def test_view_startup_overquota(self):
"""
Test starting a virtual machine that would cause the owner to exceed quota
"""
vm = globals()['vm']
args = (cluster.slug, vm.hostname)
url = '/cluster/%s/%s/startup'
# authorized (permission)
self.assertTrue(c.login(username=user.username, password='******'))
grant(user, 'admin', vm)
cluster.set_quota(user.get_profile(), dict(ram=10, disk=2000, virtual_cpus=10))
vm.owner_id = user.get_profile().id
vm.ram = 128
vm.virtual_cpus = 1
vm.save()
response = c.post(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertTrue('Owner does not have enough RAM' in response.content)
user.revoke('admin', vm)
VirtualMachine.objects.all().update(last_job=None)
Job.objects.all().delete()
# restore values
cluster.set_quota(user.get_profile(), dict(ram=10, disk=2000, virtual_cpus=10))
vm.owner_id = None
vm.ram = -1
vm.virtual_cpus = -1
def test_view_startup_overquota(self):
"""
Test starting a virtual machine that would cause the
owner to exceed quota
"""
args = (self.cluster.slug, self.vm.hostname)
url = '/cluster/%s/%s/startup'
# authorized (permission)
self.assertTrue(self.c.login(username=self.user.username,
password='******'))
grant(self.user, 'admin', self.vm)
self.cluster.set_quota(self.user.get_profile(), dict(ram=10,
disk=2000,
virtual_cpus=10))
self.vm.owner_id = self.user.get_profile().id
self.vm.ram = 128
self.vm.virtual_cpus = 1
self.vm.save()
response = self.c.post(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertTrue('Owner does not have enough RAM' in response.content)
self.user.revoke('admin', self.vm)
VirtualMachine.objects.all().update(last_job=None)
Job.objects.all().delete()
# restore values
# XXX wait, whoa, whoa, why do we need to do this?
self.cluster.set_quota(self.user.get_profile(),
dict(ram=10, disk=2000, virtual_cpus=10))
self.vm.owner_id = None
self.vm.ram = -1
self.vm.virtual_cpus = -1
def test_view_add_permissions(self):
"""
Test adding permissions to a new User or Group
"""
url = '/cluster/%s/%s/permissions/'
args = (self.cluster.slug, self.vm.hostname)
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(self.c.login(username=self.user.username,
password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(url % ("DOES_NOT_EXIST", self.vm.hostname))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(url % (self.cluster.slug, "DOES_NOT_EXIST"))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
# no user or group
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# both user and group
data = {'permissions': ['admin'], 'group': self.group.id,
'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no permissions specified - user
data = {'permissions': [], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no permissions specified - group
data = {'permissions': [], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
# valid POST user has permissions
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/user_row.html')
self.assertTrue(self.user1.has_perm('admin', self.vm))
self.assertFalse(self.user1.has_perm('power', self.vm))
# valid POST group has permissions
self.group.grant('power', self.vm)
data = {'permissions': ['admin'], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/group_row.html')
self.assertEqual(['admin'], self.group.get_perms(self.vm))
def test_view_group_permissions(self):
"""
Test editing Group permissions on a Cluster
"""
args = (self.cluster.slug, self.vm.hostname, self.group.id)
args_post = (self.cluster.slug, self.vm.hostname)
url = "/cluster/%s/%s/permissions/group/%s"
url_post = "/cluster/%s/%s/permissions/"
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(self.c.login(username=self.user.username,
password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(url % ("DOES_NOT_EXIST", self.vm.hostname, self.group.id))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(url % (self.cluster.slug, "DOES_NOT_EXIST", self.user1.id))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
# invalid group
response = self.c.get(url % (self.cluster.slug, self.vm.hostname, 0))
self.assertEqual(404, response.status_code)
# invalid group (POST)
data = {'permissions': ['admin'], 'group': -1, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no group (POST)
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# valid POST group has permissions
self.group.grant('power', self.vm)
data = {'permissions': ['admin'], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/group_row.html')
self.assertEqual(['admin'], self.group.get_perms(self.vm))
# valid POST group has no permissions left
data = {'permissions': [], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertEqual([], self.group.get_perms(self.vm))
