def _create_domains(self):
     self.d1 = utils.create_domain(self.admin_client, 'd1')
     utils.grant_domain_role(self.admin_client, self.admin_role.id,
                             self.admin.id, self.d1.id)
     self.d2 = utils.create_domain(self.admin_client, 'd2')
     utils.grant_domain_role(self.admin_client, self.admin_role.id,
                             self.admin.id, self.d2.id)
 def _create_domains(self):
     self.d1 = utils.create_domain(self.admin_client, 'd1')
     utils.grant_domain_role(self.admin_client, self.admin_role.id,
                             self.admin.id, self.d1.id)
     utils.grant_domain_role(self.admin_client, self.cloud_admin_role.id,
                             self.admin.id, self.d1.id)
     self.d2 = utils.create_domain(self.admin_client, 'd2')
     utils.grant_domain_role(self.admin_client, self.admin_role.id,
                             self.admin.id, self.d2.id)
     utils.grant_domain_role(self.admin_client, self.cloud_admin_role.id,
                             self.admin.id, self.d2.id)
 def test_add_domain(self):
     try:
         utils.create_domain(self.client, 'test_domain')
     except:
         self.fail('Unexpected exception raised: '
                   'utils.create_domain(self.client, \'test\')')
 def test_add_domain(self):
     with self.assertRaises(Exception):
         utils.create_domain(self.client, 'test')
示例#5
0
def main():
    f = open('log_test_values_cider.txt', 'w')
    original = sys.stdout
    sys.stdout = utils.Tee(sys.stdout, f)

    token = 0
    domain_id, production_project_id, cms_project_id, atlas_project_id = (
        0, ) * 4
    computing_project_id, visualisation_project_id, services_project_id = (
        0, ) * 3
    operations_project_id = 0
    try:
        token_json = utils.default_token_json('admin', 'demo')
        token = utils.get_token(token_json)
        print '======================================================================='
        print 'This script will use the follow hierarchy to validate the quota values'
        print 'related to Nested Quotas on Cinder'
        print '======================================================================='
        print 'Hierarchy:'
        print '                            Domain_X          '
        print '                               |'
        print '                          ProductionIT - Mike'
        print '                     /                  \ '
        print '          Jay - CMS                       ATLAS - John'
        print '             /       \                   /       \ '
        print '      Computing   Visualisation   Operations   Services  '
        print '       Walter        Duncan          Eric         Xing'
        print ''
        print 'Actors:'
        print ''
        print 'Mike - Cloud Admin (i.e. role:cloud-admin) of ProductionIT'
        print 'Jay - Manager (i.e. role: project-admin) of Project CMS'
        print 'John - Manager (i.e. role: project-admin) of Project ATLAS'
        print 'Eric - Manager (i.e. role: project-admin) of Project Operations'
        print 'Xing - Manager (i.e. role: project-admin) of Project Services'
        print 'Walter - Manager (i.e. role: project-admin) of Project Computing'
        print 'Duncan - Manager (i.e. role: project-admin) of Project Visualisation'
        print '======================================================================='

        # Create a new domain
        print 'Creating the domain...'
        domain = utils.domain_json()
        domain_id = utils.create_domain(domain, token)
        print 'Domain created: %s' % domain_id
        print '======================================================================='
        print 'Creating the projects...'

        # Create project ProductionIT
        production_project_json = utils.project_json('ProductionIT', domain_id)
        production_project_id = utils.create_project(production_project_json,
                                                     token)
        print "ProductionIT created: %s" % production_project_id
        print '======================================================================='

        # Create Project CMS
        cms_project_json = utils.project_json('CMS', domain_id,
                                              production_project_id)
        cms_project_id = utils.create_project(cms_project_json, token)
        print "CMS created: %s" % cms_project_id
        print '======================================================================='

        # Create Project Atlas
        atlas_project_json = utils.project_json('ATLAS', domain_id,
                                                production_project_id)
        atlas_project_id = utils.create_project(atlas_project_json, token)
        print "ATLAS created: %s" % atlas_project_id
        print '======================================================================='

        # Create Project computing
        computing_project_json = utils.project_json('computing', domain_id,
                                                    cms_project_id)
        computing_project_id = utils.create_project(computing_project_json,
                                                    token)
        print "Computing created: %s" % computing_project_id
        print '======================================================================='

        # Create Project visualisation
        visual_project_json = utils.project_json('visualisation', domain_id,
                                                 cms_project_id)
        visualisation_project_id = utils.create_project(
            visual_project_json, token)
        print "Visualisation created: %s" % visualisation_project_id
        print '======================================================================='

        # Create Project services
        services_project_json = utils.project_json('services', domain_id,
                                                   atlas_project_id)
        services_project_id = utils.create_project(services_project_json,
                                                   token)
        print "Services created: %s" % services_project_id
        print '======================================================================='

        # Create Project operations
        operations_project_json = utils.project_json('operations', domain_id,
                                                     atlas_project_id)
        operations_project_id = utils.create_project(operations_project_json,
                                                     token)
        print "Operations created: %s" % operations_project_id
        print '======================================================================='

        admin_role = utils.get_role(token, 'admin')
        # Creating users
        # Creating and grant admin role to mike in production
        print 'Creating the users...'
        mike = utils.create_user(token, 'Mike', domain_id)
        print "Mike: %s" % mike
        utils.grant_user_role(token, mike, admin_role, [production_project_id])
        print '======================================================================='

        # Creating and grant admin role to jay in cms
        jay = utils.create_user(token, 'Jay', domain_id)
        print "Jay: %s" % jay
        utils.grant_user_role(token, jay, admin_role, [cms_project_id])
        print '======================================================================='

        # Creating and grant admin role to john in atlas
        john = utils.create_user(token, 'John', domain_id)
        print "John: %s" % john
        utils.grant_user_role(token, john, admin_role, [atlas_project_id])
        print '======================================================================='

        # Creating and grant admin role to eric in operations
        eric = utils.create_user(token, 'Eric', domain_id)
        print "Eric: %s" % eric
        utils.grant_user_role(token, eric, admin_role, [operations_project_id])
        print '======================================================================='

