openstack/designate-tempest-plugin
Code Issues Proposed changes
designate-tempest-plugin/designate_tempest_plugin/tests/api/v2/test_tsigkey.py
Ghanshyam Mann bb1996d7a8 Remove system scope token usage 
Designate (like any other services) does not support the system
scope and now we are enabling the new defaults by default

- https://review.opendev.org/c/openstack/designate/+/925627

To enable the new defaults, we need to remove the usage of system
scope token from tests otherwise they fails

- https://review.opendev.org/c/openstack/designate/+/926446/

Needed-By: https://review.opendev.org/c/openstack/designate/+/925627
Needed-By: https://review.opendev.org/c/openstack/requirements/+/925464
Change-Id: I8162819f35e7aba5f9c5fab77f0308faf73287ea
2024-08-15 18:59:43 -07:00

672 lines
30 KiB
Python
Raw Blame History

# Copyright 2016 NEC Corporation. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_log import log as logging
from tempest import config
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
from tempest.lib import exceptions as lib_exc
from designate_tempest_plugin.tests import base
from designate_tempest_plugin import data_utils as dns_data_utils
CONF = config.CONF
LOG = logging.getLogger(__name__)
class BaseTsigkeyTest(base.BaseDnsV2Test):
excluded_keys = ['created_at', 'updated_at', 'links']
@classmethod
def setup_clients(cls):
super(BaseTsigkeyTest, cls).setup_clients()
cls.admin_tld_client = cls.os_admin.dns_v2.TldClient()
@classmethod
def resource_setup(cls):
super(BaseTsigkeyTest, cls).resource_setup()
# Make sure we have an allowed TLD available
tld_name = dns_data_utils.rand_zone_name(name="BaseTsigkeyTest")
cls.tld_name = f".{tld_name}"
cls.class_tld = cls.admin_tld_client.create_tld(tld_name=tld_name[:-1])
@classmethod
def resource_cleanup(cls):
cls.admin_tld_client.delete_tld(cls.class_tld[1]['id'])
super(BaseTsigkeyTest, cls).resource_cleanup()
class TsigkeyAdminTest(BaseTsigkeyTest):
credentials = ["primary", "admin", "project_member",
"project_reader", "alt"]
@classmethod
def setup_credentials(cls):
# Do not create network resources for these test.
cls.set_network_resources()
super(TsigkeyAdminTest, cls).setup_credentials()
@classmethod
def setup_clients(cls):
super(TsigkeyAdminTest, cls).setup_clients()
cls.admin_client = cls.os_admin.dns_v2.TsigkeyClient()
cls.pool_admin_client = cls.os_admin.dns_v2.PoolClient()
cls.primary_client = cls.os_primary.dns_v2.TsigkeyClient()
@decorators.idempotent_id('e7b484e3-7ed5-4840-89d7-1e696986f8e4')
def test_create_tsigkey_for_zone(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_for_zone", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name(
'test_create_tsigkey_for_zone'),
"algorithm": "hmac-sha256",
"secret": "SomeSecretKey",
"scope": "ZONE",
"resource_id": zone['id']}
LOG.info('Create a tsigkey')
tsigkey = self.admin_client.create_tsigkey(
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
self.assertEqual(tsigkey_data["name"], tsigkey['name'])
self.assertEqual(tsigkey_data["scope"], 'ZONE')
@decorators.idempotent_id('45975fa6-d726-11eb-beba-74e5f9e2a801')
def test_create_tsigkey_for_pool(self):
LOG.info('Get the valid pool ID from list of pools')
pool = self.pool_admin_client.list_pools()[1]['pools'][0]
LOG.info('Create a tsigkey')
tsigkey_data = {
"name": dns_data_utils.rand_zone_name('Example_Key'),
"algorithm": "hmac-sha256",
"secret": "SomeSecretKey",
"scope": "POOL",
"resource_id": pool['id']}
tsigkey = self.admin_client.create_tsigkey(