self.assertEqual('"group_42"', response.content)
def test_view_user_permissions(self):
"""
Tests updating User's permissions
Verifies:
* anonymous user returns 403
* lack of permissions returns 403
* nonexistent cluster returns 404
* invalid user returns 404
* invalid group returns 404
* missing user and group returns error as json
* GET returns html for form
* If user/group has permissions no html is returned
* If user/group has no permissions a json response of -1 is returned
"""
args = (self.cluster.slug, self.vm.hostname, self.user1.id)
args_post = (self.cluster.slug, self.vm.hostname)
url = "/cluster/%s/%s/permissions/user/%s"
url_post = "/cluster/%s/%s/permissions/"
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(self.c.login(username=self.user.username,
password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(url % ("DOES_NOT_EXIST", self.vm.hostname,
self.user1.id))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(url % (self.cluster.slug, "DOES_NOT_EXIST",
self.user1.id))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'object_permissions/permissions/form.html')
# invalid user
response = self.c.get(url % (self.cluster.slug, self.vm.hostname, -1))
self.assertEqual(404, response.status_code)
# invalid user (POST)
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'user': -1, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no user (POST)
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# valid POST user has permissions
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'object_permissions/permissions/user_row.html')
self.assertTrue(self.user1.has_perm('admin', self.vm))
self.assertFalse(self.user1.has_perm('power', self.vm))
# valid POST user has no permissions left
data = {'permissions': [], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertEqual([], get_user_perms(self.user, self.vm))
self.assertEqual('"user_88"', response.content)
def test_view_group_permissions(self):
"""
Test editing Group permissions on a Cluster
"""
args = (self.cluster.slug, self.vm.hostname, self.group.id)
args_post = (self.cluster.slug, self.vm.hostname)
url = "/cluster/%s/%s/permissions/group/%s"
url_post = "/cluster/%s/%s/permissions/"
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(
self.c.login(username=self.user.username, password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(
url % ("DOES_NOT_EXIST", self.vm.hostname, self.group.id))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(
url % (self.cluster.slug, "DOES_NOT_EXIST", self.user1.id))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
# invalid group
response = self.c.get(url % (self.cluster.slug, self.vm.hostname, 0))
self.assertEqual(404, response.status_code)
# invalid group (POST)
data = {'permissions': ['admin'], 'group': -1, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no group (POST)
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# valid POST group has permissions
self.group.grant('power', self.vm)
data = {
'permissions': ['admin'],
'group': self.group.id,
'obj': self.vm.pk
}
response = self.c.post(url_post % args_post, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(
response, 'object_permissions/permissions/group_row.html')
self.assertEqual(['admin'], self.group.get_perms(self.vm))
# valid POST group has no permissions left
data = {'permissions': [], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertEqual([], self.group.get_perms(self.vm))
self.assertEqual('"group_42"', response.content)
def test_view_add_permissions(self):
"""
Test adding permissions to a new User or Group
"""
url = '/cluster/%s/%s/permissions/'
args = (self.cluster.slug, self.vm.hostname)
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(
self.c.login(username=self.user.username, password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(url % ("DOES_NOT_EXIST", self.vm.hostname))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(url % (self.cluster.slug, "DOES_NOT_EXIST"))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
# no user or group
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# both user and group
data = {
'permissions': ['admin'],
'group': self.group.id,
'user': self.user1.id,
'obj': self.vm.pk
}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no permissions specified - user
data = {'permissions': [], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no permissions specified - group
data = {'permissions': [], 'group': self.group.id, 'obj': self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
# valid POST user has permissions
self.user1.grant('power', self.vm)
data = {
'permissions': ['admin'],
'user': self.user1.id,
'obj': self.vm.pk
}
