def test_superuser_login(): """Test that we can login as a super user and identify we are super. :id: 0815070f-5042-45ba-a6bb-f2596f764c7e :description: Test that we can login with a super user's credentials and that the token response includes a flag indicating super user status. :steps: 1) Send POST with username and password to the token endpoint. :expectedresults: 1) Receive an authorization token that can then be used to build authentication headers and make authenticated requests. 2) Assert a 200 response is returned and the information about the logged in user are correct 3) Assert the response includes the `is_superuser` field set to True """ config = get_config() client = api.Client(authenticate=False) user = { 'username': config['super_user_name'], 'password': config['super_user_password'], } response = client.post(urls.AUTH_TOKEN_CREATE, user) assert response.status_code == 200 json_response = response.json() assert 'auth_token' in json_response assert json_response['is_superuser']
def test_list_accounts_empty(create_user_account): """Test accounts without any instance or image history have empty summaries. :id: 2a152ef6-fcd8-491c-b3cc-bda81699453a :description: Test that an account without any instances or images shows up in the results with 0 counts. :steps: 1) Add a cloud account 2) GET from the account report endpoint :expectedresults: - The account is in the response and matches the created account - Instances, images, RHEL, and Openshift all have 0 counts """ user = create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) client = api.Client(authenticate=False) start, end = utils.get_time_range() params = { 'start': start, 'end': end, } response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) account = response.json()['cloud_account_overviews'][0] assert account['cloud_account_id'] == acct['aws_account_id'] assert account['images'] == 0, repr(account) assert account['instances'] == 0, repr(account) assert account['rhel_instances'] == 0, repr(account) assert account['openshift_instances'] == 0, repr(account)
def test_negative_create_no_token(): """Raise an error if no config entry is found and no url specified.""" cfg_missing_token = deepcopy(VALID_CONFIG) cfg_missing_token.pop('superuser_token') with patch.object(config, '_CONFIG', cfg_missing_token): with pytest.raises(exceptions.TokenNotFound): api.Client(authenticate=True)
def test_negative_create_cloud_account_missing(drop_account_data, field_to_delete): """Ensure attempts to create cloud accounts missing data are rejected. :id: a93821ba-4181-47e7-b685-dbe642c1441e :description: Ensure an user cannot register a cloud account missing data. :steps: 1) Create a user and authenticate with their password 2) Send a POST with the incomplete cloud account information to 'api/v1/account/' :expectedresults: The server rejects the incomplete request. """ auth = get_auth() client = api.Client(authenticate=False, response_handler=api.echo_handler) cfg = config.get_config() aws_profile = cfg['aws_profiles'][0] profile_name = aws_profile['name'] acct_arn = aws_profile['arn'] cloud_account = { 'account_arn': acct_arn, 'resourcetype': 'AwsAccount', 'name': profile_name, } # remove one field cloud_account.pop(field_to_delete) create_response = client.post(urls.CLOUD_ACCOUNT, payload=cloud_account, auth=auth) missing_fields = create_response.json().keys() assert create_response.status_code == 400, create_response.json() assert field_to_delete in missing_fields, create_response.json()
def test_image_report_empty(): """Test accounts without any instance or image report has empty summary. :id: 2a152ef6-fcd8-491c-b3cc-bda81699453a :description: Test that an account without any instances or images shows up in the results with 0 counts. :steps: 1) Add a cloud account 2) GET from the image report endpoint :expectedresults: - An empty list is returned """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) client = api.Client(authenticate=False) report_start, report_end = utils.get_time_range() params = { 'start': report_start, 'end': report_end, 'account_id': acct['id'], } response = client.get(urls.REPORT_IMAGES, params=params, auth=auth) images = response.json()['images'] assert images == [], repr(images)
