def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
access_key='listGroupAccessKey',
secret_key='listGroupSecretKey')
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'supportUserAccessKey',
'supportUserSecretKey')
def test_request_fails_when_user_account_is_locked():
"""
Test request fails with Forbidden (403) when user account is locked
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"lockedAccessKey", "lockedSecretKey")
client.list_batch_change_summaries(status=403)
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
access_key='listGroupAccessKey',
secret_key='listGroupSecretKey')
self.tear_down(
) # ensures that the environment is clean before starting
try:
for runner in range(0, 50):
new_group = {
'name': "test-list-my-groups-{0:0>3}".format(runner),
'email': '*****@*****.**',
'members': [{
'id': 'list-group-user'
}],
'admins': [{
'id': 'list-group-user'
}]
}
self.client.create_group(new_group, status=200)
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
class ListGroupsTestContext(object):
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
access_key='listGroupAccessKey',
secret_key='listGroupSecretKey')
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, 'supportUserAccessKey',
'supportUserSecretKey')
def build(self):
try:
for runner in range(0, 50):
new_group = {
'name': "test-list-my-groups-{0:0>3}".format(runner),
'email': '*****@*****.**',
'members': [{
'id': 'list-group-user'
}],
'admins': [{
'id': 'list-group-user'
}]
}
self.client.create_group(new_group, status=200)
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
def tear_down(self):
clear_zones(self.client)
clear_groups(self.client)
def test_request_succeeds_when_user_is_found_and_not_locked():
"""
Test request success with Success (200) when user account is found and not locked
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, "okAccessKey",
"okSecretKey")
client.list_batch_change_summaries(status=200)
def test_request_fails_when_user_is_not_found():
"""
Test request fails with Unauthorized (401) when user account is not found
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"unknownAccessKey", "anyAccessSecretKey")
client.list_batch_change_summaries(status=401)
def __init__(self, partition_id: str):
self.to_delete: set = set()
self.completed_changes: list = []
self.setup_started = False
self.partition_id = partition_id
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"listBatchSummariesAccessKey",
"listBatchSummariesSecretKey")
def test_list_batch_change_summaries_with_list_batch_change_summaries_with_no_changes_passes():
"""
Test successfully getting an empty list of summaries when user has no batch changes
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, "listZeroSummariesAccessKey", "listZeroSummariesSecretKey")
batch_change_summaries_result = client.list_batch_change_summaries(status=200)["batchChanges"]
assert_that(batch_change_summaries_result, has_length(0))
def test_request_fails_when_accessing_non_existent_route():
"""
Test request fails with NotFound (404) when route cannot be resolved, regardless of authentication
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"unknownAccessKey", "anyAccessSecretKey")
url = urljoin(VinylDNSTestContext.vinyldns_url, "/no-existo")
_, data = client.make_request(url, "GET", client.headers, status=404)
assert_that(data, is_("The requested path [/no-existo] does not exist."))
def __init__(self, partition_id: str):
self.partition_id = partition_id
self.setup_started = False
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"listGroupAccessKey",
"listGroupSecretKey")
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "supportUserAccessKey",
"supportUserSecretKey")
self.group_prefix = f"test-list-my-groups{partition_id}"
def test_request_fails_with_unsupported_http_method_for_route():
"""
Test request fails with MethodNotAllowed (405) when HTTP Method is not supported for specified route
"""
client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"unknownAccessKey", "anyAccessSecretKey")
url = urljoin(VinylDNSTestContext.vinyldns_url, "/zones")
_, data = client.make_request(url, "PUT", client.headers, status=405)
assert_that(data,
is_("HTTP method not allowed, supported methods: GET, POST"))
def __init__(self, shared_zone_test_context):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listBatchSummariesAccessKey',
'listBatchSummariesSecretKey')
acl_rule = generate_acl_rule('Write', userId='list-batch-summaries-id')
add_ok_acl_rules(shared_zone_test_context, [acl_rule])
initial_db_check = self.client.list_batch_change_summaries(status=200)
batch_change_input_one = {
"comments": "first",
"changes": [get_change_CNAME_json("test-first.ok.", cname="one.")]
}
batch_change_input_two = {
"comments": "second",
"changes":
[get_change_CNAME_json("test-second.ok.", cname="two.")]
}
batch_change_input_three = {
"comments": "last",
"changes":
[get_change_CNAME_json("test-last.ok.", cname="three.")]
}
batch_change_inputs = [
batch_change_input_one, batch_change_input_two,
batch_change_input_three
]
record_set_list = []
self.completed_changes = []
if len(initial_db_check['batchChanges']) == 0:
# make some batch changes
for input in batch_change_inputs:
change = self.client.create_batch_change(input, status=202)
completed = self.client.wait_until_batch_change_completed(
change)
assert_that(completed["comments"], equal_to(input["comments"]))
record_set_list += [(change['zoneId'], change['recordSetId'])
for change in completed['changes']]
# sleep for consistent ordering of timestamps, must be at least one second apart
time.sleep(1)
self.completed_changes = self.client.list_batch_change_summaries(
status=200)['batchChanges']
assert_that(len(self.completed_changes), equal_to(3))
else:
self.completed_changes = initial_db_check['batchChanges']
self.to_delete = set(record_set_list)
def __init__(self, partition_id):
self.partition_id = partition_id
self.setup_started = False
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"listZonesAccessKey",
"listZonesSecretKey")
self.search_zone1 = None
self.search_zone2 = None
self.search_zone3 = None
self.non_search_zone1 = None
self.non_search_zone2 = None
self.list_zones_group = None
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'listRecordsAccessKey', 'listRecordsSecretKey')
self.zone = None
self.all_records = []
self.group = None
get_zone = self.client.get_zone_by_name('list-records.', status=(200, 404))
if get_zone and 'zone' in get_zone:
self.zone = get_zone['zone']
self.all_records = self.client.list_recordsets_by_zone(self.zone['id'])['recordSets']
my_groups = self.client.list_my_groups(group_name_filter='list-records-group')
if my_groups and 'groups' in my_groups and len(my_groups['groups']) > 0:
self.group = my_groups['groups'][0]
def __init__(self, partition_id: str):
self.partition_id = partition_id
self.setup_started = False
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"listRecordsAccessKey",
"listRecordsSecretKey")
self.zone = None
self.all_records = []
self.group = None
get_zone = self.client.get_zone_by_name(f"list-records{partition_id}.",
status=(200, 404))
if get_zone and "zone" in get_zone:
self.zone = get_zone["zone"]
self.all_records = self.client.list_recordsets_by_zone(
self.zone["id"])["recordSets"]
my_groups = self.client.list_my_groups(
group_name_filter="list-records-group")
if my_groups and "groups" in my_groups and len(
my_groups["groups"]) > 0:
self.group = my_groups["groups"][0]
class ListRecordSetsTestContext(object):
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'listRecordsAccessKey', 'listRecordsSecretKey')
self.zone = None
self.all_records = []