response = self.c.post(url % args, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(
response, 'object_permissions/permissions/user_row.html')
self.assertTrue(self.user1.has_perm('admin', self.vm))
self.assertFalse(self.user1.has_perm('power', self.vm))
# valid POST group has permissions
self.group.grant('power', self.vm)
data = {
'permissions': ['admin'],
'group': self.group.id,
'obj': self.vm.pk
}
response = self.c.post(url % args, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(
response, 'object_permissions/permissions/group_row.html')
self.assertEqual(['admin'], self.group.get_perms(self.vm))
def test_view_user_permissions(self):
"""
Tests updating User's permissions
Verifies:
* anonymous user returns 403
* lack of permissions returns 403
* nonexistent cluster returns 404
* invalid user returns 404
* invalid group returns 404
* missing user and group returns error as json
* GET returns html for form
* If user/group has permissions no html is returned
* If user/group has no permissions a json
response of -1 is returned
"""
args = (self.cluster.slug, self.vm.hostname, self.user1.id)
args_post = (self.cluster.slug, self.vm.hostname)
url = "/cluster/%s/%s/permissions/user/%s"
url_post = "/cluster/%s/%s/permissions/"
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(
self.c.login(username=self.user.username, password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(
url % ("DOES_NOT_EXIST", self.vm.hostname, self.user1.id))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(
url % (self.cluster.slug, "DOES_NOT_EXIST", self.user1.id))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, 'admin', self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
self.user.revoke('admin', self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response,
'object_permissions/permissions/form.html')
# invalid user
response = self.c.get(url % (self.cluster.slug, self.vm.hostname, -1))
self.assertEqual(404, response.status_code)
# invalid user (POST)
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'user': -1, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# no user (POST)
self.user1.grant('power', self.vm)
data = {'permissions': ['admin'], 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual('application/json', response['content-type'])
self.assertNotEqual('0', response.content)
# valid POST user has permissions
self.user1.grant('power', self.vm)
data = {
'permissions': ['admin'],
'user': self.user1.id,
'obj': self.vm.pk
}
response = self.c.post(url_post % args_post, data)
self.assertEqual('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(
response, 'object_permissions/permissions/user_row.html')
self.assertTrue(self.user1.has_perm('admin', self.vm))
self.assertFalse(self.user1.has_perm('power', self.vm))
# valid POST user has no permissions left
data = {'permissions': [], 'user': self.user1.id, 'obj': self.vm.pk}
response = self.c.post(url_post % args_post, data)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
self.assertEqual([], get_user_perms(self.user, self.vm))
self.assertEqual('"user_88"', response.content)
def test_view_cluster_defaults(self):
"""
Test retrieval of dict of default parameters set on cluster
"""
url = '/vm/add/defaults/?cluster_id=%s'
args = cluster.id
"""
expected = dict(
boot_order='disk',
memory=512,
nic_type='paravirtual',
root_path='/dev/vda2',
hypervisors=['kvm'],
serial_console=True,
cdrom_image_path='',
disk_type ='paravirtual',
nic_link ='br42',
nic_mode='bridged',
vcpus=2,
iallocator='',
kernel_path=''
)
"""
expected = dict(
nic_type='paravirtual',
use_chroot=False,
migration_port=8102,
vnc_bind_address='0.0.0.0',
nic_mode='bridged',
usb_mouse='',
hypervisors=[['kvm', 'kvm']],
migration_downtime=30,
nic_types=[
['', '---------'],
['rtl8139', 'rtl8139'],
['ne2k_isa', 'ne2k_isa'],
['ne2k_pci', 'ne2k_pci'],
['paravirtual', 'paravirtual'],
['i82551', 'i82551'],
['i82557b', 'i82557b'],
['i82559er', 'i82559er'],
['pcnet', 'pcnet'],
['e1000', 'e1000']
],
kernel_args='ro',
cdrom_image_path='',
boot_order='disk',
vhost_net=False,
disk_types=[
['', '---------'],
['paravirtual', 'paravirtual'],
['ide', 'ide'],
['scsi', 'scsi'],
['sd', 'sd'],
['mtd', 'mtd'],
['pflash', 'pflash']
],
initrd_path='',
disk_cache='default',
memory=512,
kernel_path='',
vnc_x509_path='',
vnc_x509_verify=False,
vnc_tls=False,
use_localtime=False,
boot_devices=[
['disk', 'Hard Disk'],
['cdrom', 'CD-ROM'],
['network', 'Network']
],
security_domain='',
serial_console=True,
kvm_flag='',
vnc_password_file='',
migration_bandwidth=32,
disk_type='paravirtual',
security_model='none',
migration_mode='live',
nic_link='br42',
hypervisor='kvm',
root_path='/dev/vda2',
acpi=True,
vcpus=2,
iallocator='',
)
#anonymous users