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
self.assertEqual(tsigkey_data["name"], tsigkey['name'])
self.assertEqual(tsigkey_data["scope"], 'POOL')
# Test RBAC
expected_allowed = ['os_admin']
self.check_CUD_RBAC_enforcement(
'TsigkeyClient', 'create_tsigkey', expected_allowed, False,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('d46e5e86-a18c-4315-aa0c-95a00e816fbf')
def test_list_tsigkey(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('Create a tsigkey')
tsigkey = self.admin_client.create_tsigkey(resource_id=zone['id'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
body = self.admin_client.list_tsigkeys()[1]
self.assertGreater(len(body['tsigkeys']), 0)
# Test RBAC
expected_allowed = ['os_admin']
self.check_list_IDs_RBAC_enforcement(
'TsigkeyClient', 'list_tsigkeys', expected_allowed,
[tsigkey['id']])
@decorators.idempotent_id('d46e5e86-a18c-4315-aa0c-95a00e816fbf')
def test_list_tsigkeys_limit_results(self):
for i in range(3):
LOG.info('As Primary user create a zone: {} '.format(i))
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey_limit", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(
self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('As Admin user create a tsigkey: {} '.format(i))
tsigkey = self.admin_client.create_tsigkey(
resource_id=zone['id'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
LOG.info('As Admin client, list all tsigkey using '
'URL query: "limit=2"')
body = self.admin_client.list_tsigkeys(params={'limit': 2})[1]
self.assertEqual(len(body['tsigkeys']), 2)
@decorators.idempotent_id('f31447b0-d817-11eb-b95a-74e5f9e2a801')
def test_list_tsigkeys_using_marker(self):
test_tsigkeys_name = 'marker_tsigkey_'
test_tsigkeys_names = [test_tsigkeys_name + str(i) for i in range(4)]
LOG.info('Create tsigkeys named: {}'.format(test_tsigkeys_names))
created_tsigkeys = []
for name in test_tsigkeys_names:
LOG.info('As Primary user create a zone to be used '
'for {}'.format(name))
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey_marker", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(
self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('As Admin user create "{}" tsigkey'.format(name))
tsigkey = self.admin_client.create_tsigkey(
resource_id=zone['id'], name=name)[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
created_tsigkeys.append(tsigkey['id'])
LOG.info('As Admin, list all tsigkeys using url queries:"limit=2" '
'and "name={}*"'.format(test_tsigkeys_name))
body = self.admin_client.list_tsigkeys(
params={
'limit': 2, 'name': test_tsigkeys_name + '*'})[1]
tsigkeys = body['tsigkeys']
self.assertEqual(2, len(tsigkeys),
'Failed, response is not limited as expected')
LOG.info('Get the marker to be used for subsequent request')
first_set_of_ids = [item['id'] for item in tsigkeys]
links = body['links']
marker = links['next'].split('marker=')[-1]
LOG.info('Use marker for subsequent request to get the rest of '
'tsigkeys that contains "{}*" in their '
'names'.format(test_tsigkeys_name))
tsigkeys = self.admin_client.list_tsigkeys(
params={'marker': marker, 'limit': 2,
'name': test_tsigkeys_name + '*'})[1]['tsigkeys']
self.assertEqual(2, len(tsigkeys),
'Failed, response is not limited as expected')
second_set_of_ids = [item['id'] for item in tsigkeys]
LOG.info('Make sure that the merge of tsigkeys IDs received in two '
'phases using "marker" url query, contains all the IDs '
'created within the test')
self.assertEqual(
sorted(first_set_of_ids + second_set_of_ids),