        # Creating and grant admin role to xing in services
        xing = utils.create_user(token, 'Xing', domain_id)
        print "Xing: %s" % xing
        utils.grant_user_role(token, xing, admin_role, [services_project_id])
        print '======================================================================='

        # Creating and grant admin role to walter in computing
        walter = utils.create_user(token, 'Walter', domain_id)
        print "Walter: %s" % walter
        utils.grant_user_role(token, walter, admin_role,
                              [computing_project_id])
        print '======================================================================='

        # Creating and grant admin role to duncan in visualisation
        duncan = utils.create_user(token, 'Duncan', domain_id)
        print "Ducnan: %s" % duncan
        utils.grant_user_role(token, duncan, admin_role,
                              [visualisation_project_id])
        print '======================================================================='
        print 'Now, we will get a token for Mike in ProductionIT (root project)'
        print 'and show that the quota calculation in the hierarchy works well.'
        print '======================================================================='
        # Get a token for Mike in ProductionIT
        mike_token_json = utils.get_token_json('Mike', production_project_id)
        mike_token = utils.get_token(mike_token_json)
        print 'Token for mike: %s' % mike_token
        print '======================================================================='

        # Update the Prduction Quota to 100
        print 'Updating the ProductionIT quota for 100...'
        quota_value = 100
        production_quota = utils.update_quota(mike_token,
                                              production_project_id,
                                              production_project_id,
                                              quota_value)
        quota_show_production = utils.quota_show(mike_token,
                                                 production_project_id,
                                                 production_project_id)
        print '======================================================================='
        print "Production Quota: %s" % quota_show_production
        print '======================================================================='
        # Update the CMS Quota to 40
        print 'Updating the CMS quota for 40...'
        quota_value = 40
        cms_quota = utils.update_quota(mike_token, production_project_id,
                                       cms_project_id, quota_value)
        quota_show_production = utils.quota_show(mike_token,
                                                 production_project_id,
                                                 production_project_id)
        quota_show_cms = utils.quota_show(mike_token, production_project_id,
                                          cms_project_id)
        print 'Verify that allocated ProductionIT quota was updated to 40'
        print "Production Quota: %s" % quota_show_production
        print "CMS Quota: %s" % quota_show_cms
        print '======================================================================='
        # Update the Atlas Quota to 30
        print 'Updating the Atlas quota for 30...'
        quota_value = 30
        atlas_quota = utils.update_quota(mike_token, production_project_id,
                                         atlas_project_id, quota_value)
        quota_show_production = utils.quota_show(mike_token,
                                                 production_project_id,
                                                 production_project_id)
        quota_show_atlas = utils.quota_show(mike_token, production_project_id,
                                            atlas_project_id)
        print 'Verify that allocated ProductionIT quota was updated to 70'
        print "Production Quota: %s" % quota_show_production
        print "Atlas Quota: %s" % quota_show_atlas
        print '======================================================================='

        # Update the Computing Quota to 15
        print 'Updating the Computing quota for 15...'
        quota_value = 15
        computing_quota = utils.update_quota(mike_token, production_project_id,
                                             computing_project_id, quota_value)
        quota_show_cms = utils.quota_show(mike_token, production_project_id,
                                          cms_project_id)
        quota_show_computing = utils.quota_show(mike_token,
                                                production_project_id,
                                                computing_project_id)
        print 'Verify that allocated CMS quota was updated to 15'
        print "CMS Quota: %s" % quota_show_cms
        print "Computing Quota: %s" % quota_show_computing
        print '======================================================================='

        # Update the visualisaton Quota to 15
        print 'Updating the Visualisation quota for 15...'
        quota_value = 15
        visualisation_quota = utils.update_quota(mike_token,
                                                 production_project_id,
                                                 visualisation_project_id,
                                                 quota_value)
        quota_show_cms = utils.quota_show(mike_token, production_project_id,
                                          cms_project_id)
        quota_show_visualisation = utils.quota_show(mike_token,
                                                    production_project_id,
                                                    visualisation_project_id)
        print 'Verify that allocated CMS quota was updated to 30'
        print "CMS Quota: %s" % quota_show_cms
        print "Visualisation Quota: %s" % quota_show_visualisation
        print '======================================================================='

        print 'Updating the Services quota for 10...'
        # Update the services Quota to 10
        quota_value = 10
        services_quota = utils.update_quota(mike_token, production_project_id,
                                            services_project_id, quota_value)
        quota_show_atlas = utils.quota_show(mike_token, production_project_id,
                                            atlas_project_id)
        quota_show_services = utils.quota_show(mike_token,
                                               production_project_id,
                                               services_project_id)
        print 'Verify that allocated Atlas quota was updated to 10'
        print "Atlas Quota: %s" % quota_show_atlas
        print "Service Quota: %s" % quota_show_services
        print '======================================================================='

        # Update the operations Quota to 10
        quota_value = 10
        operations_quota = utils.update_quota(mike_token,
                                              production_project_id,
                                              operations_project_id,
                                              quota_value)
        quota_show_atlas = utils.quota_show(mike_token, production_project_id,
                                            atlas_project_id)
        quota_show_operations = utils.quota_show(mike_token,
                                                 production_project_id,
                                                 operations_project_id)
        print 'Verify that allocated Atlas quota was updated to 20'
        print "Atlas Quota: %s" % quota_show_atlas
        print "Operations Quota: %s" % quota_show_operations
        print '======================================================================='
        # Update the CMS Quota to 40
        quota_value = 71
        print 'Trying update the CMS quota for 71...'
        cms_quota = utils.update_quota(mike_token, production_project_id,
                                       cms_project_id, quota_value)
        print "Error: %s" % cms_quota
        print '======================================================================='
        print "Creating 10 Volumes in CMS..."
        # Get a token for Jay in CMS
        jay_token_json = utils.get_token_json('Jay', cms_project_id)
        jay_token = utils.get_token(jay_token_json)

        for i in range(0, 10):
            utils.create_volume(jay_token, cms_project_id)
        quota_show_cms = utils.quota_show(jay_token, cms_project_id,
                                          cms_project_id)
        print "CMS Quota: %s" % quota_show_cms
        print 'Now, we dont have free quota in CMS'
        print '======================================================================='
        print "Trying update the computing quota to 16 (subproject for CMS)..."
        quota_value = 16
        computing_quota = utils.update_quota(mike_token, production_project_id,
                                             computing_project_id, quota_value)
        print "Error: %s" % computing_quota
        print '======================================================================='
        print 'Clean up...'

