def test_remove_tenants(self): vms = [(str(uuid.uuid4()), 'vm1')] privileges = self.get_privileges() default_datastore, default_privileges = self.get_default_datastore_and_privileges() error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore, default_privileges, vms, privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) vms = [(str(uuid.uuid4()), 'vm2'), (str(uuid.uuid4()), 'vm3')] privileges = [] error_info, tenant2 = self.auth_mgr.create_tenant('tenant2', 'Some tenant', default_datastore, default_privileges, vms, privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant2.id)) tenant2.set_datastore_access_privileges(self.auth_mgr.conn, privileges) error_info = self.auth_mgr.remove_tenant(tenant2.id, False) self.assertEqual(error_info, None) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(tenants_row, None) # check vms table error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(vms_row, []) # check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(privileges_row, [])
def test_set_default_datastore_and_privileges(self): vm1_uuid = str(uuid.uuid4()) vms = [(vm1_uuid, 'vm1')] privileges = self.get_privileges() default_datastore, default_privileges = self.get_default_datastore_and_privileges() error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore, default_privileges, vms, privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) default_datastore = 'new_default_ds' default_privileges = {'datastore': default_datastore, 'global_visibility': 0, 'create_volume': 1, 'delete_volume': 1, 'mount_volume': 1, 'max_volume_size': 0, 'usage_quota': 0} error_info = tenant1.set_default_datastore_and_privileges(self.auth_mgr.conn, default_datastore, default_privileges) self.assertEqual(error_info, None) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = 'new_default_ds' actual_output = tenants_row[auth_data_const.COL_DEFAULT_DATASTORE] self.assertEqual(actual_output, expected_output) #check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 2) expected_default_privileges = [tenant1.id, default_privileges[auth_data_const.COL_DATASTORE], default_privileges[auth_data_const.COL_GLOBAL_VISIBILITY], default_privileges[auth_data_const.COL_CREATE_VOLUME], default_privileges[auth_data_const.COL_DELETE_VOLUME], default_privileges[auth_data_const.COL_MOUNT_VOLUME], default_privileges[auth_data_const.COL_MAX_VOLUME_SIZE], default_privileges[auth_data_const.COL_USAGE_QUOTA] ] actual_default_privileges = [privileges_row[1][auth_data_const.COL_TENANT_ID], privileges_row[1][auth_data_const.COL_DATASTORE], privileges_row[1][auth_data_const.COL_GLOBAL_VISIBILITY], privileges_row[1][auth_data_const.COL_CREATE_VOLUME], privileges_row[1][auth_data_const.COL_DELETE_VOLUME], privileges_row[1][auth_data_const.COL_MOUNT_VOLUME], privileges_row[1][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[1][auth_data_const.COL_USAGE_QUOTA] ] self.assertEqual(actual_default_privileges, expected_default_privileges)
def test_remove_tenants(self): vms = [(self.vm1_uuid, self.vm1_name)] privileges = self.get_privileges() default_datastore = self.get_default_datastore() default_datastore_url = self.get_datastore_url(default_datastore) error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name, description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) vms = [(self.vm2_uuid, self.vm2_name), (self.vm3_uuid, self.vm3_name)] privileges = [] error_info, tenant2 = self.auth_mgr.create_tenant(name=self.tenant_2_name, description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant2.id)) tenant2.set_datastore_access_privileges(self.auth_mgr.conn, privileges) error_info = self.auth_mgr.remove_tenant(tenant2.id, False) self.assertEqual(error_info, None) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(tenants_row, None) # check vms table error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(vms_row, []) # check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant2.id) self.assertEqual(error_info, None) self.assertEqual(privileges_row, [])
