166 lines
6.4 KiB
Python
166 lines
6.4 KiB
Python
# Copyright (c) 2018 Huawei Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import ddt
|
|
import mock
|
|
from webob import exc
|
|
|
|
from manila.api.v2 import share_accesses
|
|
from manila import exception
|
|
from manila import policy
|
|
from manila import test
|
|
from manila.tests.api import fakes
|
|
from manila.tests import db_utils
|
|
from oslo_utils import uuidutils
|
|
|
|
|
|
@ddt.ddt
|
|
class ShareAccessesAPITest(test.TestCase):
|
|
|
|
def _get_index_request(self, share_id=None, filters='', version="2.45",
|
|
use_admin_context=True):
|
|
share_id = share_id or self.share['id']
|
|
req = fakes.HTTPRequest.blank(
|
|
'/v2/share-access-rules?share_id=%s' % share_id + filters,
|
|
version=version, use_admin_context=use_admin_context)
|
|
return req
|
|
|
|
def _get_show_request(self, access_id=None, version="2.45",
|
|
use_admin_context=True):
|
|
access_id = access_id or self.access['id']
|
|
req = fakes.HTTPRequest.blank(
|
|
'/v2/share-access-rules/%s' % access_id,
|
|
version=version, use_admin_context=use_admin_context)
|
|
return req
|
|
|
|
def setUp(self):
|
|
super(ShareAccessesAPITest, self).setUp()
|
|
self.controller = (
|
|
share_accesses.ShareAccessesController())
|
|
self.resource_name = self.controller.resource_name
|
|
self.mock_policy_check = self.mock_object(
|
|
policy, 'check_policy', mock.Mock(return_value=True))
|
|
self.share = db_utils.create_share()
|
|
self.access = db_utils.create_share_access(
|
|
id=uuidutils.generate_uuid(),
|
|
share_id=self.share['id'],
|
|
)
|
|
db_utils.create_share_access(
|
|
id=uuidutils.generate_uuid(),
|
|
share_id=self.share['id'],
|
|
metadata={'k1': 'v1'}
|
|
)
|
|
|
|
@ddt.data({'role': 'admin', 'version': '2.45',
|
|
'filters': '&metadata=%7B%27k1%27%3A+%27v1%27%7D'},
|
|
{'role': 'user', 'version': '2.45', 'filters': ''})
|
|
@ddt.unpack
|
|
def test_list_and_show(self, role, version, filters):
|
|
summary_keys = ['id', 'access_level', 'access_to',
|
|
'access_type', 'state', 'metadata']
|
|
|
|
self._test_list_and_show(role, filters, version, summary_keys)
|
|
|
|
def _test_list_and_show(self, role, filters, version, summary_keys):
|
|
|
|
req = self._get_index_request(
|
|
filters=filters, version=version,
|
|
use_admin_context=(role == 'admin'))
|
|
index_result = self.controller.index(req)
|
|
|
|
self.assertIn('access_list', index_result)
|
|
self.assertEqual(1, len(index_result))
|
|
|
|
access_count = 1 if filters else 2
|
|
self.assertEqual(access_count, len(index_result['access_list']))
|
|
|
|
for index_access in index_result['access_list']:
|
|
self.assertIn('id', index_access)
|
|
req = self._get_show_request(
|
|
index_access['id'], version=version,
|
|
use_admin_context=(role == 'admin'))
|
|
show_result = self.controller.show(req, index_access['id'])
|
|
self.assertIn('access', show_result)
|
|
self.assertEqual(1, len(show_result))
|
|
|
|
show_el = show_result['access']
|
|
|
|
# Ensure keys common to index & show results have matching values
|
|
for key in summary_keys:
|
|
self.assertEqual(index_access[key], show_el[key])
|
|
|
|
def test_list_accesses_share_not_found(self):
|
|
self.assertRaises(
|
|
exc.HTTPBadRequest,
|
|
self.controller.index,
|
|
self._get_index_request(share_id='inexistent_share_id'))
|
|
|
|
def test_list_accesses_share_req_share_id_not_exist(self):
|
|
req = fakes.HTTPRequest.blank('/v2/share-access-rules?',
|
|
version="2.45")
|
|
self.assertRaises(exc.HTTPBadRequest, self.controller.index, req)
|
|
|
|
def test_show_access_not_authorized(self):
|
|
share = db_utils.create_share(
|
|
project_id='c3c5ec1ccc4640d0af1914cbf11f05ad',
|
|
is_public=False)
|
|
access = db_utils.create_access(
|
|
id='76699c6b-f3da-47d7-b468-364f1347ba04',
|
|
share_id=share['id'])
|
|
req = fakes.HTTPRequest.blank(
|
|
'/v2/share-access-rules/%s' % access['id'],
|
|
version="2.45")
|
|
self.mock_object(
|
|
policy, 'check_policy',
|
|
mock.Mock(side_effect=[None, None, exception.NotAuthorized]))
|
|
|
|
self.assertRaises(exception.NotAuthorized,
|
|
self.controller.show,
|
|
req,
|
|
access['id'])
|
|
policy.check_policy.assert_has_calls([
|
|
mock.call(req.environ['manila.context'],
|
|
'share_access_rule', 'get'),
|
|
mock.call(req.environ['manila.context'],
|
|
'share', 'access_get'),
|
|
mock.call(req.environ['manila.context'],
|
|
'share', 'get', mock.ANY)])
|
|
policy_check_call_args_list = policy.check_policy.call_args_list[2][0]
|
|
share_being_checked = policy_check_call_args_list[3]
|
|
self.assertEqual('c3c5ec1ccc4640d0af1914cbf11f05ad',
|
|
share_being_checked['project_id'])
|
|
self.assertIs(False, share_being_checked['is_public'])
|
|
|
|
def test_show_access_not_found(self):
|
|
self.assertRaises(
|
|
exc.HTTPNotFound,
|
|
self.controller.show,
|
|
self._get_show_request('inexistent_id'), 'inexistent_id')
|
|
|
|
@ddt.data('1.0', '2.0', '2.8', '2.44')
|
|
def test_list_with_unsupported_version(self, version):
|
|
self.assertRaises(
|
|
exception.VersionNotFoundForAPIMethod,
|
|
self.controller.index,
|
|
self._get_index_request(version=version))
|
|
|
|
@ddt.data('1.0', '2.0', '2.44')
|
|
def test_show_with_unsupported_version(self, version):
|
|
self.assertRaises(
|
|
exception.VersionNotFoundForAPIMethod,
|
|
self.controller.show,
|
|
self._get_show_request(version=version),
|
|
self.access['id'])
|