    except Exception as e:
        print 'Error'
        tear_down(token, [
            production_project_id, cms_project_id, atlas_project_id,
            computing_project_id, visualisation_project_id,
            services_project_id, operations_project_id
        ], domain_id)
        f.close()
        print e
    tear_down(token, [
        production_project_id, cms_project_id, atlas_project_id,
        computing_project_id, visualisation_project_id, services_project_id,
        operations_project_id
    ], domain_id)
    f.close()
示例#6
0
import utils
"""
In the case of using cloud_admin rule using
a specific domain:
"admin_required": "(role:admin or is_admin:1)
and domain_id:cloud_admin_domain_id",
"""

# Regular admin login
admin_client = utils.create_client('admin', 'admin', 'admin', 'Default',
                                   'Default', 'http://*****:*****@example.com', admin_project.id,
                                admin_domain.id)

# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')

# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id,
                         admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id,
示例#7
0
def main():
    f = open('log_test_authorization_cider.txt', 'w')
    original = sys.stdout
    sys.stdout = utils.Tee(sys.stdout, f)

    token = 0
    domain_id, production_project_id, cms_project_id, atlas_project_id = (
        0, ) * 4
    computing_project_id, visualisation_project_id, services_project_id = (
        0, ) * 3
    operations_project_id = 0
    try:
        token_json = utils.default_token_json('admin', 'demo')
        token = utils.get_token(token_json)
        print '======================================================================='
        print 'This script will use the follow hierarchy to validate the authorization'
        print 'actions related to Nested Quotas on Cinder'
        print '======================================================================='
        print 'Hierarchy:'
        print '                            Domain_X          '
        print '                               |'
        print '                          ProductionIT - Mike'
        print '                     /                  \ '
        print '          Jay - CMS                       ATLAS - John'
        print '             /       \                   /       \ '
        print '      Computing   Visualisation   Operations   Services  '
        print '       Walter        Duncan          Eric         Xing'
        print ''
        print 'Actors:'
        print ''
        print 'Mike - Cloud Admin (i.e. role:cloud-admin) of ProductionIT'
        print 'Jay - Manager (i.e. role: project-admin) of Project CMS'
        print 'John - Manager (i.e. role: project-admin) of Project ATLAS'
        print 'Eric - Manager (i.e. role: project-admin) of Project Operations'
        print 'Xing - Manager (i.e. role: project-admin) of Project Services'
        print 'Walter - Manager (i.e. role: project-admin) of Project Computing'
        print 'Duncan - Manager (i.e. role: project-admin) of Project Visualisation'
        print '======================================================================='
        admin_role = utils.get_role(token, 'admin')
        # Create a new domain
        print 'Creating the domain...'
        domain = utils.domain_json()
        domain_id = utils.create_domain(domain, token)
        print 'Domain created: %s' % domain_id
        print '======================================================================='
        print 'Creating the projects...'
        # Create project ProductionIT
        production_project_json = utils.project_json('ProductionIT', domain_id)
        production_project_id = utils.create_project(production_project_json,
                                                     token)
        print "ProductionIT created: %s" % production_project_id
        print '======================================================================='

        # Create Project CMS
        cms_project_json = utils.project_json('CMS', domain_id,
                                              production_project_id)
        cms_project_id = utils.create_project(cms_project_json, token)
        print "CMS created: %s" % cms_project_id
        print '======================================================================='

        # Create Project Atlas
        atlas_project_json = utils.project_json('ATLAS', domain_id,
                                                production_project_id)
        atlas_project_id = utils.create_project(atlas_project_json, token)
        print "ATLAS created: %s" % atlas_project_id
        print '======================================================================='

        # Create Project computing
        computing_project_json = utils.project_json('computing', domain_id,
                                                    cms_project_id)
        computing_project_id = utils.create_project(computing_project_json,
                                                    token)
        print "Computing created: %s" % computing_project_id
        print '======================================================================='

        # Create Project visualisation
        visual_project_json = utils.project_json('visualisation', domain_id,
                                                 cms_project_id)
        visualisation_project_id = utils.create_project(
            visual_project_json, token)
        print "Visualisation created: %s" % visualisation_project_id
        print '======================================================================='

        # Create Project services
        services_project_json = utils.project_json('services', domain_id,
                                                   atlas_project_id)
        services_project_id = utils.create_project(services_project_json,
                                                   token)
        print "Services created: %s" % services_project_id
        print '======================================================================='

        # Create Project operations
        operations_project_json = utils.project_json('operations', domain_id,
                                                     atlas_project_id)
        operations_project_id = utils.create_project(operations_project_json,
                                                     token)
        print "Operations created: %s" % operations_project_id
        print '======================================================================='

        # Creating users
        # Creating and grant admin role to mike in production
        print 'Creating the users...'
        mike = utils.create_user(token, 'Mike', domain_id)
        print "Mike: %s" % mike
        utils.grant_user_role(token, mike, admin_role, [production_project_id])

        print '======================================================================='
        # Creating and grant admin role to jay in cms
        jay = utils.create_user(token, 'Jay', domain_id)
        print "Jay: %s" % jay
        utils.grant_user_role(token, jay, admin_role, [cms_project_id])

        print '======================================================================='
        # Creating and grant admin role to john in atlas
        john = utils.create_user(token, 'John', domain_id)
        print "John: %s" % john
        utils.grant_user_role(token, john, admin_role, [atlas_project_id])

        print '======================================================================='
        # Creating and grant admin role to eric in operations
        eric = utils.create_user(token, 'Eric', domain_id)
        print "Eric: %s" % eric
        utils.grant_user_role(token, eric, admin_role, [operations_project_id])

        print '======================================================================='
        # Creating and grant admin role to xing in services
        xing = utils.create_user(token, 'Xing', domain_id)
        print "Xing: %s" % xing
        utils.grant_user_role(token, xing, admin_role, [services_project_id])

        print '======================================================================='
        # Creating and grant admin role to walter in computing
        walter = utils.create_user(token, 'Walter', domain_id)
        print "Walter: %s" % walter
        utils.grant_user_role(token, walter, admin_role,
                              [computing_project_id])
        print '======================================================================='

