Add SQL migrations for app cred access rules
Change-Id: Ic49e5b32073633d6dad469073931d808843d82bd
This commit is contained in:
parent
02540b7de6
commit
182524d971
|
@ -0,0 +1,17 @@
|
|||
# Copyright 2019 SUSE Linux GmbH
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
def upgrade(migrate_engine):
|
||||
pass
|
|
@ -0,0 +1,17 @@
|
|||
# Copyright 2019 SUSE Linux GmbH
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
def upgrade(migrate_engine):
|
||||
pass
|
|
@ -0,0 +1,44 @@
|
|||
# Copyright 2019 SUSE Linux GmbH
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import sqlalchemy as sql
|
||||
|
||||
|
||||
def upgrade(migrate_engine):
|
||||
meta = sql.MetaData()
|
||||
meta.bind = migrate_engine
|
||||
|
||||
application_credential = sql.Table('application_credential', meta, autoload=True)
|
||||
access_rule = sql.Table(
|
||||
'access_rule', meta,
|
||||
sql.Column('id', sql.Integer, primary_key=True, nullable=False),
|
||||
sql.Column('service', sql.String(64)),
|
||||
sql.Column('path', sql.String(128)),
|
||||
sql.Column('method', sql.String(16)),
|
||||
mysql_engine='InnoDB', mysql_charset='utf8'
|
||||
)
|
||||
app_cred_access_rule = sql.Table(
|
||||
'application_credential_access_rule', meta,
|
||||
sql.Column('application_credential_id', sql.Integer,
|
||||
sql.ForeignKey(application_credential.c.internal_id,
|
||||
ondelete='CASCADE'),
|
||||
primary_key=True, nullable=False),
|
||||
sql.Column('access_rule_id', sql.Integer,
|
||||
sql.ForeignKey(access_rule.c.id,
|
||||
ondelete='CASCADE'),
|
||||
primary_key=True, nullable=False),
|
||||
mysql_engine='InnoDB', mysql_charset='utf8'
|
||||
)
|
||||
access_rule.create(migrate_engine, checkfirst=True)
|
||||
app_cred_access_rule.create(migrate_engine, checkfirst=True)
|
|
@ -3223,6 +3223,66 @@ class FullMigration(SqlMigrateBase, unit.TestCase):
|
|||
'registered_limit_id', 'domain_id'])
|
||||
self.assertTrue(limit_table.c.project_id.nullable)
|
||||
|
||||
def test_migration_056_add_application_credential_access_rules(self):
|
||||
self.expand(55)
|
||||
self.migrate(55)
|
||||
self.contract(55)
|
||||
|
||||
self.assertTableDoesNotExist('access_rule')
|
||||
self.assertTableDoesNotExist('application_credential_access_rule')
|
||||
|
||||
self.expand(56)
|
||||
self.migrate(56)
|
||||
self.contract(56)
|
||||
|
||||
self.assertTableExists('access_rule')
|
||||
self.assertTableExists('application_credential_access_rule')
|
||||
self.assertTableColumns(
|
||||
'access_rule',
|
||||
['id', 'service', 'path', 'method']
|
||||
)
|
||||
self.assertTableColumns(
|
||||
'application_credential_access_rule',
|
||||
['application_credential_id', 'access_rule_id']
|
||||
)
|
||||
self.assertTrue(self.does_fk_exist('application_credential_access_rule',
|
||||
'application_credential_id'))
|
||||
self.assertTrue(self.does_fk_exist('application_credential_access_rule',
|
||||
'access_rule_id'))
|
||||
|
||||
app_cred_table = sqlalchemy.Table(
|
||||
'application_credential', self.metadata, autoload=True
|
||||
)
|
||||
access_rule_table = sqlalchemy.Table(
|
||||
'access_rule', self.metadata, autoload=True
|
||||
)
|
||||
app_cred_access_rule_table = sqlalchemy.Table(
|
||||
'application_credential_access_rule',
|
||||
self.metadata, autoload=True
|
||||
)
|
||||
app_cred = {
|
||||
'internal_id': 1,
|
||||
'id': uuid.uuid4().hex,
|
||||
'name': uuid.uuid4().hex,
|
||||
'secret_hash': uuid.uuid4().hex,
|
||||
'user_id': uuid.uuid4().hex,
|
||||
'project_id': uuid.uuid4().hex
|
||||
}
|
||||
app_cred_table.insert().values(app_cred).execute()
|
||||
access_rule = {
|
||||
'id': 1,
|
||||
'service': uuid.uuid4().hex,
|
||||
'path': '/v2.1/servers',
|
||||
'method': 'GET'
|
||||
}
|
||||
access_rule_table.insert().values(access_rule).execute()
|
||||
app_cred_access_rule_rel = {
|
||||
'application_credential_id': app_cred['internal_id'],
|
||||
'access_rule_id': access_rule['id']
|
||||
}
|
||||
app_cred_access_rule_table.insert().values(
|
||||
app_cred_access_rule_rel).execute()
|
||||
|
||||
|
||||
class MySQLOpportunisticFullMigration(FullMigration):
|
||||
FIXTURE = db_fixtures.MySQLOpportunisticFixture
|
||||
|
|
Loading…
Reference in New Issue