self.group = None
get_zone = self.client.get_zone_by_name('list-records.', status=(200, 404))
if get_zone and 'zone' in get_zone:
self.zone = get_zone['zone']
self.all_records = self.client.list_recordsets_by_zone(self.zone['id'])['recordSets']
my_groups = self.client.list_my_groups(group_name_filter='list-records-group')
if my_groups and 'groups' in my_groups and len(my_groups['groups']) > 0:
self.group = my_groups['groups'][0]
def build(self):
# Only call this if the context needs to be built
self.tear_down()
group = {
'name': 'list-records-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{'id': 'list-records-user'}],
'admins': [{'id': 'list-records-user'}]
}
self.group = self.client.create_group(group, status=200)
zone_change = self.client.create_zone(
{
'name': 'list-records.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.group['id'],
'isTest': True,
'backendId': 'func-test-backend'
}, status=202)
self.client.wait_until_zone_active(zone_change[u'zone'][u'id'])
self.zone = zone_change[u'zone']
self.all_records = self.client.list_recordsets_by_zone(self.zone['id'])['recordSets']
def tear_down(self):
clear_zones(self.client)
clear_groups(self.client)
def check_recordsets_page_accuracy(self, list_results_page, size, offset, nextId=False, startFrom=False, maxItems=100, recordTypeFilter=False, nameSort="ASC"):
# validate fields
if nextId:
assert_that(list_results_page, has_key('nextId'))
else:
assert_that(list_results_page, is_not(has_key('nextId')))
if startFrom:
assert_that(list_results_page['startFrom'], is_(startFrom))
else:
assert_that(list_results_page, is_not(has_key('startFrom')))
if recordTypeFilter:
assert_that(list_results_page, has_key('recordTypeFilter'))
else:
assert_that(list_results_page, is_not(has_key('recordTypeFilter')))
assert_that(list_results_page['maxItems'], is_(maxItems))
assert_that(list_results_page['nameSort'], is_(nameSort))
# validate actual page
list_results_recordsets_page = list_results_page['recordSets']
assert_that(list_results_recordsets_page, has_length(size))
for i in range(len(list_results_recordsets_page)):
assert_that(list_results_recordsets_page[i]['name'], is_(self.all_records[i+offset]['name']))
verify_recordset(list_results_recordsets_page[i], self.all_records[i+offset])
assert_that(list_results_recordsets_page[i]['accessLevel'], is_('Delete'))
def check_recordsets_parameters(self, list_results_page, nextId=False, startFrom=False, maxItems=100, recordTypeFilter=False, nameSort="ASC"):
# validate fields
if nextId:
assert_that(list_results_page, has_key('nextId'))
else:
assert_that(list_results_page, is_not(has_key('nextId')))
if startFrom:
assert_that(list_results_page['startFrom'], is_(startFrom))
else:
assert_that(list_results_page, is_not(has_key('startFrom')))
if recordTypeFilter:
assert_that(list_results_page, has_key('recordTypeFilter'))
else:
assert_that(list_results_page, is_not(has_key('recordTypeFilter')))
assert_that(list_results_page['maxItems'], is_(maxItems))
assert_that(list_results_page['nameSort'], is_(nameSort))
class SharedZoneTestContext(object):
"""
Creates multiple zones to test authorization / access to shared zones across users
"""
def __init__(self):
self.ok_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'okAccessKey', 'okSecretKey')
self.dummy_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'dummyAccessKey', 'dummySecretKey')
self.shared_zone_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'sharedZoneUserAccessKey', 'sharedZoneUserSecretKey')
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.tear_down() # ensures that the environment is clean before starting
try:
ok_group = {
'name': 'ok-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'ok'} ],
'admins': [ { 'id': 'ok'} ]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client, self.ok_group)
dummy_group = {
'name': 'dummy-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'dummy'} ],
'admins': [ { 'id': 'dummy'} ]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(dummy_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client, self.dummy_group)
shared_record_group = {
'name': 'record-ownergroup',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ],
'admins': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(shared_record_group, status=200)
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'ok.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.ok_zone = ok_zone_change['zone']
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
'name': 'dummy.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.dummy_group['id'],
'isTest': True,
'connection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.dummy_zone = dummy_zone_change['zone']
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip6_reverse_zone = ip6_reverse_zone_change['zone']
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '30.172.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip4_reverse_zone = ip4_reverse_zone_change['zone']
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_base_zone = classless_base_zone_change['zone']
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
'name': '192/30.2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_zone_delegation_zone = classless_zone_delegation_change['zone']
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'system-test.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.system_test_zone = system_test_zone_change['zone']
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'parent.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'acl': {
'rules': [
{
'accessLevel': 'Delete',
'description': 'some_test_rule',
'userId': 'dummy'
}
]
},
'connection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.parent_zone = parent_zone_change['zone']
shared_zone_change = self.set_up_shared_zone('shared-zone')
self.shared_zone = shared_zone_change['zone']
non_test_shared_zone_change = self.set_up_shared_zone('non-test-shared-zone')
self.non_test_shared_zone = non_test_shared_zone_change['zone']
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ok_zone_change)
self.dummy_vinyldns_client.wait_until_zone_exists(dummy_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip6_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip4_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_base_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_zone_delegation_change)
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(parent_zone_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_zone_change)
shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_zone_change)
non_test_shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.non_test_shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_sync_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_sync_change)
# validate all in there
zones = self.dummy_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
zones = self.ok_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(7))
zones = self.shared_zone_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
def set_up_shared_zone(self, zone_id):
# shared zones are created through test data loader, but needs connection info added here to use
get_shared_zone = self.shared_zone_vinyldns_client.get_zone(zone_id)
shared_zone = get_shared_zone['zone']
connection_info = {
'name': 'shared.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
shared_zone['connection'] = connection_info
shared_zone['transferConnection'] = connection_info
return self.shared_zone_vinyldns_client.update_zone(shared_zone, status=202)
def tear_down(self):
"""
The ok_vinyldns_client is a zone admin on _all_ the zones.