response = c.post(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
#unauthorized user
self.assertTrue(c.login(username=user.username, password='******'))
response = c.get(url % args)
self.assertEqual(403, response.status_code)
#invalid cluster
response = c.get(url % "-2")
self.assertEqual(404, response.status_code)
#authorized (create_vm)
grant(user, 'create_vm', cluster)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content, msg=content)
user.revoke_all(cluster)
#authorized (admin)
grant(user, 'admin', cluster)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content)
user.revoke_all(cluster)
#authorized (superuser)
user.is_superuser = True
user.save()
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content)
user.is_superuser = False
user.save()
def test_view_cluster_options(self):
"""
Test retrieving list of options a cluster has for vms
"""
url = '/vm/add/options/?cluster_id=%s'
args = cluster.id
# anonymous user
response = c.post(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(c.login(username=user.username, password='******'))
response = c.get(url % args)
self.assertEqual(403, response.status_code)
# invalid cluster
response = c.get(url % "-4")
self.assertEqual(404, response.status_code)
# authorized (create_vm)
grant(user, 'create_vm', cluster)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(set([u'gtest1.osuosl.bak', u'gtest2.osuosl.bak', u'gtest3.osuosl.bak']), set(content['nodes']))
self.assertEqual(content["os"],
[[u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]]
)
user.revoke_all(cluster)
# authorized (cluster admin)
grant(user, 'admin', cluster)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(set([u'gtest1.osuosl.bak', u'gtest2.osuosl.bak', u'gtest3.osuosl.bak']), set(content['nodes']))
self.assertEqual(content["os"],
[[u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]]
)
user.revoke_all(cluster)
# authorized (superuser)
user.is_superuser = True
user.save()
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(set([u'gtest1.osuosl.bak', u'gtest2.osuosl.bak', u'gtest3.osuosl.bak']), set(content['nodes']))
self.assertEqual(content["os"],
[[u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]]
)
def test_view_add_permissions(self):
"""
Test adding permissions to a new User or Group
"""
url = "/cluster/%s/%s/permissions/"
args = (self.cluster.slug, self.vm.hostname)
# anonymous user
response = self.c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, "registration/login.html")
# unauthorized user
self.assertTrue(self.c.login(username=self.user.username, password="******"))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# nonexisent cluster
response = self.c.get(url % ("DOES_NOT_EXIST", self.vm.hostname))
self.assertEqual(404, response.status_code)
# nonexisent vm
response = self.c.get(url % (self.cluster.slug, "DOES_NOT_EXIST"))
self.assertEqual(404, response.status_code)
# valid GET authorized user (perm)
grant(self.user, "admin", self.vm)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual("text/html; charset=utf-8", response["content-type"])
self.assertTemplateUsed(response, "object_permissions/permissions/form.html")
self.user.revoke("admin", self.vm)
# valid GET authorized user (cluster admin)
grant(self.user, "admin", self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual("text/html; charset=utf-8", response["content-type"])
self.assertTemplateUsed(response, "object_permissions/permissions/form.html")
self.user.revoke("admin", self.cluster)
# valid GET authorized user (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, "object_permissions/permissions/form.html")
# no user or group
data = {"permissions": ["admin"], "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual("application/json", response["content-type"])
self.assertNotEqual("0", response.content)
# both user and group
data = {"permissions": ["admin"], "group": self.group.id, "user": self.user1.id, "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual("application/json", response["content-type"])
self.assertNotEqual("0", response.content)
# no permissions specified - user
data = {"permissions": [], "user": self.user1.id, "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual("application/json", response["content-type"])
self.assertNotEqual("0", response.content)
# no permissions specified - group
data = {"permissions": [], "group": self.group.id, "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEqual("application/json", response["content-type"])
# valid POST user has permissions
self.user1.grant("power", self.vm)
data = {"permissions": ["admin"], "user": self.user1.id, "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual("text/html; charset=utf-8", response["content-type"])