def test_add_datastore_access_privileges(self): vm1_uuid = str(uuid.uuid4()) vms = [(vm1_uuid)] privileges = [] error_info, tenant1 = self.auth_mgr.create_tenant(name='tenant1', description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) datastore_url = self.get_datastore_url('datastore1') privileges = [{'datastore_url': datastore_url, 'allow_create': 0, 'max_volume_size': 0, 'usage_quota': 0}] error_info = tenant1.set_datastore_access_privileges(self.auth_mgr.conn, privileges) self.assertEqual(error_info, None) #check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 1) expected_privileges = [tenant1.id, privileges[0][auth_data_const.COL_DATASTORE_URL], privileges[0][auth_data_const.COL_ALLOW_CREATE], privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges[0][auth_data_const.COL_USAGE_QUOTA] ] actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID], privileges_row[0][auth_data_const.COL_DATASTORE_URL], privileges_row[0][auth_data_const.COL_ALLOW_CREATE], privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[0][auth_data_const.COL_USAGE_QUOTA] ] self.assertEqual(actual_privileges, expected_privileges)
def test_add_datastore_access_privileges(self): vms = [(self.vm1_uuid, self.vm1_name)] privileges = [] error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name, description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) datastore_url = self.get_datastore_url('datastore1') privileges = [{'datastore_url': datastore_url, 'allow_create': 0, 'max_volume_size': 0, 'usage_quota': 0}] error_info = tenant1.set_datastore_access_privileges(self.auth_mgr.conn, privileges) self.assertEqual(error_info, None) #check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 1) expected_privileges = [tenant1.id, privileges[0][auth_data_const.COL_DATASTORE_URL], privileges[0][auth_data_const.COL_ALLOW_CREATE], privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges[0][auth_data_const.COL_USAGE_QUOTA] ] actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID], privileges_row[0][auth_data_const.COL_DATASTORE_URL], privileges_row[0][auth_data_const.COL_ALLOW_CREATE], privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[0][auth_data_const.COL_USAGE_QUOTA] ] self.assertEqual(actual_privileges, expected_privileges)
def test_create_tenant(self): """ Test create_tenant() API """ vm1_uuid = str(uuid.uuid4()) vms = [(vm1_uuid, 'vm1')] #privileges = [] privileges = self.get_privileges() default_datastore, default_privileges = self.get_default_datastore_and_privileges() error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore, default_privileges, vms, privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [tenant1.id, 'tenant1', 'Some tenant', 'default_ds'] actual_output = [tenants_row[auth_data_const.COL_ID], tenants_row[auth_data_const.COL_NAME], tenants_row[auth_data_const.COL_DESCRIPTION], tenants_row[auth_data_const.COL_DEFAULT_DATASTORE] ] self.assertEqual(actual_output, expected_output) # check vms table error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [vm1_uuid, 'vm1', tenant1.id] self.assertEqual(len(vms_row), 1) actual_output = [vms_row[0][auth_data_const.COL_VM_ID], vms_row[0][auth_data_const.COL_VM_NAME], vms_row[0][auth_data_const.COL_TENANT_ID] ] self.assertEqual(actual_output, expected_output) # check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 2) expected_privileges = [tenant1.id, privileges[0][auth_data_const.COL_DATASTORE], privileges[0][auth_data_const.COL_GLOBAL_VISIBILITY], privileges[0][auth_data_const.COL_CREATE_VOLUME], privileges[0][auth_data_const.COL_DELETE_VOLUME], privileges[0][auth_data_const.COL_MOUNT_VOLUME], privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges[0][auth_data_const.COL_USAGE_QUOTA] ] expected_default_privileges = [tenant1.id, default_privileges[auth_data_const.COL_DATASTORE], default_privileges[auth_data_const.COL_GLOBAL_VISIBILITY], default_privileges[auth_data_const.COL_CREATE_VOLUME], default_privileges[auth_data_const.COL_DELETE_VOLUME], default_privileges[auth_data_const.COL_MOUNT_VOLUME], default_privileges[auth_data_const.COL_MAX_VOLUME_SIZE], default_privileges[auth_data_const.COL_USAGE_QUOTA] ] expected_output = [expected_privileges, expected_default_privileges ] actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID], privileges_row[0][auth_data_const.COL_DATASTORE], privileges_row[0][auth_data_const.COL_GLOBAL_VISIBILITY], privileges_row[0][auth_data_const.COL_CREATE_VOLUME], privileges_row[0][auth_data_const.COL_DELETE_VOLUME], privileges_row[0][auth_data_const.COL_MOUNT_VOLUME], privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[0][auth_data_const.COL_USAGE_QUOTA] ] actual_default_privileges = [privileges_row[1][auth_data_const.COL_TENANT_ID], privileges_row[1][auth_data_const.COL_DATASTORE], privileges_row[1][auth_data_const.COL_GLOBAL_VISIBILITY], privileges_row[1][auth_data_const.COL_CREATE_VOLUME], privileges_row[1][auth_data_const.COL_DELETE_VOLUME], privileges_row[1][auth_data_const.COL_MOUNT_VOLUME], privileges_row[1][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[1][auth_data_const.COL_USAGE_QUOTA] ] actual_output = [actual_privileges, actual_default_privileges] self.assertEqual(actual_output, expected_output)