def create_user_account(): """Create a factory to create user accounts. This fixture creates a factory (a function) which will create a user account. Repeated calls will create return new users. All users created with this factory will delete any cloud accounts associated with the users after the test has run. Optional arguments can be passed as a dictionary: {'username': '******', 'password': '******', 'email': 'str'} If none are provided, values will be generated and returned. """ users = [] def factory(**kwargs): """Create a user, add it to our list of users, and return it.""" user = utils.create_user_account(**kwargs) users.append(user) return user yield factory client = api.Client() for user in users: auth = utils.get_auth(user) while client.get(urls.CLOUD_ACCOUNT, auth=auth).json()['results']: account = client.get( urls.CLOUD_ACCOUNT, auth=auth).json()['results'][0] client.delete(urljoin(urls.CLOUD_ACCOUNT, str(account['id'])))
def wait_for_cloudigrade_instance( instance_id, auth, timeout=800, sleep_period=15): """Wait for image to be inspected and assert on findings. :param instance_id: The ec2 instance id you expect to find. :param auth: the auth object for using with the server to authenticate as the user in question. :raises: AssertionError if the image is not inspected or if the results do not match the expected results for product identification. """ # Wait, keeping track of what images are inspected client = api.Client(authenticate=False, response_handler=api.json_handler) start = time.time() timepassed = 0 sys.stdout.write('\n') with click.progressbar( length=timeout, label=f'Waiting for instance {instance_id} to appear in' ' cloudigrade' ) as bar: while True: list_instances = client.get(urls.INSTANCE, auth=auth) found_instances = [instance['ec2_instance_id'] for instance in list_instances['results']] if instance_id in found_instances: return found_instances sleep(sleep_period) now = time.time() timepassed = now - start bar.update(timepassed) if timepassed >= timeout: return found_instances
def test_superuser_instances_report(instances_report_data): """Test that a superuser can retrieves a regular user's instances report. :id: d222617b-9304-4081-9b95-f1a193412b6e :description: Test that a superuser can retrieve a regular user's instances report. :steps: 1) Add a cloud account for a regular user 2) Add some instance usage data for the following images: blank, RHEL, OpenShift and RHEL + OpenShift 3) As a superuser, generate an instances report for a given period providing a regular user ID. 4) Ensure the report only shows information about the usage on the given period. :expectedresults: An instances report can be generated by a superuser impersonating a regular user and the information provided is accurate. """ user1, user2, auth1, auth2, accounts1 = instances_report_data cfg = config.get_config() superuser_auth = api.TokenAuth(cfg.get('superuser_token')) client = api.Client(response_handler=api.json_handler) response = client.get( urls.REPORT_INSTANCES, params={ 'start': REPORT_START_DATE, 'end': REPORT_END_DATE, 'user_id': user1['id'], }, auth=superuser_auth ) assert response == EXPECTED_REPORT_DATA, response
def test_instances_report(instances_report_data): """Test that instances report provides expected results. :id: 7dd5ac11-7429-4030-9996-dbf3684f39e1 :description: Test that regular users can retrieve their own instances report. :steps: 1) Add a cloud account for a regular user 2) Add some instance usage data for the following images: blank, RHEL, OpenShift and RHEL + OpenShift 3) Generate an instances report for a given period. 4) Ensure the report only shows information about the usage on the given period. :expectedresults: An instances report can be generated and the information provided is accurate. """ user1, user2, auth1, auth2, accounts1 = instances_report_data client = api.Client(response_handler=api.json_handler) response = client.get( urls.REPORT_INSTANCES, params={ 'start': REPORT_START_DATE, 'end': REPORT_END_DATE, }, auth=auth1 ) for i, exp_data in enumerate(EXPECTED_REPORT_DATA['daily_usage']): seen_day = response['daily_usage'][i] vcpu = seen_day['rhel_vcpu_seconds'] runtime = seen_day['rhel_runtime_seconds'] assert exp_data == seen_day, (runtime - vcpu) / 60 / 60
def test_create_no_config(): """If a base url is specified we use it.""" with patch.object(config, '_CONFIG', {}): assert config.get_config() == {} other_host = 'http://hostname.com' client = api.Client(url=other_host, authenticate=False) assert 'http://example.com/api/v1/' != client.url assert other_host == client.url
def test_create_override_config(): """If a base url is specified, we use that instead of config file.""" with patch.object(config, '_CONFIG', VALID_CONFIG): other_host = 'http://hostname.com' client = api.Client(url=other_host, authenticate=False) cfg_host = config.get_config()['base_url'] assert cfg_host != client.url assert other_host == client.url