        # Creating and grant admin role to duncan in visualisation
        duncan = utils.create_user(token, 'Duncan', domain_id)
        print "Ducnan: %s" % duncan
        utils.grant_user_role(token, duncan, admin_role,
                              [visualisation_project_id])
        print '======================================================================='
        print 'Now, we will get a token for Mike in ProductionIT (root project)'
        print 'and show that Mike can update the quota for the root project.'
        print '======================================================================='
        # Get a token for Mike in ProductionIT
        mike_token_json = utils.get_token_json('Mike', production_project_id)
        mike_token = utils.get_token(mike_token_json)
        print 'Token for mike: %s' % mike_token
        print '======================================================================='

        # Update the Production Quota to 100
        print 'Updating the ProductionIT quota for 100...'
        quota_value = 100
        production_quota = utils.update_quota(mike_token,
                                              production_project_id,
                                              production_project_id,
                                              quota_value)
        print "Mike updating Production Quota: %s" % production_quota
        print '======================================================================='

        print 'Trying get the default quota for CMS...'
        # Verify that the default quotas for CMS is zero
        cms_quota = utils.get_quota(mike_token, production_project_id,
                                    cms_project_id)
        print "Mike getting CMS Quota: %s" % cms_quota
        print '======================================================================='

        print 'Trying update the CMS quota for 45...'
        # Update the CMS Quota to 45
        quota_value = 45
        new_cms_quota = utils.update_quota(mike_token, production_project_id,
                                           cms_project_id, quota_value)
        print "Mike updating CMS Quota: %s" % new_cms_quota
        print '======================================================================='

        print 'Now, we get a token for Jay in CMS and we will try update the CMS Quota'
        print '======================================================================='
        # Get a token for Jay in CMS
        jay_token_json = utils.get_token_json('Jay', cms_project_id)
        jay_token = utils.get_token(jay_token_json)
        print 'Token for Jay: %s ' % jay_token
        print '======================================================================='

        # Raise a exception when try update the CMS Quota with
        # only a project_admin
        print 'Trying update the CMS quota for 50'
        quota_value = 50
        forbidden_error = 403
        new_cms_quota = utils.update_quota(jay_token, cms_project_id,
                                           cms_project_id, quota_value)
        if new_cms_quota == forbidden_error:
            print 'Error: Cannot update the quota for CMS with user Jay'

        print '======================================================================='
        # Verify that the default quotas for Visualisation is zero
        cms_quota = utils.get_quota(jay_token, cms_project_id, cms_project_id)
        print "Trying get the CMS Quota: %s" % cms_quota

        print '======================================================================='
        # Raise a exception when try update the Visualisation Quota with a
        # project_admin in a non-root project
        print 'Trying update the Visualisation Quota with Jay'
        quota_value = 10
        new_visualisation_quota = utils.update_quota(jay_token, cms_project_id,
                                                     visualisation_project_id,
                                                     quota_value)
        if new_visualisation_quota == forbidden_error:
            print 'Error: Cannot update the quota for Visualisation with user Jay'
        else:
            print 'New Visualisation Quota: %s ' % new_visualisation_quota
        print '======================================================================='

        # Raise a exception when try get the Visualisation Quota with a
        # project_admin in a non-root project
        print 'Trying get the Visualisation Quota with Jay'
        visualisation_quota = utils.get_quota(jay_token, cms_project_id,
                                              visualisation_project_id)
        if visualisation_quota == forbidden_error:
            print 'Error: Cannot get the quota for Visualisation with user Jay'
        else:
            print 'Get Visualisation Quota: %s ' % new_visualisation_quota
        print '======================================================================='
        # Raise a exception when try get the Atlas Quota with a project_admin
        # in a non-root project
        atlas_quota = utils.get_quota(jay_token, cms_project_id,
                                      atlas_project_id)
        if atlas_quota == forbidden_error:
            print 'Error: Cannot get the quota for Atlas with user Jay'
        print '======================================================================='

        # Get a token for Duncan in Visualisation
        duncan_token_json = utils.get_token_json('Duncan',
                                                 visualisation_project_id)
        duncan_token = utils.get_token(duncan_token_json)

        print 'Get a token for Duncan in Visualisation: %s ' % duncan_token
        # Raise a exception when try get the Atlas Quota with a project_admin
        # in a subproject
        cms_quota = utils.get_quota(duncan_token, visualisation_project_id,
                                    cms_project_id)
        if cms_quota == forbidden_error:
            print 'Error: Cannot get the quota for CMS with user Duncan'
        print '======================================================================='

        # Raise a exception when try update the Visualisation Quota
        # with a project_admin in a non-root project
        quota_value = 10
        new_visualisation_quota = utils.update_quota(duncan_token,
                                                     visualisation_project_id,
                                                     visualisation_project_id,
                                                     quota_value)
        if new_visualisation_quota == forbidden_error:
            print('Cannot update the quota for Visualisation with user Duncan')
        print '======================================================================='

        # Verify that the default quotas for Visualisation is zero
        visual_quota = utils.get_quota(duncan_token, visualisation_project_id,
                                       visualisation_project_id)
        print('Duncan getting the Visualisation Quota: %s' % visual_quota)
        print '======================================================================='
        print 'Clean up...'

    except Exception as e:
        print 'Error'
        tear_down(token, [
            production_project_id, cms_project_id, atlas_project_id,
            computing_project_id, visualisation_project_id,
            services_project_id, operations_project_id
        ], domain_id)
        f.close()
        print e
    tear_down(token, [
        production_project_id, cms_project_id, atlas_project_id,
        computing_project_id, visualisation_project_id, services_project_id,
        operations_project_id
    ], domain_id)
    f.close()
In the case of using cloud_admin rule using
a specific domain:
"admin_required": "(role:admin or is_admin:1)
and domain_id:cloud_admin_domain_id",
"""

# Regular admin login
admin_client = utils.create_client('admin',
                                   'admin',
                                   'admin',
                                   'Default',
                                   'Default',
                                   'http://*****:*****@example.com',
                                admin_project.id,
                                admin_domain.id)

# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')
def main():
    f = open("log_test_authorization_cider.txt", "w")
    original = sys.stdout
    sys.stdout = utils.Tee(sys.stdout, f)

    token = 0
    domain_id, production_project_id, cms_project_id, atlas_project_id = (0,) * 4
    computing_project_id, visualisation_project_id, services_project_id = (0,) * 3
    operations_project_id = 0
    try:
        token_json = utils.default_token_json("admin", "demo")
        token = utils.get_token(token_json)
        print "======================================================================="
        print "This script will use the follow hierarchy to validate the authorization"
        print "actions related to Nested Quotas on Cinder"
        print "======================================================================="
        print "Hierarchy:"
        print "                            Domain_X          "
        print "                               |"
        print "                          ProductionIT - Mike"
        print "                     /                  \ "
        print "          Jay - CMS                       ATLAS - John"
        print "             /       \                   /       \ "
        print "      Computing   Visualisation   Operations   Services  "
        print "       Walter        Duncan          Eric         Xing"
        print ""
        print "Actors:"
        print ""
        print "Mike - Cloud Admin (i.e. role:cloud-admin) of ProductionIT"
        print "Jay - Manager (i.e. role: project-admin) of Project CMS"
        print "John - Manager (i.e. role: project-admin) of Project ATLAS"
        print "Eric - Manager (i.e. role: project-admin) of Project Operations"
        print "Xing - Manager (i.e. role: project-admin) of Project Services"
        print "Walter - Manager (i.e. role: project-admin) of Project Computing"
        print "Duncan - Manager (i.e. role: project-admin) of Project Visualisation"
        print "======================================================================="
        admin_role = utils.get_role(token, "admin")
        # Create a new domain
        print "Creating the domain..."
        domain = utils.domain_json()
        domain_id = utils.create_domain(domain, token)
        print "Domain created: %s" % domain_id
        print "======================================================================="
        print "Creating the projects..."
        # Create project ProductionIT
        production_project_json = utils.project_json("ProductionIT", domain_id)
        production_project_id = utils.create_project(production_project_json, token)
        print "ProductionIT created: %s" % production_project_id
        print "======================================================================="

        # Create Project CMS
        cms_project_json = utils.project_json("CMS", domain_id, production_project_id)
        cms_project_id = utils.create_project(cms_project_json, token)
        print "CMS created: %s" % cms_project_id
        print "======================================================================="

        # Create Project Atlas
        atlas_project_json = utils.project_json("ATLAS", domain_id, production_project_id)
        atlas_project_id = utils.create_project(atlas_project_json, token)
        print "ATLAS created: %s" % atlas_project_id
        print "======================================================================="

        # Create Project computing
        computing_project_json = utils.project_json("computing", domain_id, cms_project_id)
        computing_project_id = utils.create_project(computing_project_json, token)
        print "Computing created: %s" % computing_project_id
        print "======================================================================="

        # Create Project visualisation
        visual_project_json = utils.project_json("visualisation", domain_id, cms_project_id)
        visualisation_project_id = utils.create_project(visual_project_json, token)
        print "Visualisation created: %s" % visualisation_project_id
        print "======================================================================="

        # Create Project services
        services_project_json = utils.project_json("services", domain_id, atlas_project_id)
        services_project_id = utils.create_project(services_project_json, token)
        print "Services created: %s" % services_project_id
        print "======================================================================="

        # Create Project operations
        operations_project_json = utils.project_json("operations", domain_id, atlas_project_id)
        operations_project_id = utils.create_project(operations_project_json, token)
        print "Operations created: %s" % operations_project_id
        print "======================================================================="

        # Creating users
        # Creating and grant admin role to mike in production
        print "Creating the users..."
        mike = utils.create_user(token, "Mike", domain_id)
        print "Mike: %s" % mike
        utils.grant_user_role(token, mike, admin_role, [production_project_id])

        print "======================================================================="
        # Creating and grant admin role to jay in cms
        jay = utils.create_user(token, "Jay", domain_id)
        print "Jay: %s" % jay
        utils.grant_user_role(token, jay, admin_role, [cms_project_id])

        print "======================================================================="
        # Creating and grant admin role to john in atlas
        john = utils.create_user(token, "John", domain_id)
        print "John: %s" % john
        utils.grant_user_role(token, john, admin_role, [atlas_project_id])

        print "======================================================================="
        # Creating and grant admin role to eric in operations
        eric = utils.create_user(token, "Eric", domain_id)
        print "Eric: %s" % eric
        utils.grant_user_role(token, eric, admin_role, [operations_project_id])

        print "======================================================================="
        # Creating and grant admin role to xing in services
        xing = utils.create_user(token, "Xing", domain_id)
        print "Xing: %s" % xing
        utils.grant_user_role(token, xing, admin_role, [services_project_id])

        print "======================================================================="
        # Creating and grant admin role to walter in computing
        walter = utils.create_user(token, "Walter", domain_id)
        print "Walter: %s" % walter
        utils.grant_user_role(token, walter, admin_role, [computing_project_id])
        print "======================================================================="

        # Creating and grant admin role to duncan in visualisation
        duncan = utils.create_user(token, "Duncan", domain_id)
        print "Ducnan: %s" % duncan
        utils.grant_user_role(token, duncan, admin_role, [visualisation_project_id])
        print "======================================================================="
        print "Now, we will get a token for Mike in ProductionIT (root project)"
        print "and show that Mike can update the quota for the root project."
        print "======================================================================="
        # Get a token for Mike in ProductionIT
        mike_token_json = utils.get_token_json("Mike", production_project_id)
        mike_token = utils.get_token(mike_token_json)
        print "Token for mike: %s" % mike_token
        print "======================================================================="

