def setUp(self):
super(AgentsPolicyTest, self).setUp()
self.controller = agents.AgentController()
self.req = fakes.HTTPRequest.blank('')
# Check that admin is able to perform the CRUD operation
# on agents.
self.admin_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context]
# Check that non-admin is not able to perform the CRUD operation
# on agents.
self.admin_unauthorized_contexts = [
self.system_member_context, self.system_reader_context,
self.system_foo_context, self.project_member_context,
self.other_project_member_context,
self.project_foo_context, self.project_reader_context
]
# Check that system scoped admin, member and reader are able to
# read the agent data.
# NOTE(gmann): Until old default rule which is admin_api is
# deprecated and not removed, project admin and legacy admin
# will be able to read the agent data. This make sure that existing
# tokens will keep working even we have changed this policy defaults
# to reader role.
self.reader_authorized_contexts = [
self.system_admin_context, self.system_member_context,
self.system_reader_context, self.legacy_admin_context,
self.project_admin_context]
# Check that non-system-reader are not able to read the agent
# data
self.reader_unauthorized_contexts = [
self.system_foo_context, self.other_project_member_context,
self.project_foo_context, self.project_member_context,
self.project_reader_context]
def setUp(self):
super(AgentsPolicyTest, self).setUp()
self.controller = agents.AgentController()
self.req = fakes.HTTPRequest.blank('')
# Check that admin is able to perform the CRUD operation
# on agents.
self.admin_authorized_contexts = [
self.legacy_admin_context, self.system_admin_context,
self.project_admin_context]
# Check that non-admin is not able to perform the CRUD operation
# on agents.
self.admin_unauthorized_contexts = [
self.system_member_context, self.system_reader_context,
self.system_foo_context, self.project_member_context,
self.other_project_member_context,
self.project_foo_context, self.project_reader_context
]
def setUp(self):
super(AgentsDeprecatedPolicyTest, self).setUp()
self.controller = agents.AgentController()
self.admin_req = fakes.HTTPRequest.blank('')
self.admin_req.environ['nova.context'] = self.project_admin_context
self.reader_req = fakes.HTTPRequest.blank('')
self.reader_req.environ['nova.context'] = self.project_reader_context
self.deprecated_policy = "os_compute_api:os-agents"
# Overridde rule with different checks than defaults so that we can
# verify the rule overridden case.
override_rules = {self.deprecated_policy: base_policy.RULE_ADMIN_API}
# NOTE(gmann): Only override the deprecated rule in policy file so
# that we can verify if overridden checks are considered by
# oslo.policy. Oslo.policy will consider the overridden rules if:
# 1. overridden deprecated rule's checks are different than defaults
# 2. new rules are not present in policy file
self.policy = self.useFixture(
policy_fixture.OverridePolicyFixture(rules_in_file=override_rules))
class AgentsTestV21(test.NoDBTestCase):
controller = agents_v21.AgentController()
validation_error = exception.ValidationError
def setUp(self):
super(AgentsTestV21, self).setUp()
self.stub_out("nova.db.agent_build_get_all", fake_agent_build_get_all)
self.stub_out("nova.db.agent_build_update", fake_agent_build_update)
self.stub_out("nova.db.agent_build_destroy", fake_agent_build_destroy)
self.stub_out("nova.db.agent_build_create", fake_agent_build_create)
self.req = self._get_http_request()
def _get_http_request(self):
return fakes.HTTPRequest.blank('')
def test_agents_create(self):
body = {
'agent': {
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
response = {
'agent': {
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545',
'agent_id': 1
}
}
res_dict = self.controller.create(self.req, body=body)
self.assertEqual(res_dict, response)
def _test_agents_create_key_error(self, key):
body = {
'agent': {
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'xxx://xxxx/xxx/xxx',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
body['agent'].pop(key)
self.assertRaises(self.validation_error,
self.controller.create,
self.req,
body=body)
def test_agents_create_without_hypervisor(self):
self._test_agents_create_key_error('hypervisor')
