def error_cleanup():
global project_uuid, project_admin_uuid, virtual_id_uuid
if virtual_id_uuid:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
def error_cleanup():
global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \
company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \
virtual_id_uuid, platform_admin_uuid
if company_uuid_01:
iam2_ops.delete_iam2_organization(company_uuid_01)
if company_uuid_02:
iam2_ops.delete_iam2_organization(company_uuid_02)
if department_01_uuid:
iam2_ops.delete_iam2_organization(department_01_uuid)
if department_02_uuid:
iam2_ops.delete_iam2_organization(department_02_uuid)
if virtual_id_group_uuid:
iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if project_02_uuid:
iam2_ops.delete_iam2_project(project_02_uuid)
iam2_ops.expunge_iam2_project(project_02_uuid)
if project_template_01_uuid:
iam2_ops.delete_iam2_project_template(project_template_01_uuid)
if project_template_02_uuid:
iam2_ops.delete_iam2_project_template(project_template_02_uuid)
if virtual_id_uuid:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if platform_admin_uuid:
iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
if role_uuid:
iam2_ops.delete_role(role_uuid)
iam2_ops.clean_iam2_enviroment()
def error_cleanup():
global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \
company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \
virtual_id_uuid
if company_uuid_01:
iam2_ops.delete_iam2_organization(company_uuid_01)
if company_uuid_02:
iam2_ops.delete_iam2_organization(company_uuid_02)
if department_01_uuid:
iam2_ops.delete_iam2_organization(department_01_uuid)
if department_02_uuid:
iam2_ops.delete_iam2_organization(department_02_uuid)
if virtual_id_group_uuid:
iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if project_02_uuid:
iam2_ops.delete_iam2_project(project_02_uuid)
iam2_ops.expunge_iam2_project(project_02_uuid)
if project_template_01_uuid:
iam2_ops.delete_iam2_project_template(project_template_01_uuid)
if project_template_02_uuid:
iam2_ops.delete_iam2_project_template(project_template_02_uuid)
if virtual_id_uuid:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if role_uuid:
iam2_ops.delete_role(role_uuid)
iam2_ops.clean_iam2_enviroment()
def error_cleanup():
global project_uuid, project_admin_uuid, virtual_id_uuid
if virtual_id_uuid:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
def error_cleanup():
global project_uuid, project_operator_uuid, vxlan_pool_uuid, vni_range_uuid, l2_vxlan_network_uuid, account1_uuid, account2_uuid
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if vni_range_uuid:
vxlan_ops.delete_vni_range(vni_range_uuid)
vpc_ops.remove_all_vpc_vrouter()
test_lib.lib_error_cleanup(test_obj_dict)
if vxlan_pool_uuid:
net_ops.delete_l2(vxlan_pool_uuid)
if l2_vxlan_network_uuid:
net_ops.delete_l2(l2_vxlan_network_uuid)
if account1_uuid:
acc_ops.delete_account(account1_uuid)
if account2_uuid:
acc_ops.delete_account(account2_uuid)
if platform_admin_uuid:
iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def error_cleanup():
global project_uuid,project_operator_uuid, vxlan_pool_uuid,vni_range_uuid,l2_vxlan_network_uuid,account1_uuid,account2_uuid
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if vni_range_uuid:
vxlan_ops.delete_vni_range(vni_range_uuid)
vpc_ops.remove_all_vpc_vrouter()
test_lib.lib_error_cleanup(test_obj_dict)
if vxlan_pool_uuid:
net_ops.delete_l2(vxlan_pool_uuid)
if l2_vxlan_network_uuid:
net_ops.delete_l2(l2_vxlan_network_uuid)
if account1_uuid:
acc_ops.delete_account(account1_uuid)
if account2_uuid:
acc_ops.delete_account(account2_uuid)
if platform_admin_uuid:
iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def test():
global vm, volume
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
# 3 create volume
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
volume = test_stub.create_volume(session_uuid=project_admin_session_uuid)
volume.attach(vm)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid)
vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)
if not vol_inv:
test_util.test_fail(
"can't query volume after delete the project ,test fail")
# 5 expunge project
iam2_ops.expunge_iam2_project(project_uuid)
# query volume
cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid)
vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)[0]
if vol_inv.status != 'Deleted':
test_util.test_fail(
'The volume created in project is still not deleted after the project is expunge ,now status is %s'
% vol_inv.status)
volume.expunge()
vm.clean()
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success')
def error_cleanup():
test_lib.lib_error_cleanup(test_obj_dict)
if affinity_group_inv:
ag_ops.delete_affinity_group(affinity_group_inv[0].uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global image
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
# 3 add image
bs_cond = res_ops.gen_query_conditions("status", '=', "Connected")
bss = res_ops.query_resource(res_ops.BACKUP_STORAGE, bs_cond)
image_option = test_util.ImageOption()
image_option.set_format('iso')
image_option.set_name('test_add_iso_image')
image_option.set_url(os.environ.get('imageServer') + "/iso/CentOS-x86_64-7.2-Minimal.iso")
image_option.set_backup_storage_uuid_list([bss[0].uuid])
image_option.set_timeout(60000)
image_option.set_session_uuid(project_admin_session_uuid)
image = img_ops.add_image(image_option)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
cond =res_ops.gen_query_conditions('uuid','=',image.uuid)
img_inv=res_ops.query_resource(res_ops.IMAGE,cond)
if not img_inv:
test_util.test_fail("can't query image %s after delete the project,test fail"%image.uuid)
# 5 expunge project
iam2_ops.expunge_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid','=',image.uuid)
img_inv = res_ops.query_resource(res_ops.IMAGE,cond)[0]
if img_inv.status != 'Deleted':
test_util.test_fail('The image created in project is not deleted after project is expunge, test fail')
img_ops.expunge_image(image.uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success')
def error_cleanup(): global project_uuid, project_operator_uuid, virtual_id_uuid if virtual_id_uuid: iam2_ops.delete_iam2_virtual_id(virtual_id_uuid) if project_operator_uuid: iam2_ops.delete_iam2_virtual_id(project_operator_uuid) if project_uuid: iam2_ops.delete_iam2_project(project_uuid) iam2_ops.expunge_iam2_project(project_uuid) iam2_ops.clean_iam2_enviroment()
def error_cleanup():
global project_uuid, project_operator_uuid, virtual_id_uuid
if virtual_id_uuid:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
iam2_ops.clean_iam2_enviroment()
def test():
global vm, volume
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name, project_admin_session_uuid).uuid
res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
# 3 create volume
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
volume = test_stub.create_volume(session_uuid=project_admin_session_uuid)
volume.attach(vm)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid)
vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)
if not vol_inv:
test_util.test_fail("can't query volume after delete the project ,test fail")
# 5 expunge project
iam2_ops.expunge_iam2_project(project_uuid)
# query volume
cond = res_ops.gen_query_conditions('uuid', '=', volume.get_volume().uuid)
vol_inv = res_ops.query_resource(res_ops.VOLUME, cond)[0]
if vol_inv.status != 'Deleted':
test_util.test_fail(
'The volume created in project is still not deleted after the project is expunge ,now status is %s' %
vol_inv.status)
volume.expunge()
vm.clean()
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success')
def error_cleanup():
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if l2_vxlan_network_uuid:
net_ops.delete_l2(l2_vxlan_network_uuid)
if vni_range_uuid:
vxlan_ops.delete_vni_range(vni_range_uuid)
if vxlan_pool_uuid:
net_ops.delete_l2(vxlan_pool_uuid)
if l3_vpc_network_uuid:
net_ops.delete_l3(l3_vpc_network_uuid)
def error_cleanup():
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if l2_vxlan_network_uuid:
net_ops.delete_l2(l2_vxlan_network_uuid)
if vni_range_uuid:
vxlan_ops.delete_vni_range(vni_range_uuid)
if vxlan_pool_uuid:
net_ops.delete_l2(vxlan_pool_uuid)
if l3_vr_network_uuid:
net_ops.delete_l3(l3_vr_network_uuid)
def error_cleanup():
global project_uuid,project_operator_uuid, test_account_uuid, l2_uuid, l2_uuid1
if project_operator_uuid:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if project_uuid:
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_lib.lib_error_cleanup(test_obj_dict)
if l2_uuid:
net_ops.delete_l2(l2_uuid)
if l2_uuid1:
net_ops.delete_l2(l2_uuid1)
if test_account_uuid:
acc_ops.delete_account(test_account_uuid)
def test():
global cert
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
cert = net_ops.create_certificate('certificate_for_pm',
'fake certificate',
session_uuid=project_admin_session_uuid)
acc_ops.logout(project_admin_session_uuid)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 5 check for cascade delete
test_stub.check_resource_not_exist(cert.uuid, res_ops.CERTIFICATE)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test():
global cert
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_admin_session_uuid)
acc_ops.logout(project_admin_session_uuid)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 5 check for cascade delete
test_stub.check_resource_not_exist(cert.uuid,res_ops.CERTIFICATE)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test():
global affinity_group_inv,project_uuid,project_operator_uuid
# 1 create project
project_name = 'test_project6'
project_uuid = iam2_ops.create_iam2_project(project_name).uuid
# 2 create project operator
project_operator_name = 'username6'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
# 4 create affinity group and add vm into affinity group
ag1 = ag_ops.create_affinity_group(name="ag1",policy="antiHard",session_uuid=project_login_uuid)
vm1 = test_stub.create_ag_vm(affinitygroup_uuid=ag1.uuid)
test_obj_dict.add_vm(vm1)
# 5 delete and expunge the project and check the affinity group
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions("appliance",'=',"CUSTOMER")
affinity_group_inv = res_ops.query_resource(res_ops.AFFINITY_GROUP,cond)
if affinity_group_inv:
test_util.test_fail(
"affinity_group [%s] is still exist after expunge the project[%s]" % (affinity_group_inv[0].uuid,project_login_uuid))
# 6 delete
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \
company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \
virtual_id_uuid
iam2_ops.clean_iam2_enviroment()
# 1 create role and add/remove policy
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
action = "org.zstack.header.image.**"
statements = [{"effect": "Allow", "actions": [action]}]
iam2_ops.add_policy_statements_to_role(role_uuid, statements)
statement_uuid = iam2_ops.get_policy_statement_uuid_of_role(
role_uuid, action)
# statement_uuid= res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0].statements[0].uuid
iam2_ops.remove_policy_statements_from_role(role_uuid, [statement_uuid])
# 2 create project and add/remove attributes to/from it
project_name = 'test_project'
project_uuid = iam2_ops.create_iam2_project(project_name).uuid
zone_inv = res_ops.query_resource(res_ops.ZONE)
if len(zone_inv) >= 2:
attributes = [{
"name": "__ProjectRelatedZone__",
"value": zone_inv[0].uuid
}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
username = '******'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(username,
password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid],
project_uuid)
session_uuid = iam2_ops.login_iam2_virtual_id(username, password)
session_uuid = iam2_ops.login_iam2_project(project_name,
session_uuid).uuid
cond = res_ops.gen_query_conditions('zoneUuid', '=', zone_inv[1].uuid)
host_inv = res_ops.query_resource(res_ops.HOST,
cond,
session_uuid=session_uuid)
if host_inv:
test_util.test_fail("test Project Related Zone fail")
attribute_uuid = iam2_ops.get_attribute_uuid_of_project(
project_uuid, "__ProjectRelatedZone__")
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
iam2_ops.remove_attributes_from_iam2_project(project_uuid,
[attribute_uuid])
# 3 create project template from project
project_template_01_uuid = iam2_ops.create_iam2_project_template_from_project(
'project_template', project_uuid, 'this is a template '
'description').uuid
project_template_inv = res_ops.get_resource(res_ops.IAM2_PROJECT_TEMPLATE,
uuid=project_template_01_uuid)
if not project_template_inv:
test_util.test_fail("create template from project fail")
# 4 create project template and then create project from template
project_template_02_uuid = iam2_ops.create_iam2_project_template(
'project_template_02').uuid
project_02_uuid = iam2_ops.create_iam2_project_from_template(
'project_02', project_template_02_uuid).uuid
project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT,
uuid=project_02_uuid)
if not project_inv:
test_util.test_fail("create project from template fail")
# 5 create Company and Department (organization)
company_uuid_01 = iam2_ops.create_iam2_organization(
'test_company_01', 'Company').uuid
company_uuid_02 = iam2_ops.create_iam2_organization(
'test_company_02', 'Company').uuid
department_01_uuid = iam2_ops.create_iam2_organization(
'test_department_01', 'Department', parent_uuid=company_uuid_01).uuid
department_02_uuid = iam2_ops.create_iam2_organization(
'test_department_02', 'Department').uuid
# 6 organization change parent
iam2_ops.change_iam2_organization_parent(company_uuid_02,
[department_02_uuid])
iam2_ops.change_iam2_organization_parent(company_uuid_02,
[department_01_uuid])
department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION,
uuid=department_01_uuid)[0]
if department_inv.parentUuid != company_uuid_02:
test_util.test_fail('change organization parent fail')
department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION,
uuid=department_02_uuid)[0]
if department_inv.parentUuid != company_uuid_02:
test_util.test_fail('change organization parent fail')
# 7 create virtual id group and add/remove role and attributes to/from it
virtual_id_group_uuid = iam2_ops.create_iam2_virtual_id_group(
project_uuid, 'test_virtual_id_group').uuid
iam2_ops.add_roles_to_iam2_virtual_id_group([role_uuid],
virtual_id_group_uuid)
iam2_ops.remove_roles_from_iam2_virtual_idgroup([role_uuid],
virtual_id_group_uuid)
# TODO:there is nothing to do with the below api in the first version of iam2
# iam2_ops.add_attributes_to_iam2_virtual_id_group()
# iam2_ops.remove_attributes_from_iam2_virtual_id_group()
# 8 create virtual id and add/remove role or attributes to/from it
password = '******'
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('username',
password).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], virtual_id_uuid)
iam2_ops.remove_roles_from_iam2_virtual_id([role_uuid], virtual_id_uuid)
cond = res_ops.gen_query_conditions('virtualIDUuid', '=', virtual_id_uuid)
attributes = [{"name": "__PlatformAdmin__"}]
iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes)
cond_01 = res_ops.gen_query_conditions('name', '=', "__PlatformAdmin__",
cond)
attribute_uuid = res_ops.query_resource_fields(
res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_01)[0].uuid
iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid,
[attribute_uuid])
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes)
cond_02 = res_ops.gen_query_conditions('name', '=', "__ProjectAdmin__",
cond)
attribute_uuid = res_ops.query_resource_fields(
res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_02)[0].uuid
iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid,
[attribute_uuid])
# admin can't create Project operator
# attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
# iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes)
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
# 9 add virtual id to organization and set it as OrganizationSupervisor
iam2_ops.add_iam2_virtual_ids_to_organization([virtual_id_uuid],
department_01_uuid)
attributes = [{
"name": "__OrganizationSupervisor__",
"value": virtual_id_uuid
}]
iam2_ops.add_attributes_to_iam2_organization(department_01_uuid,
attributes)
cond_03 = res_ops.gen_query_conditions('name', '=',
"__OrganizationSupervisor__")
cond_03 = res_ops.gen_query_conditions('value', '=', virtual_id_uuid,
cond_03)
attribute_uuid = res_ops.query_resource(
res_ops.IAM2_ORGANIZATION_ATTRIBUTE, cond_03)[0].uuid
iam2_ops.remove_attributes_from_iam2_organization(department_01_uuid,
[attribute_uuid])
iam2_ops.remove_iam2_virtual_ids_from_organization([virtual_id_uuid],
department_01_uuid)
# 10 add virtual id to group and project
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid)
iam2_ops.add_iam2_virtual_ids_to_group([virtual_id_uuid],
virtual_id_group_uuid)
iam2_ops.remove_iam2_virtual_ids_from_group([virtual_id_uuid],
virtual_id_group_uuid)
iam2_ops.remove_iam2_virtual_ids_from_project([virtual_id_uuid],
project_uuid)
# 11 change state
disable = 'disable'
enable = 'enable'
Disabled = 'Disabled'
iam2_ops.change_iam2_organization_state(company_uuid_01, disable)
res_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION,
uuid=company_uuid_01)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 organization state fail")
iam2_ops.change_iam2_organization_state(company_uuid_01, enable)
iam2_ops.change_iam2_organization_state(department_01_uuid, disable)
iam2_ops.change_iam2_organization_state(department_01_uuid, enable)
iam2_ops.change_iam2_project_state(project_uuid, disable)
res_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 project state fail")
iam2_ops.change_iam2_project_state(project_uuid, enable)
iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, disable)
res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID,
uuid=virtual_id_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 virtual id state fail")
iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, enable)
iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, disable)
res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP,
uuid=virtual_id_group_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 virtual id group state fail")
iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, enable)
iam2_ops.change_role_state(role_uuid, disable)
res_inv = res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 role state fail")
iam2_ops.change_role_state(role_uuid, enable)
# 12 update
virtual_id_new_name = 'virtual_id_new_name'
virtual_id_new_des = 'virtual_id_new_des'
virtual_id_new_password = '******'
iam2_ops.update_iam2_virtual_id(virtual_id_uuid, virtual_id_new_name,
virtual_id_new_des,
virtual_id_new_password)
virtual_id_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID,
uuid=virtual_id_uuid)[0]
if virtual_id_inv.name != virtual_id_new_name:
test_util.test_fail("update iam2 virtual id name fail")
try:
iam2_ops.login_iam2_virtual_id('username', password)
except:
test_util.test_logger("the old username and password can't login")
try:
virtual_id_session_uuid = iam2_ops.login_iam2_virtual_id(
virtual_id_new_name, virtual_id_new_password)
acc_ops.logout(virtual_id_session_uuid)
except:
test_util.test_fail("update iam2 virtual id name or password fail.")
