def test_remove_tenants(self):
vms = [(str(uuid.uuid4()), 'vm1')]
privileges = self.get_privileges()
default_datastore, default_privileges = self.get_default_datastore_and_privileges()
error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore,
default_privileges, vms, privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
vms = [(str(uuid.uuid4()), 'vm2'), (str(uuid.uuid4()), 'vm3')]
privileges = []
error_info, tenant2 = self.auth_mgr.create_tenant('tenant2', 'Some tenant', default_datastore,
default_privileges, vms, privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant2.id))
tenant2.set_datastore_access_privileges(self.auth_mgr.conn, privileges)
error_info = self.auth_mgr.remove_tenant(tenant2.id, False)
self.assertEqual(error_info, None)
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(tenants_row, None)
# check vms table
error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(vms_row, [])
# check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(privileges_row, [])
def test_set_default_datastore_and_privileges(self):
vm1_uuid = str(uuid.uuid4())
vms = [(vm1_uuid, 'vm1')]
privileges = self.get_privileges()
default_datastore, default_privileges = self.get_default_datastore_and_privileges()
error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore,
default_privileges, vms, privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
default_datastore = 'new_default_ds'
default_privileges = {'datastore': default_datastore,
'global_visibility': 0,
'create_volume': 1,
'delete_volume': 1,
'mount_volume': 1,
'max_volume_size': 0,
'usage_quota': 0}
error_info = tenant1.set_default_datastore_and_privileges(self.auth_mgr.conn, default_datastore, default_privileges)
self.assertEqual(error_info, None)
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = 'new_default_ds'
actual_output = tenants_row[auth_data_const.COL_DEFAULT_DATASTORE]
self.assertEqual(actual_output, expected_output)
#check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 2)
expected_default_privileges = [tenant1.id,
default_privileges[auth_data_const.COL_DATASTORE],
default_privileges[auth_data_const.COL_GLOBAL_VISIBILITY],
default_privileges[auth_data_const.COL_CREATE_VOLUME],
default_privileges[auth_data_const.COL_DELETE_VOLUME],
default_privileges[auth_data_const.COL_MOUNT_VOLUME],
default_privileges[auth_data_const.COL_MAX_VOLUME_SIZE],
default_privileges[auth_data_const.COL_USAGE_QUOTA]
]
actual_default_privileges = [privileges_row[1][auth_data_const.COL_TENANT_ID],
privileges_row[1][auth_data_const.COL_DATASTORE],
privileges_row[1][auth_data_const.COL_GLOBAL_VISIBILITY],
privileges_row[1][auth_data_const.COL_CREATE_VOLUME],
privileges_row[1][auth_data_const.COL_DELETE_VOLUME],
privileges_row[1][auth_data_const.COL_MOUNT_VOLUME],
privileges_row[1][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[1][auth_data_const.COL_USAGE_QUOTA]
]
self.assertEqual(actual_default_privileges, expected_default_privileges)
def test_remove_tenants(self):
vms = [(self.vm1_uuid, self.vm1_name)]
privileges = self.get_privileges()
default_datastore = self.get_default_datastore()
default_datastore_url = self.get_datastore_url(default_datastore)
error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name,
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
vms = [(self.vm2_uuid, self.vm2_name), (self.vm3_uuid, self.vm3_name)]
privileges = []
error_info, tenant2 = self.auth_mgr.create_tenant(name=self.tenant_2_name,
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant2.id))
tenant2.set_datastore_access_privileges(self.auth_mgr.conn, privileges)
error_info = self.auth_mgr.remove_tenant(tenant2.id, False)
self.assertEqual(error_info, None)
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(tenants_row, None)
# check vms table
error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(vms_row, [])
# check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant2.id)
self.assertEqual(error_info, None)
self.assertEqual(privileges_row, [])
def test_add_datastore_access_privileges(self):
vm1_uuid = str(uuid.uuid4())
vms = [(vm1_uuid)]
privileges = []
error_info, tenant1 = self.auth_mgr.create_tenant(name='tenant1',
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
datastore_url = self.get_datastore_url('datastore1')
privileges = [{'datastore_url': datastore_url,
'allow_create': 0,
'max_volume_size': 0,
'usage_quota': 0}]
error_info = tenant1.set_datastore_access_privileges(self.auth_mgr.conn, privileges)