We shouldn't have to do any checks now, as zone admins have full rights to all zones, including
deleting all records (even in the old shared model)
"""
clear_zones(self.dummy_vinyldns_client)
clear_zones(self.ok_vinyldns_client)
clear_groups(self.dummy_vinyldns_client)
clear_groups(self.ok_vinyldns_client)
def confirm_member_in_group(self, client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))
def __init__(self):
self.ok_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'okAccessKey', 'okSecretKey')
self.dummy_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'dummyAccessKey', 'dummySecretKey')
self.shared_zone_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'sharedZoneUserAccessKey', 'sharedZoneUserSecretKey')
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.tear_down() # ensures that the environment is clean before starting
try:
ok_group = {
'name': 'ok-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'ok'} ],
'admins': [ { 'id': 'ok'} ]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client, self.ok_group)
dummy_group = {
'name': 'dummy-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'dummy'} ],
'admins': [ { 'id': 'dummy'} ]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(dummy_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client, self.dummy_group)
shared_record_group = {
'name': 'record-ownergroup',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ],
'admins': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(shared_record_group, status=200)
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'ok.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.ok_zone = ok_zone_change['zone']
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
'name': 'dummy.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.dummy_group['id'],
'isTest': True,
'connection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.dummy_zone = dummy_zone_change['zone']
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip6_reverse_zone = ip6_reverse_zone_change['zone']
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '30.172.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip4_reverse_zone = ip4_reverse_zone_change['zone']
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_base_zone = classless_base_zone_change['zone']
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
'name': '192/30.2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_zone_delegation_zone = classless_zone_delegation_change['zone']
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'system-test.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.system_test_zone = system_test_zone_change['zone']
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'parent.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'acl': {
'rules': [
{
'accessLevel': 'Delete',
'description': 'some_test_rule',
'userId': 'dummy'
}
]
},
'connection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.parent_zone = parent_zone_change['zone']
shared_zone_change = self.set_up_shared_zone('shared-zone')
self.shared_zone = shared_zone_change['zone']
non_test_shared_zone_change = self.set_up_shared_zone('non-test-shared-zone')
self.non_test_shared_zone = non_test_shared_zone_change['zone']
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ok_zone_change)
self.dummy_vinyldns_client.wait_until_zone_exists(dummy_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip6_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(ip4_reverse_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_base_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(classless_zone_delegation_change)
self.ok_vinyldns_client.wait_until_zone_exists(system_test_zone_change)
self.ok_vinyldns_client.wait_until_zone_exists(parent_zone_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_zone_change)
shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_zone_change)
non_test_shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.non_test_shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_sync_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_sync_change)
# validate all in there
zones = self.dummy_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
zones = self.ok_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(7))
zones = self.shared_zone_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
class ListZonesTestContext(object):
def __init__(self, partition_id):
self.partition_id = partition_id
self.setup_started = False
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"listZonesAccessKey",
"listZonesSecretKey")
self.search_zone1 = None
self.search_zone2 = None
self.search_zone3 = None
self.non_search_zone1 = None
self.non_search_zone2 = None
self.list_zones_group = None
def setup(self):
if self.setup_started:
# Safeguard against reentrance
return
self.setup_started = True
partition_id = self.partition_id
group = {
"name": f"list-zones-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "list-zones-user"
}],
"admins": [{
"id": "list-zones-user"
}]
}
self.list_zones_group = self.client.create_group(group, status=200)
search_zone_1_change = self.client.create_zone(
{
"name": f"list-zones-test-searched-1{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.list_zones_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.search_zone1 = search_zone_1_change["zone"]
search_zone_2_change = self.client.create_zone(
{
"name": f"list-zones-test-searched-2{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.list_zones_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.search_zone2 = search_zone_2_change["zone"]
search_zone_3_change = self.client.create_zone(
{
"name": f"list-zones-test-searched-3{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.list_zones_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.search_zone3 = search_zone_3_change["zone"]
non_search_zone_1_change = self.client.create_zone(
{
"name": f"list-zones-test-unfiltered-1{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.list_zones_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.non_search_zone1 = non_search_zone_1_change["zone"]
non_search_zone_2_change = self.client.create_zone(
{
"name": f"list-zones-test-unfiltered-2{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.list_zones_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.non_search_zone2 = non_search_zone_2_change["zone"]
zone_changes = [
search_zone_1_change, search_zone_2_change, search_zone_3_change,
non_search_zone_1_change, non_search_zone_2_change
]
for change in zone_changes:
self.client.wait_until_zone_active(change["zone"]["id"])
def tear_down(self):
self.client.clear_zones()
self.client.clear_groups()
self.client.tear_down()
def __init__(self, shared_zone_test_context):
# Note: this fixture is designed so it will load summaries instead of creating them
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listBatchSummariesAccessKey',
'listBatchSummariesSecretKey')
self.completed_changes = []
self.to_delete = None
acl_rule = generate_acl_rule('Write', userId='list-batch-summaries-id')
add_ok_acl_rules(shared_zone_test_context, [acl_rule])
initial_db_check = self.client.list_batch_change_summaries(status=200)
self.group = self.client.get_group('list-summaries-group', status=200)
batch_change_input_one = {
"comments": "first",
"changes": [get_change_CNAME_json("test-first.ok.", cname="one.")]
}
batch_change_input_two = {
"comments": "second",
"changes":
[get_change_CNAME_json("test-second.ok.", cname="two.")]
}
batch_change_input_three = {
"comments": "last",
"changes":
[get_change_CNAME_json("test-last.ok.", cname="three.")]
