diff --git a/magnum/tests/api/test_app.py b/magnum/tests/api/test_app.py new file mode 100644 index 0000000000..ed654c8994 --- /dev/null +++ b/magnum/tests/api/test_app.py @@ -0,0 +1,33 @@ +# Copyright 2014 +# The Cloudscaling Group, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may not +# use this file except in compliance with the License. You may obtain a copy +# of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from magnum.api import app as api_app +from magnum.api import auth +from magnum.api import config as api_config +from magnum.tests import base + + +class TestAppConfig(base.BaseTestCase): + def setUp(self): + super(TestAppConfig, self).setUp() + + def test_get_pecan_config(self): + config = api_app.get_pecan_config() + + config_d = dict(config.app) + + self.assertEqual(config_d['modules'], api_config.app['modules']) + self.assertEqual(config_d['root'], api_config.app['root']) + self.assertIsInstance(config_d['hooks'][0], auth.AuthInformationHook) diff --git a/magnum/tests/api/test_auth.py b/magnum/tests/api/test_auth.py new file mode 100644 index 0000000000..bce9f6885e --- /dev/null +++ b/magnum/tests/api/test_auth.py @@ -0,0 +1,82 @@ +# Copyright 2014 +# The Cloudscaling Group, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may not +# use this file except in compliance with the License. You may obtain a copy +# of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import mock +from oslo.config import fixture + +from magnum.api import auth +from magnum.common import context +from magnum.tests import base +from magnum.tests import fakes + + +@mock.patch('magnum.api.auth.AuthProtocolWrapper', + new_callable=fakes.FakeAuthProtocol) +class TestAuth(base.BaseTestCase): + + def setUp(self): + super(TestAuth, self).setUp() + self.CONF = self.useFixture(fixture.Config()) + self.app = fakes.FakeApp() + + def test_check_auth_option_enabled(self, mock_auth): + + self.CONF.config(auth_protocol="footp", + auth_version="v2.0", + auth_uri=None, + group=auth.OPT_GROUP_NAME) + self.CONF.config(enable_authentication=True) + result = auth.install(self.app, self.CONF.conf) + self.assertIsInstance(result, fakes.FakeAuthProtocol) + + def test_check_auth_option_disabled(self, mock_auth): + self.CONF.config(auth_protocol="footp", + auth_version="v2.0", + auth_uri=None, + group=auth.OPT_GROUP_NAME) + self.CONF.config(enable_authentication=False) + result = auth.install(self.app, self.CONF.conf) + self.assertIsInstance(result, fakes.FakeApp) + + def test_auth_hook_before_method(self, mock_cls): + state = mock.Mock(request=fakes.FakePecanRequest()) + hook = auth.AuthInformationHook() + hook.before(state) + ctx = state.request.context + self.assertIsInstance(ctx, context.RequestContext) + self.assertEqual(ctx.auth_token, + fakes.fakeAuthTokenHeaders['X-Auth-Token']) + self.assertEqual(ctx.tenant, + fakes.fakeAuthTokenHeaders['X-Tenant-Id']) + self.assertEqual(ctx.user, + fakes.fakeAuthTokenHeaders['X-User-Id']) + self.assertEqual(ctx.auth_url, + fakes.fakeAuthTokenHeaders['X-Auth-Url']) + self.assertEqual(ctx.domain_name, + fakes.fakeAuthTokenHeaders['X-User-Domain-Name']) + self.assertEqual(ctx.domain_id, + fakes.fakeAuthTokenHeaders['X-User-Domain-Id']) + self.assertIsNone(ctx.auth_token_info) + + def test_auth_hook_before_method_auth_info(self, mock_cls): + state = mock.Mock(request=fakes.FakePecanRequest()) + state.request.environ['keystone.token_info'] = 'assert_this' + hook = auth.AuthInformationHook() + hook.before(state) + ctx = state.request.context + self.assertIsInstance(ctx, context.RequestContext) + self.assertEqual(fakes.fakeAuthTokenHeaders['X-Auth-Token'], + ctx.auth_token) + self.assertEqual('assert_this', ctx.auth_token_info) diff --git a/magnum/tests/fakes.py b/magnum/tests/fakes.py new file mode 100644 index 0000000000..0703b7aa3a --- /dev/null +++ b/magnum/tests/fakes.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import mock + +fakeAuthTokenHeaders = {'X-User-Id': u'773a902f022949619b5c2f32cd89d419', + 'X-Roles': u'admin, ResellerAdmin, _member_', + 'X-Tenant-Id': u'5588aebbcdc24e17a061595f80574376', + 'X-Project-Name': 'test', + 'X-User-Name': 'test', + 'X-Auth-Token': u'5588aebbcdc24e17a061595f80574376', + 'X-Forwarded-For': u'10.10.10.10, 11.11.11.11', + 'X-Service-Catalog': u'{test: 12345}', + 'X-Auth-Url': 'fake_auth_url', + 'X-Identity-Status': 'Confirmed', + 'X-User-Domain-Name': 'domain', + 'X-Project-Domain-Id': 'project_domain_id', + 'X-User-Domain-Id': 'user_domain_id', + } + + +class FakePecanRequest(mock.Mock): + + def __init__(self, **kwargs): + super(FakePecanRequest, self).__init__(**kwargs) + self.host_url = 'http://test_url:8080/test' + self.context = {} + self.body = '' + self.content_type = 'text/unicode' + self.params = {} + self.path = '/v1/services' + self.headers = fakeAuthTokenHeaders + self.environ = {} + + def __setitem__(self, index, value): + setattr(self, index, value) + + +class FakePecanResponse(mock.Mock): + + def __init__(self, **kwargs): + super(FakePecanResponse, self).__init__(**kwargs) + self.status = None + + +class FakeApp: + pass + + +class FakeService(mock.Mock): + def __init__(self, **kwargs): + super(FakeService, self).__init__(**kwargs) + self.__tablename__ = 'service' + self.__resource__ = 'services' + self.user_id = 'fake user id' + self.project_id = 'fake project id' + self.uuid = 'test_uuid' + self.id = 8 + self.name = 'james' + self.service_type = 'not_this' + self.description = 'amazing' + self.tags = ['this', 'and that'] + self.read_only = True + + def as_dict(self): + return dict(service_type=self.service_type, + user_id=self.user_id, + project_id=self.project_id, + uuid=self.uuid, + id=self.id, + name=self.name, + tags=self.tags, + read_only=self.read_only, + description=self.description) + + +class FakeAuthProtocol(mock.Mock): + + def __init__(self, **kwargs): + super(FakeAuthProtocol, self).__init__(**kwargs) + self.app = FakeApp() + self.config = ''