def test_create_strategy_unknown_should_500_noop_testing(self):
"""The none strategy simply is a noop."""
result = context_filter.filter_factory(self.unknown_testing)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something', method='HEAD')
self.assertEqual(self.app, resp)
def test_requires_auth_will_fail_without_info(self):
result = context_filter.filter_factory(self.strat_neutron_a)(self.app)
self.assertIsNotNone(result)
headers = {'Content-Type': 'application/json',
'X_ROLES': 'testrole, testrole2', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertTrue(isinstance(resp, webob.exc.HTTPForbidden))
def test_create_strategy_unknown_should_500_noop_testing(self):
"""The none strategy simply is a noop."""
result = context_filter.filter_factory(self.unknown_testing)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something', method='HEAD')
self.assertEqual(self.app, resp)
def test_create_strategy_neutron_no_user(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
self.assertFalse('neutron.context' in self.req)
headers = {'Content-Type': 'application/json', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
def test_create_strategy_neutron(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json',
'X_USER_ID': 'derp', }
result.__call__.request('/', method='HEAD', headers=headers)
context = result.strat_instance.context
self.assertTrue(context.is_admin)
def test_create_strategy_neutron_no_user_no_role(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
context = result.strat_instance.context
self.assertTrue(context.is_admin)
self.assertEqual(self.app, resp)
def test_advsvc_is_false_when_admin_and_not_advsvc_role(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json'}
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertFalse(context.is_advsvc)
def test_create_strategy_neutron(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
self.assertFalse('neutron.context' in self.req)
headers = {
'Content-Type': 'application/json',
'X_USER_ID': 'derp',
}
result.__call__.request('/', method='HEAD', headers=headers)
def test_create_strategy_test_noop_testing(self):
"""This is a test strategy to see if this thing works."""
result = context_filter.filter_factory(self.strat_test)(self.app)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something', method='HEAD')
self.assertEqual(self.app, resp)
self.assertEqual(1, self.context_init.call_count)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
"""Should be 1 because of a new instance."""
self.assertEqual(1, self.context_init.call_count)
def test_advsvc_is_true_when_policy_says_it_is(self):
self.adv_svc.return_value = True
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json'}
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertTrue(context.is_advsvc)
def test_create_strategy_test_noop_testing(self):
"""This is a test strategy to see if this thing works."""
result = context_filter.filter_factory(self.strat_test)(self.app)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something', method='HEAD')
self.assertEqual(self.app, resp)
self.assertEqual(1, self.context_init.call_count)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
"""Should be 1 because of a new instance."""
self.assertEqual(1, self.context_init.call_count)
def test_create_strategy_neutron_no_user(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
self.assertFalse('neutron.context' in self.req)
headers = {
'Content-Type': 'application/json',
}
with patch('neutron.policy.get_admin_roles', self.get_admin_mock):
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
def test_create_strategy_neutron_with_no_roles(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
self.assertFalse('neutron.context' in self.req)
headers = {'Content-Type': 'application/json',
'X_ROLES': None, }
with patch('neutron.policy.get_admin_roles',
self.get_admin_mock):
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
def test_create_strategy_neutron_with_empty_roles(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json',
'X_ROLES': '', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertTrue(context.is_admin)
self.assertTrue(hasattr(context, 'roles'))
def test_create_strategy_neutron_with_no_roles(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
self.assertFalse('neutron.context' in self.req)
headers = {
'Content-Type': 'application/json',
'X_ROLES': None,
}
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
def test_override_runtime_enabled(self):
"""The none strategy simply is a noop."""
self.set_reconfigure()
headers = {'X_WAFFLEHAUS_CONTEXTFILTER_ENABLED': False}
result = context_filter.filter_factory(self.strat_test)(self.app)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something', method='HEAD',
headers=headers)
self.assertEqual(self.app, resp)
self.assertEqual(0, self.context_init.call_count)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
"""Should be 1 because of a new instance."""
self.assertEqual(0, self.context_init.call_count)
def test_override_runtime_enabled(self):
"""The none strategy simply is a noop."""
self.set_reconfigure()
headers = {'X_WAFFLEHAUS_CONTEXTFILTER_ENABLED': False}
result = context_filter.filter_factory(self.strat_test)(self.app)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
resp = result.__call__.request('/something',
method='HEAD',
headers=headers)
self.assertEqual(self.app, resp)
self.assertEqual(0, self.context_init.call_count)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
"""Should be 1 because of a new instance."""