}
batch_change_inputs = [
batch_change_input_one, batch_change_input_two,
batch_change_input_three
]
record_set_list = []
self.completed_changes = []
if len(initial_db_check['batchChanges']) == 0:
print "\r\n!!! CREATING NEW SUMMARIES"
# make some batch changes
for input in batch_change_inputs:
change = self.client.create_batch_change(input, status=202)
if 'Review' not in change['status']:
completed = self.client.wait_until_batch_change_completed(
change)
assert_that(completed["comments"],
equal_to(input["comments"]))
record_set_list += [(change['zoneId'],
change['recordSetId'])
for change in completed['changes']]
# sleep for consistent ordering of timestamps, must be at least one second apart
time.sleep(1)
self.completed_changes = self.client.list_batch_change_summaries(
status=200)['batchChanges']
assert_that(len(self.completed_changes),
equal_to(len(batch_change_inputs)))
else:
print "\r\n!!! USING EXISTING SUMMARIES"
self.completed_changes = initial_db_check['batchChanges']
self.to_delete = set(record_set_list)
def __init__(self):
self.ok_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'okAccessKey', 'okSecretKey')
self.dummy_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'dummyAccessKey', 'dummySecretKey')
self.shared_zone_vinyldns_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'sharedZoneUserAccessKey', 'sharedZoneUserSecretKey')
self.support_user_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'supportUserAccessKey', 'supportUserSecretKey')
self.unassociated_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'listGroupAccessKey', 'listGroupSecretKey')
self.test_user_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'testUserAccessKey', 'testUserSecretKey')
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.tear_down() # ensures that the environment is clean before starting
try:
ok_group = {
'name': 'ok-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'ok'}, { 'id': 'support-user-id'} ],
'admins': [ { 'id': 'ok'} ]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client, self.ok_group)
dummy_group = {
'name': 'dummy-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'dummy'} ],
'admins': [ { 'id': 'dummy'} ]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(dummy_group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client, self.dummy_group)
shared_record_group = {
'name': 'record-ownergroup',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ],
'admins': [ { 'id': 'sharedZoneUser'}, { 'id': 'ok'} ]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(shared_record_group, status=200)
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'ok.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ok.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.ok_zone = ok_zone_change['zone']
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
'name': 'dummy.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.dummy_group['id'],
'isTest': True,
'connection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'dummy.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.dummy_zone = dummy_zone_change['zone']
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip6.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip6_reverse_zone = ip6_reverse_zone_change['zone']
ip6_16_nibble_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '0.0.0.1.1.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
}, status=202
)
self.ip6_16_nibble_zone = ip6_16_nibble_zone_change['zone']
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': '10.10.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'ip4.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.ip4_reverse_zone = ip4_reverse_zone_change['zone']
self.classless_base_zone_json = {
'name': '2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless-base.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
self.classless_base_zone_json, status=202
)
self.classless_base_zone = classless_base_zone_change['zone']
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
'name': '192/30.2.0.192.in-addr.arpa.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'classless.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.classless_zone_delegation_zone = classless_zone_delegation_change['zone']
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'system-test.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'system-test.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202
)
self.system_test_zone = system_test_zone_change['zone']
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'parent.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'acl': {
'rules': [
{
'accessLevel': 'Delete',
'description': 'some_test_rule',
'userId': 'dummy'
}
]
},
'connection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'parent.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.parent_zone = parent_zone_change['zone']
# mimicking the spec example
ds_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'example.com.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'connection': {
'name': 'example.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'example.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.ds_zone = ds_zone_change['zone']
# zone with name configured for manual review
requires_review_zone_change = self.ok_vinyldns_client.create_zone(
{
'name': 'zone.requires.review.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.ok_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
}, status=202)
self.requires_review_zone = requires_review_zone_change['zone']
get_shared_zones = self.shared_zone_vinyldns_client.list_zones(status=200)['zones']
shared_zone = [zone for zone in get_shared_zones if zone['name'] == "shared."]
non_test_shared_zone = [zone for zone in get_shared_zones if zone['name'] == "non.test.shared."]
shared_zone_change = self.set_up_shared_zone(shared_zone[0]['id'])
self.shared_zone = shared_zone_change['zone']
non_test_shared_zone_change = self.set_up_shared_zone(non_test_shared_zone[0]['id'])
self.non_test_shared_zone = non_test_shared_zone_change['zone']
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_active(system_test_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(ok_zone_change[u'zone'][u'id'])
self.dummy_vinyldns_client.wait_until_zone_active(dummy_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(ip6_reverse_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(ip6_16_nibble_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(ip4_reverse_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(classless_base_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(classless_zone_delegation_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(system_test_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(parent_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(ds_zone_change[u'zone'][u'id'])
self.ok_vinyldns_client.wait_until_zone_active(requires_review_zone_change[u'zone'][u'id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_zone_change)
shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_zone_change)
non_test_shared_sync_change = self.shared_zone_vinyldns_client.sync_zone(self.non_test_shared_zone['id'])
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(shared_sync_change)
self.shared_zone_vinyldns_client.wait_until_zone_change_status_synced(non_test_shared_sync_change)
# validate all in there
zones = self.dummy_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
zones = self.ok_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(10))
zones = self.shared_zone_vinyldns_client.list_zones()['zones']
assert_that(len(zones), is_(2))
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'history-key', 'history-secret')
self.tear_down()
self.group = None
group = {
'name': 'history-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'history-id'
}],
'admins': [{
'id': 'history-id'
}]
}
self.group = self.client.create_group(group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.client, self.group)
zone_change = self.client.create_zone(
{
'name': 'system-test-history.',
'email': '*****@*****.**',
'shared': True,
'adminGroupId': self.group['id'],
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.zone = zone_change['zone']
self.client.wait_until_zone_exists(zone_change)
# change the zone nine times to we have update events in zone change history, ten total changes including creation
for i in range(2, 11):
zone_update = dict(self.zone)
zone_update['connection']['key'] = VinylDNSTestContext.dns_key
zone_update['transferConnection'][
'key'] = VinylDNSTestContext.dns_key
zone_update[
'email'] = 'i.changed.this.{0}[email protected]'.format(
i)
zone_update = self.client.update_zone(zone_update,
status=202)['zone']
# create some record sets
(achange, a_record) = self.create_recordset(TestData.A)
(aaaachange, aaaa_record) = self.create_recordset(TestData.AAAA)
(cnamechange, cname_record) = self.create_recordset(TestData.CNAME)
# wait here for all the record sets to be created
self.client.wait_until_recordset_exists(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_exists(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_exists(cname_record['zoneId'],
cname_record['id'])
# update the record sets
a_record_update = dict(a_record)
a_record_update['ttl'] += 100
a_record_update['records'][0]['address'] = '9.9.9.9'
(achange, a_record_update) = self.update_recordset(a_record_update)
aaaa_record_update = dict(aaaa_record)
aaaa_record_update['ttl'] += 100
aaaa_record_update['records'][0]['address'] = '2003:db8:0:0:0:0:0:4'
(aaaachange,
aaaa_record_update) = self.update_recordset(aaaa_record_update)
cname_record_update = dict(cname_record)
cname_record_update['ttl'] += 100
cname_record_update['records'][0]['cname'] = 'changed-cname.'