sorted(created_tsigkeys),
'Failed, tsigkeys IDs received in two phases are not as expected')
@decorators.idempotent_id('d5c6dfcc-d8af-11eb-b95a-74e5f9e2a801')
def test_list_tsigkey_sort_key_with_sort_direction(self):
names_to_create = [data_utils.rand_name(name) for name in
['bbb_tsgikey', 'aaa_tsgikey', 'ccc_tsgikey']]
created_tsigkey_ids = []
for name in names_to_create:
LOG.info('As Primary user create a zone for: {} '.format(name))
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey_sort", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(
self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('As Admin user create a tsigkey: {} '.format(name))
tsigkey = self.admin_client.create_tsigkey(
resource_id=zone['id'], name=name)[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
created_tsigkey_ids.append(tsigkey['id'])
LOG.info('As Admin, list all tsigkeys using "asc" to sort by names')
sorted_tsigkeys = self.admin_client.list_tsigkeys(
params={'sort_dir': 'asc', 'sort_key': 'name'})[1]['tsigkeys']
sorted_by_names = [item['name'] for item in sorted_tsigkeys]
self.assertEqual(
sorted(sorted_by_names),
sorted_by_names,
'Failed, tsgikeys names are not sorted in "asc" as expected')
LOG.info('As Admin, list all tsigkey using "desc" to sort by names')
sorted_tsigkeys = self.admin_client.list_tsigkeys(
params={'sort_dir': 'desc', 'sort_key': 'name'})[1]['tsigkeys']
sorted_by_names = [item['name'] for item in sorted_tsigkeys]
self.assertEqual(
sorted(sorted_by_names, reverse=True),
sorted_by_names,
'Failed, tsgikeys names are not sorted in "desc" as expected')
LOG.info('As Admin, list all tsigkeys using "asc" to sort by ID')
sorted_tsigkeys = self.admin_client.list_tsigkeys(
params={'sort_dir': 'asc', 'sort_key': 'id'})[1]['tsigkeys']
sorted_by_ids = [item['id'] for item in sorted_tsigkeys]
self.assertEqual(
sorted(sorted_by_ids),
sorted_by_ids,
'Failed, tsgikeys IDs are not sorted in "asc" as expected')
LOG.info('As Admin, list all tsigkeys using "zababun" direction '
'to sort by names, expected: "invalid_sort_dir"')
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_sort_dir', 400,
self.admin_client.list_tsigkeys,
params={'sort_dir': 'zababun', 'sort_key': 'name'})
LOG.info('As Admin, list all tsigkeys using "zababun" as a key value,'
'expected: "invalid_sort_key"')
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_sort_key', 400,
self.admin_client.list_tsigkeys,
params={'sort_dir': 'asc', 'sort_key': 'zababun'})
@decorators.idempotent_id('4162a840-d8b2-11eb-b95a-74e5f9e2a801')
def test_list_tsigkey_filter_by_name(self):
tsigkey_name = data_utils.rand_name('ddd_tsgikey')
LOG.info('As Primary user create a zone for: {} '.format(tsigkey_name))
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey_filter_name", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('As Admin user create a tsigkey: {} '.format(tsigkey_name))
tsigkey = self.admin_client.create_tsigkey(
resource_id=zone['id'], name=tsigkey_name)[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
LOG.info('As Admin, list all tsigkeys named:{}'.format(tsigkey_name))
listed_tsigkeys = self.admin_client.list_tsigkeys(
params={'name': tsigkey_name})[1]['tsigkeys']
self.assertEqual(
1, len(listed_tsigkeys),
'Failed, only a single tsigkey, named: {} should be '
'listed.'.format(tsigkey_name))
LOG.info('As Admin, list all tsigkeys named:"zababun"')
listed_tsigkeys = self.admin_client.list_tsigkeys(
params={'name': 'zababun'})[1]['tsigkeys']
self.assertEqual(