self.assertEqual(error_info, None)
#check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 1)
expected_privileges = [tenant1.id,
privileges[0][auth_data_const.COL_DATASTORE_URL],
privileges[0][auth_data_const.COL_ALLOW_CREATE],
privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges[0][auth_data_const.COL_USAGE_QUOTA]
]
actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID],
privileges_row[0][auth_data_const.COL_DATASTORE_URL],
privileges_row[0][auth_data_const.COL_ALLOW_CREATE],
privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[0][auth_data_const.COL_USAGE_QUOTA]
]
self.assertEqual(actual_privileges, expected_privileges)
def test_add_datastore_access_privileges(self):
vms = [(self.vm1_uuid, self.vm1_name)]
privileges = []
error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name,
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
datastore_url = self.get_datastore_url('datastore1')
privileges = [{'datastore_url': datastore_url,
'allow_create': 0,
'max_volume_size': 0,
'usage_quota': 0}]
error_info = tenant1.set_datastore_access_privileges(self.auth_mgr.conn, privileges)
self.assertEqual(error_info, None)
#check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 1)
expected_privileges = [tenant1.id,
privileges[0][auth_data_const.COL_DATASTORE_URL],
privileges[0][auth_data_const.COL_ALLOW_CREATE],
privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges[0][auth_data_const.COL_USAGE_QUOTA]
]
actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID],
privileges_row[0][auth_data_const.COL_DATASTORE_URL],
privileges_row[0][auth_data_const.COL_ALLOW_CREATE],
privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[0][auth_data_const.COL_USAGE_QUOTA]
]
self.assertEqual(actual_privileges, expected_privileges)
def test_create_tenant(self):
""" Test create_tenant() API """
vm1_uuid = str(uuid.uuid4())
vms = [(vm1_uuid, 'vm1')]
#privileges = []
privileges = self.get_privileges()
default_datastore, default_privileges = self.get_default_datastore_and_privileges()
error_info, tenant1 = self.auth_mgr.create_tenant('tenant1', 'Some tenant', default_datastore,
default_privileges, vms, privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [tenant1.id,
'tenant1',
'Some tenant',
'default_ds']
actual_output = [tenants_row[auth_data_const.COL_ID],
tenants_row[auth_data_const.COL_NAME],
tenants_row[auth_data_const.COL_DESCRIPTION],
tenants_row[auth_data_const.COL_DEFAULT_DATASTORE]
]
self.assertEqual(actual_output, expected_output)
# check vms table
error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [vm1_uuid,
'vm1',
tenant1.id]
self.assertEqual(len(vms_row), 1)
actual_output = [vms_row[0][auth_data_const.COL_VM_ID],
vms_row[0][auth_data_const.COL_VM_NAME],
vms_row[0][auth_data_const.COL_TENANT_ID]
]
self.assertEqual(actual_output, expected_output)
# check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 2)
expected_privileges = [tenant1.id,
privileges[0][auth_data_const.COL_DATASTORE],
privileges[0][auth_data_const.COL_GLOBAL_VISIBILITY],
privileges[0][auth_data_const.COL_CREATE_VOLUME],
privileges[0][auth_data_const.COL_DELETE_VOLUME],
privileges[0][auth_data_const.COL_MOUNT_VOLUME],
privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges[0][auth_data_const.COL_USAGE_QUOTA]
]
expected_default_privileges = [tenant1.id,
default_privileges[auth_data_const.COL_DATASTORE],
default_privileges[auth_data_const.COL_GLOBAL_VISIBILITY],
default_privileges[auth_data_const.COL_CREATE_VOLUME],
default_privileges[auth_data_const.COL_DELETE_VOLUME],
default_privileges[auth_data_const.COL_MOUNT_VOLUME],
default_privileges[auth_data_const.COL_MAX_VOLUME_SIZE],
default_privileges[auth_data_const.COL_USAGE_QUOTA]
]
expected_output = [expected_privileges,
expected_default_privileges
]
actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID],
privileges_row[0][auth_data_const.COL_DATASTORE],
privileges_row[0][auth_data_const.COL_GLOBAL_VISIBILITY],
privileges_row[0][auth_data_const.COL_CREATE_VOLUME],
privileges_row[0][auth_data_const.COL_DELETE_VOLUME],
privileges_row[0][auth_data_const.COL_MOUNT_VOLUME],
privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[0][auth_data_const.COL_USAGE_QUOTA]
]
actual_default_privileges = [privileges_row[1][auth_data_const.COL_TENANT_ID],
privileges_row[1][auth_data_const.COL_DATASTORE],
privileges_row[1][auth_data_const.COL_GLOBAL_VISIBILITY],
privileges_row[1][auth_data_const.COL_CREATE_VOLUME],
privileges_row[1][auth_data_const.COL_DELETE_VOLUME],