def test_head(good_response): """Test that when we use the head method, a well formed request is sent.""" with patch.object(config, '_CONFIG', VALID_CONFIG): cl = api.Client() cl.request = Mock(return_value=good_response) r = cl.head('api/v1/') assert r == good_response cl.request.assert_called_once_with( 'HEAD', urljoin(cl.url, 'api/v1/'))
def test_runtime_requests_from_future(): """Test future start and end times for empty set result. :id: 133A04EE-55C3-4948-B2F9-D89A6A84C9FC :description: Test events that start/end in the future ensuring that results are empty []. :steps: 1) Add a cloud account 2) Insert past instance, image, and event data 3) Insert future instance, image, and event data 4) GET from the image report endpoint :expectedresults: - When start/end times are in the future OR when start>end expect runtine_seconds to be empty. """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) image_type = 'openshift' instance_start = 2 instance_end = 1 client = api.Client(authenticate=False, response_handler=api.echo_handler) events = [instance_start] if instance_end: events.append(instance_end) inject_instance_data(acct['id'], image_type, events) report_start, report_end = utils.get_time_range(180) params = { 'start': report_start, 'end': report_end, 'account_id': acct['id'], } response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) response_data = response.json()['cloud_account_overviews'][0] rhel_instances = response_data['rhel_instances'] openshift_instances = response_data['openshift_instances'] rhel_runtime_seconds = response_data['rhel_runtime_seconds'] openshift_runtime_seconds = response_data['openshift_runtime_seconds'] assert rhel_instances is None assert openshift_instances is None assert rhel_runtime_seconds is None assert openshift_runtime_seconds is None past_date = datetime.datetime.now() + datetime.timedelta(-30) backwards_params = { 'start': report_start, 'end': past_date, 'account_id': acct['id'], } response = client.get( urls.REPORT_ACCOUNTS, params=backwards_params, auth=auth, ) response_error = response.json()['non_field_errors'][0] assert response_error == 'End date must be after start date.'
def test_delete(good_response): """Test that the delete method sends a well formed request.""" with patch.object(config, '_CONFIG', VALID_CONFIG): cl = api.Client() cl.request = Mock(return_value=good_response) r = cl.delete('api/v1/') assert r == good_response cl.request.assert_called_once_with( 'DELETE', urljoin(cl.url, 'api/v1/'))
def test_patch(good_response): """Test that the patch method sends a well formed request.""" with patch.object(config, '_CONFIG', VALID_CONFIG): cl = api.Client() cl.request = Mock(return_value=good_response) r = cl.patch('api/v1/', {}) assert r == good_response cl.request.assert_called_once_with( 'PATCH', urljoin(cl.url, 'api/v1/'), json={})
def check_superuser(): """Ensure that we have a valid superuser for the test run.""" try: config.get_config() client = api.Client(response_handler=api.echo_handler) response = client.get(urls.AUTH_ME) assert response.status_code == 200, response.url except (AssertionError, exceptions.MissingConfigurationError) as e: pytest.fail('Super user creation must have failed. ' f'Error: {repr(e)}')
def test_user_list(drop_account_data): """Super users can request lists of created user accounts. :id: 52567e92-2b6a-43b0-bdc0-5a347b9dd4bc :description: Super users, and only super users, are able to request a user list. :steps: 1) Authenticate with a super user account and request the user list end point contains yourself and a created non-super user account. 2) Authenticate with a non-super user account and request the user list to verify a 4xx error :expectedresults: The super user can get the list, but not the regular user account. """ client = api.Client() response = client.get(urls.USER_LIST) pre_user_list = response.json() usernames = [user['username'] for user in pre_user_list] assert get_config()['super_user_name'] in usernames new_user = create_user_account() account_number = random.randint(2, 5) for _ in range(account_number): inject_aws_cloud_account(new_user['id']) response = client.get(urls.USER_LIST).json() for user in response: assert 'accounts' in user, user assert 'challenged_images' in user, user if user['id'] == new_user['id']: assert user['accounts'] == account_number assert user['challenged_images'] == 0 new_user_list = [user for user in response if user not in pre_user_list] new_user_ids = [user['id'] for user in new_user_list] assert new_user['id'] in new_user_ids auth = get_auth(new_user) client = api.Client(authenticate=False, response_handler=api.echo_handler) response = client.get(urls.USER_LIST, auth=auth) assert response.status_code == 403
