def update_transfer_request(self, uuid, transfer_request_data=None, params=None): """Update a zone transfer_requests. :param uuid: Unique identifier of the zone transfer request in UUID format. :transfer_request_data: A python dictionary representing data for zone transfer request :param params: A Python dict that represents the query paramaters to include in the request URI. :return: Serialized imported zone as a dictionary. """ transfer_request_uri = 'zones/tasks/transfer_requests' transfer_request_data = (transfer_request_data or dns_data_utils.rand_transfer_request_data()) resp, body = self._update_request(transfer_request_uri, uuid, transfer_request_data, params=params) # Create Transfer request should Return a HTTP 200 self.expected_success(200, resp.status) return resp, body
def test_show_transfer_request_as_target(self): # Checks the target of a scoped transfer request can see # the request. LOG.info('Create a zone') _, zone = self.zone_client.create_zone() self.addCleanup(self.zone_client.delete_zone, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') _, transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data) self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Fetch the transfer_request as the target') _, body = self.alt_client.show_transfer_request(transfer_request['id']) LOG.info('Ensure the fetched response matches the ' 'created transfer_request') excluded_keys = self.excluded_keys + [ "target_project_id", "project_id" ] self.assertExpected(transfer_request, body, excluded_keys)
def test_create_transfer_request_scoped(self): LOG.info('Create a zone') _, zone = self.zone_client.create_zone() self.addCleanup(self.zone_client.delete_zone, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') _, transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data) self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Ensure we respond with ACTIVE status') self.assertEqual('ACTIVE', transfer_request['status'])
def test_create_transfer_request_scoped(self): LOG.info('Create a zone') _, zone = self.zone_client.create_zone() self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') _, transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data) self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Ensure we respond with ACTIVE status') self.assertEqual('ACTIVE', transfer_request['status'])
def test_create_transfer_request_scoped(self): LOG.info('Create a zone') zone_name = dns_data_utils.rand_zone_name( name="create_transfer_request_scoped", suffix=self.tld_name) zone = self.zone_client.create_zone(name=zone_name)[1] self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data)[1] self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Ensure we respond with ACTIVE status') self.assertEqual('ACTIVE', transfer_request['status'])
def test_zone_transfer_target_project(self): LOG.info('Create a zone as "primary" tenant') zone_name = dns_data_utils.rand_zone_name( name="zone_transfer_target_project", suffix=self.tld_name) zone = self.zones_client.create_zone(name=zone_name)[1] LOG.info('Create transfer_request with target project set to ' '"Admin" tenant') transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_admin.credentials.project_id) transfer_request = self.request_client.create_transfer_request( zone['id'], transfer_request_data)[1] self.addCleanup(self.request_client.delete_transfer_request, transfer_request['id']) LOG.info('Ensure we respond with ACTIVE status') self.assertEqual('ACTIVE', transfer_request['status']) LOG.info('Accept the request as "alt" tenant, Expected: should fail ' 'as "admin" was set as a target project.') accept_data = { "key": transfer_request['key'], "zone_transfer_request_id": transfer_request['id'] } self.assertRaises(lib_exc.Forbidden, self.alt_accept_client.create_transfer_accept, transfer_accept_data=accept_data) LOG.info('Accept the request as "Admin" tenant, Expected: should work') self.admin_accept_client.create_transfer_accept( accept_data, headers={ 'x-auth-sudo-project-id': self.os_admin.credentials.project_id }, extra_headers=True) LOG.info('Fetch the zone as "Admin" tenant') admin_zone = self.admin_zones_client.show_zone( zone['id'], headers={ 'x-auth-sudo-project-id': self.os_admin.credentials.project_id })[1] self.addCleanup(self.wait_zone_delete, self.admin_zones_client, admin_zone['id'])
def test_show_transfer_request_as_target(self): # Checks the target of a scoped transfer request can see # the request. LOG.info('Create a zone') zone_name = dns_data_utils.rand_zone_name( name="create_transfer_request_as_target", suffix=self.tld_name) zone = self.zone_client.create_zone(name=zone_name)[1] self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data)[1] self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Fetch the transfer_request as the target') body = self.alt_client.show_transfer_request(transfer_request['id'])[1] LOG.info('Ensure the fetched response matches the ' 'created transfer_request') excluded_keys = self.excluded_keys + [ "target_project_id", "project_id" ] self.assertExpected(transfer_request, body, excluded_keys) # TODO(johnsom) Test reader role once this bug is fixed: # https://bugs.launchpad.net/tempest/+bug/1964509 # Test RBAC when a transfer target project is specified. expected_allowed = ['os_primary', 'os_alt'] if CONF.dns_feature_enabled.enforce_new_defaults: expected_allowed.append('os_system_admin') else: expected_allowed.append('os_admin') self.check_list_show_RBAC_enforcement('TransferRequestClient', 'show_transfer_request', expected_allowed, True, transfer_request['id'])
def update_transfer_request(self, uuid, transfer_request_data=None, params=None): """Update a zone transfer_requests. :param uuid: Unique identifier of the zone transfer request in UUID format. :transfer_request_data: A python dictionary representing data for zone transfer request :param params: A Python dict that represents the query paramaters to include in the request URI. :return: Serialized imported zone as a dictionary. """ transfer_request_uri = 'zones/tasks/transfer_requests' transfer_request_data = (transfer_request_data or dns_data_utils.rand_transfer_request_data()) resp, body = self._update_request( transfer_request_uri, uuid, transfer_request_data, params=params) # Create Transfer request should Return a HTTP 200 self.expected_success(200, resp.status) return resp, body
def test_show_transfer_request_as_target(self): # Checks the target of a scoped transfer request can see # the request. LOG.info('Create a zone') _, zone = self.zone_client.create_zone() self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id']) transfer_request_data = dns_data_utils.rand_transfer_request_data( target_project_id=self.os_alt.credentials.project_id) LOG.info('Create a scoped zone transfer_request') _, transfer_request = self.client.create_transfer_request( zone['id'], transfer_request_data) self.addCleanup(self.client.delete_transfer_request, transfer_request['id']) LOG.info('Fetch the transfer_request as the target') _, body = self.alt_client.show_transfer_request(transfer_request['id']) LOG.info('Ensure the fetched response matches the ' 'created transfer_request') excluded_keys = self.excluded_keys + ["target_project_id", "project_id"] self.assertExpected(transfer_request, body, excluded_keys)