privileges_row[1][auth_data_const.COL_MOUNT_VOLUME],
privileges_row[1][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[1][auth_data_const.COL_USAGE_QUOTA]
]
actual_output = [actual_privileges, actual_default_privileges]
self.assertEqual(actual_output, expected_output)
def test_create_tenant(self):
""" Test create_tenant() API """
vm1_uuid = str(uuid.uuid4())
vms = [(vm1_uuid)]
privileges = self.get_privileges()
default_datastore = self.get_default_datastore()
default_datastore_url = self.get_datastore_url(default_datastore)
error_info, tenant1 = self.auth_mgr.create_tenant(name='tenant1',
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [tenant1.id,
'tenant1',
'Some tenant']
actual_output = [tenants_row[auth_data_const.COL_ID],
tenants_row[auth_data_const.COL_NAME],
tenants_row[auth_data_const.COL_DESCRIPTION]
]
self.assertEqual(actual_output, expected_output)
# check vms table
error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [vm1_uuid,
tenant1.id]
self.assertEqual(len(vms_row), 1)
actual_output = [vms_row[0][auth_data_const.COL_VM_ID],
vms_row[0][auth_data_const.COL_TENANT_ID]
]
self.assertEqual(actual_output, expected_output)
# check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 1)
expected_privileges = [tenant1.id,
privileges[0][auth_data_const.COL_DATASTORE_URL],
privileges[0][auth_data_const.COL_ALLOW_CREATE],
privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges[0][auth_data_const.COL_USAGE_QUOTA]
]
expected_output = [expected_privileges
]
actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID],
privileges_row[0][auth_data_const.COL_DATASTORE_URL],
privileges_row[0][auth_data_const.COL_ALLOW_CREATE],
privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[0][auth_data_const.COL_USAGE_QUOTA]
]
actual_output = [actual_privileges]
self.assertEqual(actual_output, expected_output)
def _tenant_access_add(name, datastore, allow_create=None, default_datastore=False,
volume_maxsize_in_MB=None, volume_totalsize_in_MB=None):
""" API to add datastore access for a tenant """
logging.debug("_tenant_access_add: name=%s datastore=%s, allow_create=%s "
"volume_maxsize_in_MB=%s volume_totalsize_in_MB=%s", name, datastore, allow_create,
volume_maxsize_in_MB, volume_totalsize_in_MB)
error_info, tenant = get_tenant_from_db(name)
if error_info:
return error_info
if not tenant:
error_info = error_code.generate_error_info(ErrorCode.TENANT_NOT_EXIST, name)
return error_info
error_info = check_datastore(datastore)
if error_info:
return error_info
datastore_url = vmdk_utils.get_datastore_url(datastore)
error_info, existing_privileges = _tenant_access_ls(name)
if error_info:
return error_info
if privilege_exist(existing_privileges, datastore_url):
error_info = error_code.generate_error_info(ErrorCode.PRIVILEGE_ALREADY_EXIST, name, datastore)
return error_info
# Possible value:
# None - no change required
# True/False (boolean or string) - change to corresponding True/False
if allow_create is not None:
# validate to boolean value if it is a string
allow_create_val, valid = validate_string_to_bool(allow_create)
if not valid:
err_code = ErrorCode.PRIVILEGE_INVALID_ALLOW_CREATE_VALUE
err_msg = error_code.error_code_to_message[err_code].format(allow_create)
logging.error(err_msg)
return ErrorInfo(err_code, err_msg)
allow_create = allow_create_val
privileges = generate_privileges(datastore_url=datastore_url,
allow_create=allow_create,
volume_maxsize_in_MB=volume_maxsize_in_MB,
volume_totalsize_in_MB=volume_totalsize_in_MB)
logging.debug("_tenant_access_add: privileges=%s", privileges)
error_info = check_privilege_parameters(privilege=privileges)
if error_info:
return error_info
error_info, auth_mgr = get_auth_mgr_object()
if error_info:
return error_info
error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn, [privileges])
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
error_msg, result = auth.get_row_from_privileges_table(auth_mgr.conn, tenant.id)
# if len(result) == 1, which means "datastore"" is the first datastore for this tenant,
# and should set this datastore to the "default_datastore" for this tenant
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
logging.debug("_tenant_access_add: get_row_from_privileges_table for tenant id=%s return %s",
tenant.id, result)
if len(result) == 1 or default_datastore:
if datastore_url == auth_data_const.DEFAULT_DS_URL:
# Create DEFAULT privilege for DEFAULT tenant, should not set the default_datastore in DB
error_msg = tenant.set_default_datastore(auth_mgr.conn, "")
