def create_domain_secret(self, domain_id):
def _rollback(vo):
_LOGGER.info(
f'[create_domain_secret._rollback] Delete domain-secret : {vo.domain_id} ({vo.secret[0:6]}...)'
)
vo.delete()
# Generate Domain-secret
secret = self._generate_domain_secret(domain_id)
# Generate Domain Key
secret['domain_key'] = utils.random_string(16)
domain_secret_vo: DomainSecret = self.domain_secret_model.create(
secret)
self.transaction.add_rollback(_rollback, domain_secret_vo)
def test_update_user(self, name=None):
self.test_create_user()
if name is None:
name = 'Steven' + utils.random_string()
params = {
'user_id': self.user.user_id,
'name': name,
'domain_id': self.domain.domain_id
}
self.user = self.identity_v1.User.update(
params,
metadata=(('token', self.owner_token),)
)
self.assertEqual(self.user.name, params['name'])
def test_authorization_verify_no_roles_access_default_permissions_other_id(
self):
self._test_create_user()
self._test_issue_user_token()
params = {
'service': 'identity',
'resource': 'User',
'verb': 'get',
'scope': 'DOMAIN',
'user_id': utils.random_string() + '@mz.co.kr'
}
with self.assertRaisesRegex(Exception, 'ERROR_PERMISSION_DENIED'):
self.identity_v1.Authorization.verify(
params, metadata=(('token', self.user_token), ))
def test_create_cloud_service_region_code(self,
cloud_service_type=None,
cloud_service_group=None,
provider=None):
""" Create Cloud Service with region code
"""
if cloud_service_type is None:
cloud_service_type = utils.random_string()
if cloud_service_group is None:
cloud_service_group = utils.random_string()
if provider is None:
provider = utils.random_string()
self._create_region()
params = {
'provider': provider,
'cloud_service_type': cloud_service_type,
'cloud_service_group': cloud_service_group,
'data': {
utils.random_string(): utils.random_string(),
utils.random_string(): utils.random_string(),
utils.random_string(): utils.random_string()
},
'region_code': self.region.region_code,
'domain_id': self.domain.domain_id
}
self.cloud_service = self.inventory_v1.CloudService.create(
params, metadata=(('token', self.owner_token), ))
self._print_data(self.cloud_service,
'test_create_cloud_service_region_code')
self.cloud_services.append(self.cloud_service)
self.assertEqual(self.cloud_service.region_code,
self.region.region_code)
class ScheduleFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = Schedule
schedule_id = factory.LazyAttribute(lambda o: utils.generate_id('schedule'))
topic = factory.LazyAttribute(lambda o: utils.random_string())
state = 'ENABLED'
options = factory.SubFactory(QueryOptionFactory)
schedule = factory.SubFactory(ScheduledFactory)
tags = {
'key': 'value'
}
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
last_scheduled_at = None
def _create_domain_owner(cls):
cls.owner_id = utils.random_string()
cls.owner_pw = utils.generate_password()
owner = cls.identity_v1.DomainOwner.create({
'owner_id':
cls.owner_id,
'password':
cls.owner_pw,
'domain_id':
cls.domain.domain_id
})
cls.domain_owner = owner
print(f'owner_id: {cls.owner_id}')
print(f'owner_pw: {cls.owner_pw}')
def test_list_cloud_service_types_group(self):
group = utils.random_string()
self.test_create_cloud_service_type(group=group)
self.test_create_cloud_service_type(group=group)
self.test_create_cloud_service_type(group=group)
self.test_create_cloud_service_type()
self.test_create_cloud_service_type()
self.test_create_cloud_service_type()
param = {'group': group, 'domain_id': self.domain.domain_id}
cloud_svc_types = self.inventory_v1.CloudServiceType.list(
param, metadata=(('token', self.owner_token), ))
self.assertEqual(3, cloud_svc_types.total_count)
def test_create_secret(self):
name = utils.random_string()
self.data = {
utils.random_string(): utils.random_string(),
utils.random_string(): utils.random_string()
}
param = {
'name': name,
'domain_id': self.domain.domain_id,
'tags': {
utils.random_string(): utils.random_string(),
utils.random_string(): utils.random_string()
},
'data': self.data,
'secret_type': 'CREDENTIALS'
}
self.secret = self.secret_v1.Secret.create(param,
metadata=(('token',
self.token), ))
self.secrets.append(self.secret)
