Add tests for container action policy
Add tests for container action policy that only the user who creates the container can operate the container. Change-Id: I9c7337ea279c893dd9645735a784f7946176ed64 Closes-Bug: #1557268
This commit is contained in:
parent
4256e8780e
commit
a209b13adb
|
@ -731,3 +731,26 @@ class TestContainerEnforcement(api_base.FunctionalTest):
|
|||
"container:delete", self.delete,
|
||||
'/containers/%s' % container.uuid,
|
||||
expect_errors=True)
|
||||
|
||||
def test_policy_only_owner_logs(self):
|
||||
container = obj_utils.create_test_container(self.context,
|
||||
user_id='another')
|
||||
self._owner_check("container:logs", self.get_json,
|
||||
'/containers/logs/%s' % container.uuid,
|
||||
expect_errors=True)
|
||||
|
||||
def test_policy_only_owner_execute(self):
|
||||
container = obj_utils.create_test_container(self.context,
|
||||
user_id='another')
|
||||
self._owner_check("container:execute", self.put_json,
|
||||
'/containers/execute/%s/ls' % container.uuid,
|
||||
{}, expect_errors=True)
|
||||
|
||||
def test_policy_only_owner_actions(self):
|
||||
actions = ['start', 'stop', 'reboot', 'pause', 'unpause']
|
||||
container = obj_utils.create_test_container(self.context,
|
||||
user_id='another')
|
||||
for action in actions:
|
||||
self._owner_check('container:%s' % action, self.put_json,
|
||||
'/containers/%s/%s' % (action, container.uuid),
|
||||
{}, expect_errors=True)
|
||||
|
|
Loading…
Reference in New Issue