0, len(listed_tsigkeys), 'Failed, no tsigkey should be listed')
@decorators.idempotent_id('e8bcf80a-d8b4-11eb-b95a-74e5f9e2a801')
def test_list_tsigkey_filter_by_scope(self):
LOG.info('Create tsigkey for a pool')
pool = self.pool_admin_client.create_pool(
project_id=self.os_admin.credentials.project_id)[1]
self.addCleanup(
self.pool_admin_client.delete_pool, pool['id'],
headers={
'x-auth-sudo-project-id':
self.os_admin.credentials.project_id})
pool_tsigkey = self.admin_client.create_tsigkey(
resource_id=pool['id'], scope='POOL')[1]
self.addCleanup(self.admin_client.delete_tsigkey, pool_tsigkey['id'])
LOG.info('Create tsigkey for a zone')
zone_name = dns_data_utils.rand_zone_name(
name="list_tsigkey_filter_scope", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
zone_tsigkey = self.admin_client.create_tsigkey(
resource_id=zone['id'], scope='ZONE')[1]
self.addCleanup(self.admin_client.delete_tsigkey, zone_tsigkey['id'])
LOG.info('List all "scope=POOL" tsigkeys')
listed_pool_scopes = [
item['scope'] for item in self.admin_client.list_tsigkeys(
params={'scope': 'POOL'})[1]['tsigkeys']]
self.assertEqual(
{'POOL'}, set(listed_pool_scopes),
'Failed, the only scopes expected to be listed are: "POOL"')
LOG.info('List all "scope=ZONE" tsigkeys')
listed_zone_scopes = [
item['scope'] for item in self.admin_client.list_tsigkeys(
params={'scope': 'ZONE'})[1]['tsigkeys']]
self.assertEqual(
{'ZONE'}, set(listed_zone_scopes),
'Failed, the only scopes expected to be listed are: "ZONE"')
LOG.info('List all "scope=zababun" tsigkeys')
listed_zone_scopes = [
item['scope'] for item in self.admin_client.list_tsigkeys(
params={'scope': 'zababun'})[1]['tsigkeys']]
self.assertEqual(
0, len(listed_zone_scopes),
'Failed, no tsigkey is expected to be listed')
@decorators.idempotent_id('794554f0-d8b8-11eb-b95a-74e5f9e2a801')
def test_list_tsigkey_filter_by_algorithm(self):
LOG.info('Create tsigkey for a pool')
algorithm = 'hmac-sha256'
pool = self.pool_admin_client.create_pool(
project_id=self.os_admin.credentials.project_id)[1]
self.addCleanup(
self.pool_admin_client.delete_pool, pool['id'],
headers={
'x-auth-sudo-project-id':
self.os_admin.credentials.project_id})
pool_tsigkey = self.admin_client.create_tsigkey(
resource_id=pool['id'], algorithm=algorithm)[1]
self.addCleanup(self.admin_client.delete_tsigkey, pool_tsigkey['id'])
LOG.info('List all "algorithm={}" tsigkeys '.format(algorithm))
listed_tsigkeys = [
item['algorithm'] for item in self.admin_client.list_tsigkeys(
params={'algorithm': algorithm})[1]['tsigkeys']]
self.assertEqual(
{algorithm}, set(listed_tsigkeys),
'Failed, the only tsigkeys expected to be listed must '
'have algorithm:{} '.format(algorithm))
LOG.info('List all "algorithm=zababun" tsigkeys')
listed_tsigkeys = [
item['algorithm'] for item in self.admin_client.list_tsigkeys(
params={'algorithm': 'zababun'})[1]['tsigkeys']]
self.assertEqual(
0, len(listed_tsigkeys),
"Failed, no tsigkey is expectedto be listed")
@decorators.idempotent_id('c5d7facf-0f05-47a2-a4fb-87f203860880')
def test_show_tsigkey(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="show_tsigkey", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('Create a tsigkey')
tsigkey = self.admin_client.create_tsigkey(resource_id=zone['id'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
LOG.info('Fetch the tsigkey')
body = self.admin_client.show_tsigkey(tsigkey['id'])[1]
LOG.info('Ensure the fetched response matches the created tsigkey')