        # Update the Production Quota to 100
        print "Updating the ProductionIT quota for 100..."
        quota_value = 100
        production_quota = utils.update_quota(mike_token, production_project_id, production_project_id, quota_value)
        print "Mike updating Production Quota: %s" % production_quota
        print "======================================================================="

        print "Trying get the default quota for CMS..."
        # Verify that the default quotas for CMS is zero
        cms_quota = utils.get_quota(mike_token, production_project_id, cms_project_id)
        print "Mike getting CMS Quota: %s" % cms_quota
        print "======================================================================="

        print "Trying update the CMS quota for 45..."
        # Update the CMS Quota to 45
        quota_value = 45
        new_cms_quota = utils.update_quota(mike_token, production_project_id, cms_project_id, quota_value)
        print "Mike updating CMS Quota: %s" % new_cms_quota
        print "======================================================================="

        print "Now, we get a token for Jay in CMS and we will try update the CMS Quota"
        print "======================================================================="
        # Get a token for Jay in CMS
        jay_token_json = utils.get_token_json("Jay", cms_project_id)
        jay_token = utils.get_token(jay_token_json)
        print "Token for Jay: %s " % jay_token
        print "======================================================================="

        # Raise a exception when try update the CMS Quota with
        # only a project_admin
        print "Trying update the CMS quota for 50"
        quota_value = 50
        forbidden_error = 403
        new_cms_quota = utils.update_quota(jay_token, cms_project_id, cms_project_id, quota_value)
        if new_cms_quota == forbidden_error:
            print "Error: Cannot update the quota for CMS with user Jay"

        print "======================================================================="
        # Verify that the default quotas for Visualisation is zero
        cms_quota = utils.get_quota(jay_token, cms_project_id, cms_project_id)
        print "Trying get the CMS Quota: %s" % cms_quota

        print "======================================================================="
        # Raise a exception when try update the Visualisation Quota with a
        # project_admin in a non-root project
        print "Trying update the Visualisation Quota with Jay"
        quota_value = 10
        new_visualisation_quota = utils.update_quota(jay_token, cms_project_id, visualisation_project_id, quota_value)
        if new_visualisation_quota == forbidden_error:
            print "Error: Cannot update the quota for Visualisation with user Jay"
        else:
            print "New Visualisation Quota: %s " % new_visualisation_quota
        print "======================================================================="

        # Raise a exception when try get the Visualisation Quota with a
        # project_admin in a non-root project
        print "Trying get the Visualisation Quota with Jay"
        visualisation_quota = utils.get_quota(jay_token, cms_project_id, visualisation_project_id)
        if visualisation_quota == forbidden_error:
            print "Error: Cannot get the quota for Visualisation with user Jay"
        else:
            print "Get Visualisation Quota: %s " % new_visualisation_quota
        print "======================================================================="
        # Raise a exception when try get the Atlas Quota with a project_admin
        # in a non-root project
        atlas_quota = utils.get_quota(jay_token, cms_project_id, atlas_project_id)
        if atlas_quota == forbidden_error:
            print "Error: Cannot get the quota for Atlas with user Jay"
        print "======================================================================="

        # Get a token for Duncan in Visualisation
        duncan_token_json = utils.get_token_json("Duncan", visualisation_project_id)
        duncan_token = utils.get_token(duncan_token_json)

        print "Get a token for Duncan in Visualisation: %s " % duncan_token
        # Raise a exception when try get the Atlas Quota with a project_admin
        # in a subproject
        cms_quota = utils.get_quota(duncan_token, visualisation_project_id, cms_project_id)
        if cms_quota == forbidden_error:
            print "Error: Cannot get the quota for CMS with user Duncan"
        print "======================================================================="

        # Raise a exception when try update the Visualisation Quota
        # with a project_admin in a non-root project
        quota_value = 10
        new_visualisation_quota = utils.update_quota(
            duncan_token, visualisation_project_id, visualisation_project_id, quota_value
        )
        if new_visualisation_quota == forbidden_error:
            print ("Cannot update the quota for Visualisation with user Duncan")
        print "======================================================================="

        # Verify that the default quotas for Visualisation is zero
        visual_quota = utils.get_quota(duncan_token, visualisation_project_id, visualisation_project_id)
        print ("Duncan getting the Visualisation Quota: %s" % visual_quota)
        print "======================================================================="
        print "Clean up..."

    except Exception as e:
        print "Error"
        tear_down(
            token,
            [
                production_project_id,
                cms_project_id,
                atlas_project_id,
                computing_project_id,
                visualisation_project_id,
                services_project_id,
                operations_project_id,
            ],
            domain_id,
        )
        f.close()
        print e
    tear_down(
        token,
        [
            production_project_id,
            cms_project_id,
            atlas_project_id,
            computing_project_id,
            visualisation_project_id,
            services_project_id,
            operations_project_id,
        ],
        domain_id,
    )
    f.close()
def main():
    f = open('log_test_values_cider.txt', 'w')
    original = sys.stdout
    sys.stdout = utils.Tee(sys.stdout, f)

    token = 0
    domain_id, production_project_id, cms_project_id, atlas_project_id = (0, )*4
    computing_project_id, visualisation_project_id, services_project_id = (0, )*3
    operations_project_id = 0
    try:
	token_json = utils.default_token_json('admin', 'demo')
        token = utils.get_token(token_json)
	print '======================================================================='
        print 'This script will use the follow hierarchy to validate the quota values' 
	print 'related to Nested Quotas on Cinder'
	print '======================================================================='
	print 'Hierarchy:'
	print '                            Domain_X          '
	print '                               |'
	print '                          ProductionIT - Mike' 
	print '                     /                  \ '
	print '          Jay - CMS                       ATLAS - John'
	print '             /       \                   /       \ '
	print '      Computing   Visualisation   Operations   Services  '
	print '       Walter        Duncan          Eric         Xing'
	print ''
	print 'Actors:'
	print ''
	print 'Mike - Cloud Admin (i.e. role:cloud-admin) of ProductionIT'
	print 'Jay - Manager (i.e. role: project-admin) of Project CMS'
	print 'John - Manager (i.e. role: project-admin) of Project ATLAS'
	print 'Eric - Manager (i.e. role: project-admin) of Project Operations'
	print 'Xing - Manager (i.e. role: project-admin) of Project Services'
	print 'Walter - Manager (i.e. role: project-admin) of Project Computing'
	print 'Duncan - Manager (i.e. role: project-admin) of Project Visualisation'
	print '======================================================================='
     
        # Create a new domain
 	print 'Creating the domain...'    
        domain = utils.domain_json()
        domain_id = utils.create_domain(domain, token)
        print 'Domain created: %s' % domain_id
	print '======================================================================='
 	print 'Creating the projects...'    
     
