diff --git a/functionaltests/api/base.py b/functionaltests/api/base.py index 2f2d7f52..4091ff15 100644 --- a/functionaltests/api/base.py +++ b/functionaltests/api/base.py @@ -248,3 +248,18 @@ class TestCase(testtools.TestCase): return self.client.create_service(environment_id, session_id, post_body) + + +class NegativeTestCase(TestCase): + @classmethod + def setUpClass(cls): + super(NegativeTestCase, cls).setUpClass() + + username = CONF.identity.alt_username + password = CONF.identity.alt_password + tenant_name = CONF.identity.alt_tenant_name + + mgr = clients.Manager(username, password, tenant_name) + auth_provider = mgr.get_auth_provider(mgr.get_default_credentials()) + + cls.alt_client = MuranoClient(auth_provider) diff --git a/functionaltests/api/v1/test_repository.py b/functionaltests/api/v1/test_repository.py index 70eabba7..f1150aeb 100644 --- a/functionaltests/api/v1/test_repository.py +++ b/functionaltests/api/v1/test_repository.py @@ -111,11 +111,11 @@ class TestRepositorySanity(TestCaseRepository): self.assertEqual(len(packages_list), len(_packages_list)) -class TestRepositoryNegative(base.TestCase): +class TestRepositoryNegativeNotFound(base.NegativeTestCase): @classmethod def setUpClass(cls): - super(TestRepositoryNegative, cls).setUpClass() + super(TestRepositoryNegativeNotFound, cls).setUpClass() cls.id = uuid.uuid4().hex @@ -167,6 +167,84 @@ class TestRepositoryNegative(base.TestCase): self.id) +class TestRepositoryNegativeForbidden(base.NegativeTestCase, + TestCaseRepository): + @classmethod + def setUpClass(cls): + super(TestRepositoryNegativeForbidden, cls).setUpClass() + + raise cls.skipException( + "https://bugs.launchpad.net/murano/+bug/1312190") + + cls.categorie = cls.client.list_categories()[1]['categories'][0] + + packages_list = cls.client.get_list_packages()[1] + for package in packages_list['packages']: + if 'Dummy' in package['fully_qualified_name']: + cls.client.delete_package(package['id']) + + cls.package = cls.client.upload_package( + 'testpackage', + { + "categories": [cls.categorie], + "tags": ["windows"], + "is_public": False + } + ).json() + + @classmethod + def tearDownClass(cls): + + super(TestRepositoryNegativeForbidden, cls).tearDownClass() + + cls.client.delete_package(cls.package['id']) + + @attr(type='negative') + def test_update_package_from_another_tenant(self): + post_body = [ + { + "op": "add", + "path": "/tags", + "value": ["im a test"] + } + ] + + self.assertRaises(exceptions.Unauthorized, + self.alt_client.update_package, + self.package['id'], + post_body) + + @attr(type='negative') + def test_get_package_from_another_tenant(self): + self.assertRaises(exceptions.Unauthorized, + self.alt_client.get_package, + self.package['id']) + + @attr(type='negative') + def test_delete_package_from_another_tenant(self): + self.assertRaises(exceptions.Unauthorized, + self.alt_client.delete_package, + self.package['id']) + + @attr(type='negative') + def test_download_package_from_another_tenant(self): + self.assertRaises(exceptions.Unauthorized, + self.alt_client.download_package, + self.package['id']) + + @attr(type='negative') + def test_get_ui_definition_from_another_tenant(self): + self.assertRaises(exceptions.Unauthorized, + self.alt_client.get_ui_definition, + self.package['id']) + + @attr(type='negative') + def test_get_logo_from_another_tenant(self): + self.assertRaises(exceptions.Unauthorized, + self.alt_client.get_logo, + self.package['id']) + + class TestRepository(TestCaseRepository): @classmethod