def test_filter_by_account_id_and_name(accounts_report_data, superuser): """Test that cloud accounts report can be filtered by account ID and name. :id: edacb611-dfec-4d8b-b480-b0c0d901c08e :description: Test that regular users and superusers can filter cloud accounts by account ID and name. This is not useful since the account ID will restrict the list to a single account but, since this is a possibility, ensure that an and operation will be done to match both account ID and name. :steps: 1) Add three cloud accounts 2) Insert some instance events for all accounts. 3) Filter the cloud accounts by providing the account_id and a name pattern that does not match the account's name. 4) Ensure an emptly list is returned since it won't match anything. 5) Now update the account ID and the name pattern to match both the account ID and the name. 4) Ensure a single account is returned and assert that their instance events are correct. :expectedresults: No result should be returned if both account ID and name pattern don't match any account. One result is returned when both account ID and name pattern match an account. All instance events should match for the matched account. """ auth, first_account, second_account, third_account = accounts_report_data client = api.Client(authenticate=superuser) start, end = utils.get_time_range() params = { 'end': end, 'account_id': second_account['id'], 'name_pattern': 'EaT sOme ToFu', 'start': start, } if superuser: params['user_id'] = first_account['user_id'] # No result will be returned since it will try to mach the account ID and # the name pattern response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) cloud_account_overviews = response.json()['cloud_account_overviews'] assert len(cloud_account_overviews) == 0, cloud_account_overviews # Now update the account ID to point to an account that the name pattern # will match, it should return a single result. params['account_id'] = first_account['id'] response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) cloud_account_overviews = response.json()['cloud_account_overviews'] assert len(cloud_account_overviews) == 1, cloud_account_overviews account = cloud_account_overviews[0] assert first_account['aws_account_id'] == account['cloud_account_id'] assert account['images'] == 1, repr(account) assert account['instances'] == 1, repr(account) assert account['rhel_instances'] == 1, repr(account) assert account['openshift_instances'] == 0, repr(account)
def test_list_specific_image(images_data): """Test if a specific image can be fetched. :id: 99aaec58-6053-476d-9674-ee650ffa33a9 :description: Check if a regular user can fetch one of its images. Check if a superuser can fetch all images. Check if a regular user can't fetch an image that belongs to another user. :steps: 1. Fetch all images 2. For each image, check if its owner and a superuser can fetch each. Also check if another user can't fetch it. :expectedresults: A regular user can only fetch its images and a superuser can fetch all images. """ user1, user2, auth1, auth2, images1, images2 = images_data cfg = config.get_config() superuser_auth = api.TokenAuth(cfg.get('superuser_token')) client = api.Client(authenticate=False) start, end = utils.get_time_range() response = client.get(urls.IMAGE, auth=superuser_auth).json() assert response['count'] == len(images1) + len(images2), response all_images = response['results'] ec2_ami_ids1 = [image['ec2_ami_id'] for image in images1] ec2_ami_ids2 = [image['ec2_ami_id'] for image in images2] for image in all_images: if image['ec2_ami_id'] in ec2_ami_ids1: auth = auth1 other_auth = auth2 elif image['ec2_ami_id'] in ec2_ami_ids2: auth = auth2 other_auth = auth1 else: raise ValueError( f'{image} not in {ec2_ami_ids1} or {ec2_ami_ids2}') image_url = urljoin(urls.IMAGE, str(image['id'])) # Ensure superuser can fetch it response = client.get(image_url, auth=superuser_auth).json() assert response == image # Ensure the image owner can fetch it response = client.get(image_url, auth=auth).json() assert response == image # Ensure any other user can't fetch it old_handler = client.response_handler client.response_handler = api.echo_handler response = client.get(image_url, auth=other_auth) client.response_handler = old_handler assert response.status_code == 404 assert response.json()['detail'] == 'Not found.'