virtual_id_group_new_name = 'virtual_id_group_new_name'
virtual_id_group_new_des = 'virtual_id_group_new_des'
iam2_ops.update_iam2_virtual_id_group(virtual_id_group_uuid,
virtual_id_group_new_name,
virtual_id_group_new_des)
virtual_id_group_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP,
uuid=virtual_id_group_uuid)[0]
if virtual_id_group_inv.name != virtual_id_group_new_name:
test_util.test_fail("update iam2 virtual id group name fail")
project_new_name = 'project_new_name'
project_new_dsc = 'project_new_dsc'
iam2_ops.update_iam2_project(project_uuid, project_new_name,
project_new_dsc)
project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT,
uuid=project_uuid)[0]
if project_inv.name != project_new_name or project_inv.description != project_new_dsc:
test_util.test_fail("update project information fail")
company_new_name = 'company_new_name'
company_new_dsc = 'company_new_dsc'
iam2_ops.update_iam2_organization(company_uuid_02, company_new_name,
company_new_dsc)
organization_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION,
uuid=company_uuid_02)[0]
if organization_inv.name != company_new_name or organization_inv.description != company_new_dsc:
test_util.test_fail("update organization name fail")
# 13 delete
iam2_ops.delete_iam2_organization(company_uuid_01)
iam2_ops.delete_iam2_organization(company_uuid_02)
iam2_ops.delete_iam2_organization(department_01_uuid)
iam2_ops.delete_iam2_organization(department_02_uuid)
iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.delete_iam2_project(project_02_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_02_uuid)
iam2_ops.delete_iam2_project_template(project_template_01_uuid)
iam2_ops.delete_iam2_project_template(project_template_02_uuid)
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
iam2_ops.delete_role(role_uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success test iam2 login in by admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
vm_uuid = vm.get_vm().uuid
# VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate
vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid)
if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap(vm.get_vm()):
vm_ops.migrate_vm(vm_uuid, candidate_hosts.inventories[0].uuid, session_uuid=project_login_uuid)
vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vpc_network_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid)
systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags)
# 1 create project
project_name = 'test_project7'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
#cond = res_ops.gen_query_conditions("name",'=',"test_project7")
#linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid
linked_account_uuid = project.linkedAccountUuid
# 2 create project operator
project_operator_name = 'username7'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
# 4 share vxlan pool to project
l2vxlan_pools = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
for l2vxlan_pool in l2vxlan_pools:
acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid])
# 5 create l2 vxlan
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid
# 6 use l2 vxlan to create l3 vpc
l3_vpc_network = create_l3_vpc('test_vpc',l2_vxlan_network_uuid,project_login_uuid)
l3_vpc_network_uuid = l3_vpc_network.uuid
# add ip range
ir_option = test_util.IpRangeOption()
ir_option.set_name('iprange2')
ir_option.set_description('iprange for vpc')
ir_option.set_netmask('255.255.255.0')
ir_option.set_gateway('192.168.23.1')
ir_option.set_l3_uuid(l3_vpc_network_uuid)
ir_option.set_startIp('192.168.23.2')
ir_option.set_endIp('192.168.23.254')
net_ops.add_ip_range(ir_option)
# add network service
AttachNetworkServiceToL3Network(l3_vpc_network_uuid,allservices,session_uuid = project_login_uuid)
# share the vr_offering to project and do create vpc router and vpc network
cond = res_ops.gen_query_conditions("name",'=',"virtual-router-vm")
vr_offering_uuid = res_ops.query_resource(res_ops.VR_OFFERING,cond)[0].uuid
acc_ops.share_resources([linked_account_uuid],[vr_offering_uuid])
vpc_ops.create_vpc_vrouter(name = 'test_vpc_vr', virtualrouter_offering_uuid = vr_offering_uuid,session_uuid = project_login_uuid)
vpc_vr = test_stub.query_vpc_vrouter('test_vpc_vr')
vpc_vr.add_nic(l3_vpc_network_uuid)
# 7 expunge the project and check the l2 vxlan
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
try:
l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid
except:
test_util.test_pass(
"l2 vxlan is delete after deleted the project " )
test_util.test_dsc('test l2 l2 cascade delete')
# 8 check the vpc network and vpc_vr
try:
cond = res_ops.gen_query_conditions("name",'=',"test_vpc")
l3_vpc_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid
except:
test_util.test_pass(
"l3_vpc is delete after deleted the project")
cond = res_ops.gen_query_conditions("name",'=',"test_vpc_vr")
vpc_vr = res_ops.query_resource(res_ops.VIRTUALROUTER_VM,cond)
if not vpc_vr.inv.state is 'Paused':
test_util.test_fail(
"vpc vr [%s] is still exist after delete and expunge the project [%s]" % (vpc_vr.uuid,project_uuid))
# 9 delete
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
net_ops.delete_l2(vxlan_pool_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global email_platform_uuid, email_endpoint_uuid, dingtalk_endpoint_uuid, http_endpoint_uuid, alarm_uuid, ps_event_sub_uuid, sns_topic_uuid, alarm_template_uuid
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 3 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 4 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
# 5 create zwatch resource
smtp_server = os.environ.get('smtpServer')
smtp_port = os.environ.get('smtpPort')
email_platform_name = 'Alarm_email'
email_username = os.environ.get('mailUsername')
email_password = os.environ.get('mailPassword')
email_platform_uuid = zwt_ops.create_sns_email_platform(
smtp_server,
smtp_port,
email_platform_name,
email_username,
email_password,
session_uuid=project_admin_session_uuid).uuid
email_receiver = os.environ.get('mailUsername')
email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(
email_receiver,
'test_email_endpoint',
email_platform_uuid,
session_uuid=project_admin_session_uuid).uuid
url_01 = 'https://oapi.dingtalk.com/robot/send?access_token' \
'=0be899d4bd0a7629961a5ccd3035dfba30d084b57944897838f1b601006dd153'
name_01 = 'dingtalkAtPerson'
dingtalk_endpoint_uuid = zwt_ops.create_sns_dingtalk_endpoint(
url_01, name_01, at_all=False,
session_uuid=project_admin_session_uuid).uuid
http_endpoint_name = 'http'
url = 'http://localhost:8080/webhook-url'
http_username = '******'
http_password = '******'
http_endpoint_uuid = zwt_ops.create_sns_http_endpoint(
url,
http_endpoint_name,
http_username,
http_password,
session_uuid=project_admin_session_uuid).uuid
sns_topic_uuid = zwt_ops.create_sns_topic(
'sns_topic_01', session_uuid=project_admin_session_uuid).uuid
zwt_ops.subscribe_sns_topic(sns_topic_uuid,
dingtalk_endpoint_uuid,
session_uuid=project_admin_session_uuid)
zwt_ops.subscribe_sns_topic(sns_topic_uuid,
email_endpoint_uuid,
session_uuid=project_admin_session_uuid)
zwt_ops.subscribe_sns_topic(sns_topic_uuid,
http_endpoint_uuid,
session_uuid=project_admin_session_uuid)
namespace = 'ZStack/Volume'
actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
comparisonOperator = 'GreaterThanOrEqualTo'
repeat_interval = 20
period = 10
threshold = 5
metric_name = 'TotalVolumeCount'
alarm_uuid = zwt_ops.create_alarm(
comparisonOperator,
period,
threshold,
namespace,
metric_name,
actions=actions,
repeat_interval=repeat_interval,
session_uuid=project_admin_session_uuid).uuid
ps_actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
ps_namespace = 'ZStack/PrimaryStorage'
ps_disconnected = 'PrimaryStorageDisconnected'
ps_event_sub_uuid = zwt_ops.subscribe_event(ps_namespace, ps_disconnected,
ps_actions).uuid
application_platform_type = 'Email'
alarm_template_name = 'my-alarm-template'
alarm_template = '${ALARM_NAME} Change status to ${ALARM_CURRENT_STATUS}' \
'ALARM_UUID:${ALARM_UUID}' \
'keyword1:ThisWordIsKeyWord' \
'keyword2:TemplateForAlarmOn' \
'(Using for template changes email check)'
alarm_template_uuid = zwt_ops.create_sns_text_template(
alarm_template_name,
application_platform_type,
alarm_template,
default_template=False).uuid
acc_ops.logout(project_admin_session_uuid)
# 6 delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 7 cascade test
try:
test_stub.check_resource_not_exist(email_platform_uuid,
res_ops.SNS_EMAIL_PLATFORM)
except:
test_util.test_logger("email platform should not be delete ,success")
test_stub.check_resource_not_exist(email_endpoint_uuid,
res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(dingtalk_endpoint_uuid,
res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(http_endpoint_uuid,
res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(alarm_uuid, res_ops.ALARM)
test_stub.check_resource_not_exist(ps_event_sub_uuid,
res_ops.EVENT_SUBSCRIPTION)
test_stub.check_resource_not_exist(sns_topic_uuid, res_ops.SNS_TOPIC)
test_stub.check_resource_not_exist(alarm_template_uuid,
res_ops.SNS_TEXT_TEMPLATE)
zwt_ops.delete_sns_application_platform(email_platform_uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("success test project retired")
def test():
# global test_obj_dict
iam2_ops.clean_iam2_enviroment()
global project_uuid,virtual_id_uuid,project_admin_uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
#create Security Group
sg = test_sg_header.ZstackTestSecurityGroup()
sg_creation_option = test_util.SecurityGroupOption()
sg_creation_option.set_name('test_sg')
sg_creation_option.session_uuid = project_admin_session_uuid
sg.set_creation_option(sg_creation_option)
sg.create()
test_obj_dict.add_sg(sg.get_security_group().uuid)
#create EIP
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
test_obj_dict.add_vm(vm)
pri_l3_name = os.environ.get('l3VlanNetworkName3')
pri_l3_uuid = test_lib.lib_get_l3_by_name(pri_l3_name).uuid
pub_l3_name = os.environ.get('l3PublicNetworkName')
pub_l3_uuid = test_lib.lib_get_l3_by_name(pub_l3_name).uuid
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
vip_for_eip = test_stub.create_vip('create_eip_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_eip)
eip = test_stub.create_eip(vip_uuid=vip_for_eip.get_vip().uuid ,eip_name='create eip test', vnic_uuid=vm_nic_uuid, vm_obj=vm,session_uuid=project_admin_session_uuid)
vip_for_eip.attach_eip(eip)
# create LB
vip_for_lb = test_stub.create_vip('create_lb_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_lb)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip_for_lb.get_vip().uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_load_balancer(lb)
vip_for_lb.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lb_creation_option.set_session_uuid(project_admin_session_uuid)
lbl = lb.create_listener(lb_creation_option)
# test PF
vip_for_pf = test_stub.create_vip('create_pf_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_pf)
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_for_pf.get_vip().uuid)
pf_creation_opt.set_session_uuid(project_admin_session_uuid)
pf = test_pf_header.ZstackTestPortForwarding()
pf.set_creation_option(pf_creation_opt)
pf.create()
vip_for_pf.attach_pf(pf)
# delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_stub.check_resource_not_exist(eip.get_eip().uuid,res_ops.EIP)
test_stub.check_resource_not_exist(sg.get_security_group().uuid,res_ops.SECURITY_GROUP)
test_stub.check_resource_not_exist(lb.get_load_balancer().uuid,res_ops.LOAD_BALANCER)
test_stub.check_resource_not_exist(lbl.get_load_balancer_listener().uuid,res_ops.LOAD_BALANCER_LISTENER)
test_stub.check_resource_not_exist(pf.get_port_forwarding().uuid,res_ops.PORT_FORWARDING)
test_lib.lib_robot_cleanup(test_obj_dict)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("Test for iam2 delete project cascade net services success.")