self.assertTemplateUsed(response, "object_permissions/permissions/user_row.html")
self.assertTrue(self.user1.has_perm("admin", self.vm))
self.assertFalse(self.user1.has_perm("power", self.vm))
# valid POST group has permissions
self.group.grant("power", self.vm)
data = {"permissions": ["admin"], "group": self.group.id, "obj": self.vm.pk}
response = self.c.post(url % args, data)
self.assertEqual("text/html; charset=utf-8", response["content-type"])
self.assertTemplateUsed(response, "object_permissions/permissions/group_row.html")
self.assertEqual(["admin"], self.group.get_perms(self.vm))
def test_view_cluster_defaults(self):
"""
Test retrieval of dict of default parameters set on cluster
"""
url = '/vm/add/defaults/?cluster_id=%s'
args = self.cluster.id
"""
expected = dict(
boot_order='disk',
memory=512,
nic_type='paravirtual',
root_path='/dev/vda2',
hypervisors=['kvm'],
serial_console=True,
cdrom_image_path='',
disk_type ='paravirtual',
nic_link ='br42',
nic_mode='bridged',
vcpus=2,
iallocator='',
kernel_path=''
)
"""
expected = dict(
nic_type='paravirtual',
use_chroot=False,
migration_port=8102,
vnc_bind_address='0.0.0.0',
nic_mode='bridged',
usb_mouse='',
hypervisors=[['kvm', 'kvm']],
migration_downtime=30,
nic_types=[['', '---------'], ['e1000', 'e1000'],
['rtl8139', 'rtl8139'], ['ne2k_isa', 'ne2k_isa'],
['ne2k_pci', 'ne2k_pci'],
['paravirtual', 'paravirtual'], ['i82551', 'i82551'],
['i82557b', 'i82557b'], ['i82559er', 'i82559er'],
['pcnet', 'pcnet'], ['e1000', 'e1000']],
kernel_args='ro',
cdrom_image_path='',
boot_order='disk',
vhost_net=False,
disk_types=[['', '---------'], ['paravirtual', 'paravirtual'],
['ide', 'ide'], ['scsi', 'scsi'], ['sd', 'sd'],
['mtd', 'mtd'], ['pflash', 'pflash']],
initrd_path='',
disk_cache='default',
memory=512,
kernel_path='',
vnc_x509_path='',
vnc_x509_verify=False,
vnc_tls=False,
use_localtime=False,
boot_devices=[['disk', 'Hard Disk'], ['cdrom', 'CD-ROM'],
['network', 'Network']],
security_domain='',
serial_console=True,
kvm_flag='',
vnc_password_file='',
migration_bandwidth=32,
disk_type='paravirtual',
security_model='none',
migration_mode='live',
nic_link='br42',
hypervisor='kvm',
root_path='/dev/vda2',
acpi=True,
vcpus=2,
iallocator='',
)
#anonymous users
response = self.c.post(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
#unauthorized user
self.assertTrue(
self.c.login(username=self.user.username, password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
#invalid cluster
response = self.c.get(url % "-2")
self.assertEqual(404, response.status_code)
#authorized (create_vm)
grant(self.user, 'create_vm', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content)
self.user.revoke_all(self.cluster)
#authorized (admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content)
self.user.revoke_all(self.cluster)
#authorized (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(expected, content)
self.user.is_superuser = False
self.user.save()
def test_view_cluster_options(self):
"""
Test retrieving list of options a cluster has for vms
"""
url = '/vm/add/options/?cluster_id=%s'
args = self.cluster.id
# anonymous user
response = self.c.post(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized user
self.assertTrue(
self.c.login(username=self.user.username, password='******'))
response = self.c.get(url % args)
self.assertEqual(403, response.status_code)
# invalid cluster
response = self.c.get(url % "-4")
self.assertEqual(404, response.status_code)
# authorized (create_vm)
grant(self.user, 'create_vm', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(
set([
u'gtest1.example.bak', u'gtest2.example.bak',
u'gtest3.example.bak'
]), set(content['nodes']))
self.assertEqual(content["os"], [[
u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]])
self.user.revoke_all(self.cluster)
# authorized (cluster admin)
grant(self.user, 'admin', self.cluster)
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(
set([
u'gtest1.example.bak', u'gtest2.example.bak',
u'gtest3.example.bak'
]), set(content['nodes']))
self.assertEqual(content["os"], [[
u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]])
self.user.revoke_all(self.cluster)
# authorized (superuser)
self.user.is_superuser = True
self.user.save()
response = self.c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEqual('application/json', response['content-type'])
content = json.loads(response.content)
self.assertEqual(
set([
u'gtest1.example.bak', u'gtest2.example.bak',
u'gtest3.example.bak'
]), set(content['nodes']))
self.assertEqual(content["os"], [[
u'Image',
[[u'image+debian-osgeo', u'Debian Osgeo'],
[u'image+ubuntu-lucid', u'Ubuntu Lucid']]
]])