def test_another_users_instances_report(instances_report_data): """Test that a regular can't retrieve another regular user's instances report. :id: abc19456-327d-4707-b8d6-7a99a6151c1e :description: Test that a regular user can't retrieve a regular user's instances report. :steps: 1) Create two regular users 2) Add a cloud account for each user. 3) Add some instance usage data for one of the regular users, using the following images: blank, RHEL, OpenShift and RHEL + OpenShift 4) As the regular user that does not have the usage data, generate its instances report and ensure it is blank. 5) As the regular user that does not have the usage data, try to impersonate the other regular user and generate an instances report. 6) Ensure that a regular user can't impersonate another regular user and retrieve their instances report. And its own instances report will be returned. :expectedresults: An instances report cannot be generated by a regular impersonating another regular user. A regular user will always retrieve its own instances report, even when trying to impersonate another regular user. """ user1, user2, auth1, auth2, accounts1 = instances_report_data client = api.Client(response_handler=api.json_handler) # Ensure that the second user's instances report is empty response = client.get( urls.REPORT_INSTANCES, params={ 'start': REPORT_START_DATE, 'end': REPORT_END_DATE, }, auth=auth2 ) assert response['instances_seen_with_openshift'] == 0, response assert response['instances_seen_with_rhel'] == 0, response for usage in response['daily_usage']: assert usage['openshift_instances'] == 0 assert usage['openshift_runtime_seconds'] == 0 assert usage['rhel_instances'] == 0 assert usage['rhel_runtime_seconds'] == 0 # Try to impersonate the first user and retrieve their instances report impersonate_response = client.get( urls.REPORT_INSTANCES, params={ 'start': REPORT_START_DATE, 'end': REPORT_END_DATE, 'user_id': user1['id'], }, auth=auth2 ) assert impersonate_response == response
def test_future_instances(param): """Test instance events generate usage summary results for correct tags. :id: f3c84697-a40c-40d9-846d-117e2647e9d3 :description: Test combinations of image tags, start/end events, and the resulting counts from the summary report API. :steps: 1) Add a cloud account 2) Insert instance, image, and event data 3) GET from the account report endpoint :expectedresults: - The instance, image, RHEL, and Openshift counts match the expectation """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id'], acct_age=param.acct_age) start, end = 0, None client = api.Client(authenticate=False) events = [start] if end: events.append(end) inject_instance_data(acct['id'], '', events) # Set date range for 30 days in the past start, end = utils.get_time_range(-30) params = { 'start': start, 'end': end, } response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) account = response.json()['cloud_account_overviews'][0] acct_creation = datetime.today() - timedelta(days=param.acct_age) start, end = utils.get_time_range(-30, formatted=False) if acct_creation < start: info = 'Account created before start of window' elif acct_creation > end: info = 'Account newer than window' else: info = 'Account created during window' assert account['cloud_account_id'] == acct['aws_account_id'] if param.unknown: exp = None else: exp = 0 assert account['images'] == exp, info assert account['instances'] == exp, info assert account['rhel_instances'] == exp, info assert account['openshift_instances'] == exp, info
def test_response_handlers(good_response, handler): """Test that when we get a good 2xx response, it is returned.""" with patch.object(config, '_CONFIG', VALID_CONFIG): assert config.get_config() == VALID_CONFIG client = api.Client( authenticate=False, response_handler=handler ) r = client.response_handler(good_response) if handler == api.json_handler: assert r == good_response.json() else: assert r == good_response
def test_list_account_while_impersonating(impersonate): """Test account data fetched via impersonating a user as a superuser. :id: 5f99c7ec-a4d3-4040-868f-9340015e4c9c :description: Test that the same assertions can be made for fetching data as a regular user and fetching data impersonating that same user :steps: 1) Add a cloud account 2) Insert instance, image, and event data 3) GET from the account report endpoint as regular user 3) GET from the account report endpoint as super user impersonating :expectedresults: - The instance, image, RHEL, and Openshift counts match the expectation """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) image_type = 'rhel' exp_inst = 1 exp_images = 1 exp_rhel = 1 exp_openshift = 0 start = 0 end = None offset = 0 # authenticate (as superuser) if we are impersonating client = api.Client(authenticate=impersonate) events = [start] if end: events.append(end) inject_instance_data(acct['id'], image_type, events) start, end = utils.get_time_range(offset) params = { 'start': start, 'end': end, } if impersonate: params['user_id'] = user['id'] response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) account = response.json()['cloud_account_overviews'][0] assert account['cloud_account_id'] == acct['aws_account_id'] assert account['images'] == exp_images, repr(account) assert account['instances'] == exp_inst, repr(account) assert account['rhel_instances'] == exp_rhel, repr(account) assert account['openshift_instances'] == exp_openshift, repr(account)
