def setUp(self): super(FlavorAccessPolicyTest, self).setUp() self.controller = flavor_access.FlavorActionController() self.controller_index = flavor_access.FlavorAccessController() self.req = fakes.HTTPRequest.blank('') self.mock_get = self.useFixture( fixtures.MockPatch('nova.api.openstack.common.get_flavor')).mock uuid = uuids.fake_id self.flavor = fake_flavor.fake_flavor_obj(self.project_member_context, id=1, uuid=uuid, project_id=self.project_id, is_public=False) self.mock_get.return_value = self.flavor self.stub_out('nova.api.openstack.identity.verify_project_id', lambda ctx, project_id: True) self.stub_out('nova.objects.flavor._get_projects_from_db', lambda context, flavorid: []) # With legacy rule and no scope checks, all admin is able to # add/remove flavor access to a tenant. self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context ] # With legacy rule, anyone can access flavor access info. self.admin_index_authorized_contexts = self.all_contexts
def setUp(self): super(FlavorAccessPolicyTest, self).setUp() self.controller = flavor_access.FlavorActionController() self.controller_index = flavor_access.FlavorAccessController() self.req = fakes.HTTPRequest.blank('') self.mock_get = self.useFixture( fixtures.MockPatch('nova.api.openstack.common.get_flavor')).mock uuid = uuids.fake_id self.flavor = fake_flavor.fake_flavor_obj(self.project_member_context, id=1, uuid=uuid, project_id=self.project_id, is_public=False) self.mock_get.return_value = self.flavor self.stub_out('nova.api.openstack.identity.verify_project_id', lambda ctx, project_id: True) self.stub_out('nova.objects.flavor._get_projects_from_db', lambda context, flavorid: []) # Check that admin is able to add/remove flavor access # to a tenant. self.admin_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context ] # Check that non-admin is not able to add/remove flavor access # to a tenant. self.admin_unauthorized_contexts = [ self.system_member_context, self.system_reader_context, self.system_foo_context, self.project_member_context, self.other_project_member_context, self.other_project_reader_context, self.project_foo_context, self.project_reader_context ] # Check that everyone is able to list flavor access # information which is nothing but bug#1867840. self.reader_authorized_contexts = [ self.legacy_admin_context, self.system_admin_context, self.project_admin_context, self.project_member_context, self.project_reader_context, self.project_foo_context, self.system_member_context, self.system_reader_context, self.system_foo_context, self.other_project_member_context, self.other_project_reader_context, ] self.reader_unauthorized_contexts = []
def setUp(self): super(PrivateFlavorManageTestV21, self).setUp() self.flavor_access_controller = ( flavor_access_v21.FlavorAccessController()) self.expected = { "flavor": { "name": "test", "ram": 512, "vcpus": 2, "disk": 1, "OS-FLV-EXT-DATA:ephemeral": 1, "swap": 512, "rxtx_factor": 1 } }
def setUp(self): super(FlavorAccessPolicyEnforcementV21, self).setUp() self.act_controller = flavor_access_v21.FlavorActionController() self.access_controller = flavor_access_v21.FlavorAccessController() self.req = fakes.HTTPRequest.blank('')