self.assertExpected(tsigkey, body, self.excluded_keys)
# Test RBAC
expected_allowed = ['os_admin']
self.check_list_show_RBAC_enforcement(
'TsigkeyClient', 'show_tsigkey', expected_allowed, True,
tsigkey['id'])
@decorators.idempotent_id('d09dc0dd-dd72-41ee-9085-2afb2bf35459')
def test_update_tsigkey(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="update_tsigkey", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('Create a tsigkey')
tsigkey = self.admin_client.create_tsigkey(resource_id=zone['id'])[1]
self.addCleanup(self.admin_client.delete_tsigkey, tsigkey['id'])
tsigkey_data = {
"name": "Patch tsigkey",
"secret": "NewSecretKey"}
LOG.info('Update the tsigkey')
patch_tsigkey = self.admin_client.update_tsigkey(tsigkey['id'],
name=tsigkey_data['name'],
secret=tsigkey_data['secret'])[1]
self.assertEqual(tsigkey_data['name'], patch_tsigkey['name'])
self.assertEqual(tsigkey_data['secret'], patch_tsigkey['secret'])
# Test RBAC
expected_allowed = ['os_admin']
self.check_CUD_RBAC_enforcement(
'TsigkeyClient', 'update_tsigkey', expected_allowed, False,
tsigkey['id'], name=tsigkey_data['name'],
secret=tsigkey_data['secret'])
@decorators.idempotent_id('9cdffbd2-bc67-4a25-8eb7-4be8635c88a3')
def test_delete_tsigkey(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="delete_tsigkey", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
LOG.info('Create a tsigkey')
tsigkey = self.admin_client.create_tsigkey(resource_id=zone['id'])[1]
# Test RBAC
expected_allowed = ['os_admin']
self.check_CUD_RBAC_enforcement(
'TsigkeyClient', 'delete_tsigkey', expected_allowed, False,
tsigkey['id'])
LOG.info('Delete the tsigkey')
self.admin_client.delete_tsigkey(tsigkey['id'])
self.assertRaises(lib_exc.NotFound,
lambda: self.admin_client.show_tsigkey(tsigkey['id']))
@decorators.idempotent_id('4bdc20ef-96f9-47f6-a1aa-275159af326b')
def test_list_tsigkeys_dot_json_fails(self):
uri = self.admin_client.get_uri('tsigkeys.json')
self.assertRaises(lib_exc.NotFound,
lambda: self.admin_client.get(uri))
class TestTsigkeyNotFoundAdmin(BaseTsigkeyTest):
credentials = ["admin", "primary"]
@classmethod
def setup_credentials(cls):
# Do not create network resources for these test.
cls.set_network_resources()
super(TestTsigkeyNotFoundAdmin, cls).setup_credentials()
@classmethod
def setup_clients(cls):
super(TestTsigkeyNotFoundAdmin, cls).setup_clients()
cls.admin_client = cls.os_admin.dns_v2.TsigkeyClient()
@decorators.idempotent_id('824c9b49-edc5-4282-929e-467a158d23e4')
def test_show_tsigkey_404(self):
e = self.assertRaises(lib_exc.NotFound,
self.admin_client.show_tsigkey,
data_utils.rand_uuid())
self.assertTsigkey404(e.resp, e.resp_body)
@decorators.idempotent_id('4ef3493a-ee66-4c62-b070-c57fa9568b69')
def test_update_tsigkey_404(self):
e = self.assertRaises(lib_exc.NotFound,
self.admin_client.update_tsigkey,
data_utils.rand_uuid())
self.assertTsigkey404(e.resp, e.resp_body)
@decorators.idempotent_id('ba438ede-4823-4922-8f4c-8de278f3d454')
def test_delete_tsigkey_404(self):
e = self.assertRaises(lib_exc.NotFound,
self.admin_client.delete_tsigkey,
data_utils.rand_uuid())
self.assertTsigkey404(e.resp, e.resp_body)
def assertTsigkey404(self, resp, resp_body):
self.assertEqual(404, resp.status)
self.assertEqual(404, resp_body['code'])
self.assertEqual("tsigkey_not_found", resp_body['type'])
self.assertEqual("Could not find TsigKey", resp_body['message'])
class TestTsigkeyInvalidIdAdmin(BaseTsigkeyTest):
credentials = ["admin", "primary"]
@classmethod
def setup_credentials(cls):