        # Create project ProductionIT
        production_project_json = utils.project_json('ProductionIT', domain_id)
        production_project_id = utils.create_project(production_project_json,
						     token)
        print "ProductionIT created: %s" % production_project_id
	print '======================================================================='
        
        # Create Project CMS 
        cms_project_json = utils.project_json('CMS', domain_id,
					      production_project_id)
        cms_project_id = utils.create_project(cms_project_json, token)
        print "CMS created: %s" % cms_project_id
	print '======================================================================='
        
        # Create Project Atlas
        atlas_project_json = utils.project_json('ATLAS',
					        domain_id,
						production_project_id)
        atlas_project_id = utils.create_project(atlas_project_json, token)
        print "ATLAS created: %s" % atlas_project_id
	print '======================================================================='
        
        # Create Project computing
        computing_project_json = utils.project_json('computing',
						    domain_id,
					            cms_project_id)
        computing_project_id = utils.create_project(computing_project_json,
						    token)
        print "Computing created: %s" % computing_project_id
	print '======================================================================='
     
        # Create Project visualisation
        visual_project_json = utils.project_json('visualisation',
	            			         domain_id,
					         cms_project_id)
        visualisation_project_id = utils.create_project(visual_project_json,
						        token)
        print "Visualisation created: %s" % visualisation_project_id
	print '======================================================================='
     
        # Create Project services
        services_project_json = utils.project_json('services',
						   domain_id,
						   atlas_project_id)
        services_project_id = utils.create_project(services_project_json,
						   token)
        print "Services created: %s" % services_project_id
	print '======================================================================='
     
        # Create Project operations
        operations_project_json = utils.project_json('operations',
						     domain_id,
					             atlas_project_id)
        operations_project_id = utils.create_project(operations_project_json,
						     token)
        print "Operations created: %s" % operations_project_id
	print '======================================================================='
     
	admin_role = utils.get_role(token, 'admin')
        # Creating users
	# Creating and grant admin role to mike in production
 	print 'Creating the users...'    
        mike = utils.create_user(token, 'Mike', domain_id)
	print "Mike: %s" % mike
        utils.grant_user_role(token, mike,
			      admin_role, [production_project_id])
	print '======================================================================='

	# Creating and grant admin role to jay in cms
	jay = utils.create_user(token, 'Jay', domain_id)
	print "Jay: %s" % jay 
        utils.grant_user_role(token, jay,
			      admin_role, [cms_project_id])
	print '======================================================================='

	# Creating and grant admin role to john in atlas
	john = utils.create_user(token, 'John', domain_id)
	print "John: %s" % john 
        utils.grant_user_role(token, john,
			      admin_role, [atlas_project_id])
	print '======================================================================='

	# Creating and grant admin role to eric in operations
	eric = utils.create_user(token, 'Eric', domain_id)
	print "Eric: %s" % eric 
        utils.grant_user_role(token, eric,
			      admin_role, [operations_project_id])
	print '======================================================================='

	# Creating and grant admin role to xing in services
	xing = utils.create_user(token, 'Xing', domain_id)
	print "Xing: %s" % xing 
        utils.grant_user_role(token, xing,
			      admin_role, [services_project_id])
	print '======================================================================='

	# Creating and grant admin role to walter in computing
	walter = utils.create_user(token, 'Walter', domain_id)
	print "Walter: %s" % walter 
        utils.grant_user_role(token, walter,
			      admin_role, [computing_project_id])
	print '======================================================================='

	# Creating and grant admin role to duncan in visualisation
	duncan = utils.create_user(token, 'Duncan', domain_id)
	print "Ducnan: %s" % duncan 
        utils.grant_user_role(token, duncan,
			      admin_role, [visualisation_project_id])
	print '======================================================================='
	print 'Now, we will get a token for Mike in ProductionIT (root project)'
	print 'and show that the quota calculation in the hierarchy works well.'
	print '======================================================================='
	# Get a token for Mike in ProductionIT
	mike_token_json = utils.get_token_json('Mike',
					       production_project_id)
        mike_token = utils.get_token(mike_token_json)
	print 'Token for mike: %s' % mike_token
	print '======================================================================='

	# Update the Prduction Quota to 100
	print 'Updating the ProductionIT quota for 100...'
	quota_value = 100 
	production_quota = utils.update_quota(mike_token, 
					      production_project_id,
					      production_project_id,
					      quota_value)
	quota_show_production = utils.quota_show(mike_token,
						 production_project_id,
						 production_project_id)
	print '======================================================================='
	print "Production Quota: %s" % quota_show_production
	print '======================================================================='
	# Update the CMS Quota to 40
	print 'Updating the CMS quota for 40...'
	quota_value = 40 
	cms_quota = utils.update_quota(mike_token, 
				       production_project_id,
				       cms_project_id,
				       quota_value)
	quota_show_production = utils.quota_show(mike_token,
						 production_project_id, 
						 production_project_id)
	quota_show_cms = utils.quota_show(mike_token, production_project_id, cms_project_id)
	print 'Verify that allocated ProductionIT quota was updated to 40'
	print "Production Quota: %s" % quota_show_production
	print "CMS Quota: %s" % quota_show_cms
	print '======================================================================='
	# Update the Atlas Quota to 30 
	print 'Updating the Atlas quota for 30...'
	quota_value = 30 
	atlas_quota = utils.update_quota(mike_token, 
				         production_project_id,
				         atlas_project_id,
				         quota_value)
	quota_show_production = utils.quota_show(mike_token,
						 production_project_id,
						 production_project_id)
	quota_show_atlas = utils.quota_show(mike_token,
					    production_project_id,
					    atlas_project_id)
	print 'Verify that allocated ProductionIT quota was updated to 70'
	print "Production Quota: %s" % quota_show_production
	print "Atlas Quota: %s" % quota_show_atlas
	print '======================================================================='