self.assertEqual(0, self.context_init.call_count)
def test_create_strategy_neutron_with_roles(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json',
'X_ROLES': 'testrole, testrole2', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertTrue(hasattr(context, 'roles'))
self.assertTrue('testrole' in context.roles)
self.assertTrue('testrole2' in context.roles)
self.assertTrue(context.is_admin)
self.assertEqual(2, len(context.roles))
def test_verify_non_duplicate_request_id_admin(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertTrue(isinstance(result, context_filter.ContextFilter))
headers = {'Content-Type': 'application/json', }
resp = result.__call__.request('/', method='HEAD', headers=headers)
context = result.strat_instance.context
self.assertTrue(context.is_admin)
self.assertEqual(self.app, resp)
# Generate another call in order to force oslo.context to refresh
# the _request_store, which in turn generates a new request_id
resp = result.__call__.request('/', method='HEAD', headers=headers)
context1 = result.strat_instance.context
self.assertNotEqual(context.request_id, context1.request_id)
def test_create_strategy_neutron_appends_to_admin_role(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertFalse('neutron.context' in self.req)
headers = {'Content-Type': 'application/json',
'X_ROLES': 'testrole, testrole2', }
with patch('neutron.policy.get_admin_roles',
self.get_admin_mock):
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertTrue(hasattr(context, 'roles'))
self.assertTrue('testrole' in context.roles)
self.assertTrue('testrole2' in context.roles)
self.assertTrue('admin' in context.roles)
self.assertEqual(3, len(context.roles))
def test_create_strategy_neutron_appends_to_admin_role(self):
result = context_filter.filter_factory(self.strat_neutron)(self.app)
self.assertIsNotNone(result)
self.assertFalse('neutron.context' in self.req)
headers = {
'Content-Type': 'application/json',
'X_ROLES': 'testrole, testrole2',
}
with patch('neutron.policy.get_admin_roles', self.get_admin_mock):
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
context = result.strat_instance.context
self.assertTrue(hasattr(context, 'roles'))
self.assertTrue('testrole' in context.roles)
self.assertTrue('testrole2' in context.roles)
self.assertTrue('admin' in context.roles)
self.assertEqual(3, len(context.roles))
def test_requires_auth_is_not_admin(self):
result = context_filter.filter_factory(self.strat_neutron_a)(self.app)
self.assertIsNotNone(result)
headers = {'Content-Type': 'application/json',
'X_TENANT_ID': '123456',
'X_USER_ID': 'foo',
'X_ROLES': 'testrole, testrole2', }
policy_check = self.create_patch('neutron.policy.check_is_admin')
policy_check.return_value = False
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
self.assertEqual(2, policy_check.call_count)
context = result.strat_instance.context
self.assertTrue(hasattr(context, 'roles'))
self.assertTrue('testrole' in context.roles)
self.assertTrue('testrole2' in context.roles)
self.assertFalse(context.is_admin)
self.assertEqual(2, len(context.roles))
def test_verify_non_duplicate_request_id_non_admin(self):
result = context_filter.filter_factory(self.strat_neutron_a)(self.app)
self.assertIsNotNone(result)
headers = {'Content-Type': 'application/json',
'X_TENANT_ID': '123456',
'X_USER_ID': 'foo',
'X_ROLES': 'testrole, testrole2', }
policy_check = self.create_patch('neutron.policy.check_is_admin')
policy_check.return_value = False
resp = result.__call__.request('/', method='HEAD', headers=headers)
self.assertEqual(self.app, resp)
self.assertEqual(2, policy_check.call_count)
context = result.strat_instance.context
self.assertTrue(hasattr(context, 'roles'))
self.assertTrue('testrole' in context.roles)
self.assertTrue('testrole2' in context.roles)
self.assertFalse(context.is_admin)
self.assertEqual(2, len(context.roles))
# Generate another call in order to force oslo.context to refresh
# the _request_store, which in turn generates a new request_id
resp = result.__call__.request('/', method='HEAD', headers=headers)
context1 = result.strat_instance.context
self.assertNotEqual(context.request_id, context1.request_id)