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid,
attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(
project_operator_name,
project_operator_password,
attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernamethree', 'password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],
project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(
project_operator_name, project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(
plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],
project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(
plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{
"effect": "Allow",
"actions": ["org.zstack.header.vm.**"]
}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vm_creation_option = test_util.VmOption()
pub_l3_uuid = test_lib.lib_get_l3_by_name(
os.environ.get('l3PublicNetworkName')).uuid
l3_net_uuid = test_lib.lib_get_l3_by_name(
os.environ.get('l3VlanNetworkName3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name(
os.environ.get('imageName_net')).uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(
os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid],
[instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid=image_uuid,
session_uuid=project_login_uuid)
vm_uuid = vm.get_vm().uuid
vip_option = test_util.VipOption()
vip_option.set_name("vip for pm")
vip_option.set_session_uuid(project_login_uuid)
vip_option.set_l3_uuid(pub_l3_uuid)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
vip = net_ops.create_vip(vip_option)
eip_option = test_util.EipOption()
eip_option.set_name('eip for pm')
eip_option.set_session_uuid(project_login_uuid)
eip_option.set_vip_uuid(vip.uuid)
eip_option.set_vm_nic_uuid(vm_nic_uuid)
eip = net_ops.create_eip(eip_option)
net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid)
net_ops.attach_eip(eip.uuid, vm_nic_uuid, session_uuid=project_login_uuid)
net_ops.detach_eip(eip.uuid, session_uuid=project_login_uuid)
net_ops.delete_eip(eip.uuid)
net_ops.delete_vip(vip.uuid)
vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global image
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
# 3 add image
bs_cond = res_ops.gen_query_conditions("status", '=', "Connected")
bss = res_ops.query_resource(res_ops.BACKUP_STORAGE, bs_cond)
image_option = test_util.ImageOption()
image_option.set_format('iso')
image_option.set_name('test_add_iso_image')
image_option.set_url(
os.environ.get('imageServer') + "/iso/CentOS-x86_64-7.2-Minimal.iso")
image_option.set_backup_storage_uuid_list([bss[0].uuid])
image_option.set_timeout(60000)
image_option.set_session_uuid(project_admin_session_uuid)
image = img_ops.add_image(image_option)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', image.uuid)
img_inv = res_ops.query_resource(res_ops.IMAGE, cond)
if not img_inv:
test_util.test_fail(
"can't query image %s after delete the project,test fail" %
image.uuid)
# 5 expunge project
iam2_ops.expunge_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', image.uuid)
img_inv = res_ops.query_resource(res_ops.IMAGE, cond)[0]
if img_inv.status != 'Deleted':
test_util.test_fail(
'The image created in project is not deleted after project is expunge, test fail'
)
img_ops.expunge_image(image.uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success')
def test():
global test_obj_dict
iam2_ops.clean_iam2_enviroment()
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
zone_inv = res_ops.query_resource(res_ops.ZONE)
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_inv[0].uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 update project quota
acc_ops.update_quota(linked_account_uuid, 'volume.data.num', '1')
cond = res_ops.gen_query_conditions('identityUuid', '=', linked_account_uuid)
cond = res_ops.gen_query_conditions('name', '=', 'volume.data.num', cond)
project_quota = res_ops.query_resource(res_ops.QUOTA, cond)
if project_quota:
if project_quota[0].value != 1:
test_util.test_fail("update project quata fail")
# 3 create virtual id and login project
username = '******'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(username, password, attributes=attributes).uuid
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid)
virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password)
virtual_id_session = iam2_ops.login_iam2_project(project_name, virtual_id_session).uuid
volume = test_stub.create_volume(session_uuid=virtual_id_session)
test_obj_dict.add_volume(volume)
try:
volume = test_stub.create_volume(session_uuid=virtual_id_session)
test_obj_dict.add_volume(volume)
test_util.test_fail("create more than one data volume in project ,test fail")
except:
test_util.test_dsc("success test limit create only 1 vm")
acc_ops.logout(virtual_id_session)
# 4 add project retired policy
attributes = [{"name": "__RetirePolicy__", "value": "NoLogin after 20s"}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
time.sleep(20)
# 5 login project
virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password)
try:
iam2_ops.login_iam2_project(project_name, session_uuid=virtual_id_session)
test_util.test_fail("login project success ,the retire policy is useless")
except:
test_util.test_logger("can't login project,retire policy is useful")
# 6 change retired policy
enable = 'enable'
disable = 'disable'
cond = res_ops.gen_query_conditions('name', '=', '__RetirePolicy__')
cond = res_ops.gen_query_conditions('value', '=', 'NoLogin after 20s', cond)
attribute_uuid = res_ops.query_resource(res_ops.IAM2_PROJECT_ATTRIBUTE, cond)[0].uuid
iam2_ops.remove_attributes_from_iam2_project(project_uuid, [attribute_uuid])
iam2_ops.change_iam2_project_state(project_uuid, enable)
attributes = [{"name": "__RetirePolicy__", "value": "DeleteProject after 20s"}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
time.sleep(20)
# 7 query project
project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid)[0]
if project_inv.state != 'Deleted':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_fail("the project [%s] is still available after 20s " % project_uuid)
test_lib.lib_robot_cleanup(test_obj_dict)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("success test project retired")
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
try:
l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan")
except:
pass
try:
l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan")
except:
pass
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.network.l2.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vxlan_pool = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL)
if vxlan_pool == None or len(vxlan_pool) == 0:
test_util.test_skip('Vxlan is required for testing')
vxlan_pool_uuid = vxlan_pool[0].uuid
acc_ops.share_resources([project_linked_account_uuid], [vxlan_pool_uuid])
vxlan_pool_uuid = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL, session_uuid=project_login_uuid)[0].uuid
vxlan_l2_uuid = vxlan_ops.create_l2_vxlan_network('vxlan_for_pm', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid
net_ops.delete_l2(vxlan_l2_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.network.service.lb.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# certificate
cert = net_ops.create_certificate('certificate_for_pm', 'fake certificate', session_uuid=project_login_uuid)
net_ops.delete_certificate(cert.uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.volume.**"]}, {"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable
disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid
acc_ops.share_resources([project_linked_account_uuid], [disk_offering_uuid])
volume_option = test_util.VolumeOption()
volume_option.set_disk_offering_uuid(disk_offering_uuid)
volume_option.set_name('data_volume_project_management')
volume_option.set_session_uuid(project_login_uuid)
data_volume = vol_ops.create_volume_from_offering(volume_option)
vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
vm_uuid = vm.get_vm().uuid
vol_ops.attach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid)
vol_ops.detach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid)
vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global vm
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
# 3 create vm
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', vm.get_vm().uuid)
vm_inv = res_ops.query_resource(res_ops.VM_INSTANCE, cond)[0]
if vm_inv.state == 'Running':
test_util.test_fail(
"the vm is still running after delete project,test fail")
# 5 recover project
vm.update()
iam2_ops.recover_iam2_project(project_uuid)
vm.start()
# 6 expunge project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
vm.update()
# query vm
cond = res_ops.gen_query_conditions('uuid', '=', vm.get_vm().uuid)
vm_inv = res_ops.query_resource(res_ops.VM_INSTANCE, cond)[0]
if vm_inv.state != 'Destroyed':
test_util.test_fail(
'The vminstance created by project is not Destroyed ,the state now is %s , test fail'
% vm_inv.state)
vm.clean()
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
try:
l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan")
except:
pass
try:
l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan")
except:
pass
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.network.l2.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vxlan_pool = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL)
if vxlan_pool == None or len(vxlan_pool) == 0:
test_util.test_skip('Vxlan is required for testing')
vxlan_pool_uuid = vxlan_pool[0].uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [vxlan_pool_uuid])
vxlan_pool_uuid = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL, session_uuid=project_login_uuid)[0].uuid
vxlan_l2_uuid = vxlan_ops.create_l2_vxlan_network('vxlan_for_pm', vxlan_pool_uuid, zone_uuid, session_uuid=project_login_uuid).uuid
net_ops.delete_l2(vxlan_l2_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global vm
global schd_job1
global schd_job2
global schd_trigger1
global schd_trigger2
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
# 3 create scheduler job and trigger
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
start_date = int(time.time())
schd_job1 = schd_ops.create_scheduler_job(
'simple_stop_vm_scheduler',
'simple_stop_vm_scheduler',
vm.get_vm().uuid,
'stopVm',
None,
session_uuid=project_admin_session_uuid)
schd_trigger1 = schd_ops.create_scheduler_trigger(
'simple_stop_vm_scheduler',
start_date + 60,
None,
120,
'simple',
session_uuid=project_admin_session_uuid)
schd_ops.add_scheduler_job_to_trigger(
schd_trigger1.uuid,
schd_job1.uuid,
session_uuid=project_admin_session_uuid)
schd_job2 = schd_ops.create_scheduler_job(
'simple_start_vm_scheduler',
'simple_start_vm_scheduler',
vm.get_vm().uuid,
'startVm',
None,
session_uuid=project_admin_session_uuid)
schd_trigger2 = schd_ops.create_scheduler_trigger(
'simple_start_vm_scheduler',
start_date + 120,
None,
120,
'simple',
session_uuid=project_admin_session_uuid)
schd_ops.add_scheduler_job_to_trigger(
schd_trigger2.uuid,
schd_job2.uuid,
session_uuid=project_admin_session_uuid)
acc_ops.logout(project_admin_session_uuid)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
try:
schd_job1_inv = res_ops.get_resource(res_ops.SCHEDULERJOB,
uuid=schd_job1.uuid)[0]
except:
test_util.test_fail(
"delete project but not expunge,the schedulerjob [%s] is lost" %
schd_job1.uuid)
try:
res_ops.get_resource(res_ops.SCHEDULERJOB, uuid=schd_job2.uuid)[0]
except:
test_util.test_fail(
"delete project but not expunge,the schedulerjob [%s] is lost" %
schd_job2.uuid)
try:
schd_trigger1_inv = res_ops.get_resource(res_ops.SCHEDULERTRIGGER,
uuid=schd_trigger1.uuid)[0]
except:
test_util.test_fail(
"delete project but not expunge,the scheduler trigger [%s] is lost"
% schd_job1.uuid)
try:
res_ops.get_resource(res_ops.SCHEDULERTRIGGER,
uuid=schd_trigger2.uuid)[0]
except:
test_util.test_fail(
"delete project but not expunge,the scheduler trigger [%s] is lost"
% schd_job1.uuid)
iam2_ops.recover_iam2_project(project_uuid)
try:
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, password)
project_admin_session_uuid = iam2_ops.login_iam2_project(
project_name, project_admin_session_uuid).uuid
except:
test_util.test_fail("recover the deleted project , but can't login in")
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 5 check for cascade delete
test_stub.check_resource_not_exist(schd_job1.uuid, res_ops.SCHEDULERJOB)
test_stub.check_resource_not_exist(schd_job2.uuid, res_ops.SCHEDULERJOB)
test_stub.check_resource_not_exist(schd_trigger1.uuid,
res_ops.SCHEDULERTRIGGER)
test_stub.check_resource_not_exist(schd_trigger2.uuid,
res_ops.SCHEDULERTRIGGER)
vm.clean()
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test():
global linked_account_uuid, project_uuid, project_operator_uuid, account_lists, vni_range_uuid, vxlan_pool_uuid, l2_vxlan_network_uuid, account1_uuid, account2_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(
vxlan_pool_name, zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range', 20, 40, vxlan_pool_uuid)
systemTags = [
"l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}" %
(vxlan_pool_uuid, cluster_uuid)
]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid, cluster_uuid, systemTags)
# 1 create project
project_name = 'test_share_project1'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
cond = res_ops.gen_query_conditions("name", '=', "test_share_project1")
linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT, cond)[0].uuid
# 2 create project operator
project_operator_name = 'share_username1'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(
project_operator_name,
project_operator_password,
attributes=attributes).uuid
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],
project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(
project_operator_name, project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_operator_session_uuid).uuid
# todo:use the shared resources
# 4 share admin resources to project
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# use the shared resources to create vm
vm = test_stub.create_vm(session_uuid=project_login_uuid)
volume = test_stub.create_volume(session_uuid=project_login_uuid)
test_obj_dict.add_volume(volume)
test_obj_dict.add_vm(vm)
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network(
'l2_vxlan',
vxlan_pool_uuid,
zone_uuid,
session_uuid=project_login_uuid).uuid
virtual_router_offering_uuid = res_ops.get_resource(
res_ops.VR_OFFERING)[0].uuid
vpc_ops.create_vpc_vrouter('vpc_router',
virtual_router_offering_uuid,
session_uuid=project_login_uuid)
# 5 revoke admin resources from project
test_stub.revoke_admin_resource([linked_account_uuid])
# 6 share to all
#create_account
account1_uuid = acc_ops.create_account('user1', 'password', 'Normal').uuid
account2_uuid = acc_ops.create_account('user2', 'password', 'Normal').uuid
account_lists = res_ops.query_resource(res_ops.ACCOUNT)
for account in account_lists:
test_stub.share_admin_resource_include_vxlan_pool([account.uuid])
# 7 revoke resources from all
for account in account_lists:
test_stub.revoke_admin_resource([account.uuid])
# 8 Negative test
test_util.test_dsc(
'Doing negative test.Try to use the resources not shared to create vm')
try:
test_stub.create_vm(session_uuid=project_login_uuid)
except:
test_util.test_logger(
'Catch excepted excepttion.can not use the resources not shared to create vm'
)
else:
test_util.test_fail(
'Catch wrong logic:create vm success with the resources not shared '
)
test_util.test_dsc(
'Doing negative test.Try to use the resources not shared to create volume'
)
try:
test_stub.create_volume(session_uuid=project_login_uuid)
except:
test_util.test_logger(
'Catch excepted excepttion.can not use the resources not shared to create volume'
)
else:
test_util.test_fail(
'Catch wrong logic:create volume success with the resources not shared '
)
test_util.test_dsc(
'Doing negative test.Try to use the resources not shared to create vxlan network'
)
try:
vxlan_ops.create_l2_vxlan_network('l2_vxlan',
vxlan_pool_uuid,
zone_uuid,
session_uuid=project_login_uuid)
except:
test_util.test_logger(
'Catch excepted excepttion.can not use the resources not shared to create l2 vxlan'
)
else:
test_util.test_fail(
'Catch wrong logic:create l2 vxlan success with the resources not shared '
)
test_util.test_dsc(
'Doing negative test.Try to use the resources not shared to create vpc_vrouter '
)
try:
vpc_ops.create_vpc_vrouter('vpc_router',
virtual_router_offerings,
session_uuid=project_login_uuid)
except:
test_util.test_logger(
'Catch excepted excepttion.can not use the resources not shared to create vpc_router'
)
else:
test_util.test_fail(
'Catch wrong logic:create vpc_router success with the resources not shared '
)
# 9 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
vpc_ops.remove_all_vpc_vrouter()
test_lib.lib_error_cleanup(test_obj_dict)
net_ops.delete_l2(vxlan_pool_uuid)
net_ops.delete_l2(l2_vxlan_network_uuid)
acc_ops.delete_account(account1_uuid)
acc_ops.delete_account(account2_uuid)
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}, {"effect": "Allow", "actions": ["org.zstack.scheduler.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
# scheduler ops:
start_date = int(time.time())
schd_job1 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_login_uuid)
schd_trigger1 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+5, None, 15, 'simple', session_uuid=project_login_uuid)
schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'disable', session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'enable', session_uuid=project_login_uuid)
schd_ops.remove_scheduler_job_from_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_job(schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_trigger(schd_trigger1.uuid, session_uuid=project_login_uuid)
schd_ops.get_current_time()
vm_ops.destroy_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.sns.**"]}, {"effect": "Allow", "actions": ["org.zstack.zwatch.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# create platform
smtp_server = os.environ.get('smtpServer')
smtp_port = os.environ.get('smtpPort')
email_platform_name = 'Alarm_email'
email_username = os.environ.get('mailUsername')
email_password = os.environ.get('mailPassword')
email_platform = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_login_uuid)
email_platform_uuid = email_platform.uuid
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_EMAIL_PLATFORM,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email platform failed')
try:
zwt_ops.validate_sns_email_platform(email_platform_uuid)
except:
test_util.test_fail('Validate SNS Email Platform Failed, Email Plarform: %s' % email_platform_uuid)
# create endpoint
email_receiver = os.environ.get('mailUsername')
email_endpoint_name = os.environ.get('mailPassword')
email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, email_endpoint_name, email_platform_uuid, session_uuid=project_login_uuid).uuid
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_EMAIL_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email endpoint failed')
http_endpoint_name='http'
url = 'http://localhost:8080/webhook-url'
http_username='******'
http_password='******'
http_endpoint=zwt_ops.create_sns_http_endpoint(url,http_endpoint_name,http_username,http_password, session_uuid=project_login_uuid)
http_endpoint_uuid=http_endpoint.uuid
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_HTTP_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns http endpoint failed')
# create sns topic and query system-in topic
sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01', session_uuid=project_login_uuid).uuid
zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create and subscribe snstopic failed')
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [system_alarm_topic_uuid])
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
zwt_ops.subscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe system-alarm topic failed')
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond)[0]
api_topic_uuid=api_topic.uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [api_topic_uuid])
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
api_topic_uuid=api_topic.uuid
zwt_ops.subscribe_sns_topic(api_topic_uuid,http_endpoint_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond = res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe api topic failed')
# subscribe event
namespace = 'ZStack/VM'
actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
labels = [{"key": "NewState", "op": "Equal", "value": "Disconnected"}]
event_name = 'VMStateChangedOnHost'
event_sub_uuid = zwt_ops.subscribe_event(namespace, event_name, actions, labels, session_uuid=project_login_uuid).uuid
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if not event_subscription:
test_util.test_fail('Subscribe event failed')
#update endpoint
new_name='endpointNewName'
new_description='endpoint new description'
zwt_ops.update_sns_application_endpoint(email_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update email endpoint failed')
zwt_ops.update_sns_application_endpoint(http_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update http endpoint failed')
new_name_platform='platformNewName'
new_description_platform='platformNewName'
zwt_ops.update_sns_application_platform(email_platform_uuid,new_name_platform,new_description_platform, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name_platform or inv.description!=new_description_platform:
test_util.test_fail('test update email platform failed')
#change state
state_event = 'disable'
state_result = 'Disabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.change_sns_application_endpoint_state(email_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email endpoint state failed')
zwt_ops.change_sns_application_endpoint_state(http_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change http endpoint state failed')
zwt_ops.change_sns_application_platform_state(email_platform_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email platform state failed')
# test recover and delete
state_event='enable'
state_result='Enabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.unsubscribe_event(event_sub_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if event_subscription:
test_util.test_fail('unsubscribe event failed')
zwt_ops.unsubscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',sns_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe sns topic failed')
zwt_ops.unsubscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',system_alarm_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe system alarm topic failed')
zwt_ops.unsubscribe_sns_topic(api_topic_uuid, http_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe api topic failed')
zwt_ops.delete_sns_topic(sns_topic_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',sns_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete sns topic failed')
zwt_ops.delete_sns_application_endpoint(http_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete http endpoint failed')
zwt_ops.delete_sns_application_endpoint(email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email endpoint failed')
zwt_ops.delete_sns_application_platform(email_platform_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email platform failed')
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.sns.**"]}, {"effect": "Allow", "actions": ["org.zstack.zwatch.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# create platform
smtp_server = os.environ.get('smtpServer')
smtp_port = os.environ.get('smtpPort')
email_platform_name = 'Alarm_email'
email_username = os.environ.get('mailUsername')
email_password = os.environ.get('mailPassword')
email_platform = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password, session_uuid=project_login_uuid)
email_platform_uuid = email_platform.uuid
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_EMAIL_PLATFORM,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email platform failed')
try:
zwt_ops.validate_sns_email_platform(email_platform_uuid)
except:
test_util.test_fail('Validate SNS Email Platform Failed, Email Plarform: %s' % email_platform_uuid)
# create endpoint
email_receiver = os.environ.get('mailUsername')
email_endpoint_name = os.environ.get('mailPassword')
email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, email_endpoint_name, email_platform_uuid, session_uuid=project_login_uuid).uuid
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_EMAIL_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns email endpoint failed')
http_endpoint_name='http'
url = 'http://localhost:8080/webhook-url'
http_username='******'
http_password='******'
http_endpoint=zwt_ops.create_sns_http_endpoint(url,http_endpoint_name,http_username,http_password, session_uuid=project_login_uuid)
http_endpoint_uuid=http_endpoint.uuid
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_HTTP_ENDPOINT,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create sns http endpoint failed')
# create sns topic and query system-in topic
sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01', session_uuid=project_login_uuid).uuid
zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('create and subscribe snstopic failed')
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
acc_ops.share_resources([project_linked_account_uuid], [system_alarm_topic_uuid])
cond = res_ops.gen_query_conditions('name', '=', 'system-alarm')
system_alarm_topic = res_ops.query_resource(res_ops.SNS_TOPIC, cond)[0]
system_alarm_topic_uuid=system_alarm_topic.uuid
zwt_ops.subscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('endpoints.uuid','=',email_endpoint_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe system-alarm topic failed')
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond)[0]
api_topic_uuid=api_topic.uuid
acc_ops.share_resources([project_linked_account_uuid], [api_topic_uuid])
cond = res_ops.gen_query_conditions('name','=','api')
api_topic= res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
api_topic_uuid=api_topic.uuid
zwt_ops.subscribe_sns_topic(api_topic_uuid,http_endpoint_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond = res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if not inv:
test_util.test_fail('subscribe api topic failed')
# subscribe event
namespace = 'ZStack/VM'
actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
labels = [{"key": "NewState", "op": "Equal", "value": "Disconnected"}]
event_name = 'VMStateChangedOnHost'
event_sub_uuid = zwt_ops.subscribe_event(namespace, event_name, actions, labels, session_uuid=project_login_uuid).uuid
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if not event_subscription:
test_util.test_fail('Subscribe event failed')
#update endpoint
new_name='endpointNewName'
new_description='endpoint new description'
zwt_ops.update_sns_application_endpoint(email_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update email endpoint failed')
zwt_ops.update_sns_application_endpoint(http_endpoint_uuid,new_name,new_description, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name or inv.description!=new_description:
test_util.test_fail('test update http endpoint failed')
new_name_platform='platformNewName'
new_description_platform='platformNewName'
zwt_ops.update_sns_application_platform(email_platform_uuid,new_name_platform,new_description_platform, session_uuid=project_login_uuid)
cond= res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv =res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM,cond, session_uuid=project_login_uuid)[0]
if inv.name!=new_name_platform or inv.description!=new_description_platform:
test_util.test_fail('test update email platform failed')
#change state
state_event = 'disable'
state_result = 'Disabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.change_sns_application_endpoint_state(email_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email endpoint state failed')
zwt_ops.change_sns_application_endpoint_state(http_endpoint_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change http endpoint state failed')
zwt_ops.change_sns_application_platform_state(email_platform_uuid,state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change email platform state failed')
# test recover and delete
state_event='enable'
state_result='Enabled'
zwt_ops.change_sns_topic_state(system_alarm_topic_uuid,state_event, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',system_alarm_topic_uuid)
inv=res_ops.query_resource(res_ops.SNS_TOPIC,cond, session_uuid=project_login_uuid)[0]
if inv.state!=state_result:
test_util.test_fail('change system alarm topic state failed')
zwt_ops.change_sns_topic_state(api_topic_uuid, state_event, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', api_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)[0]
if inv.state != state_result:
test_util.test_fail('change api topic state failed')
zwt_ops.unsubscribe_event(event_sub_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('uuid', '=', event_sub_uuid)
event_subscription = res_ops.query_resource(res_ops.EVENT_SUBSCRIPTION, cond, session_uuid=project_login_uuid)
if event_subscription:
test_util.test_fail('unsubscribe event failed')
zwt_ops.unsubscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',sns_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe sns topic failed')
zwt_ops.unsubscribe_sns_topic(system_alarm_topic_uuid, email_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',email_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',system_alarm_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe system alarm topic failed')
zwt_ops.unsubscribe_sns_topic(api_topic_uuid, http_endpoint_uuid, session_uuid=project_login_uuid)