	# Update the Computing Quota to 15 
	print 'Updating the Computing quota for 15...'
	quota_value = 15 
	computing_quota = utils.update_quota(mike_token, 
				             production_project_id,
				             computing_project_id,
				             quota_value)
	quota_show_cms = utils.quota_show(mike_token,
					  production_project_id,
					  cms_project_id)
	quota_show_computing = utils.quota_show(mike_token,
					        production_project_id,
					        computing_project_id)
	print 'Verify that allocated CMS quota was updated to 15'
	print "CMS Quota: %s" % quota_show_cms
	print "Computing Quota: %s" % quota_show_computing
	print '======================================================================='

	# Update the visualisaton Quota to 15 
	print 'Updating the Visualisation quota for 15...'
	quota_value = 15 
	visualisation_quota = utils.update_quota(mike_token, 
				            	 production_project_id,
				             	 visualisation_project_id,
				             	 quota_value)
	quota_show_cms = utils.quota_show(mike_token,
					  production_project_id,
					  cms_project_id)
	quota_show_visualisation = utils.quota_show(mike_token,
						    production_project_id,
						    visualisation_project_id)
	print 'Verify that allocated CMS quota was updated to 30'
	print "CMS Quota: %s" % quota_show_cms
	print "Visualisation Quota: %s" % quota_show_visualisation
	print '======================================================================='

	print 'Updating the Services quota for 10...'
	# Update the services Quota to 10 
	quota_value = 10 
	services_quota = utils.update_quota(mike_token, 
				           production_project_id,
				           services_project_id,
				           quota_value)
	quota_show_atlas = utils.quota_show(mike_token,
					    production_project_id,
					    atlas_project_id)
	quota_show_services = utils.quota_show(mike_token,
					       production_project_id,
					       services_project_id)
	print 'Verify that allocated Atlas quota was updated to 10'
	print "Atlas Quota: %s" % quota_show_atlas
	print "Service Quota: %s" % quota_show_services
	print '======================================================================='

	# Update the operations Quota to 10 
	quota_value = 10 
	operations_quota = utils.update_quota(mike_token, 
				           production_project_id,
				           operations_project_id,
				           quota_value)
	quota_show_atlas = utils.quota_show(mike_token,
					    production_project_id,
					    atlas_project_id)
	quota_show_operations = utils.quota_show(mike_token,
						 production_project_id,
						 operations_project_id)
	print 'Verify that allocated Atlas quota was updated to 20'
	print "Atlas Quota: %s" % quota_show_atlas
	print "Operations Quota: %s" % quota_show_operations
	print '======================================================================='
	# Update the CMS Quota to 40
	quota_value = 71 
	print 'Trying update the CMS quota for 71...'
	cms_quota = utils.update_quota(mike_token, 
				       production_project_id,
				       cms_project_id,
				       quota_value)
	print "Error: %s" % cms_quota
	print '======================================================================='
	print "Creating 10 Volumes in CMS..."
	# Get a token for Jay in CMS
	jay_token_json = utils.get_token_json('Jay', cms_project_id)
        jay_token = utils.get_token(jay_token_json)

	for i in range(0,10):
	    utils.create_volume(jay_token, cms_project_id)
	quota_show_cms = utils.quota_show(jay_token, cms_project_id, cms_project_id)
	print "CMS Quota: %s" % quota_show_cms
	print 'Now, we dont have free quota in CMS'
	print '======================================================================='
	print "Trying update the computing quota to 16 (subproject for CMS)..."
	quota_value = 16 
	computing_quota = utils.update_quota(mike_token, 
				       production_project_id,
				       computing_project_id,
				       quota_value)
	print "Error: %s" % computing_quota
	print '======================================================================='
	print 'Clean up...'

    except Exception as e:
	print 'Error'
        tear_down(token, [production_project_id,
	          cms_project_id, 
                  atlas_project_id,
                  computing_project_id,
                  visualisation_project_id,
                  services_project_id,
                  operations_project_id], domain_id)
    	f.close()
        print e 
    tear_down(token, [production_project_id,    
              cms_project_id, 
              atlas_project_id,
	      computing_project_id,
	      visualisation_project_id,
	      services_project_id,
	      operations_project_id], domain_id)
    f.close()
示例#11
0
 def test_add_domain(self):
     with self.assertRaises(Exception):
         utils.create_domain(self.client, 'test')
示例#12
0
def read(filelocation):

    phen = phenomenon()
    hdf5file = python_hdf5.lue_h5py(filelocation)

    #retrieve phenomenon name from dataset
    phen_list = hdf5file.list_phenomena()
    phen_name = phen_list[0]
    phen.name = phen_name

    # retrieve and set data for property sets
    pset_list = hdf5file.list_property_sets(phen_name)

    for ps_name in pset_list:

        ps = pset()
        ps.name = ps_name

        #retrieve properties for property set
        p_list = hdf5file.list_property_sets_prop(phen_name, ps_name)
        dom = domain()
        dom = utils.create_domain(dom, hdf5file, phen_name, ps_name,
                   p_list[0])
        dom.pset = ps

        setattr(phen, ps_name, ps)

        setattr(ps, 'domain', dom)

        for p_name in p_list:

            if "discretization" in p_name:
                continue

            p = prop()
            p.name = p_name

            #set the data type in the property. For now, agent or field
            if utils.is_field(hdf5file, phen_name, ps_name):
                p.datatype = datatypes.field
            else:
                p.datatype = datatypes.agent

            v = val()
            v = utils.create_value(v, hdf5file, phen_name, ps_name, p_name)
            v.prop = p

            # get the discretization of a field property
            if p.datatype == datatypes.field:
                p.space_discretization = [hdf5file.nr_cols(phen_name, ps_name,
                           p_name), hdf5file.nr_rows(phen_name, ps_name,
                           p_name)]
            else:
                p.space_discretization = None

            p.time_discretization = None
            setattr(ps, p_name, p)

            # set the domain for this property
            setattr(p, 'domain', dom)

            # set v for this property
            setattr(p, 'value', v)

    hdf5file.close_current_hdf5_file()

    return phen
 def _create_test_domain(self, name):
     return utils.create_domain(
         self.admin_client, name)
 def test_add_domain(self):
     try:
         utils.create_domain(self.client, 'test_domain')
     except:
         self.fail('Unexpected exception raised: '
                   'utils.create_domain(self.client, \'test\')')