示例#1
0
 def test_policy_only_owner_logs(self):
     container = obj_utils.create_test_container(self.context,
                                                 user_id='another')
     self._owner_check("container:logs",
                       self.get_json,
                       '/containers/%s/logs/' % container.uuid,
                       expect_errors=True)
示例#2
0
 def test_policy_only_owner_delete(self):
     container = obj_utils.create_test_container(self.context,
                                                 user_id='another')
     self._owner_check("container:delete",
                       self.delete,
                       '/containers/%s/' % container.uuid,
                       expect_errors=True)
示例#3
0
 def test_policy_only_owner_execute(self):
     container = obj_utils.create_test_container(self.context,
                                                 user_id='another')
     self._owner_check("container:execute",
                       self.post_json,
                       '/containers/%s/execute/' % container.uuid,
                       params={'command': 'ls'},
                       expect_errors=True)
示例#4
0
 def test_policy_only_owner_actions(self):
     actions = ['start', 'stop', 'reboot', 'pause', 'unpause']
     container = obj_utils.create_test_container(self.context,
                                                 user_id='another')
     for action in actions:
         self._owner_check('container:%s' % action,
                           self.post_json,
                           '/containers/%s/%s/' % (container.uuid, action),
                           {},
                           expect_errors=True)
示例#5
0
 def test_policy_only_owner_update(self):
     container = obj_utils.create_test_container(self.context,
                                                 user_id='another')
     self._owner_check("container:update",
                       self.patch_json,
                       '/containers/%s/' % container.uuid, {
                           'patch': [{
                               'path': '/name',
                               'value': "new_name",
                               'op': 'replace'
                           }]
                       },
                       expect_errors=True)
示例#6
0
 def test_policy_disallow_update(self):
     container = obj_utils.create_test_container(self.context)
     params = {
         'patch': [{
             'path': '/name',
             'value': 'new_name',
             'op': 'replace'
         }]
     }
     self._common_policy_check('container:update',
                               self.app.patch_json,
                               '/v1/containers/%s/' % container.uuid,
                               params,
                               expect_errors=True)
示例#7
0
 def test_policy_disallow_delete(self):
     container = obj_utils.create_test_container(self.context)
     self._common_policy_check('container:delete',
                               self.app.delete,
                               '/v1/containers/%s/' % container.uuid,
                               expect_errors=True)
示例#8
0
 def test_policy_disallow_get_one(self):
     container = obj_utils.create_test_container(self.context)
     self._common_policy_check('container:get',
                               self.get_json,
                               '/containers/%s/' % container.uuid,
                               expect_errors=True)