def test_create_tenant(self): """ Test create_tenant() API """ vm1_uuid = str(uuid.uuid4()) vms = [(vm1_uuid)] privileges = self.get_privileges() default_datastore = self.get_default_datastore() default_datastore_url = self.get_datastore_url(default_datastore) error_info, tenant1 = self.auth_mgr.create_tenant(name='tenant1', description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [tenant1.id, 'tenant1', 'Some tenant'] actual_output = [tenants_row[auth_data_const.COL_ID], tenants_row[auth_data_const.COL_NAME], tenants_row[auth_data_const.COL_DESCRIPTION] ] self.assertEqual(actual_output, expected_output) # check vms table error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [vm1_uuid, tenant1.id] self.assertEqual(len(vms_row), 1) actual_output = [vms_row[0][auth_data_const.COL_VM_ID], vms_row[0][auth_data_const.COL_TENANT_ID] ] self.assertEqual(actual_output, expected_output) # check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 1) expected_privileges = [tenant1.id, privileges[0][auth_data_const.COL_DATASTORE_URL], privileges[0][auth_data_const.COL_ALLOW_CREATE], privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges[0][auth_data_const.COL_USAGE_QUOTA] ] expected_output = [expected_privileges ] actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID], privileges_row[0][auth_data_const.COL_DATASTORE_URL], privileges_row[0][auth_data_const.COL_ALLOW_CREATE], privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[0][auth_data_const.COL_USAGE_QUOTA] ] actual_output = [actual_privileges] self.assertEqual(actual_output, expected_output)
def _tenant_access_add(name, datastore, allow_create=None, default_datastore=False, volume_maxsize_in_MB=None, volume_totalsize_in_MB=None): """ API to add datastore access for a tenant """ logging.debug("_tenant_access_add: name=%s datastore=%s, allow_create=%s " "volume_maxsize_in_MB=%s volume_totalsize_in_MB=%s", name, datastore, allow_create, volume_maxsize_in_MB, volume_totalsize_in_MB) error_info, tenant = get_tenant_from_db(name) if error_info: return error_info if not tenant: error_info = error_code.generate_error_info(ErrorCode.TENANT_NOT_EXIST, name) return error_info error_info = check_datastore(datastore) if error_info: return error_info datastore_url = vmdk_utils.get_datastore_url(datastore) error_info, existing_privileges = _tenant_access_ls(name) if error_info: return error_info if privilege_exist(existing_privileges, datastore_url): error_info = error_code.generate_error_info(ErrorCode.PRIVILEGE_ALREADY_EXIST, name, datastore) return error_info # Possible value: # None - no change required # True/False (boolean or string) - change to corresponding True/False if allow_create is not None: # validate to boolean value if it is a string allow_create_val, valid = validate_string_to_bool(allow_create) if not valid: err_code = ErrorCode.PRIVILEGE_INVALID_ALLOW_CREATE_VALUE err_msg = error_code.error_code_to_message[err_code].format(allow_create) logging.error(err_msg) return ErrorInfo(err_code, err_msg) allow_create = allow_create_val privileges = generate_privileges(datastore_url=datastore_url, allow_create=allow_create, volume_maxsize_in_MB=volume_maxsize_in_MB, volume_totalsize_in_MB=volume_totalsize_in_MB) logging.debug("_tenant_access_add: privileges=%s", privileges) error_info = check_privilege_parameters(privilege=privileges) if error_info: return error_info error_info, auth_mgr = get_auth_mgr_object() if error_info: return error_info error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn, [privileges]) if error_msg: error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg) return error_info error_msg, result = auth.get_row_from_privileges_table(auth_mgr.conn, tenant.id) # if len(result) == 1, which means "datastore"" is the first datastore for this tenant, # and should set this datastore to the "default_datastore" for this tenant if error_msg: error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg) return error_info logging.debug("_tenant_access_add: get_row_from_privileges_table for tenant id=%s return %s", tenant.id, result) if len(result) == 1 or default_datastore: if datastore_url == auth_data_const.DEFAULT_DS_URL: # Create DEFAULT privilege for DEFAULT tenant, should not set the default_datastore in DB error_msg = tenant.set_default_datastore(auth_mgr.conn, "") else: error_msg = tenant.set_default_datastore(auth_mgr.conn, datastore_url) if error_msg: error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg) return error_info