def test_multiple_runs_counted_once(): """Test instances being run a different times in the same period count once. :id: 0e8d0475-54d9-43af-9c2b-23f84865c6b4 :description: Within any single period of reporting an instance which has been started and stopped multiple times still counts just once. :steps: 1) Add a cloud account 2) Insert event data with more than one start and stop in the last 30 day period 3) GET from the account report endpoint :expectedresults: - The instance and image should only be counted once """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) image_type = '' exp_inst = 1 exp_images = 1 exp_rhel = 0 exp_openshift = 0 client = api.Client(authenticate=False) start, end = utils.get_time_range() params = { 'start': start, 'end': end, } events = [ 20, 15, 10, 5, ] inject_instance_data(acct['id'], image_type, events) response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) account = response.json()['cloud_account_overviews'][0] assert account['cloud_account_id'] == acct['aws_account_id'] assert account['images'] == exp_images, repr(account) assert account['instances'] == exp_inst, repr(account) assert account['rhel_instances'] == exp_rhel, repr(account) assert account['openshift_instances'] == exp_openshift, repr(account)
def test_list_images_while_impersonating(impersonate): """Test account data fetched via impersonating a user as a superuser. :id: 5f99c7ec-a4d3-4040-868f-9340015e4c9c :description: Test that the same assertions can be made for fetching data as a regular user and fetching data impersonating that same user :steps: 1) Add a cloud account 2) Insert instance, image, and event data 3) GET from the image report endpoint as regular user 3) GET from the image report endpoint as super user impersonating :expectedresults: - The images are returned for the user and a super user, but no one else. """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) image_type = 'rhel' exp_rhel = True exp_openshift = False start = 12 end = 10 offset = 0 # start and end values indicate number of days in the past # so their difference is the whole number of days of runtime expected_runtime = (start - end) * 24 * 60 * 60 # authenticate (as superuser) if we are impersonating client = api.Client(authenticate=impersonate) events = [start] if end: events.append(end) inject_instance_data(acct['id'], image_type, events) report_start, report_end = utils.get_time_range(offset) params = { 'start': report_start, 'end': report_end, 'account_id': acct['id'], } response = client.get(urls.REPORT_IMAGES, params=params, auth=auth) image = response.json()['images'][0] assert image['rhel'] == exp_rhel, repr(image) assert image['openshift'] == exp_openshift, repr(image) assert int(image['runtime_seconds']) == int(expected_runtime), repr(image)
def test_list_account_with_multiple(): """Test that a user with multiple accounts can list all. :id: 1f16a664-a4ea-410e-9ff8-0a6e42cb4df2 :description: Test that the same assertions can be made for fetching data with just one account works with multiple. :steps: 1) Add a cloud account 2) Insert instance, image, and event data 3) GET from the account report endpoint as regular user :expectedresults: - The instance, image, RHEL, and Openshift counts match the expectation """ user = utils.create_user_account() auth = utils.get_auth(user) acct = inject_aws_cloud_account(user['id']) image_type = 'rhel' exp_inst = 1 exp_images = 1 exp_rhel = 1 exp_openshift = 0 time = 0 offset = 0 acct2 = inject_aws_cloud_account(user['id']) client = api.Client(authenticate=False) inject_instance_data(acct['id'], image_type, [time]) start, end = utils.get_time_range(offset) params = { 'start': start, 'end': end, } response = client.get(urls.REPORT_ACCOUNTS, params=params, auth=auth) accounts = response.json()['cloud_account_overviews'] account = accounts[0] account2 = accounts[1] assert account['cloud_account_id'] == acct['aws_account_id'] assert account2['cloud_account_id'] == acct2['aws_account_id'] assert account['images'] == exp_images, repr(account) assert account['instances'] == exp_inst, repr(account) assert account['rhel_instances'] == exp_rhel, repr(account) assert account['openshift_instances'] == exp_openshift, repr(account)