def test_agents_create_without_os(self):
self._test_agents_create_key_error('os')
def test_agents_create_without_architecture(self):
self._test_agents_create_key_error('architecture')
def test_agents_create_without_version(self):
self._test_agents_create_key_error('version')
def test_agents_create_without_url(self):
self._test_agents_create_key_error('url')
def test_agents_create_without_md5hash(self):
self._test_agents_create_key_error('md5hash')
def test_agents_create_with_wrong_type(self):
body = {'agent': None}
self.assertRaises(self.validation_error,
self.controller.create,
self.req,
body=body)
def test_agents_create_with_empty_type(self):
body = {}
self.assertRaises(self.validation_error,
self.controller.create,
self.req,
body=body)
def test_agents_create_with_existed_agent(self):
def fake_agent_build_create_with_exited_agent(context, values):
raise exception.AgentBuildExists(**values)
self.stub_out('nova.db.agent_build_create',
fake_agent_build_create_with_exited_agent)
body = {
'agent': {
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'xxx://xxxx/xxx/xxx',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
self.assertRaises(webob.exc.HTTPConflict,
self.controller.create,
self.req,
body=body)
def _test_agents_create_with_invalid_length(self, key):
body = {
'agent': {
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
body['agent'][key] = 'x' * 256
self.assertRaises(self.validation_error,
self.controller.create,
self.req,
body=body)
def test_agents_create_with_invalid_length_hypervisor(self):
self._test_agents_create_with_invalid_length('hypervisor')
def test_agents_create_with_invalid_length_os(self):
self._test_agents_create_with_invalid_length('os')
def test_agents_create_with_invalid_length_architecture(self):
self._test_agents_create_with_invalid_length('architecture')
def test_agents_create_with_invalid_length_version(self):
self._test_agents_create_with_invalid_length('version')
def test_agents_create_with_invalid_length_url(self):
self._test_agents_create_with_invalid_length('url')
def test_agents_create_with_invalid_length_md5hash(self):
self._test_agents_create_with_invalid_length('md5hash')
def test_agents_delete(self):
self.controller.delete(self.req, 1)
def test_agents_delete_with_id_not_found(self):
with mock.patch.object(db,
'agent_build_destroy',
side_effect=exception.AgentBuildNotFound(id=1)):
self.assertRaises(webob.exc.HTTPNotFound, self.controller.delete,
self.req, 1)
def test_agents_delete_string_id(self):
self.assertRaises(webob.exc.HTTPBadRequest, self.controller.delete,
self.req, 'string_id')
def _test_agents_list(self, query_string=None):
req = fakes.HTTPRequest.blank('',
use_admin_context=True,
query_string=query_string)
res_dict = self.controller.index(req)
agents_list = [
{
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545',
'agent_id': 1
},
{
'hypervisor': 'kvm',
'os': 'linux',
'architecture': 'x86',
'version': '16.0',
'url': 'http://example.com/path/to/resource1',
'md5hash': 'add6bb58e139be103324d04d82d8f546',
'agent_id': 2
},
{
'hypervisor': 'xen',
'os': 'linux',
'architecture': 'x86',
'version': '16.0',
'url': 'http://example.com/path/to/resource2',
'md5hash': 'add6bb58e139be103324d04d82d8f547',
'agent_id': 3
},
{
'hypervisor': 'xen',
'os': 'win',
'architecture': 'power',
'version': '7.0',
'url': 'http://example.com/path/to/resource3',
'md5hash': 'add6bb58e139be103324d04d82d8f548',
'agent_id': 4
},
]
self.assertEqual(res_dict, {'agents': agents_list})
def test_agents_list(self):
self._test_agents_list()
def test_agents_list_with_hypervisor(self):
req = fakes.HTTPRequest.blank('',
use_admin_context=True,
query_string='hypervisor=kvm')
res_dict = self.controller.index(req)
response = [
{
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545',
'agent_id': 1
},
{
'hypervisor': 'kvm',
'os': 'linux',
'architecture': 'x86',
'version': '16.0',
'url': 'http://example.com/path/to/resource1',
'md5hash': 'add6bb58e139be103324d04d82d8f546',
'agent_id': 2
},
]
self.assertEqual(res_dict, {'agents': response})
def test_agents_list_with_multi_hypervisor_filter(self):
query_string = 'hypervisor=xen&hypervisor=kvm'
req = fakes.HTTPRequest.blank('',
use_admin_context=True,
query_string=query_string)