def test_create_tenant(self): """ Test create_tenant() API """ vms = [(self.vm1_uuid, self.vm1_name)] privileges = self.get_privileges() default_datastore = self.get_default_datastore() default_datastore_url = self.get_datastore_url(default_datastore) error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name, description='Some tenant', vms=vms, privileges=privileges) self.assertEqual(error_info, None) self.assertTrue(uuid.UUID(tenant1.id)) # Check tenants table error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [tenant1.id, self.tenant_name, 'Some tenant'] actual_output = [tenants_row[auth_data_const.COL_ID], tenants_row[auth_data_const.COL_NAME], tenants_row[auth_data_const.COL_DESCRIPTION] ] self.assertEqual(actual_output, expected_output) # check vms table error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) expected_output = [self.vm1_uuid, tenant1.id] self.assertEqual(len(vms_row), 1) actual_output = [vms_row[0][auth_data_const.COL_VM_ID], vms_row[0][auth_data_const.COL_TENANT_ID] ] self.assertEqual(actual_output, expected_output) # check privileges table error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id) self.assertEqual(error_info, None) self.assertEqual(len(privileges_row), 1) expected_privileges = [tenant1.id, privileges[0][auth_data_const.COL_DATASTORE_URL], privileges[0][auth_data_const.COL_ALLOW_CREATE], privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges[0][auth_data_const.COL_USAGE_QUOTA] ] expected_output = [expected_privileges ] actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID], privileges_row[0][auth_data_const.COL_DATASTORE_URL], privileges_row[0][auth_data_const.COL_ALLOW_CREATE], privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE], privileges_row[0][auth_data_const.COL_USAGE_QUOTA] ] actual_output = [actual_privileges] self.assertEqual(actual_output, expected_output)
def _tenant_access_add(name, datastore, allow_create=None, default_datastore=False, volume_maxsize_in_MB=None, volume_totalsize_in_MB=None): """ API to add datastore access for a tenant """ logging.debug( "_tenant_access_add: name=%s datastore=%s, allow_create=%s " "volume_maxsize_in_MB=%s volume_totalsize_in_MB=%s", name, datastore, allow_create, volume_maxsize_in_MB, volume_totalsize_in_MB) error_info, tenant = get_tenant_from_db(name) if error_info: return error_info if not tenant: error_info = error_code.generate_error_info(ErrorCode.TENANT_NOT_EXIST, name) return error_info error_info = check_datastore(datastore) if error_info: return error_info error_info, existing_privileges = _tenant_access_ls(name) if error_info: return error_info if privilege_exist(existing_privileges, datastore): error_info = error_code.generate_error_info( ErrorCode.PRIVILEGE_ALREADY_EXIST, name, datastore) return error_info privileges = generate_privileges( datastore=datastore, allow_create=allow_create, volume_maxsize_in_MB=volume_maxsize_in_MB, volume_totalsize_in_MB=volume_totalsize_in_MB) logging.debug("_tenant_access_add: privileges=%s", privileges) error_info = check_privilege_parameters(privilege=privileges) if error_info: return error_info error_info, auth_mgr = get_auth_mgr_object() if error_info: return error_info error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn, [privileges]) if error_msg: error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg) return error_info error_msg, result = auth.get_row_from_privileges_table( auth_mgr.conn, tenant.id) # if len(result) == 1, which means "datastore"" is the first datastore for this tenant, # and should set this datastore to the "default_datastore" for this tenant if error_msg: error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg) return error_info logging.debug( "_tenant_access_add: get_row_from_privileges_table for tenant id=%s return %s", tenant.id, result) if len(result) == 1 or default_datastore: if datastore == auth.DEFAULT_DS: datastore_url = auth.DEFAULT_DS_URL else: datastore_url = vmdk_utils.get_datastore_url(datastore) error_msg = tenant.set_default_datastore(auth_mgr.conn, datastore_url) if error_msg: error_info = error_code.generate_error_info( ErrorCode.INTERNAL_ERROR, error_msg) return error_info