# Do not create network resources for these test.
cls.set_network_resources()
super(TestTsigkeyInvalidIdAdmin, cls).setup_credentials()
@classmethod
def setup_clients(cls):
super(TestTsigkeyInvalidIdAdmin, cls).setup_clients()
cls.admin_client = cls.os_admin.dns_v2.TsigkeyClient()
cls.pool_admin_client = cls.os_admin.dns_v2.PoolClient()
@decorators.idempotent_id('2a8dfc75-9884-4b1c-8f1f-ed835d96f2fe')
def test_show_tsigkey_invalid_uuid(self):
e = self.assertRaises(lib_exc.BadRequest,
self.admin_client.show_tsigkey,
'foo')
self.assertTsigkeyInvalidId(e.resp, e.resp_body)
@decorators.idempotent_id('2befa10f-fc42-4ae9-9276-672e23f045f2')
def test_update_tsigkey_invalid_uuid(self):
e = self.assertRaises(lib_exc.BadRequest,
self.admin_client.update_tsigkey,
'foo')
self.assertTsigkeyInvalidId(e.resp, e.resp_body)
@decorators.idempotent_id('55c2fea0-ead6-44c7-8bb1-05111412afdd')
def test_delete_tsigkey_invalid_uuid(self):
e = self.assertRaises(lib_exc.BadRequest,
self.admin_client.delete_tsigkey,
'foo')
self.assertTsigkeyInvalidId(e.resp, e.resp_body)
def assertTsigkeyInvalidId(self, resp, resp_body):
self.assertEqual(400, resp.status)
self.assertEqual(400, resp_body['code'])
self.assertEqual("invalid_uuid", resp_body['type'])
self.assertEqual("Invalid UUID tsigkey_id: foo",
resp_body['message'])
@decorators.idempotent_id('f94af13a-d743-11eb-beba-74e5f9e2a801')
def test_create_tsigkey_for_zone_invalid_algorithm(self):
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_invalid_algo", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name('Example_Key'),
"algorithm": "zababun",
"secret": "SomeSecretKey",
"scope": "ZONE",
"resource_id": zone['id']}
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('4df903d8-d745-11eb-beba-74e5f9e2a801')
def test_create_tsigkey_for_zone_invalid_name(self):
LOG.info('Create a zone resource')
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_invalid_name", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name(
'Example_Key') * 1000,
"algorithm": "hmac-sha256",
"secret": "SomeSecretKey",
"scope": "ZONE",
"resource_id": zone['id']}
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('5d6b8a84-d745-11eb-beba-74e5f9e2a801')
@decorators.skip_because(bug="1933760")
def test_create_tsigkey_for_zone_empty_secret(self):
LOG.info('Create a zone resource')
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_empty_secret", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name('Example_Key'),
"algorithm": "hmac-sha256",
"secret": '',
"scope": "ZONE",
"resource_id": zone['id']}
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('dfca9268-d745-11eb-beba-74e5f9e2a801')
def test_create_tsigkey_for_zone_invalid_scope(self):
LOG.info('Create a zone resource')
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_invalid_scope", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name('Example_Key'),
"algorithm": "hmac-sha256",
"secret": "SomeSecretKey",
"scope": "zababun",
"resource_id": zone['id']}
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('57255858-d74a-11eb-beba-74e5f9e2a801')
def test_create_tsigkey_for_zone_invalid_zone_id(self):
LOG.info('Create a resource')
zone_name = dns_data_utils.rand_zone_name(
name="create_tsigkey_invalide_zone_id", suffix=self.tld_name)
zone = self.zones_client.create_zone(name=zone_name)[1]
self.addCleanup(self.wait_zone_delete, self.zones_client, zone['id'])
tsigkey_data = {
"name": dns_data_utils.rand_zone_name('Example_Key'),
"algorithm": "hmac-sha256",
"secret": "SomeSecretKey",
"scope": "ZONE",
"resource_id": data_utils.rand_uuid}
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
tsigkey_data['resource_id'],
tsigkey_data['name'], tsigkey_data['algorithm'],
tsigkey_data['secret'], tsigkey_data['scope'])
@decorators.idempotent_id('0dfbc2f8-d8bb-11eb-b95a-74e5f9e2a801')
@decorators.skip_because(bug="1934120")
def test_create_tsigkey_for_pool_with_scope_zone(self):
pool = self.pool_admin_client.create_pool()[1]
self.addCleanup(self.pool_admin_client.delete_pool, pool['id'])
LOG.info('Try to create a tsigkey using pool ID and "scope:ZONE", '
'should fail because ID is for pool, but scope is ZONE')
self.assertRaisesDns(
lib_exc.BadRequest, 'invalid_object', 400,
self.admin_client.create_tsigkey,
resource_id=pool['id'], scope='ZONE')
View Git Blame Copy Permalink