cond =res_ops.gen_query_conditions('endpointUuid','=',http_endpoint_uuid)
cond=res_ops.gen_query_conditions('topicUuid','=',api_topic_uuid,cond)
inv = res_ops.query_resource(res_ops.SNS_TOPIC_SUBSCRIBER,cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('unsubscribe api topic failed')
zwt_ops.delete_sns_topic(sns_topic_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',sns_topic_uuid)
inv = res_ops.query_resource(res_ops.SNS_TOPIC, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete sns topic failed')
zwt_ops.delete_sns_application_endpoint(http_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',http_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete http endpoint failed')
zwt_ops.delete_sns_application_endpoint(email_endpoint_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_endpoint_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_ENDPOINT, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email endpoint failed')
zwt_ops.delete_sns_application_platform(email_platform_uuid, session_uuid=project_login_uuid)
cond=res_ops.gen_query_conditions('uuid','=',email_platform_uuid)
inv = res_ops.query_resource(res_ops.SNS_APPLICATION_PLATFORM, cond, session_uuid=project_login_uuid)
if inv:
test_util.test_fail('delete email platform failed')
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global role_uuid, project_uuid, project_02_uuid, project_template_01_uuid, project_template_02_uuid, \
company_uuid_01, company_uuid_02, department_01_uuid, department_02_uuid, virtual_id_group_uuid, \
virtual_id_uuid, platform_admin_uuid
iam2_ops.clean_iam2_enviroment()
# 1 create platformAdmin
username = '******'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
platform_admin_uuid = iam2_ops.create_iam2_virtual_id(username, password).uuid
attributes = [{"name": "__PlatformAdmin__"}]
iam2_ops.add_attributes_to_iam2_virtual_id(platform_admin_uuid, attributes)
platform_admin_session_uuid = iam2_ops.login_iam2_virtual_id(username, password)
# 2 create role
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements, platform_admin_session_uuid).uuid
action = "org.zstack.header.image.**"
statements = [{"effect": "Allow", "actions": [action]}]
iam2_ops.add_policy_statements_to_role(role_uuid, statements, platform_admin_session_uuid)
statement_uuid = iam2_ops.get_policy_statement_uuid_of_role(role_uuid, action)
# statement_uuid= res_ops.get_resource(res_ops.ROLE, uuid=role_uuid)[0].statements[0].uuid
iam2_ops.remove_policy_statements_from_role(role_uuid, [statement_uuid], platform_admin_session_uuid)
# 3 create project and and add/remove role and attributes to/from it
project_name = 'test_project'
project_uuid = iam2_ops.create_iam2_project(project_name, session_uuid=platform_admin_session_uuid).uuid
zone_inv=res_ops.query_resource(res_ops.ZONE)
if len(zone_inv)>=2:
attributes = [{"name":"__ProjectRelatedZone__", "value":zone_inv[0].uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid,attributes,session_uuid=platform_admin_session_uuid)
username='******'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
virtual_id_uuid=iam2_ops.create_iam2_virtual_id(username,password,session_uuid=platform_admin_session_uuid).uuid
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid],project_uuid,session_uuid=platform_admin_session_uuid)
session_uuid=iam2_ops.login_iam2_virtual_id(username,password)
session_uuid=iam2_ops.login_iam2_project(project_name,session_uuid).uuid
cond=res_ops.gen_query_conditions('zoneUuid','=',zone_inv[1].uuid)
host_inv=res_ops.query_resource(res_ops.HOST,cond,session_uuid=session_uuid)
if host_inv:
test_util.test_fail("test Project Related Zone fail")
attribute_uuid=iam2_ops.get_attribute_uuid_of_project(project_uuid,"__ProjectRelatedZone__")
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid,session_uuid=platform_admin_session_uuid)
iam2_ops.remove_attributes_from_iam2_project(project_uuid,[attribute_uuid],session_uuid=platform_admin_session_uuid)
# iam2_ops.add_attributes_to_iam2_project(project_uuid,attributes='')
# iam2_ops.remove_attributes_from_iam2_project(project_uuid,attributes='')
# 4 create project template from project
project_template_01_uuid = iam2_ops.create_iam2_project_template_from_project('project_template', project_uuid,
'this is a template description',
platform_admin_session_uuid).uuid
project_template_inv = res_ops.get_resource(res_ops.IAM2_PROJECT_TEMPLATE, uuid=project_template_01_uuid,
session_uuid=platform_admin_session_uuid)[0]
if not project_template_inv:
test_util.test_fail("create template from project fail")
# 5 create project template and then create project from template
project_template_02_uuid = iam2_ops.create_iam2_project_template('project_template_02',
session_uuid=platform_admin_session_uuid).uuid
project_02_uuid = iam2_ops.create_iam2_project_from_template('project_02', project_template_02_uuid,
session_uuid=platform_admin_session_uuid).uuid
project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_02_uuid,
session_uuid=platform_admin_session_uuid)
if not project_inv:
test_util.test_fail("create project from template fail")
# 6 create Company and Department
company_uuid_01 = iam2_ops.create_iam2_organization('test_company_01', 'Company',
session_uuid=platform_admin_session_uuid).uuid
company_uuid_02 = iam2_ops.create_iam2_organization('test_company_02', 'Company',
session_uuid=platform_admin_session_uuid).uuid
department_01_uuid = iam2_ops.create_iam2_organization('test_department_01', 'Department',
parent_uuid=company_uuid_01,
session_uuid=platform_admin_session_uuid).uuid
department_02_uuid = iam2_ops.create_iam2_organization('test_department_02', 'Department',
session_uuid=platform_admin_session_uuid).uuid
# 7 organization change parent
iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_02_uuid],
session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_organization_parent(company_uuid_02, [department_01_uuid],
session_uuid=platform_admin_session_uuid)
department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_01_uuid,
session_uuid=platform_admin_session_uuid)[0]
if department_inv.parentUuid != company_uuid_02:
test_util.test_fail('change organization parent fail')
department_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=department_02_uuid,
session_uuid=platform_admin_session_uuid)[0]
if department_inv.parentUuid != company_uuid_02:
test_util.test_fail('change organization parent fail')
# 8 create virtual id group and add/remove role and attributes to/from it
virtual_id_group_uuid = iam2_ops.create_iam2_virtual_id_group(project_uuid, 'test_virtual_id_group',
session_uuid=platform_admin_session_uuid).uuid
iam2_ops.add_roles_to_iam2_virtual_id_group([role_uuid], virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)
iam2_ops.remove_roles_from_iam2_virtual_idgroup([role_uuid], virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)
# TODO:there is nothing to do with the below api in the first version of iam2
# iam2_ops.add_attributes_to_iam2_virtual_id_group()
# iam2_ops.remove_attributes_from_iam2_virtual_id_group()
# 9 create virtual id and add/remove role or attributes to/from it
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', password,
session_uuid=platform_admin_session_uuid).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], virtual_id_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.remove_roles_from_iam2_virtual_id([role_uuid], virtual_id_uuid, session_uuid=platform_admin_session_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes, session_uuid=platform_admin_session_uuid)
cond = res_ops.gen_query_conditions('virtualIDUuid', '=', virtual_id_uuid)
cond_02 = res_ops.gen_query_conditions('name', '=', "__ProjectAdmin__", cond)
attribute_uuid = res_ops.query_resource_fields(res_ops.IAM2_VIRTUAL_ID_ATTRIBUTE, cond_02)[0].uuid
iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, [attribute_uuid],
session_uuid=platform_admin_session_uuid)
# attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
# iam2_ops.add_attributes_to_iam2_virtual_id(virtual_id_uuid, attributes, session_uuid=platform_admin_session_uuid)
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes,
# session_uuid=platform_admin_session_uuid)
iam2_ops.add_iam2_virtual_ids_to_organization([virtual_id_uuid], department_01_uuid,
session_uuid=platform_admin_session_uuid)
attributes = [{"name": "__OrganizationSupervisor__", "value": virtual_id_uuid}]
iam2_ops.add_attributes_to_iam2_organization(department_01_uuid, attributes,
session_uuid=platform_admin_session_uuid)
cond_03 = res_ops.gen_query_conditions('name', '=', "__OrganizationSupervisor__")
cond_03 = res_ops.gen_query_conditions('value', '=', virtual_id_uuid, cond_03)
attribute_uuid = \
res_ops.query_resource(res_ops.IAM2_ORGANIZATION_ATTRIBUTE, cond_03, session_uuid=platform_admin_session_uuid)[
0].uuid
iam2_ops.remove_attributes_from_iam2_organization(department_01_uuid, [attribute_uuid],
session_uuid=platform_admin_session_uuid)
iam2_ops.remove_iam2_virtual_ids_from_organization([virtual_id_uuid], department_01_uuid,
session_uuid=platform_admin_session_uuid)
# 10 add virtual id to group and project
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.add_iam2_virtual_ids_to_group([virtual_id_uuid], virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)
iam2_ops.remove_iam2_virtual_ids_from_group([virtual_id_uuid], virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)
iam2_ops.remove_iam2_virtual_ids_from_project([virtual_id_uuid], project_uuid,
session_uuid=platform_admin_session_uuid)
# 11 change state
disable = 'disable'
enable = 'enable'
Disabled = 'Disabled'
iam2_ops.change_iam2_organization_state(company_uuid_01, disable, session_uuid=platform_admin_session_uuid)
res_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_01,
session_uuid=platform_admin_session_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 organization state fail")
iam2_ops.change_iam2_organization_state(company_uuid_01, enable, session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_organization_state(department_01_uuid, disable, session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_organization_state(department_01_uuid, enable, session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_project_state(project_uuid, disable, session_uuid=platform_admin_session_uuid)
res_inv = res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid,
session_uuid=platform_admin_session_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 project state fail")
iam2_ops.change_iam2_project_state(project_uuid, enable, session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, disable, session_uuid=platform_admin_session_uuid)
res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid,
session_uuid=platform_admin_session_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 virtual id state fail")
iam2_ops.change_iam2_virtual_id_state(virtual_id_uuid, enable, session_uuid=platform_admin_session_uuid)
iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, disable,
session_uuid=platform_admin_session_uuid)
res_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 virtual id group state fail")
iam2_ops.change_iam2_virtual_id_group_state(virtual_id_group_uuid, enable,
session_uuid=platform_admin_session_uuid)
iam2_ops.change_role_state(role_uuid, disable, session_uuid=platform_admin_session_uuid)
res_inv = res_ops.get_resource(res_ops.ROLE, uuid=role_uuid, session_uuid=platform_admin_session_uuid)[0]
if res_inv.state != Disabled:
test_util.test_fail("test change iam2 role state fail")
iam2_ops.change_role_state(role_uuid, enable, session_uuid=platform_admin_session_uuid)
# 12 update
virtual_id_new_name = 'virtual_id_new_name'
virtual_id_new_des = 'virtual_id_new_des'
virtual_id_new_password = '******'
iam2_ops.update_iam2_virtual_id(virtual_id_uuid, virtual_id_new_name, virtual_id_new_des, virtual_id_new_password,
session_uuid=platform_admin_session_uuid)
virtual_id_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID, uuid=virtual_id_uuid,
session_uuid=platform_admin_session_uuid)[0]
if virtual_id_inv.name != virtual_id_new_name:
test_util.test_fail("update iam2 virtual id name fail")
try:
virtual_id_session_uuid = iam2_ops.login_iam2_virtual_id(virtual_id_new_name, virtual_id_new_password)
except:
test_util.test_fail("update iam2 virtual id name or password fail.")
virtual_id_group_new_name = 'virtual_id_group_new_name'
virtual_id_group_new_des = 'virtual_id_group_new_des'
iam2_ops.update_iam2_virtual_id_group(virtual_id_group_uuid, virtual_id_group_new_name, virtual_id_group_new_des,
session_uuid=platform_admin_session_uuid)
virtual_id_group_inv = res_ops.get_resource(res_ops.IAM2_VIRTUAL_ID_GROUP, uuid=virtual_id_group_uuid,
session_uuid=platform_admin_session_uuid)[0]
if virtual_id_group_inv.name != virtual_id_group_new_name:
test_util.test_fail("update iam2 virtual id group name fail")
project_new_name = 'project_new_name'
project_new_dsc = 'project_new_dsc'
iam2_ops.update_iam2_project(project_uuid, project_new_name, project_new_dsc,
session_uuid=platform_admin_session_uuid)
project_inv = \
res_ops.get_resource(res_ops.IAM2_PROJECT, uuid=project_uuid, session_uuid=platform_admin_session_uuid)[0]
if project_inv.name != project_new_name or project_inv.description != project_new_dsc:
test_util.test_fail("update project information fail")
company_new_name = 'company_new_name'
company_new_dsc = 'company_new_dsc'
iam2_ops.update_iam2_organization(company_uuid_02, company_new_name, company_new_dsc,
session_uuid=platform_admin_session_uuid)
organization_inv = res_ops.get_resource(res_ops.IAM2_ORGANIZATION, uuid=company_uuid_02,
session_uuid=platform_admin_session_uuid)[0]
if organization_inv.name != company_new_name or organization_inv.description != company_new_dsc:
test_util.test_fail("update organization name fail")
# 13 delete
iam2_ops.delete_iam2_organization(company_uuid_01, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_organization(company_uuid_02, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_organization(department_01_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_organization(department_02_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_virtual_id_group(virtual_id_group_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_project(project_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_project(project_02_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.expunge_iam2_project(project_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.expunge_iam2_project(project_02_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_project_template(project_template_01_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_project_template(project_template_02_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_role(role_uuid, session_uuid=platform_admin_session_uuid)
iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('success test iam2 login in by admin!')
