Convert v3 certificate API to v2.1
This patch changes v3 certificate API to v2.1 and makes v2 unit tests share between v2 and v2.1. The differences between v2 and v3 are described on the wiki page https://wiki.openstack.org/wiki/NovaAPIv2tov3. Partially implements blueprint v2-on-v3-api Change-Id: I8e6556dffbc14334f7ec1b9db38fbbfe2387bef0
This commit is contained in:
parent
cf916cb5ab
commit
f6f4145c9d
|
@ -15,7 +15,6 @@
|
|||
import webob.exc
|
||||
|
||||
from nova.api.openstack import extensions
|
||||
from nova.api.openstack import wsgi
|
||||
import nova.cert.rpcapi
|
||||
from nova import exception
|
||||
from nova.i18n import _
|
||||
|
@ -55,8 +54,10 @@ class CertificatesController(object):
|
|||
raise webob.exc.HTTPNotFound(explanation=e.format_message())
|
||||
return {'certificate': _translate_certificate_view(cert)}
|
||||
|
||||
# NOTE(gmann): Here should be 201 instead of 200 by v2.1
|
||||
# +microversions because the resource certificate has been created
|
||||
# completely when returning a response.
|
||||
@extensions.expected_errors(())
|
||||
@wsgi.response(201)
|
||||
def create(self, req, body=None):
|
||||
"""Create a certificate."""
|
||||
context = req.environ['nova.context']
|
||||
|
|
|
@ -19,7 +19,9 @@ import mock
|
|||
import mox
|
||||
from webob import exc
|
||||
|
||||
from nova.api.openstack.compute.contrib import certificates
|
||||
from nova.api.openstack.compute.contrib import certificates as certificates_v2
|
||||
from nova.api.openstack.compute.plugins.v3 import certificates \
|
||||
as certificates_v21
|
||||
from nova.cert import rpcapi
|
||||
from nova import context
|
||||
from nova import exception
|
||||
|
@ -29,15 +31,21 @@ from nova import test
|
|||
from nova.tests.api.openstack import fakes
|
||||
|
||||
|
||||
class CertificatesTest(test.NoDBTestCase):
|
||||
class CertificatesTestV21(test.NoDBTestCase):
|
||||
certificates = certificates_v21
|
||||
url = '/v3/os-certificates'
|
||||
certificate_show_extension = 'compute_extension:v3:os-certificates:show'
|
||||
certificate_create_extension = \
|
||||
'compute_extension:v3:os-certificates:create'
|
||||
|
||||
def setUp(self):
|
||||
super(CertificatesTest, self).setUp()
|
||||
super(CertificatesTestV21, self).setUp()
|
||||
self.context = context.RequestContext('fake', 'fake')
|
||||
self.controller = certificates.CertificatesController()
|
||||
self.controller = self.certificates.CertificatesController()
|
||||
|
||||
def test_translate_certificate_view(self):
|
||||
pk, cert = 'fakepk', 'fakecert'
|
||||
view = certificates._translate_certificate_view(cert, pk)
|
||||
view = self.certificates._translate_certificate_view(cert, pk)
|
||||
self.assertEqual(view['data'], cert)
|
||||
self.assertEqual(view['private_key'], pk)
|
||||
|
||||
|
@ -49,7 +57,7 @@ class CertificatesTest(test.NoDBTestCase):
|
|||
|
||||
self.mox.ReplayAll()
|
||||
|
||||
req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
|
||||
req = fakes.HTTPRequest.blank(self.url + '/root')
|
||||
res_dict = self.controller.show(req, 'root')
|
||||
|
||||
response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
|
||||
|
@ -57,14 +65,14 @@ class CertificatesTest(test.NoDBTestCase):
|
|||
|
||||
def test_certificates_show_policy_failed(self):
|
||||
rules = {
|
||||
"compute_extension:certificates":
|
||||
self.certificate_show_extension:
|
||||
common_policy.parse_rule("!")
|
||||
}
|
||||
policy.set_rules(rules)
|
||||
req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
|
||||
req = fakes.HTTPRequest.blank(self.url + '/root')
|
||||
exc = self.assertRaises(exception.PolicyNotAuthorized,
|
||||
self.controller.show, req, 'root')
|
||||
self.assertIn("compute_extension:certificates",
|
||||
self.assertIn(self.certificate_show_extension,
|
||||
exc.format_message())
|
||||
|
||||
def test_certificates_create_certificate(self):
|
||||
|
@ -78,7 +86,7 @@ class CertificatesTest(test.NoDBTestCase):
|
|||
|
||||
self.mox.ReplayAll()
|
||||
|
||||
req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/')
|
||||
req = fakes.HTTPRequest.blank(self.url)
|
||||
res_dict = self.controller.create(req)
|
||||
|
||||
response = {
|
||||
|
@ -89,29 +97,36 @@ class CertificatesTest(test.NoDBTestCase):
|
|||
|
||||
def test_certificates_create_policy_failed(self):
|
||||
rules = {
|
||||
"compute_extension:certificates":
|
||||
self.certificate_create_extension:
|
||||
common_policy.parse_rule("!")
