTPRequest.blank('', use_admin_context=True, query_string=query_string) res_dict = self.controller.index(req) agents_list = [ { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545', 'agent_id': 1 }, { 'hypervisor': 'kvm', 'os': 'linux', 'architecture': 'x86', 'version': '16.0', 'url': 'http://example.com/path/to/resource1', 'md5hash': 'add6bb58e139be103324d04d82d8f546', 'agent_id': 2 }, { 'hypervisor': 'xen', 'os': 'linux', 'architecture': 'x86', 'version': '16.0', 'url': 'http://example.com/path/to/resource2', 'md5hash': 'add6bb58e139be103324d04d82d8f547', 'agent_id': 3 }, { 'hypervisor': 'xen', 'os': 'win', 'architecture': 'power', 'version': '7.0', 'url': 'http://example.com/path/to/resource3', 'md5hash': 'add6bb58e139be103324d04d82d8f548', 'agent_id': 4 }, ] self.assertEqual(res_dict, {'agents': agents_list}) def test_agents_list(self): self._test_agents_list() def test_agents_list_with_hypervisor(self): req = fakes.HTTPRequest.blank('', use_admin_context=True, query_string='hypervisor=kvm') res_dict = self.controller.index(req) response = [ { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545', 'agent_id': 1 }, { 'hypervisor': 'kvm', 'os': 'linux', 'architecture': 'x86', 'version': '16.0', 'url': 'http://example.com/path/to/resource1', 'md5hash': 'add6bb58e139be103324d04d82d8f546', 'agent_id': 2 }, ] self.assertEqual(res_dict, {'agents': response}) def test_agents_list_with_multi_hypervisor_filter(self): query_string = 'hypervisor=xen&hypervisor=kvm' req = fakes.HTTPRequest.blank('', use_admin_context=True, query_string=query_string) res_dict = self.controller.index(req) response = [ { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545', 'agent_id': 1 }, { 'hypervisor': 'kvm', 'os': 'linux', 'architecture': 'x86', 'version': '16.0', 'url': 'http://example.com/path/to/resource1', 'md5hash': 'add6bb58e139be103324d04d82d8f546', 'agent_id': 2 }, ] self.assertEqual(res_dict, {'agents': response}) def test_agents_list_query_allow_negative_int_as_string(self): req = fakes.HTTPRequest.blank('', use_admin_context=True, query_string='hypervisor=-1') res_dict = self.controller.index(req) self.assertEqual(res_dict, {'agents': []}) def test_agents_list_query_allow_int_as_string(self): req = fakes.HTTPRequest.blank('', use_admin_context=True, query_string='hypervisor=1') res_dict = self.controller.index(req) self.assertEqual(res_dict, {'agents': []}) def test_agents_list_with_unknown_filter(self): query_string = 'unknown_filter=abc' self._test_agents_list(query_string=query_string) def test_agents_list_with_hypervisor_and_additional_filter(self): req = fakes.HTTPRequest.blank( '', use_admin_context=True, query_string='hypervisor=kvm&additional_filter=abc') res_dict = self.controller.index(req) response = [ { 'hypervisor': 'kvm', 'os': 'win', 'architecture': 'x86', 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545', 'agent_id': 1 }, { 'hypervisor': 'kvm', 'os': 'linux', 'architecture': 'x86', 'version': '16.0', 'url': 'http://example.com/path/to/resource1', 'md5hash': 'add6bb58e139be103324d04d82d8f546', 'agent_id': 2 }, ] self.assertEqual(res_dict, {'agents': response}) def test_agents_update(self): body = { 'para': { 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } response = { 'agent': { 'agent_id': 1, 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } res_dict = self.controller.update(self.req, 1, body=body) self.assertEqual(res_dict, response) def _test_agents_update_key_error(self, key): body = { 'para': { 'version': '7.0', 'url': 'xxx://xxxx/xxx/xxx', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } body['para'].pop(key) self.assertRaises(self.validation_error, self.controller.update, self.req, 1, body=body) def test_agents_update_without_version(self): self._test_agents_update_key_error('version') def test_agents_update_without_url(self): self._test_agents_update_key_error('url') def test_agents_update_without_md5hash(self): self._test_agents_update_key_error('md5hash') def test_agents_update_with_wrong_type(self): body = {'agent': None} self.assertRaises(self.validation_error, self.controller.update, self.req, 1, body=body) def test_agents_update_with_empty(self): body = {} self.assertRaises(self.validation_error, self.controller.update, self.req, 1, body=body) def test_agents_update_value_error(self): body = { 'para': { 'version': '7.0', 'url': 1111, 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } self.assertRaises(self.validation_error, self.controller.update, self.req, 1, body=body) def test_agents_update_with_string_id(self): body = { 'para': { 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, self.req, 'string_id', body=body) def _test_agents_update_with_invalid_length(self, key): body = { 'para': { 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } body['para'][key] = 'x' * 256 self.assertRaises(self.validation_error, self.controller.update, self.req, 1, body=body) def test_agents_update_with_invalid_length_version(self): self._test_agents_update_with_invalid_length('version') def test_agents_update_with_invalid_length_url(self): self._test_agents_update_with_invalid_length('url') def test_agents_update_with_invalid_length_md5hash(self): self._test_agents_update_with_invalid_length('md5hash') def test_agents_update_with_id_not_found(self): with mock.patch.object(db, 'agent_build_update', side_effect=exception.AgentBuildNotFound(id=1)): body = { 'para': { 'version': '7.0', 'url': 'http://example.com/path/to/resource', 'md5hash': 'add6bb58e139be103324d04d82d8f545' } } self.assertRaises(webob.exc.HTTPNotFound, self.controller.update, self.req, 1, body=body)
def setUp(self): super(AgentsPolicyEnforcementV21, self).setUp() self.controller = agents_v21.AgentController() self.req = fakes.HTTPRequest.blank('')