self.assertEqual(self.secret.name, name)
def _create_project(self, project_group_id, name=None):
if name is None:
name = 'Project-' + utils.random_string()
params = {
'name': name,
'project_group_id': project_group_id,
'domain_id': self.domain.domain_id
}
self.project = self.identity_v1.Project.create(
params,
metadata=(('token', self.owner_token),)
)
self.projects.append(self.project)
self.assertEqual(self.project.name, params['name'])
def _test_create_project(self, project_group_id=None):
if project_group_id is None:
self._test_create_project_group()
params = {
'name': utils.random_string(),
'domain_id': self.domain.domain_id
}
if project_group_id is None:
params['project_group_id'] = self.project_group.project_group_id
else:
params['project_group_id'] = project_group_id
self.project = self.identity_v1.Project.create(
params, metadata=(('token', self.owner_token), ))
self.projects.append(self.project)
def test_update_service_account(self, mock_parse_request, *args):
params = {
'name': utils.random_string(),
'tags': {
'update_key': 'update_value'
}
}
mock_parse_request.return_value = (params, {})
service_account_servicer = ServiceAccount()
service_account_info = service_account_servicer.update({}, {})
print_message(service_account_info, 'test_update_service_account')
self.assertIsInstance(service_account_info, service_account_pb2.ServiceAccountInfo)
self.assertEqual(service_account_info.name, params['name'])
self.assertDictEqual(MessageToDict(service_account_info.tags), params['tags'])
class ServiceAccountFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = ServiceAccount
service_account_id = factory.LazyAttribute(lambda o: utils.generate_id('sa'))
name = factory.LazyAttribute(lambda o: utils.random_string())
data = {
'account_id': '00123456'
}
provider = 'aws'
project = factory.SubFactory(ProjectFactory)
tags = {
'key': 'value'
}
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
def _create_project_group(self, name=None):
if name is None:
name = 'ProjectGroup-' + utils.random_string()[0:5]
params = {
'name': name,
'tags': {
'aa': 'bb'
},
'domain_id': self.domain.domain_id
}
self.project_group = self.identity_v1.ProjectGroup.create(
params, metadata=(('token', self.token), ))
self.project_groups.append(self.project_group)
self.assertEqual(self.project_group.name, params['name'])
class ConfigMapFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = ConfigMap
name = factory.LazyAttribute(lambda o: utils.random_string())
data = {
'key': 'value',
'key2': {
'key3': 'value3'
}
}
tags = {
'key': 'value'
}
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
class ProtocolFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = Protocol
protocol_id = factory.LazyAttribute(
lambda o: utils.generate_id('protocol'))
name = factory.LazyAttribute(lambda o: utils.random_string())
state = 'ENABLED'
protocol_type = 'EXTERNAL'
resource_type = 'identity.User'
capability = {'supported_schema': ['slack_webhook']}
plugin_info = factory.SubFactory(PluginInfoFactory)
tags = {'xxx': 'yy'}
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
class ProjectFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = Project
project_id = factory.LazyAttribute(lambda o: utils.generate_id('project'))
name = factory.LazyAttribute(lambda o: utils.random_string())
project_group = factory.SubFactory(ProjectGroupFactory)
project_group_id = factory.LazyAttribute(lambda o: utils.generate_id('pg'))
tags = [
{
'key': 'tag_key',
'value': 'tag_value'
}
]
domain_id = utils.generate_id('domain')
created_by = factory.Faker('name')
created_at = factory.Faker('date_time')
class DataSourceFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = DataSource
data_source_id = factory.LazyAttribute(lambda o: utils.generate_id('ds'))
name = factory.LazyAttribute(lambda o: utils.random_string())
state = 'ENABLED'
monitoring_type = 'METRIC'
provider = 'aws'
capability = {
'supported_schema': ['aws_access_key'],
'use_resource_secret': True,
'monitoring_type': 'METRIC'
}
plugin_info = factory.SubFactory(PluginInfoFactory)
tags = {'key': 'value'}
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
class PluginFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = Plugin
plugin_id = factory.LazyAttribute(lambda o: utils.generate_id('plugin'))
name = factory.LazyAttribute(lambda o: utils.random_string())
state = 'ENABLED'
image = 'spaceone/googleoauth2'
registry_url = 'registry.hub.docker.com'
service_type = 'identity.domain'
provider = 'aws'
capability = {'supported_schema': ['aws_access_key']}
template = {
'options': {
'schema': {
'type': 'object',
'properties': {
'domain': {
'title': 'Email Domain',
'type': 'string',
'minLength': 4,
'examples': ['Ex) gmail.com']
},
'client_id': {
'title': 'Client ID',
'type': 'string',
'minLength': 4,
'examples': ['OAuth 2.0 Client ID']
}
},
'required': ['domain', 'client_id']
}
}
}
labels = ['aa', 'bb']
tags = [{'key': 'tag_key', 'value': 'tag_value'}]
repository = factory.SubFactory(RepositoryFactory)
repository_id = factory.LazyAttribute(lambda o: utils.generate_id('repo'))
project_id = None
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
updated_at = factory.Faker('date_time')
deleted_at = None
class LogDataFactory(factory.DictFactory):
logs = factory.List([{
'name': utils.random_string(),
'description': utils.random_string()
}, {
'name': utils.random_string(),
'description': utils.random_string()
}, {
'name': utils.random_string(),
'description': utils.random_string()
}])
domain_id = utils.generate_id('domain')
def test_list_query_2(self):
group = utils.random_string()
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service()
self.test_create_cloud_service()
param = {
'domain_id': self.domain.domain_id,
'query': {},
'cloud_service_group': group
}
cloud_services = self.inventory_v1.CloudService.list(
param, metadata=(('token', self.owner_token), ))
self.assertEqual(4, cloud_services.total_count)
def _create_project(self, name=None, project_group=None):
""" Create Project
"""
if not name:
name = utils.random_string()
if not project_group:
self._create_project_group()
project_group = self.project_group
params = {
'name': name,
'project_group_id': project_group.project_group_id,
'domain_id': self.domain.domain_id
}
self.project = self.identity_v1.Project.create(
params, metadata=(('token', self.owner_token), ))
def test_update_data_source(self, mock_parse_request, *args):
params = {
'name': utils.random_string(),
'tags': {
'update_key': 'update_value'
},
'domain_id': utils.generate_id('domain')
}
mock_parse_request.return_value = (params, {})
data_source_servicer = DataSource()
data_source_info = data_source_servicer.update({}, {})
print_message(data_source_info, 'test_update_data_source')
data_source_data = MessageToDict(data_source_info,
preserving_proto_field_name=True)
self.assertIsInstance(data_source_info, data_source_pb2.DataSourceInfo)
self.assertEqual(data_source_info.name, params['name'])
self.assertDictEqual(data_source_data['tags'], params['tags'])
def test_register_data_source(self, mock_parse_request, *args):
params = {
'name': utils.random_string(),
'monitoring_type': 'METRIC',
'tags': {
'tag_key': 'tag_value'
},
'plugin_info': {
'plugin_id': utils.generate_id('plugin'),
'version': '1.1',
'options': {
'supported_resource_type': ['SERVER', 'CLOUD_SERVICE']
},
'secret_id': utils.generate_id('secret')
},
'domain_id': utils.generate_id('domain')
}
mock_parse_request.return_value = (params, {})
data_source_servicer = DataSource()
data_source_info = data_source_servicer.register({}, {})
print_message(data_source_info, 'test_register_data_source')
self.assertIsInstance(data_source_info, data_source_pb2.DataSourceInfo)
self.assertEqual(data_source_info.name, params['name'])
self.assertEqual(data_source_info.state,
data_source_pb2.DataSourceInfo.State.ENABLED)
self.assertEqual(data_source_info.monitoring_type,
data_source_pb2.MonitoringType.METRIC)
self.assertIsNotNone(data_source_info.provider)
self.assertIsNotNone(data_source_info.capability)
self.assertDictEqual(
MessageToDict(data_source_info.tags,
preserving_proto_field_name=True), params['tags'])
self.assertIsInstance(data_source_info.plugin_info,
data_source_pb2.PluginInfo)
self.assertDictEqual(