def test():
global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vr_network_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid)
systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags)
# 1 create project
project_name = 'test_project7'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
#cond = res_ops.gen_query_conditions("name",'=',"test_project7")
#linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid
linked_account_uuid = project.linkedAccountUuid
# 2 create project operator
project_operator_name = 'username7'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
# 4 share vxlan pool to project
l2vxlan_pools = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL)
for l2vxlan_pool in l2vxlan_pools:
acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid])
# 5 create l2 vxlan
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid
# 6 use the l2 vxlan to create l3
# 6.1 create l3_vr_network
l3_vr_network_uuid = net_ops.create_l3('l3_vr_network',l2_vxlan_network_uuid,session_uuid=project_login_uuid).uuid
cond = res_ops.gen_query_conditions('name','=','virtual-router-vm')
vr_instance_uuid = res_ops.query_resource(res_ops.INSTANCE_OFFERING,cond)[0].uuid
tag = "guestL3Network::" + l3_vr_network_uuid
tag_ops.create_system_tag("InstanceOfferingVO",vr_instance_uuid,tag)
# add ip range
ir_option = test_util.IpRangeOption()
ir_option.set_name('iprange1')
ir_option.set_description('iprange for vrouter network')
ir_option.set_netmask('255.255.255.0')
ir_option.set_gateway('192.168.22.1')
ir_option.set_l3_uuid(l3_vr_network_uuid)
ir_option.set_startIp('192.168.22.2')
ir_option.set_endIp('192.168.22.254')
net_ops.add_ip_range(ir_option)
# add dns
AddDnsToL3Network(l3_vr_network_uuid,dns_text,session_uuid = project_login_uuid)
# add network service
AttachNetworkServiceToL3Network(l3_vr_network_uuid,allservices,session_uuid = project_login_uuid)
# create vrouter vm
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
vr_vm = test_stub.create_vr_vm(test_obj_dict, l3_vr_network_uuid,session_uuid=project_login_uuid)
test_stub.check_resource_not_exist(vr_vm.uuid,res_ops.VM_INSTANCE)
#6 expunge the project and check the l2 vxlan
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
try:
l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid
except:
test_util.test_pass(
"l2 vxlan is delete after delete the project " )
test_util.test_dsc('test l2 l2 cascade delete')
# 7 check the l3 vrouter network
try:
cond = res_ops.gen_query_conditions("name",'=',"l3_vr_network")
l3_vrouter_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid
except:
test_util.test_pass(
"l3_vrouter network is deleted after delete the project")
# todo:check the virtual router vm
# 8 delete
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
net_ops.delete_l2(vxlan_pool_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.vm.**"]}, {"effect": "Allow", "actions": ["org.zstack.scheduler.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
if flavor['target_role'] != 'system_admin':
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
# scheduler ops:
start_date = int(time.time())
schd_job1 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None, session_uuid=project_login_uuid)
schd_trigger1 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+5, None, 15, 'simple', session_uuid=project_login_uuid)
schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'disable', session_uuid=project_login_uuid)
schd_ops.change_scheduler_state(schd_job1.uuid, 'enable', session_uuid=project_login_uuid)
schd_ops.remove_scheduler_job_from_trigger(schd_trigger1.uuid, schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_job(schd_job1.uuid, session_uuid=project_login_uuid)
schd_ops.del_scheduler_trigger(schd_trigger1.uuid, session_uuid=project_login_uuid)
schd_ops.get_current_time()
vm_ops.destroy_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm.get_vm().uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo',
'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# 4 login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0]
image_option = test_util.ImageOption()
image_option.set_name('fake_image')
image_option.set_description('fake image')
image_option.set_format('raw')
image_option.set_mediaType('RootVolumeTemplate')
image_option.set_backup_storage_uuid_list([bs.uuid])
image_option.url = "http://fake/fake.raw"
image_option.set_session_uuid(project_login_uuid)
image_uuid = img_ops.add_image(image_option).uuid
img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid,
'disable',
session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid,
'enable',
session_uuid=project_login_uuid)
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
img_ops.export_image_from_backup_storage(
image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.delete_exported_image_from_backup_storage(
image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid)
img_ops.delete_image(image_uuid, session_uuid=project_login_uuid)
img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid)
# Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable
disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid
acc_ops.share_resources([project_linked_account_uuid],
[disk_offering_uuid])
volume_option = test_util.VolumeOption()
volume_option.set_disk_offering_uuid(disk_offering_uuid)
volume_option.set_name('data_volume_project_management')
volume_option.set_session_uuid(project_login_uuid)
data_volume = vol_ops.create_volume_from_offering(volume_option)
vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(
os.environ.get('l3VlanNetwork3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(
os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid],
[instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid=image_uuid,
session_uuid=project_login_uuid)
vm_uuid = vm.get_vm().uuid
vol_ops.attach_volume(data_volume.uuid,
vm_uuid,
session_uuid=project_login_uuid)
vol_ops.detach_volume(data_volume.uuid,
vm_uuid,
session_uuid=project_login_uuid)
vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid)
# VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate
vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid)
if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap(
vm.get_vm()):
vm_ops.migrate_vm(vm_uuid,
candidate_hosts.inventories[0].uuid,
session_uuid=project_login_uuid)
vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid)
# L2 related ops: create, delete
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
try:
l2 = net_ops.create_l2_novlan('l2_for_pm',
'eth0',
zone_uuid,
session_uuid=project_login_uuid)
test_util.test_fail(
"Expect exception: project admin not allowed to create Novlan L2 except vxlan"
)
except:
pass
try:
l2 = net_ops.create_l2_vlan('l2_for_pm',
'eth0',
zone_uuid,
1234,
session_uuid=project_login_uuid)
test_util.test_fail(
"Expect exception: project admin not allowed to create vlan L2 except vxlan"
)
except:
pass
#net_ops.delete_l2(l2.uuid, session_uuid=project_login_uuid)
# L3 related ops:
# network service ops:
# zwatch ops:
# scheduler ops:
# certificate
# 11 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global l2_vxlan_network_uuid, project_uuid, project_operator_uuid, vni_range_uuid, vxlan_pool_uuid, l3_vr_network_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(
vxlan_pool_name, zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range', 20, 40, vxlan_pool_uuid)
systemTags = [
"l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}" %
(vxlan_pool_uuid, cluster_uuid)
]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid, cluster_uuid, systemTags)
# 1 create project
project_name = 'test_project7'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
cond = res_ops.gen_query_conditions("name", '=', "test_project7")
linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT, cond)[0].uuid
# 2 create project operator
project_operator_name = 'username7'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(
project_operator_name,
project_operator_password,
attributes=attributes).uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],
project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(
project_operator_name, project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_operator_session_uuid).uuid
# 4 share vxlan pool to project
l2vxlan_pools = res_ops.get_resource(res_ops.L2_VXLAN_NETWORK_POOL)
for l2vxlan_pool in l2vxlan_pools:
acc_ops.share_resources([linked_account_uuid], [l2vxlan_pool.uuid])
# 5 create l2 vxlan
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network(
'l2_vxlan',
vxlan_pool_uuid,
zone_uuid,
session_uuid=project_login_uuid).uuid
# 6 use the l2 vxlan to create l3
# 6.1 create l3_vr_network
l3_vr_network_uuid = net_ops.create_l3(
'l3_vr_network',
l2_vxlan_network_uuid,
session_uuid=project_login_uuid).uuid
cond = res_ops.gen_query_conditions('name', '=', 'virtual-router-vm')
vr_instance_uuid = res_ops.query_resource(res_ops.INSTANCE_OFFERING,
cond)[0].uuid
tag = "guestL3Network::" + l3_vr_network_uuid
tag_ops.create_system_tag("InstanceOfferingVO", vr_instance_uuid, tag)
# add ip range
ir_option = test_util.IpRangeOption()
ir_option.set_name('iprange1')
ir_option.set_description('iprange for vrouter network')
ir_option.set_netmask('255.255.255.0')
ir_option.set_gateway('192.168.22.1')
ir_option.set_l3_uuid(l3_vr_network_uuid)
ir_option.set_startIp('192.168.22.2')
ir_option.set_endIp('192.168.22.254')
net_ops.add_ip_range(ir_option)
# add dns
AddDnsToL3Network(l3_vr_network_uuid,
dns_text,
session_uuid=project_login_uuid)
# add network service
AttachNetworkServiceToL3Network(l3_vr_network_uuid,
allservices,
session_uuid=project_login_uuid)
# create vrouter vm
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
vr_vm = test_stub.create_vr_vm(test_obj_dict,
l3_vr_network_uuid,
session_uuid=project_login_uuid)
test_stub.check_resource_not_exist(vr_vm.uuid, res_ops.VM_INSTANCE)
#6 expunge the project and check the l2 vxlan
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
try:
l2_vxlan_network_test_uuid = res_ops.query_resource(
res_ops.L2_VXLAN_NETWORK)[0].uuid
except:
test_util.test_pass("l2 vxlan is delete after delete the project ")
test_util.test_dsc('test l2 l2 cascade delete')
# 7 check the l3 vrouter network
try:
cond = res_ops.gen_query_conditions("name", '=', "l3_vr_network")
l3_vrouter_network_uuid = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].uuid
except:
test_util.test_pass(
"l3_vrouter network is deleted after delete the project")
# todo:check the virtual router vm
# 8 delete
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
net_ops.delete_l2(vxlan_pool_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
if flavor['target_role'] != 'system_admin':
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernamethree','password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(project_name, plain_user_session_uuid).uuid
elif flavor['target_role'] == 'system_admin':
username = "******"
password = '******'
vid_tst_obj = test_vid.ZstackTestVid()
test_stub.create_system_admin(username, password, vid_tst_obj)
virtual_id_uuid = vid_tst_obj.get_vid().uuid
project_login_uuid = acc_ops.login_by_account(username, password)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{"effect": "Allow", "actions": ["org.zstack.header.image.**"]}, {"effect": "Allow", "actions": ["org.zstack.header.storage.backup.**"]}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0]
image_option = test_util.ImageOption()
image_option.set_name('fake_image')
image_option.set_description('fake image')
image_option.set_format('raw')
image_option.set_mediaType('RootVolumeTemplate')
image_option.set_backup_storage_uuid_list([bs.uuid])
image_option.url = "http://fake/fake.raw"
image_option.set_session_uuid(project_login_uuid)
image_uuid = img_ops.add_image(image_option).uuid
img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid)
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
img_ops.export_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.delete_exported_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('name', '=', "fake_image")
image = res_ops.query_resource(res_ops.IMAGE, cond, session_uuid=project_login_uuid)
if image == None:
test_util.test_fail('fail to query image just added')
img_ops.delete_image(image_uuid, session_uuid=project_login_uuid)
img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
if flavor['target_role'] != 'system_admin':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id('usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
# 4 login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0]
image_option = test_util.ImageOption()
image_option.set_name('fake_image')
image_option.set_description('fake image')
image_option.set_format('raw')
image_option.set_mediaType('RootVolumeTemplate')
image_option.set_backup_storage_uuid_list([bs.uuid])
image_option.url = "http://fake/fake.raw"
image_option.set_session_uuid(project_login_uuid)
image_uuid = img_ops.add_image(image_option).uuid
img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'disable', session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid, 'enable', session_uuid=project_login_uuid)
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
img_ops.export_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.delete_exported_image_from_backup_storage(image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid)
img_ops.delete_image(image_uuid, session_uuid=project_login_uuid)
img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid)
# Volume related ops: Create, Delete, Expunge, Attach, Dettach, Enable, Disable
disk_offering_uuid = res_ops.query_resource(res_ops.DISK_OFFERING)[0].uuid
acc_ops.share_resources([project_linked_account_uuid], [disk_offering_uuid])
volume_option = test_util.VolumeOption()
volume_option.set_disk_offering_uuid(disk_offering_uuid)
volume_option.set_name('data_volume_project_management')
volume_option.set_session_uuid(project_login_uuid)
data_volume = vol_ops.create_volume_from_offering(volume_option)
vol_ops.stop_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.start_volume(data_volume.uuid, session_uuid=project_login_uuid)
vm_creation_option = test_util.VmOption()
l3_net_uuid = test_lib.lib_get_l3_by_name(os.environ.get('l3VlanNetwork3')).uuid
acc_ops.share_resources([project_linked_account_uuid], [l3_net_uuid])
vm_creation_option.set_l3_uuids([l3_net_uuid])
image_uuid = test_lib.lib_get_image_by_name("centos").uuid
vm_creation_option.set_image_uuid(image_uuid)
acc_ops.share_resources([project_linked_account_uuid], [image_uuid])
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(os.environ.get('instanceOfferingName_s')).uuid
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
acc_ops.share_resources([project_linked_account_uuid], [instance_offering_uuid])
vm_creation_option.set_name('vm_for_project_management')
vm_creation_option.set_session_uuid(project_login_uuid)
vm = test_stub.create_vm(image_uuid = image_uuid, session_uuid=project_login_uuid)
vm_uuid = vm.get_vm().uuid
vol_ops.attach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid)
vol_ops.detach_volume(data_volume.uuid, vm_uuid, session_uuid=project_login_uuid)
vol_ops.delete_volume(data_volume.uuid, session_uuid=project_login_uuid)
vol_ops.expunge_volume(data_volume.uuid, session_uuid=project_login_uuid)
# VM related ops: Create, Delete, Expunge, Start, Stop, Suspend, Resume, Migrate
vm_ops.stop_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
candidate_hosts = vm_ops.get_vm_migration_candidate_hosts(vm_uuid)
if candidate_hosts != None and test_lib.lib_check_vm_live_migration_cap(vm.get_vm()):
vm_ops.migrate_vm(vm_uuid, candidate_hosts.inventories[0].uuid, session_uuid=project_login_uuid)
vm_ops.stop_vm(vm_uuid, force='cold', session_uuid=project_login_uuid)
vm_ops.start_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.suspend_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.resume_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.destroy_vm(vm_uuid, session_uuid=project_login_uuid)
vm_ops.expunge_vm(vm_uuid, session_uuid=project_login_uuid)
# L2 related ops: create, delete
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
try:
l2 = net_ops.create_l2_novlan('l2_for_pm', 'eth0', zone_uuid, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create Novlan L2 except vxlan")
except:
pass
try:
l2 = net_ops.create_l2_vlan('l2_for_pm', 'eth0', zone_uuid, 1234, session_uuid=project_login_uuid)
test_util.test_fail("Expect exception: project admin not allowed to create vlan L2 except vxlan")
except:
pass
#net_ops.delete_l2(l2.uuid, session_uuid=project_login_uuid)
# L3 related ops:
# network service ops:
# zwatch ops:
# scheduler ops:
# certificate
# 11 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid,
attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(
project_operator_name,
project_operator_password,
attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernamethree', 'password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],
project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(
project_operator_name, project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(
plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],
project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(
plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{
"effect": "Allow",
"actions": ["org.zstack.network.service.lb.**"]
}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
# certificate
cert = net_ops.create_certificate('certificate_for_pm',
'fake certificate',
session_uuid=project_login_uuid)
net_ops.delete_certificate(cert.uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global project_uuid, project_admin_uuid, virtual_id_uuid, project_operator_uuid, plain_user_uuid
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
project_linked_account_uuid = project.linkedAccountUuid
if flavor['target_role'] == 'project_admin':
# 2 create virtual id
project_admin_name = 'username'
project_admin_password = '******'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(
project_admin_name, project_admin_password).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernametwo', 'password').uuid
# 3 create project admin
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid],
project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid,
attributes)
# login in project by project admin
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(
project_admin_name, project_admin_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_admin_session_uuid).uuid
# iam2_ops.remove_attributes_from_iam2_virtual_id(virtual_id_uuid, attributes)
elif flavor['target_role'] == 'project_operator':
project_operator_name = 'username2'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(
project_operator_name,
project_operator_password,
attributes=attributes).uuid
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
'usernamethree', 'password').uuid
# login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],
project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(
project_operator_name, project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, session_uuid=project_operator_session_uuid).uuid
elif flavor['target_role'] == 'project_member':
plain_user_name = 'username'
plain_user_password = '******'
plain_user_uuid = iam2_ops.create_iam2_virtual_id(
plain_user_name, plain_user_password,
project_uuid=project_uuid).uuid
# 3 add virtual id to project
iam2_ops.add_iam2_virtual_ids_to_project([plain_user_uuid],
project_uuid)
# 4 login in project by plain user
plain_user_session_uuid = iam2_ops.login_iam2_virtual_id(
plain_user_name, plain_user_password)
# 4 login in project
#project_inv=iam2_ops.get_iam2_projects_of_virtual_id(plain_user_session_uuid)
project_login_uuid = iam2_ops.login_iam2_project(
project_name, plain_user_session_uuid).uuid
# Image related ops: Add, Delete, Expunge, sync image size, Update QGA, delete, expunge
if flavor['target_role'] == 'project_member':
statements = [{
"effect": "Allow",
"actions": ["org.zstack.header.image.**"]
}, {
"effect": "Allow",
"actions": ["org.zstack.header.storage.backup.**"]
}]
role_uuid = iam2_ops.create_role('test_role', statements).uuid
iam2_ops.add_roles_to_iam2_virtual_id([role_uuid], plain_user_uuid)
bs = res_ops.query_resource(res_ops.BACKUP_STORAGE)[0]
image_option = test_util.ImageOption()
image_option.set_name('fake_image')
image_option.set_description('fake image')
image_option.set_format('raw')
image_option.set_mediaType('RootVolumeTemplate')
image_option.set_backup_storage_uuid_list([bs.uuid])
image_option.url = "http://fake/fake.raw"
image_option.set_session_uuid(project_login_uuid)
image_uuid = img_ops.add_image(image_option).uuid
img_ops.sync_image_size(image_uuid, session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid,
'disable',
session_uuid=project_login_uuid)
img_ops.change_image_state(image_uuid,
'enable',
session_uuid=project_login_uuid)
if bs.type == inventory.IMAGE_STORE_BACKUP_STORAGE_TYPE:
img_ops.export_image_from_backup_storage(
image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.delete_exported_image_from_backup_storage(
image_uuid, bs.uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_enable(image_uuid, session_uuid=project_login_uuid)
img_ops.set_image_qga_disable(image_uuid, session_uuid=project_login_uuid)
cond = res_ops.gen_query_conditions('name', '=', "fake_image")
image = res_ops.query_resource(res_ops.IMAGE,
cond,
session_uuid=project_login_uuid)
if image == None:
test_util.test_fail('fail to query image just added')
img_ops.delete_image(image_uuid, session_uuid=project_login_uuid)
img_ops.expunge_image(image_uuid, session_uuid=project_login_uuid)
# 11 delete
acc_ops.logout(project_login_uuid)
if virtual_id_uuid != None:
iam2_ops.delete_iam2_virtual_id(virtual_id_uuid)
if project_admin_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_admin_uuid)
if project_operator_uuid != None:
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
if plain_user_uuid != None:
iam2_ops.delete_iam2_virtual_id(plain_user_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_pass('success test iam2 login in by project admin!')