(cnamechange,
cname_record_update) = self.update_recordset(cname_record_update)
self.client.wait_until_recordset_change_status(achange, 'Complete')
self.client.wait_until_recordset_change_status(aaaachange, 'Complete')
self.client.wait_until_recordset_change_status(cnamechange, 'Complete')
# delete the recordsets
self.delete_recordset(a_record)
self.delete_recordset(aaaa_record)
self.delete_recordset(cname_record)
self.client.wait_until_recordset_deleted(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_deleted(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_deleted(cname_record['zoneId'],
cname_record['id'])
# the resulting context should contain all of the parts so it makes it simple to test
self.results = {
'zone': self.zone,
'zoneUpdate': zone_update,
'creates': [a_record, aaaa_record, cname_record],
'updates':
[a_record_update, aaaa_record_update, cname_record_update]
}
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listZonesAccessKey',
'listZonesSecretKey')
def __init__(self, partition_id: str):
self.partition_id = partition_id
self.setup_started = False
self.ok_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "okAccessKey", "okSecretKey")
self.dummy_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "dummyAccessKey",
"dummySecretKey")
self.shared_zone_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "sharedZoneUserAccessKey",
"sharedZoneUserSecretKey")
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "supportUserAccessKey",
"supportUserSecretKey")
self.unassociated_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "listGroupAccessKey",
"listGroupSecretKey")
self.test_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "testUserAccessKey",
"testUserSecretKey")
self.history_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"history-key", "history-secret")
self.clients = [
self.ok_vinyldns_client, self.dummy_vinyldns_client,
self.shared_zone_vinyldns_client, self.support_user_client,
self.unassociated_client, self.test_user_client,
self.history_client
]
self.list_zones = ListZonesTestContext(partition_id)
self.list_zones_client = self.list_zones.client
self.list_records_context = ListRecordSetsTestContext(partition_id)
self.list_groups_context = ListGroupsTestContext(partition_id)
self.list_batch_summaries_context = ListBatchChangeSummariesTestContext(
partition_id)
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.history_group = None
self.group_activity_created = None
self.group_activity_updated = None
self.history_zone = None
self.ok_zone = None
self.dummy_zone = None
self.ip6_reverse_zone = None
self.ip6_16_nibble_zone = None
self.ip4_reverse_zone = None
self.classless_base_zone = None
self.classless_zone_delegation_zone = None
self.system_test_zone = None
self.parent_zone = None
self.ds_zone = None
self.requires_review_zone = None
self.shared_zone = None
self.ip4_10_prefix = None
self.ip4_classless_prefix = None
self.ip6_prefix = None
class SharedZoneTestContext(object):
"""
Creates multiple zones to test authorization / access to shared zones across users
"""
_data_cache: MutableMapping[str, MutableMapping[str, Mapping]] = {}
def __init__(self, partition_id: str):
self.partition_id = partition_id
self.setup_started = False
self.ok_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "okAccessKey", "okSecretKey")
self.dummy_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "dummyAccessKey",
"dummySecretKey")
self.shared_zone_vinyldns_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "sharedZoneUserAccessKey",
"sharedZoneUserSecretKey")
self.support_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "supportUserAccessKey",
"supportUserSecretKey")
self.unassociated_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "listGroupAccessKey",
"listGroupSecretKey")
self.test_user_client = VinylDNSClient(
VinylDNSTestContext.vinyldns_url, "testUserAccessKey",
"testUserSecretKey")
self.history_client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
"history-key", "history-secret")
self.clients = [
self.ok_vinyldns_client, self.dummy_vinyldns_client,
self.shared_zone_vinyldns_client, self.support_user_client,
self.unassociated_client, self.test_user_client,
self.history_client
]
self.list_zones = ListZonesTestContext(partition_id)
self.list_zones_client = self.list_zones.client
self.list_records_context = ListRecordSetsTestContext(partition_id)
self.list_groups_context = ListGroupsTestContext(partition_id)
self.list_batch_summaries_context = ListBatchChangeSummariesTestContext(
partition_id)
self.dummy_group = None
self.ok_group = None
self.shared_record_group = None
self.history_group = None
self.group_activity_created = None
self.group_activity_updated = None
self.history_zone = None
self.ok_zone = None
self.dummy_zone = None
self.ip6_reverse_zone = None
self.ip6_16_nibble_zone = None
self.ip4_reverse_zone = None
self.classless_base_zone = None
self.classless_zone_delegation_zone = None
self.system_test_zone = None
self.parent_zone = None
self.ds_zone = None
self.requires_review_zone = None
self.shared_zone = None
self.ip4_10_prefix = None
self.ip4_classless_prefix = None
self.ip6_prefix = None
def setup(self):
if self.setup_started:
# Safeguard against reentrance
return
self.setup_started = True
partition_id = self.partition_id
try:
ok_group = {
"name": f"ok-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "ok"
}, {
"id": "support-user-id"
}],
"admins": [{
"id": "ok"
}]
}
self.ok_group = self.ok_vinyldns_client.create_group(ok_group,
status=200)
# in theory this shouldn"t be needed, but getting "user is not in group' errors on zone creation
self.confirm_member_in_group(self.ok_vinyldns_client,
self.ok_group)
dummy_group = {
"name": f"dummy-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "dummy"
}],
"admins": [{
"id": "dummy"
}]
}
self.dummy_group = self.dummy_vinyldns_client.create_group(
dummy_group, status=200)
# in theory this shouldn"t be needed, but getting "user is not in group' errors on zone creation
self.confirm_member_in_group(self.dummy_vinyldns_client,
self.dummy_group)
shared_record_group = {
"name":
f"record-ownergroup{partition_id}",
"email":
"*****@*****.**",
"description":
"this is a description",
"members": [{
"id": "sharedZoneUser"
}, {
"id": "ok"
}, {
"id": "support-user-id"
}],
"admins": [{
"id": "sharedZoneUser"
}, {
"id": "ok"
}]
}
self.shared_record_group = self.ok_vinyldns_client.create_group(
shared_record_group, status=200)
history_group = {
"name": f"history-group{partition_id}",
"email": "*****@*****.**",
"description": "this is a description",
"members": [{
"id": "history-id"
}],
"admins": [{
"id": "history-id"
}]
}
self.history_group = self.history_client.create_group(
history_group, status=200)
self.confirm_member_in_group(self.history_client,
self.history_group)
history_zone_change = self.history_client.create_zone(
{
"name": f"system-test-history{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.history_group["id"],
"isTest": True,
"connection": {
"name": "vinyldns.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "vinyldns.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.history_zone = history_zone_change["zone"]
# initialize history
self.history_client.wait_until_zone_active(
history_zone_change["zone"]["id"])
self.init_history()
ok_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"ok{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ok.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ok.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ok_zone = ok_zone_change["zone"]
dummy_zone_change = self.dummy_vinyldns_client.create_zone(
{
"name": f"dummy{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.dummy_group["id"],
"isTest": True,
"connection": {
"name": "dummy.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "dummy.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.dummy_zone = dummy_zone_change["zone"]
self.ip6_prefix = f"fd69:27cc:fe9{partition_id}"
ip6_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ip6.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ip6.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ip6_reverse_zone = ip6_reverse_zone_change["zone"]
ip6_16_nibble_zone_change = self.ok_vinyldns_client.create_zone(
{
"name":
f"0.0.0.1.{partition_id}.9.e.f.c.c.7.2.9.6.d.f.ip6.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.ip6_16_nibble_zone = ip6_16_nibble_zone_change["zone"]