MessageToDict(data_source_info.plugin_info,
preserving_proto_field_name=True),
params['plugin_info'])
self.assertEqual(data_source_info.domain_id, params['domain_id'])
self.assertIsNotNone(getattr(data_source_info, 'created_at', None))
def test_update_cloud_service_type_service_code(self):
self.test_create_cloud_service_type()
service_code = utils.random_string()
param = {
'cloud_service_type_id': self.cloud_service_type.cloud_service_type_id,
"is_primary": False,
"is_major": False,
'service_code': service_code,
'domain_id': self.domain.domain_id,
}
self.cloud_service_type = self.inventory_v1.CloudServiceType.update(
param,
metadata=(('token', self.owner_token),)
)
self._print_data(self.cloud_service_type, 'test_update_cloud_service_type_service_code')
self.assertEqual(self.cloud_service_type.service_code, service_code)
def _create_service_account(self, project_id, name=None):
if name is None:
name = 'SA-' + utils.random_string()[0:5]
params = {
'name': name,
'data': {
'account_id': 'xxxxx'
},
'project_id': project_id,
'provider': 'aws',
'domain_id': self.domain.domain_id
}
self.service_account = self.identity_v1.ServiceAccount.create(
params, metadata=(('token', self.token), ))
self.service_accounts.append(self.service_account)
self.assertEqual(self.service_account.name, params['name'])
def _test_create_role(self, role_type='DOMAIN', policies=None):
if self.policy is None:
self._test_create_policy()
params = {
'name': 'Role-' + utils.random_string(),
'role_type': role_type,
'policies': policies or [{
'policy_type': 'CUSTOM',
'policy_id': self.policy.policy_id
}],
'domain_id': self.domain.domain_id
}
self.role = self.identity_v1.Role.create(
params,
metadata=(('token', self.owner_token),))
self.roles.append(self.role)
def test_list_query_minimal(self):
group = utils.random_string()
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service(group=group)
self.test_create_cloud_service()
self.test_create_cloud_service()
param = {
'domain_id': self.domain.domain_id,
'query': {
'minimal': True
}
}
response = self.inventory_v1.CloudService.list(
param, metadata=(('token', self.owner_token), ))
self.assertEqual(len(response.results), response.total_count)
def _test_create_policy(self, permissions=None):
params = {
'name': 'Policy-' + utils.random_string(),
'permissions': permissions or [
'identity.Domain.get',
'identity.Domain.list',
'identity.Project.*',
'identity.ProjectGroup.*',
'identity.User.get',
'identity.User.update',
],
'domain_id': self.domain.domain_id
}
self.policy = self.identity_v1.Policy.create(
params,
metadata=(('token', self.owner_token),)
)
self.policies.append(self.policy)
def test_create_role(self, name=None, **kwargs):
""" Create Role
"""
if name is None:
name = 'Role-' + utils.random_string()
self._test_create_policy()
self._test_create_policy(['inventory.*'])
params = {
'name':
name,
'role_type':
'PROJECT',
'policies':
list(
map(
lambda policy: {
'policy_id': policy.policy_id,
'policy_type': 'CUSTOM'
}, self.policies)),
'tags': [{
'key': 'tag_key',
'value': 'tag_value'
}],
'domain_id':
self.domain.domain_id
}
metadata = (('token', self.owner_token), )
ext_meta = kwargs.get('meta')
if ext_meta:
metadata += ext_meta
self.role = self.identity_v1.Role.create(params, metadata=metadata)
self.roles.append(self.role)
self._print_data(self.role, 'test_create_role')
self.assertEqual(self.role.name, name)
class ScheduleFactory(factory.mongoengine.MongoEngineFactory):
class Meta:
model = Schedule
schedule_id = factory.LazyAttribute(
lambda o: utils.generate_id('schedule'))
topic = factory.LazyAttribute(lambda o: utils.random_string())
state = 'ENABLED'
options = {
'aggregate': [{
'query': {
'resource_type': 'inventory.Server',
'query': {
'aggregate': [{
'group': {
'keys': [{
'key': 'project_id',
'name': 'project_id'
}],
'fields': [{
'operator': 'count',
'name': 'count'
}]
}
}, {
'sort': {
'key': 'count'
}
}]
}
}
}],
'page': {
'limit': 5
}
}
schedule = factory.SubFactory(ScheduledFactory)
tags = [{'key': 'tag_key', 'value': 'tag_value'}]
domain_id = utils.generate_id('domain')
created_at = factory.Faker('date_time')
last_scheduled_at = None