else:
error_msg = tenant.set_default_datastore(auth_mgr.conn, datastore_url)
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
def test_create_tenant(self):
""" Test create_tenant() API """
vms = [(self.vm1_uuid, self.vm1_name)]
privileges = self.get_privileges()
default_datastore = self.get_default_datastore()
default_datastore_url = self.get_datastore_url(default_datastore)
error_info, tenant1 = self.auth_mgr.create_tenant(name=self.tenant_name,
description='Some tenant',
vms=vms,
privileges=privileges)
self.assertEqual(error_info, None)
self.assertTrue(uuid.UUID(tenant1.id))
# Check tenants table
error_info, tenants_row = auth.get_row_from_tenants_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [tenant1.id,
self.tenant_name,
'Some tenant']
actual_output = [tenants_row[auth_data_const.COL_ID],
tenants_row[auth_data_const.COL_NAME],
tenants_row[auth_data_const.COL_DESCRIPTION]
]
self.assertEqual(actual_output, expected_output)
# check vms table
error_info, vms_row = auth.get_row_from_vms_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
expected_output = [self.vm1_uuid,
tenant1.id]
self.assertEqual(len(vms_row), 1)
actual_output = [vms_row[0][auth_data_const.COL_VM_ID],
vms_row[0][auth_data_const.COL_TENANT_ID]
]
self.assertEqual(actual_output, expected_output)
# check privileges table
error_info, privileges_row = auth.get_row_from_privileges_table(self.auth_mgr.conn, tenant1.id)
self.assertEqual(error_info, None)
self.assertEqual(len(privileges_row), 1)
expected_privileges = [tenant1.id,
privileges[0][auth_data_const.COL_DATASTORE_URL],
privileges[0][auth_data_const.COL_ALLOW_CREATE],
privileges[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges[0][auth_data_const.COL_USAGE_QUOTA]
]
expected_output = [expected_privileges
]
actual_privileges = [privileges_row[0][auth_data_const.COL_TENANT_ID],
privileges_row[0][auth_data_const.COL_DATASTORE_URL],
privileges_row[0][auth_data_const.COL_ALLOW_CREATE],
privileges_row[0][auth_data_const.COL_MAX_VOLUME_SIZE],
privileges_row[0][auth_data_const.COL_USAGE_QUOTA]
]
actual_output = [actual_privileges]
self.assertEqual(actual_output, expected_output)
def _tenant_access_add(name,
datastore,
allow_create=None,
default_datastore=False,
volume_maxsize_in_MB=None,
volume_totalsize_in_MB=None):
""" API to add datastore access for a tenant """
logging.debug(
"_tenant_access_add: name=%s datastore=%s, allow_create=%s "
"volume_maxsize_in_MB=%s volume_totalsize_in_MB=%s", name, datastore,
allow_create, volume_maxsize_in_MB, volume_totalsize_in_MB)
error_info, tenant = get_tenant_from_db(name)
if error_info:
return error_info
if not tenant:
error_info = error_code.generate_error_info(ErrorCode.TENANT_NOT_EXIST,
name)
return error_info
error_info = check_datastore(datastore)
if error_info:
return error_info
error_info, existing_privileges = _tenant_access_ls(name)
if error_info:
return error_info
if privilege_exist(existing_privileges, datastore):
error_info = error_code.generate_error_info(
ErrorCode.PRIVILEGE_ALREADY_EXIST, name, datastore)
return error_info
privileges = generate_privileges(
datastore=datastore,
allow_create=allow_create,
volume_maxsize_in_MB=volume_maxsize_in_MB,
volume_totalsize_in_MB=volume_totalsize_in_MB)
logging.debug("_tenant_access_add: privileges=%s", privileges)
error_info = check_privilege_parameters(privilege=privileges)
if error_info:
return error_info
error_info, auth_mgr = get_auth_mgr_object()
if error_info:
return error_info
error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn,
[privileges])
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR,
error_msg)
return error_info
error_msg, result = auth.get_row_from_privileges_table(
auth_mgr.conn, tenant.id)
# if len(result) == 1, which means "datastore"" is the first datastore for this tenant,
# and should set this datastore to the "default_datastore" for this tenant
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR,
error_msg)
return error_info
logging.debug(
"_tenant_access_add: get_row_from_privileges_table for tenant id=%s return %s",
tenant.id, result)
if len(result) == 1 or default_datastore:
if datastore == auth.DEFAULT_DS:
datastore_url = auth.DEFAULT_DS_URL
else:
datastore_url = vmdk_utils.get_datastore_url(datastore)
error_msg = tenant.set_default_datastore(auth_mgr.conn, datastore_url)
if error_msg:
error_info = error_code.generate_error_info(
ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