self.ip4_10_prefix = f"10.{partition_id}"
ip4_reverse_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.10.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "ip4.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "ip4.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ip4_reverse_zone = ip4_reverse_zone_change["zone"]
self.ip4_classless_prefix = f"192.0.{partition_id}"
classless_base_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"{partition_id}.0.192.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "classless-base.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "classless-base.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.classless_base_zone = classless_base_zone_change["zone"]
classless_zone_delegation_change = self.ok_vinyldns_client.create_zone(
{
"name": f"192/30.{partition_id}.0.192.in-addr.arpa.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "classless.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "classless.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.classless_zone_delegation_zone = classless_zone_delegation_change[
"zone"]
system_test_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"system-test{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "system-test.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "system-test.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.system_test_zone = system_test_zone_change["zone"]
# parent zone gives access to the dummy user, dummy user cannot manage ns records
parent_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"parent.com{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"acl": {
"rules": [{
"accessLevel": "Delete",
"description": "some_test_rule",
"userId": "dummy"
}]
},
"connection": {
"name": "parent.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "parent.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.parent_zone = parent_zone_change["zone"]
# mimicking the spec example
ds_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"example.com{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"connection": {
"name": "example.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "example.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.ds_zone = ds_zone_change["zone"]
# zone with name configured for manual review
requires_review_zone_change = self.ok_vinyldns_client.create_zone(
{
"name": f"zone.requires.review{partition_id}.",
"email": "*****@*****.**",
"shared": False,
"adminGroupId": self.ok_group["id"],
"isTest": True,
"backendId": "func-test-backend"
},
status=202)
self.requires_review_zone = requires_review_zone_change["zone"]
# Shared zone
shared_zone_change = self.support_user_client.create_zone(
{
"name": f"shared{partition_id}.",
"email": "*****@*****.**",
"shared": True,
"adminGroupId": self.shared_record_group["id"],
"isTest": True,
"connection": {
"name": "shared.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
},
"transferConnection": {
"name": "shared.",
"keyName": VinylDNSTestContext.dns_key_name,
"key": VinylDNSTestContext.dns_key,
"algorithm": VinylDNSTestContext.dns_key_algo,
"primaryServer": VinylDNSTestContext.name_server_ip
}
},
status=202)
self.shared_zone = shared_zone_change["zone"]
# wait until our zones are created
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ok_zone_change["zone"]["id"])
self.dummy_vinyldns_client.wait_until_zone_active(
dummy_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_reverse_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip6_16_nibble_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ip4_reverse_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
classless_base_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
classless_zone_delegation_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
system_test_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
parent_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
ds_zone_change["zone"]["id"])
self.ok_vinyldns_client.wait_until_zone_active(
requires_review_zone_change["zone"]["id"])
self.shared_zone_vinyldns_client.wait_until_zone_active(
shared_zone_change["zone"]["id"])
# initialize group activity
self.init_group_activity()
# initialize list zones, only do this when constructing the whole!
self.list_zones.setup()
# note: there are no state to load, the tests only need the client
self.list_zones_client = self.list_zones.client
# build the list of records; note: we do need to save the test records
self.list_records_context.setup()
# build the list of groups
self.list_groups_context.setup()
except Exception:
# Cleanup if setup fails
self.tear_down()
traceback.print_exc()
raise
def init_history(self):
# Initialize the zone history
# change the zone nine times to we have update events in zone change history,
# ten total changes including creation
for i in range(2, 11):
zone_update = copy.deepcopy(self.history_zone)
zone_update["connection"]["key"] = VinylDNSTestContext.dns_key
zone_update["transferConnection"][
"key"] = VinylDNSTestContext.dns_key
zone_update[
"email"] = "i.changed.this.{0}[email protected]".format(
i)
self.history_client.update_zone(zone_update, status=202)
# create some record sets
test_a = TestData.A.copy()
test_a["zoneId"] = self.history_zone["id"]
test_aaaa = TestData.AAAA.copy()
test_aaaa["zoneId"] = self.history_zone["id"]
test_cname = TestData.CNAME.copy()
test_cname["zoneId"] = self.history_zone["id"]
a_record = self.history_client.create_recordset(
test_a, status=202)["recordSet"]
aaaa_record = self.history_client.create_recordset(
test_aaaa, status=202)["recordSet"]
cname_record = self.history_client.create_recordset(
test_cname, status=202)["recordSet"]
# wait here for all the record sets to be created
self.history_client.wait_until_recordset_exists(
a_record["zoneId"], a_record["id"])
self.history_client.wait_until_recordset_exists(
aaaa_record["zoneId"], aaaa_record["id"])
self.history_client.wait_until_recordset_exists(
cname_record["zoneId"], cname_record["id"])
# update the record sets
a_record_update = copy.deepcopy(a_record)
a_record_update["ttl"] += 100
a_record_update["records"][0]["address"] = "9.9.9.9"
a_change = self.history_client.update_recordset(a_record_update,
status=202)
aaaa_record_update = copy.deepcopy(aaaa_record)
aaaa_record_update["ttl"] += 100
aaaa_record_update["records"][0]["address"] = "2003:db8:0:0:0:0:0:4"
aaaa_change = self.history_client.update_recordset(aaaa_record_update,
status=202)
cname_record_update = copy.deepcopy(cname_record)
cname_record_update["ttl"] += 100
cname_record_update["records"][0]["cname"] = "changed-cname."
cname_change = self.history_client.update_recordset(
cname_record_update, status=202)
self.history_client.wait_until_recordset_change_status(
a_change, "Complete")
self.history_client.wait_until_recordset_change_status(
aaaa_change, "Complete")
self.history_client.wait_until_recordset_change_status(
cname_change, "Complete")
# delete the recordsets
self.history_client.delete_recordset(a_record["zoneId"],
a_record["id"])
self.history_client.delete_recordset(aaaa_record["zoneId"],
aaaa_record["id"])
self.history_client.delete_recordset(cname_record["zoneId"],
cname_record["id"])
self.history_client.wait_until_recordset_deleted(
a_record["zoneId"], a_record["id"])
self.history_client.wait_until_recordset_deleted(
aaaa_record["zoneId"], aaaa_record["id"])
self.history_client.wait_until_recordset_deleted(
cname_record["zoneId"], cname_record["id"])
def init_group_activity(self):
client = self.ok_vinyldns_client
group_name = f"test-list-group-activity-max-item-success{self.partition_id}"
members = [{"id": "ok"}]
new_group = {
"name": group_name,
"email": "*****@*****.**",
"members": members,
"admins": [{
"id": "ok"
}]
}
created_group = client.create_group(new_group, status=200)
update_groups = []
updated_groups = []
# each update changes the member
for runner in range(0, 10):
members = [{"id": "dummy{0:0>3}".format(runner)}]
update_groups.append({
"id": created_group["id"],
"name": group_name,
"email": "*****@*****.**",
"members": members,
"admins": [{
"id": "ok"
}]
})
updated_groups.append(
client.update_group(update_groups[runner]["id"],
update_groups[runner],
status=200))
self.group_activity_created = created_group
self.group_activity_updated = updated_groups
def tear_down(self):
"""
The ok_vinyldns_client is a zone admin on _all_ the zones.