def test_login_logout(): """Test that we can login, make requests and logout to the server. :id: 2eb55229-4e1e-4d35-ac4a-4f2424d37cf6 :description: Test that we can login, make requests and logout to the server. :steps: 1) Send POST with username and password to the token endpoint. 2) Send a GET request to /auth/me/ with the authorization token from previous step in the headers. 3) Send a POST request to /auth/token/destroy/. 4) Try to access /auth/me/ again with the authorization token from step 1. :expectedresults: 1) Receive an authorization token that can then be used to build authentication headers and make authenticated requests. 2) Assert a 200 response is returned and the information about the logged in user are correct, including being flagged as a non-super user 3) Assert a 204 response is returned 4) Assert a 401 response is returned and the detailed message states the authentication token is now invalid. """ user = create_user_account() client = api.Client(authenticate=False) response = client.post(urls.AUTH_TOKEN_CREATE, user) assert response.status_code == 200 json_response = response.json() assert 'auth_token' in json_response assert not json_response['is_superuser'] auth = api.TokenAuth(json_response['auth_token']) response = client.get(urls.AUTH_ME, auth=auth) assert response.status_code == 200 json_response = response.json() assert json_response['email'] == user['email'] assert json_response['username'] == user['username'] response = client.post(urls.AUTH_TOKEN_DESTROY, {}, auth=auth) assert response.status_code == 204 client.response_handler = api.echo_handler response = client.get(urls.AUTH_ME, auth=auth) assert response.status_code == 401 json_response = response.json() assert json_response['detail'] == 'Invalid token.'
def test_sysconfig_negative(): """Ensure unauthenticated requests can't access configuration information. :id: 41b8309d-610e-4980-904d-72e19c0e1b63 :description: Ensure that unauthenticated requests to sysconfig can't access configuration information. :steps: Do an unauthenticated GET request to /api/v1/sysconfig/. :expectedresults: The server returns a 401 response informing that the authentication information is needed to access the system configuration. """ client = api.Client(authenticate=False, response_handler=api.echo_handler) response = client.get(urls.SYSCONFIG) assert response.status_code == 401 assert response.json() == { 'detail': 'Authentication credentials were not provided.' }
def test_past_without_instances(): """Test accounts with instances only after the filter period. :id: 72aaa6e2-2c60-4e71-bb47-3644bd6beb71 :description: Test that an account with instances that were created prior to the current report end date. :steps: 1) Add a cloud account 2) Inject instance data for today 3) GET from the account report endpoint for 30 days ago :expectedresults: - The account is in the response and matches the created account - Instances, images, RHEL, and Openshift all have None counts """ user = utils.create_user_account() auth = utils.get_auth(user) # TODO: refactor inject_aws_cloud_account to use seed data acct = '' # inject_aws_cloud_account(user['id']) client = api.Client(authenticate=False) # ask for last 30 days report_start, report_end = utils.get_time_range() params = { 'start': report_start, 'end': report_end, 'account_id': acct['id'], } response = client.get(urls.REPORT_IMAGES, params=params, auth=auth) images = response.json()['images'] assert images == [], repr(images) # No tagged images, started 60 days ago and stopped 45 days ago # image_type = '' instance_start = 60 instance_end = 45 events = [instance_start, instance_end] print(events) # inject_instance_data(acct['id'], image_type, events) # test that still have no images in report response = client.get(urls.REPORT_IMAGES, params=params, auth=auth) images = response.json()['images'] assert images == [], repr(images)
def test_token_negative(endpoint): """Given that we have an invalid token, we cannot make requests. :id: a87f7069-3ee9-4435-a953-fd8664199419 :description: Test that if we have a bad token, we cannot use it to make requests to any of the /api/v1/* endpoints :steps: 1) Send a GET request with a invalid authorization token in the header to all /api/v1/* endpoints. 2) Assert that we get a 401 response for all requests. :expectedresults: The server rejects our invalid token for all /api/v1/* endpoints. """ client = api.Client(response_handler=api.echo_handler) auth = api.TokenAuth(uuid4()) response = client.get(f'/api/v1/{endpoint}', auth=auth) assert response.status_code == 401 assert response.json() == {'detail': 'Invalid token.'}