|
||||
}
|
||||
policy.set_rules(rules)
|
||||
req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/')
|
||||
req = fakes.HTTPRequest.blank(self.url)
|
||||
exc = self.assertRaises(exception.PolicyNotAuthorized,
|
||||
self.controller.create, req)
|
||||
self.assertIn("compute_extension:certificates",
|
||||
self.assertIn(self.certificate_create_extension,
|
||||
exc.format_message())
|
||||
|
||||
@mock.patch.object(rpcapi.CertAPI, 'fetch_ca',
|
||||
side_effect=exception.CryptoCAFileNotFound(project='fake'))
|
||||
def test_non_exist_certificates_show(self, mock_fetch_ca):
|
||||
req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
|
||||
req = fakes.HTTPRequest.blank(self.url + '/root')
|
||||
self.assertRaises(
|
||||
exc.HTTPNotFound,
|
||||
self.controller.show,
|
||||
req, 'root')
|
||||
|
||||
|
||||
class CertificatesTestV2(CertificatesTestV21):
|
||||
certificates = certificates_v2
|
||||
url = '/v2/fake/os-certificates'
|
||||
certificate_show_extension = 'compute_extension:certificates'
|
||||
certificate_create_extension = 'compute_extension:certificates'
|
||||
|
||||
|
||||
class CertificatesSerializerTest(test.NoDBTestCase):
|
||||
def test_index_serializer(self):
|
||||
serializer = certificates.CertificateTemplate()
|
||||
serializer = certificates_v2.CertificateTemplate()
|
||||
text = serializer.serialize(dict(
|
||||
certificate=dict(
|
||||
data='fakecert',
|
||||
|
|
|
@ -1,96 +0,0 @@
|
|||
# Copyright (c) 2012 OpenStack Foundation
|
||||
# All Rights Reserved.
|
||||
# Copyright 2013 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import mox
|
||||
|
||||
from nova.api.openstack.compute.plugins.v3 import certificates
|
||||
from nova import context
|
||||
from nova import exception
|
||||
from nova.openstack.common import policy as common_policy
|
||||
from nova import policy
|
||||
from nova import test
|
||||
from nova.tests.api.openstack import fakes
|
||||
|
||||
|
||||
class CertificatesTest(test.NoDBTestCase):
|
||||
def setUp(self):
|
||||
super(CertificatesTest, self).setUp()
|
||||
self.context = context.RequestContext('fake', 'fake')
|
||||
self.controller = certificates.CertificatesController()
|
||||
|
||||
def test_translate_certificate_view(self):
|
||||
pk, cert = 'fakepk', 'fakecert'
|
||||
view = certificates._translate_certificate_view(cert, pk)
|
||||
self.assertEqual(view['data'], cert)
|
||||
self.assertEqual(view['private_key'], pk)
|
||||
|
||||
def test_certificates_show_root(self):
|
||||
self.mox.StubOutWithMock(self.controller.cert_rpcapi, 'fetch_ca')
|
||||
|
||||
self.controller.cert_rpcapi.fetch_ca(
|
||||
mox.IgnoreArg(), project_id='fake').AndReturn('fakeroot')
|
||||
|
||||
self.mox.ReplayAll()
|
||||
|
||||
req = fakes.HTTPRequestV3.blank('/os-certificates/root')
|
||||
res_dict = self.controller.show(req, 'root')
|
||||
|
||||
response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
|
||||
self.assertEqual(res_dict, response)
|
||||
|
||||
def test_certificates_show_policy_failed(self):
|
||||
rules = {
|
||||
"compute_extension:v3:os-certificates:show":
|
||||
common_policy.parse_rule("!")
|
||||
}
|
||||
policy.set_rules(rules)
|
||||
req = fakes.HTTPRequestV3.blank('/os-certificates/root')
|
||||
exc = self.assertRaises(exception.PolicyNotAuthorized,
|
||||
self.controller.show, req, 'root')
|
||||
self.assertIn("compute_extension:v3:os-certificates:show",
|
||||
exc.format_message())
|
||||
|
||||
def test_certificates_create_certificate(self):
|
||||
self.mox.StubOutWithMock(self.controller.cert_rpcapi,
|
||||
'generate_x509_cert')
|
||||
|
||||
self.controller.cert_rpcapi.generate_x509_cert(
|
||||
mox.IgnoreArg(),
|
||||
user_id='fake_user',
|
||||
project_id='fake').AndReturn(('fakepk', 'fakecert'))
|
||||
self.mox.ReplayAll()
|
||||
|
||||
req = fakes.HTTPRequestV3.blank('/os-certificates/')
|
||||
res_dict = self.controller.create(req)
|
||||
|
||||
response = {
|
||||
'certificate': {'data': 'fakecert',
|
||||
'private_key': 'fakepk'}
|
||||
}
|
||||
self.assertEqual(res_dict, response)
|
||||
self.assertEqual(self.controller.create.wsgi_code, 201)
|
||||
|
||||
def test_certificates_create_policy_failed(self):
|
||||
rules = {
|
||||
"compute_extension:v3:os-certificates:create":
|
||||
common_policy.parse_rule("!")
|
||||
}
|
||||
policy.set_rules(rules)
|
||||
req = fakes.HTTPRequestV3.blank('/os-certificates/')
|
||||
exc = self.assertRaises(exception.PolicyNotAuthorized,
|
||||
self.controller.create, req)
|
||||
self.assertIn("compute_extension:v3:os-certificates:create",
|
||||
exc.format_message())
|
|
@ -23,7 +23,7 @@ class CertificatesSamplesJsonTest(api_sample_base.ApiSampleTestBaseV3):
|
|||
response = self._do_post('os-certificates',
|
||||
'certificate-create-req', {})
|
||||
subs = self._get_regexes()
|
||||
self._verify_response('certificate-create-resp', subs, response, 201)
|
||||
self._verify_response('certificate-create-resp', subs, response, 200)
|
||||
|
||||
def test_get_root_certificate(self):
|
||||
response = self._do_get('os-certificates/root')
|
||||
|
|
Loading…
Reference in New Issue