We shouldn't have to do any checks now, as zone admins have full rights to all zones, including
deleting all records (even in the old shared model)
"""
try:
self.list_zones.tear_down()
self.list_records_context.tear_down()
if self.list_batch_summaries_context:
self.list_batch_summaries_context.tear_down(self)
if self.list_groups_context:
self.list_groups_context.tear_down()
for client in self.clients:
client.clear_zones()
for client in self.clients:
client.clear_groups()
# Close all clients
for client in self.clients:
client.tear_down()
except Exception:
traceback.print_exc()
raise
@staticmethod
def confirm_member_in_group(client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))
class ListBatchChangeSummariesFixture():
def __init__(self, shared_zone_test_context):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listBatchSummariesAccessKey',
'listBatchSummariesSecretKey')
acl_rule = generate_acl_rule('Write', userId='list-batch-summaries-id')
add_ok_acl_rules(shared_zone_test_context, [acl_rule])
initial_db_check = self.client.list_batch_change_summaries(status=200)
batch_change_input_one = {
"comments": "first",
"changes": [get_change_CNAME_json("test-first.ok.", cname="one.")]
}
batch_change_input_two = {
"comments": "second",
"changes":
[get_change_CNAME_json("test-second.ok.", cname="two.")]
}
batch_change_input_three = {
"comments": "last",
"changes":
[get_change_CNAME_json("test-last.ok.", cname="three.")]
}
batch_change_inputs = [
batch_change_input_one, batch_change_input_two,
batch_change_input_three
]
record_set_list = []
self.completed_changes = []
if len(initial_db_check['batchChanges']) == 0:
# make some batch changes
for input in batch_change_inputs:
change = self.client.create_batch_change(input, status=202)
completed = self.client.wait_until_batch_change_completed(
change)
assert_that(completed["comments"], equal_to(input["comments"]))
record_set_list += [(change['zoneId'], change['recordSetId'])
for change in completed['changes']]
# sleep for consistent ordering of timestamps, must be at least one second apart
time.sleep(1)
self.completed_changes = self.client.list_batch_change_summaries(
status=200)['batchChanges']
assert_that(len(self.completed_changes), equal_to(3))
else:
self.completed_changes = initial_db_check['batchChanges']
self.to_delete = set(record_set_list)
def tear_down(self, shared_zone_test_context):
for result_rs in self.to_delete:
delete_result = shared_zone_test_context.ok_vinyldns_client.delete_recordset(
result_rs[0], result_rs[1], status=202)
shared_zone_test_context.ok_vinyldns_client.wait_until_recordset_change_status(
delete_result, 'Complete')
clear_ok_acl_rules(shared_zone_test_context)
def check_batch_change_summaries_page_accuracy(self,
summaries_page,
size,
next_id=False,
start_from=False,
max_items=100,
approval_status=False):
# validate fields
if next_id:
assert_that(summaries_page, has_key('nextId'))
else:
assert_that(summaries_page, is_not(has_key('nextId')))
if start_from:
assert_that(summaries_page['startFrom'], is_(start_from))
else:
assert_that(summaries_page, is_not(has_key('startFrom')))
if approval_status:
assert_that(summaries_page, has_key('approvalStatus'))
else:
assert_that(summaries_page, is_not(has_key('approvalStatus')))
assert_that(summaries_page['maxItems'], is_(max_items))
# validate actual page
list_batch_change_summaries = summaries_page['batchChanges']
assert_that(list_batch_change_summaries, has_length(size))
for i, summary in enumerate(list_batch_change_summaries):
assert_that(summary["userId"], equal_to("list-batch-summaries-id"))
assert_that(summary["userName"],
equal_to("list-batch-summaries-user"))
assert_that(
summary["comments"],
equal_to(self.completed_changes[i + start_from]["comments"]))
assert_that(
summary["createdTimestamp"],
equal_to(
self.completed_changes[i +
start_from]["createdTimestamp"]))
assert_that(
summary["totalChanges"],
equal_to(self.completed_changes[i +
start_from]["totalChanges"]))
assert_that(
summary["status"],
equal_to(self.completed_changes[i + start_from]["status"]))
assert_that(summary["id"],
equal_to(self.completed_changes[i + start_from]["id"]))
assert_that(summary["approvalStatus"], equal_to("AutoApproved"))
assert_that(summary, is_not(has_key("reviewerId")))
class ListZonesTestContext(object):
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listZonesAccessKey',
'listZonesSecretKey')
def build(self):
self.tear_down()
group = {
'name': 'list-zones-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'list-zones-user'
}],
'admins': [{
'id': 'list-zones-user'
}]
}
list_zones_group = self.client.create_group(group, status=200)
search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
search_zone_3_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-3.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
non_search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
non_search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
zone_changes = [
search_zone_1_change, search_zone_2_change, search_zone_3_change,
non_search_zone_1_change, non_search_zone_2_change
]
for change in zone_changes:
self.client.wait_until_zone_active(change[u'zone'][u'id'])
def tear_down(self):
clear_zones(self.client)
clear_groups(self.client)
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'listZonesAccessKey',
'listZonesSecretKey')
self.tear_down(
) # ensures that the environment is clean before starting
try:
group = {
'name': 'list-zones-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'list-zones-user'
}],
'admins': [{
'id': 'list-zones-user'
}]
}
self.list_zones_group = self.client.create_group(group, status=200)
search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.search_zone_1 = search_zone_1_change['zone']
search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.search_zone_2 = search_zone_2_change['zone']
search_zone_3_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-3.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.search_zone_3 = search_zone_3_change['zone']
non_search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.non_search_zone_1 = non_search_zone_1_change['zone']
non_search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'backendId': 'func-test-backend'
},
status=202)
self.non_search_zone_2 = non_search_zone_2_change['zone']
self.zone_ids = [
self.search_zone_1['id'], self.search_zone_2['id'],
self.search_zone_3['id'], self.non_search_zone_1['id'],
self.non_search_zone_2['id']
]
zone_changes = [
search_zone_1_change, search_zone_2_change,
search_zone_3_change, non_search_zone_1_change,
non_search_zone_2_change
]
for change in zone_changes:
self.client.wait_until_zone_active(change[u'zone'][u'id'])
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
class ListZonesTestContext(object):
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url, 'listZonesAccessKey', 'listZonesSecretKey')