def test():
global l2_vxlan_network_uuid,project_uuid,project_operator_uuid,vni_range_uuid,vxlan_pool_uuid,l3_vpc_network_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid)
systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags)
# 1 create project
project_name = 'test_project7'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
cond = res_ops.gen_query_conditions("name",'=',"test_project7")
linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid
# 2 create project operator
project_operator_name = 'username7'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
# 4 share vxlan pool to project
l2vxlan_pools = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK_POOL)
for l2vxlan_pool in l2vxlan_pools:
acc_ops.share_resources([linked_account_uuid],[l2vxlan_pool.uuid])
# 5 create l2 vxlan
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid
# 6 use l2 vxlan to create l3 vpc
l3_vpc_network = create_l3_vpc('test_vpc',l2_vxlan_network_uuid,project_login_uuid)
l3_vpc_network_uuid = l3_vpc_network.uuid
# add ip range
ir_option = test_util.IpRangeOption()
ir_option.set_name('iprange2')
ir_option.set_description('iprange for vpc')
ir_option.set_netmask('255.255.255.0')
ir_option.set_gateway('192.168.23.1')
ir_option.set_l3_uuid(l3_vpc_network_uuid)
ir_option.set_startIp('192.168.23.2')
ir_option.set_endIp('192.168.23.254')
net_ops.add_ip_range(ir_option)
# add network service
AttachNetworkServiceToL3Network(l3_vpc_network_uuid,allservices,session_uuid = project_login_uuid)
# share the vr_offering to project and do create vpc router and vpc network
cond = res_ops.gen_query_conditions("name",'=',"virtual-router-vm")
vr_offering_uuid = res_ops.query_resource(res_ops.VR_OFFERING,cond)[0].uuid
acc_ops.share_resources([linked_account_uuid],[vr_offering_uuid])
vpc_ops.create_vpc_vrouter(name = 'test_vpc_vr', virtualrouter_offering_uuid = vr_offering_uuid,session_uuid = project_login_uuid)
vpc_vr = test_stub.query_vpc_vrouter('test_vpc_vr')
vpc_vr.add_nic(l3_vpc_network_uuid)
# 7 expunge the project and check the l2 vxlan
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
try:
l2_vxlan_network_test_uuid = res_ops.query_resource(res_ops.L2_VXLAN_NETWORK)[0].uuid
except:
test_util.test_pass(
"l2 vxlan is delete after deleted the project " )
test_util.test_dsc('test l2 l2 cascade delete')
# 8 check the vpc network and vpc_vr
try:
cond = res_ops.gen_query_conditions("name",'=',"test_vpc")
l3_vpc_network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,cond)[0].uuid
except:
test_util.test_pass(
"l3_vpc is delete after deleted the project")
cond = res_ops.gen_query_conditions("name",'=',"test_vpc_vr")
vpc_vr = res_ops.query_resource(res_ops.VIRTUALROUTER_VM,cond)
if not vpc_vr.inv.state is 'Paused':
test_util.test_fail(
"vpc vr [%s] is still exist after delete and expunge the project [%s]" % (vpc_vr.uuid,project_uuid))
# 9 delete
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
net_ops.delete_l2(vxlan_pool_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
def test():
global vm
global schd_job1
global schd_job2
global schd_trigger1
global schd_trigger2
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
# 3 create scheduler job and trigger
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
start_date = int(time.time())
schd_job1 = schd_ops.create_scheduler_job('simple_stop_vm_scheduler', 'simple_stop_vm_scheduler', vm.get_vm().uuid, 'stopVm', None,session_uuid=project_admin_session_uuid)
schd_trigger1 = schd_ops.create_scheduler_trigger('simple_stop_vm_scheduler', start_date+60, None, 120, 'simple',session_uuid=project_admin_session_uuid)
schd_ops.add_scheduler_job_to_trigger(schd_trigger1.uuid, schd_job1.uuid,session_uuid=project_admin_session_uuid)
schd_job2 = schd_ops.create_scheduler_job('simple_start_vm_scheduler', 'simple_start_vm_scheduler', vm.get_vm().uuid, 'startVm', None,session_uuid=project_admin_session_uuid)
schd_trigger2 = schd_ops.create_scheduler_trigger('simple_start_vm_scheduler', start_date+120, None, 120, 'simple',session_uuid=project_admin_session_uuid)
schd_ops.add_scheduler_job_to_trigger(schd_trigger2.uuid, schd_job2.uuid,session_uuid=project_admin_session_uuid)
acc_ops.logout(project_admin_session_uuid)
# 4 delete project
iam2_ops.delete_iam2_project(project_uuid)
try:
schd_job1_inv = res_ops.get_resource(res_ops.SCHEDULERJOB,uuid=schd_job1.uuid)[0]
except:
test_util.test_fail("delete project but not expunge,the schedulerjob [%s] is lost"%schd_job1.uuid)
try:
res_ops.get_resource(res_ops.SCHEDULERJOB,uuid=schd_job2.uuid)[0]
except:
test_util.test_fail("delete project but not expunge,the schedulerjob [%s] is lost"%schd_job2.uuid)
try:
schd_trigger1_inv = res_ops.get_resource(res_ops.SCHEDULERTRIGGER,uuid=schd_trigger1.uuid)[0]
except:
test_util.test_fail("delete project but not expunge,the scheduler trigger [%s] is lost"%schd_job1.uuid)
try:
res_ops.get_resource(res_ops.SCHEDULERTRIGGER,uuid=schd_trigger2.uuid)[0]
except:
test_util.test_fail("delete project but not expunge,the scheduler trigger [%s] is lost"%schd_job1.uuid)
iam2_ops.recover_iam2_project(project_uuid)
try:
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
except:
test_util.test_fail("recover the deleted project , but can't login in")
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 5 check for cascade delete
test_stub.check_resource_not_exist(schd_job1.uuid,res_ops.SCHEDULERJOB)
test_stub.check_resource_not_exist(schd_job2.uuid,res_ops.SCHEDULERJOB)
test_stub.check_resource_not_exist(schd_trigger1.uuid,res_ops.SCHEDULERTRIGGER)
test_stub.check_resource_not_exist(schd_trigger2.uuid,res_ops.SCHEDULERTRIGGER)
vm.clean()
iam2_ops.clean_iam2_enviroment()
test_util.test_pass('Create Simple VM Stop Start Scheduler Success')
def test():
global test_obj_dict
iam2_ops.clean_iam2_enviroment()
# 1 create project
project_name = 'test_project'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
zone_inv = res_ops.query_resource(res_ops.ZONE)
attributes = [{
"name": "__ProjectRelatedZone__",
"value": zone_inv[0].uuid
}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 update project quota
acc_ops.update_quota(linked_account_uuid, 'volume.data.num', '1')
cond = res_ops.gen_query_conditions('identityUuid', '=',
linked_account_uuid)
cond = res_ops.gen_query_conditions('name', '=', 'volume.data.num', cond)
project_quota = res_ops.query_resource(res_ops.QUOTA, cond)
if project_quota:
if project_quota[0].value != 1:
test_util.test_fail("update project quata fail")
# 3 create virtual id and login project
username = '******'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
virtual_id_uuid = iam2_ops.create_iam2_virtual_id(
username, password, attributes=attributes).uuid
iam2_ops.add_iam2_virtual_ids_to_project([virtual_id_uuid], project_uuid)
virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password)
virtual_id_session = iam2_ops.login_iam2_project(project_name,
virtual_id_session).uuid
volume = test_stub.create_volume(session_uuid=virtual_id_session)
test_obj_dict.add_volume(volume)
try:
volume = test_stub.create_volume(session_uuid=virtual_id_session)
test_obj_dict.add_volume(volume)
test_util.test_fail(
"create more than one data volume in project ,test fail")
except:
test_util.test_dsc("success test limit create only 1 vm")
acc_ops.logout(virtual_id_session)
# 4 add project retired policy
attributes = [{"name": "__RetirePolicy__", "value": "NoLogin after 20s"}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
time.sleep(20)
# 5 login project
virtual_id_session = iam2_ops.login_iam2_virtual_id(username, password)
try:
iam2_ops.login_iam2_project(project_name,
session_uuid=virtual_id_session)
test_util.test_fail(
"login project success ,the retire policy is useless")
except:
test_util.test_logger("can't login project,retire policy is useful")
# 6 change retired policy
enable = 'enable'
disable = 'disable'
cond = res_ops.gen_query_conditions('name', '=', '__RetirePolicy__')
cond = res_ops.gen_query_conditions('value', '=', 'NoLogin after 20s',
cond)
attribute_uuid = res_ops.query_resource(res_ops.IAM2_PROJECT_ATTRIBUTE,
cond)[0].uuid
iam2_ops.remove_attributes_from_iam2_project(project_uuid,
[attribute_uuid])
iam2_ops.change_iam2_project_state(project_uuid, enable)
attributes = [{
"name": "__RetirePolicy__",
"value": "DeleteProject after 20s"
}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
time.sleep(20)
# 7 query project
project_inv = res_ops.get_resource(res_ops.IAM2_PROJECT,
uuid=project_uuid)[0]
if project_inv.state != 'Deleted':
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_util.test_fail("the project [%s] is still available after 20s " %
project_uuid)
test_lib.lib_robot_cleanup(test_obj_dict)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("success test project retired")
def test():
global linked_account_uuid,project_uuid,project_operator_uuid,account_lists,vni_range_uuid,vxlan_pool_uuid,l2_vxlan_network_uuid,account1_uuid,account2_uuid,platform_admin_uuid
# create vxlan pool and vni range
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
vxlan_pool_name = 'vxlan_pool_name'
vxlan_pool_uuid = vxlan_ops.create_l2_vxlan_network_pool(vxlan_pool_name,zone_uuid).uuid
vxlan_ops.create_vni_range('vni_range',20,40,vxlan_pool_uuid)
systemTags = ["l2NetworkUuid::%s::clusterUuid::%s::cidr::{172.20.0.1/16}"%(vxlan_pool_uuid,cluster_uuid)]
net_ops.attach_l2_vxlan_pool(vxlan_pool_uuid,cluster_uuid,systemTags)
# 1 create project
project_name = 'test_share_project1'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
#cond = res_ops.gen_query_conditions("name",'=',"test_share_project1")
#linked_account_uuid = res_ops.query_resource(res_ops.ACCOUNT,cond)[0].uuid
linked_account_uuid = project.linkedAccountUuid
# 2 create project operator
project_operator_name = 'share_username1'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
# todo:use the shared resources
# 4 create platformAdmin and login
username = '******'
password = '******'
platform_admin_uuid = iam2_ops.create_iam2_virtual_id(username, password).uuid
attributes = [{"name":"__PlatformAdmin__"}]
iam2_ops.add_attributes_to_iam2_virtual_id(platform_admin_uuid, attributes)
platform_admin_session_uuid = iam2_ops.login_iam2_virtual_id(username, password)
# 5 share platform admin resources to project
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid],platform_admin_session_uuid)
# use the shared resources to create vm
vm = test_stub.create_vm(session_uuid=project_login_uuid)
volume = test_stub.create_volume(session_uuid=project_login_uuid)
test_obj_dict.add_volume(volume)
test_obj_dict.add_vm(vm)
l2_vxlan_network_uuid = vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid).uuid
virtual_router_offering_uuid = res_ops.get_resource(res_ops.VR_OFFERING)[0].uuid
vpc_ops.create_vpc_vrouter('vpc_router',virtual_router_offering_uuid,session_uuid=project_login_uuid)
# 6 revoke platform admin resources from project
test_stub.revoke_admin_resource([linked_account_uuid],platform_admin_session_uuid)
# 7 share to all
#create_account
account1_uuid = acc_ops.create_account('user1','password','Normal').uuid
account2_uuid = acc_ops.create_account('user2','password','Normal').uuid
account_lists = res_ops.query_resource(res_ops.ACCOUNT)
for account in account_lists:
test_stub.share_admin_resource_include_vxlan_pool([account.uuid],platform_admin_session_uuid)
# 8 revoke resources from all
for account in account_lists:
test_stub.revoke_admin_resource([account.uuid],platform_admin_session_uuid)
# 9 Negative test
test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vm')
try:
test_stub.create_vm(session_uuid=project_login_uuid)
except:
test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create vm')
else:
test_util.test_fail('Catch wrong logic:create vm success with the resources not shared ')
test_util.test_dsc('Doing negative test.Try to use the resources not shared to create volume')
try:
test_stub.create_volume(session_uuid=project_login_uuid)
except:
test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create volume')
else:
test_util.test_fail('Catch wrong logic:create volume success with the resources not shared ')
test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vxlan network')
try:
vxlan_ops.create_l2_vxlan_network('l2_vxlan',vxlan_pool_uuid,zone_uuid,session_uuid=project_login_uuid)
except:
test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create l2 vxlan')
else:
test_util.test_fail('Catch wrong logic:create l2 vxlan success with the resources not shared ')
test_util.test_dsc('Doing negative test.Try to use the resources not shared to create vpc_vrouter ')
try:
vpc_ops.create_vpc_vrouter('vpc_router',virtual_router_offerings,session_uuid=project_login_uuid)
except:
test_util.test_logger('Catch excepted excepttion.can not use the resources not shared to create vpc_router')
else:
test_util.test_fail('Catch wrong logic:create vpc_router success with the resources not shared ')
# 10 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
vni_range_uuid = res_ops.get_resource(res_ops.VNI_RANGE)[0].uuid
vxlan_ops.delete_vni_range(vni_range_uuid)
vpc_ops.remove_all_vpc_vrouter()
test_lib.lib_error_cleanup(test_obj_dict)
net_ops.delete_l2(vxlan_pool_uuid)
net_ops.delete_l2(l2_vxlan_network_uuid)
acc_ops.delete_account(account1_uuid)
acc_ops.delete_account(account2_uuid)
iam2_ops.delete_iam2_virtual_id(platform_admin_uuid)
def test():
global linked_account_uuid,project_uuid,project_operator_uuid,account_lists,l2_uuid,account1_uuid,account2_uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
cluster_uuid = res_ops.get_resource(res_ops.CLUSTER)[0].uuid
# 1 create project
project_name = 'test_shared_project1'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
# 2 create project operator
project_operator_name = 'username_share1'
project_operator_password = '******'
attributes = [{"name": "__ProjectOperator__", "value": project_uuid}]
project_operator_uuid = iam2_ops.create_iam2_virtual_id(project_operator_name,project_operator_password,attributes=attributes).uuid
# 3 login in project by project operator
iam2_ops.add_iam2_virtual_ids_to_project([project_operator_uuid],project_uuid)
project_operator_session_uuid = iam2_ops.login_iam2_virtual_id(project_operator_name,project_operator_password)
project_login_uuid = iam2_ops.login_iam2_project(project_name,session_uuid=project_operator_session_uuid).uuid
l2_inv = net_ops.create_l2_vlan('L2_vlan_2221', 'eth0', zone_uuid, '2221')
l2_uuid = l2_inv.inventory.uuid
test_util.test_dsc('share admin resoure to normal account')
cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2221')
flat_l2_uuid = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid
acc_ops.share_resources([linked_account_uuid], [flat_l2_uuid])
# ut_util.test_dsc('create L3_flat_network names is L3_flat_network by normal account')
l3_inv = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network', 'L3BasicNetwork', flat_l2_uuid, 'local.com', session_uuid = project_login_uuid)
l3_uuid = l3_inv.inventory.uuid
l3_dns = '223.5.5.5'
start_ip = '192.168.123.2'
end_ip = '192.168.123.10'
gateway = '192.168.123.1'
netmask = '255.255.255.0'
test_util.test_dsc('add DNS and IP_Range for L3_flat_network')
sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid, l3_dns, session_uuid = project_login_uuid)
sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid, start_ip, end_ip, gateway, netmask, session_uuid = project_login_uuid)
test_util.test_dsc('query flat provider and attach network service to L3_flat_network')
provider_name = 'Flat Network Service Provider'
conditions = res_ops.gen_query_conditions('name', '=', provider_name)
net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = project_login_uuid).inventories[0]
pro_uuid = net_provider_list.uuid
sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid,pro_uuid, session_uuid = project_login_uuid)
test_stub.share_admin_resource_1([linked_account_uuid])
vm = test_stub.create_vm(session_uuid=project_login_uuid)
test_obj_dict.add_vm(vm)
#create normal account
test_util.test_dsc('create normal account')
account_name = 'test_abc'
#account_pass = hashlib.sha512(account_name).hexdigest()
account_pass = '******'
test_account = acc_ops.create_normal_account(account_name, account_pass)
test_account_uuid = test_account.uuid
test_account_session = acc_ops.login_by_account(account_name, account_pass)
test_util.test_dsc('share admin resoure to normal account test_abc')
test_stub.share_admin_resource_1([test_account_uuid])
l2_inv1 = sce_ops.create_l2_vlan(zstack_management_ip, 'L2_vlan_2215', 'eth0', '2215', zone_uuid)
l2_uuid1 = l2_inv1.inventory.uuid
test_util.test_dsc('attach L2 netowrk to cluster')
sce_ops.attach_l2(zstack_management_ip, l2_uuid1, cluster_uuid)
#share admin resoure to normal account
test_util.test_dsc('share L2 L2_vlan_2215 to normal account test_a')
cond = res_ops.gen_query_conditions('name', '=', 'L2_vlan_2215')
flat_l2_uuid1 = res_ops.query_resource(res_ops.L2_NETWORK, cond)[0].uuid
acc_ops.share_resources([test_account_uuid], [flat_l2_uuid1])
test_account_session = acc_ops.login_by_account(account_name, account_pass)
l3_inv1 = sce_ops.create_l3(zstack_management_ip, 'l3_flat_network1', 'L3BasicNetwork', flat_l2_uuid1, 'local.com', session_uuid = test_account_session)
l3_uuid1 = l3_inv1.inventory.uuid
l3_dns = '223.5.5.5'
start_ip = '192.168.126.2'
end_ip = '192.168.126.10'
gateway = '192.168.126.1'
netmask = '255.255.255.0'
test_util.test_dsc('add DNS and IP_Range for L3_flat_network1')
sce_ops.add_dns_to_l3(zstack_management_ip, l3_uuid1, l3_dns, session_uuid = test_account_session)
sce_ops.add_ip_range(zstack_management_ip,'IP_range', l3_uuid1, start_ip, end_ip, gateway, netmask, session_uuid = test_account_session)
test_util.test_dsc('query flat provider and attach network service to L3_flat_network')
provider_name = 'Flat Network Service Provider'
conditions = res_ops.gen_query_conditions('name', '=', provider_name)
net_provider_list = sce_ops.query_resource(zstack_management_ip, res_ops.NETWORK_SERVICE_PROVIDER, conditions, session_uuid = test_account_session).inventories[0]
pro_uuid = net_provider_list.uuid
sce_ops.attach_flat_network_service_to_l3network(zstack_management_ip, l3_uuid1,pro_uuid, session_uuid = test_account_session)
vm2 = test_stub.create_vm(session_uuid = test_account_session)
test_util.test_dsc('test success normal acount create L3 by admin share L2 ')
test_obj_dict.add_vm(vm2)
# 9 delete
acc_ops.logout(project_login_uuid)
iam2_ops.delete_iam2_virtual_id(project_operator_uuid)
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_lib.lib_error_cleanup(test_obj_dict)
net_ops.delete_l2(l2_uuid)
net_ops.delete_l2(l2_uuid1)
acc_ops.delete_account(test_account_uuid)
def test():
global email_platform_uuid,email_endpoint_uuid,dingtalk_endpoint_uuid,http_endpoint_uuid,alarm_uuid,ps_event_sub_uuid,sns_topic_uuid,alarm_template_uuid
iam2_ops.clean_iam2_enviroment()
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 3 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 4 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
# 5 create zwatch resource
smtp_server = os.environ.get('smtpServer')
smtp_port = os.environ.get('smtpPort')
email_platform_name = 'Alarm_email'
email_username = os.environ.get('mailUsername')
email_password = os.environ.get('mailPassword')
email_platform_uuid = zwt_ops.create_sns_email_platform(smtp_server, smtp_port, email_platform_name, email_username, email_password,session_uuid=project_admin_session_uuid).uuid
email_receiver = os.environ.get('mailUsername')
email_endpoint_uuid = zwt_ops.create_sns_email_endpoint(email_receiver, 'test_email_endpoint', email_platform_uuid,session_uuid=project_admin_session_uuid).uuid
url_01 = 'https://oapi.dingtalk.com/robot/send?access_token' \
'=0be899d4bd0a7629961a5ccd3035dfba30d084b57944897838f1b601006dd153'
name_01 = 'dingtalkAtPerson'
dingtalk_endpoint_uuid = zwt_ops.create_sns_dingtalk_endpoint(url_01, name_01, at_all=False,session_uuid=project_admin_session_uuid).uuid
http_endpoint_name = 'http'
url = 'http://localhost:8080/webhook-url'
http_username = '******'
http_password = '******'
http_endpoint_uuid = zwt_ops.create_sns_http_endpoint(url, http_endpoint_name, http_username, http_password,session_uuid=project_admin_session_uuid).uuid
sns_topic_uuid = zwt_ops.create_sns_topic('sns_topic_01',session_uuid=project_admin_session_uuid).uuid
zwt_ops.subscribe_sns_topic(sns_topic_uuid, dingtalk_endpoint_uuid,session_uuid=project_admin_session_uuid)
zwt_ops.subscribe_sns_topic(sns_topic_uuid, email_endpoint_uuid,session_uuid=project_admin_session_uuid)
zwt_ops.subscribe_sns_topic(sns_topic_uuid, http_endpoint_uuid,session_uuid=project_admin_session_uuid)
namespace = 'ZStack/Volume'
actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
comparisonOperator = 'GreaterThanOrEqualTo'
repeat_interval = 20
period = 10
threshold = 5
metric_name = 'TotalVolumeCount'
alarm_uuid = zwt_ops.create_alarm(comparisonOperator, period, threshold, namespace, metric_name, actions=actions,repeat_interval=repeat_interval,session_uuid=project_admin_session_uuid).uuid
ps_actions = [{"actionUuid": sns_topic_uuid, "actionType": "sns"}]
ps_namespace = 'ZStack/PrimaryStorage'
ps_disconnected = 'PrimaryStorageDisconnected'
ps_event_sub_uuid = zwt_ops.subscribe_event(ps_namespace, ps_disconnected, ps_actions, session_uuid=project_admin_session_uuid).uuid
application_platform_type = 'Email'
alarm_template_name = 'my-alarm-template'
alarm_template = '${ALARM_NAME} Change status to ${ALARM_CURRENT_STATUS}' \
'ALARM_UUID:${ALARM_UUID}' \
'keyword1:ThisWordIsKeyWord' \
'keyword2:TemplateForAlarmOn' \
'(Using for template changes email check)'
alarm_template_uuid = zwt_ops.create_sns_text_template(alarm_template_name,
application_platform_type,
alarm_template,
default_template=False, session_uuid=project_admin_session_uuid).uuid
acc_ops.logout(project_admin_session_uuid)
# 6 delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
# 7 cascade test
try:
test_stub.check_resource_not_exist(email_platform_uuid,res_ops.SNS_EMAIL_PLATFORM)
except:
test_util.test_logger("email platform should not be delete ,success")
test_stub.check_resource_not_exist(email_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(dingtalk_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(http_endpoint_uuid,res_ops.SNS_APPLICATION_ENDPOINT)
test_stub.check_resource_not_exist(alarm_uuid,res_ops.ALARM)
test_stub.check_resource_not_exist(ps_event_sub_uuid,res_ops.EVENT_SUBSCRIPTION)
test_stub.check_resource_not_exist(sns_topic_uuid,res_ops.SNS_TOPIC)
test_stub.check_resource_not_exist(alarm_template_uuid,res_ops.SNS_TEXT_TEMPLATE)
zwt_ops.delete_sns_application_platform(email_platform_uuid)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("success test project retired")