res_dict = self.controller.index(req)
response = [
{
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545',
'agent_id': 1
},
{
'hypervisor': 'kvm',
'os': 'linux',
'architecture': 'x86',
'version': '16.0',
'url': 'http://example.com/path/to/resource1',
'md5hash': 'add6bb58e139be103324d04d82d8f546',
'agent_id': 2
},
]
self.assertEqual(res_dict, {'agents': response})
def test_agents_list_query_allow_negative_int_as_string(self):
req = fakes.HTTPRequest.blank('',
use_admin_context=True,
query_string='hypervisor=-1')
res_dict = self.controller.index(req)
self.assertEqual(res_dict, {'agents': []})
def test_agents_list_query_allow_int_as_string(self):
req = fakes.HTTPRequest.blank('',
use_admin_context=True,
query_string='hypervisor=1')
res_dict = self.controller.index(req)
self.assertEqual(res_dict, {'agents': []})
def test_agents_list_with_unknown_filter(self):
query_string = 'unknown_filter=abc'
self._test_agents_list(query_string=query_string)
def test_agents_list_with_hypervisor_and_additional_filter(self):
req = fakes.HTTPRequest.blank(
'',
use_admin_context=True,
query_string='hypervisor=kvm&additional_filter=abc')
res_dict = self.controller.index(req)
response = [
{
'hypervisor': 'kvm',
'os': 'win',
'architecture': 'x86',
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545',
'agent_id': 1
},
{
'hypervisor': 'kvm',
'os': 'linux',
'architecture': 'x86',
'version': '16.0',
'url': 'http://example.com/path/to/resource1',
'md5hash': 'add6bb58e139be103324d04d82d8f546',
'agent_id': 2
},
]
self.assertEqual(res_dict, {'agents': response})
def test_agents_update(self):
body = {
'para': {
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
response = {
'agent': {
'agent_id': 1,
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
res_dict = self.controller.update(self.req, 1, body=body)
self.assertEqual(res_dict, response)
def _test_agents_update_key_error(self, key):
body = {
'para': {
'version': '7.0',
'url': 'xxx://xxxx/xxx/xxx',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
body['para'].pop(key)
self.assertRaises(self.validation_error,
self.controller.update,
self.req,
1,
body=body)
def test_agents_update_without_version(self):
self._test_agents_update_key_error('version')
def test_agents_update_without_url(self):
self._test_agents_update_key_error('url')
def test_agents_update_without_md5hash(self):
self._test_agents_update_key_error('md5hash')
def test_agents_update_with_wrong_type(self):
body = {'agent': None}
self.assertRaises(self.validation_error,
self.controller.update,
self.req,
1,
body=body)
def test_agents_update_with_empty(self):
body = {}
self.assertRaises(self.validation_error,
self.controller.update,
self.req,
1,
body=body)
def test_agents_update_value_error(self):
body = {
'para': {
'version': '7.0',
'url': 1111,
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
self.assertRaises(self.validation_error,
self.controller.update,
self.req,
1,
body=body)
def test_agents_update_with_string_id(self):
body = {
'para': {
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
self.assertRaises(webob.exc.HTTPBadRequest,
self.controller.update,
self.req,
'string_id',
body=body)
def _test_agents_update_with_invalid_length(self, key):
body = {
'para': {
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
body['para'][key] = 'x' * 256
self.assertRaises(self.validation_error,
self.controller.update,
self.req,
1,
body=body)
def test_agents_update_with_invalid_length_version(self):
self._test_agents_update_with_invalid_length('version')
def test_agents_update_with_invalid_length_url(self):
self._test_agents_update_with_invalid_length('url')
def test_agents_update_with_invalid_length_md5hash(self):
self._test_agents_update_with_invalid_length('md5hash')
def test_agents_update_with_id_not_found(self):
with mock.patch.object(db,
'agent_build_update',
side_effect=exception.AgentBuildNotFound(id=1)):
body = {
'para': {
'version': '7.0',
'url': 'http://example.com/path/to/resource',
'md5hash': 'add6bb58e139be103324d04d82d8f545'
}
}
self.assertRaises(webob.exc.HTTPNotFound,
self.controller.update,
self.req,
1,
body=body)
def setUp(self):
super(AgentsPolicyEnforcementV21, self).setUp()
self.controller = agents_v21.AgentController()
self.req = fakes.HTTPRequest.blank('')