self.tear_down() # ensures that the environment is clean before starting
try:
group = {
'name': 'list-zones-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [ { 'id': 'list-zones-user'} ],
'admins': [ { 'id': 'list-zones-user'} ]
}
self.list_zones_group = self.client.create_group(group, status=200)
search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.search_zone_1 = search_zone_1_change['zone']
search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.search_zone_2 = search_zone_2_change['zone']
search_zone_3_change = self.client.create_zone(
{
'name': 'list-zones-test-searched-3.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.search_zone_3 = search_zone_3_change['zone']
non_search_zone_1_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-1.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.non_search_zone_1 = non_search_zone_1_change['zone']
non_search_zone_2_change = self.client.create_zone(
{
'name': 'list-zones-test-unfiltered-2.',
'email': '*****@*****.**',
'shared': False,
'adminGroupId': self.list_zones_group['id'],
'isTest': True,
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
}, status=202)
self.non_search_zone_2 = non_search_zone_2_change['zone']
self.zone_ids = [self.search_zone_1['id'], self.search_zone_2['id'], self.search_zone_3['id'], self.non_search_zone_1['id'], self.non_search_zone_2['id']]
zone_changes = [search_zone_1_change, search_zone_2_change, search_zone_3_change, non_search_zone_1_change, non_search_zone_2_change]
for change in zone_changes:
self.client.wait_until_zone_exists(change)
except:
# teardown if there was any issue in setup
try:
self.tear_down()
except:
pass
raise
def tear_down(self):
clear_zones(self.client)
clear_groups(self.client)
class ZoneHistoryContext(object):
"""
Creates a zone with multiple zone changes and record set changes
"""
def __init__(self):
self.client = VinylDNSClient(VinylDNSTestContext.vinyldns_url,
'history-key', 'history-secret')
self.tear_down()
self.group = None
group = {
'name': 'history-group',
'email': '*****@*****.**',
'description': 'this is a description',
'members': [{
'id': 'history-id'
}],
'admins': [{
'id': 'history-id'
}]
}
self.group = self.client.create_group(group, status=200)
# in theory this shouldn't be needed, but getting 'user is not in group' errors on zone creation
self.confirm_member_in_group(self.client, self.group)
zone_change = self.client.create_zone(
{
'name': 'system-test-history.',
'email': '*****@*****.**',
'shared': True,
'adminGroupId': self.group['id'],
'connection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
},
'transferConnection': {
'name': 'vinyldns.',
'keyName': VinylDNSTestContext.dns_key_name,
'key': VinylDNSTestContext.dns_key,
'primaryServer': VinylDNSTestContext.dns_ip
}
},
status=202)
self.zone = zone_change['zone']
self.client.wait_until_zone_exists(zone_change)
# change the zone nine times to we have update events in zone change history, ten total changes including creation
for i in range(2, 11):
zone_update = dict(self.zone)
zone_update['connection']['key'] = VinylDNSTestContext.dns_key
zone_update['transferConnection'][
'key'] = VinylDNSTestContext.dns_key
zone_update[
'email'] = 'i.changed.this.{0}[email protected]'.format(
i)
zone_update = self.client.update_zone(zone_update,
status=202)['zone']
# create some record sets
(achange, a_record) = self.create_recordset(TestData.A)
(aaaachange, aaaa_record) = self.create_recordset(TestData.AAAA)
(cnamechange, cname_record) = self.create_recordset(TestData.CNAME)
# wait here for all the record sets to be created
self.client.wait_until_recordset_exists(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_exists(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_exists(cname_record['zoneId'],
cname_record['id'])
# update the record sets
a_record_update = dict(a_record)
a_record_update['ttl'] += 100
a_record_update['records'][0]['address'] = '9.9.9.9'
(achange, a_record_update) = self.update_recordset(a_record_update)
aaaa_record_update = dict(aaaa_record)
aaaa_record_update['ttl'] += 100
aaaa_record_update['records'][0]['address'] = '2003:db8:0:0:0:0:0:4'
(aaaachange,
aaaa_record_update) = self.update_recordset(aaaa_record_update)
cname_record_update = dict(cname_record)
cname_record_update['ttl'] += 100
cname_record_update['records'][0]['cname'] = 'changed-cname.'
(cnamechange,
cname_record_update) = self.update_recordset(cname_record_update)
self.client.wait_until_recordset_change_status(achange, 'Complete')
self.client.wait_until_recordset_change_status(aaaachange, 'Complete')
self.client.wait_until_recordset_change_status(cnamechange, 'Complete')
# delete the recordsets
self.delete_recordset(a_record)
self.delete_recordset(aaaa_record)
self.delete_recordset(cname_record)
self.client.wait_until_recordset_deleted(a_record['zoneId'],
a_record['id'])
self.client.wait_until_recordset_deleted(aaaa_record['zoneId'],
aaaa_record['id'])
self.client.wait_until_recordset_deleted(cname_record['zoneId'],
cname_record['id'])
# the resulting context should contain all of the parts so it makes it simple to test
self.results = {
'zone': self.zone,
'zoneUpdate': zone_update,
'creates': [a_record, aaaa_record, cname_record],
'updates':
[a_record_update, aaaa_record_update, cname_record_update]
}
# finalizer called by py.test when the simulation is torn down
def tear_down(self):
self.clear_zones()
self.clear_group()
def clear_group(self):
groups = self.client.list_all_my_groups()
group_ids = map(lambda x: x['id'], groups)
for group_id in group_ids:
self.client.delete_group(group_id, status=200)
def clear_zones(self):
# Get the groups for the ok user
groups = self.client.list_all_my_groups()
group_ids = map(lambda x: x['id'], groups)
zones = self.client.list_zones()['zones']
# we only want to delete zones that the ok user "owns"
zones_to_delete = filter(
lambda x:
(x['adminGroupId'] in group_ids) or (x['account'] in group_ids),
zones)
zone_names_to_delete = map(lambda x: x['name'], zones_to_delete)
zoneids_to_delete = map(lambda x: x['id'], zones_to_delete)
self.client.abandon_zones(zoneids_to_delete)
def create_recordset(self, rs):
rs['zoneId'] = self.zone['id']
result = self.client.create_recordset(rs, status=202)
return result, result['recordSet']
def update_recordset(self, rs):
rs['zoneId'] = self.zone['id']
result = self.client.update_recordset(rs, status=202)
return result, result['recordSet']
def delete_recordset(self, rs):
result = self.client.delete_recordset(self.zone['id'],
rs['id'],
status=202)
return result, result['recordSet']
def confirm_member_in_group(self, client, group):
retries = 2
success = group in client.list_all_my_groups(status=200)
while retries >= 0 and not success:
success = group in client.list_all_my_groups(status=200)
time.sleep(.05)
retries -= 1
assert_that(success, is_(True))