Convert v3 certificate API to v2.1

This patch changes v3 certificate API to v2.1 and makes v2 unit tests share between v2 and v2.1. The differences between v2 and v3 are described on the wiki page https://wiki.openstack.org/wiki/NovaAPIv2tov3. Partially implements blueprint v2-on-v3-api Change-Id: I8e6556dffbc14334f7ec1b9db38fbbfe2387bef0
2014-08-27 13:11:56 +09:00 · 2014-08-27 13:11:56 +09:00 · f6f4145c9d
parent cf916cb5ab
commit f6f4145c9d
4 changed files with 34 additions and 114 deletions
--- a/nova/api/openstack/compute/plugins/v3/certificates.py
+++ b/nova/api/openstack/compute/plugins/v3/certificates.py
@ -15,7 +15,6 @@
 import webob.exc

 from nova.api.openstack import extensions
-from nova.api.openstack import wsgi
 import nova.cert.rpcapi
 from nova import exception
 from nova.i18n import _
@ -55,8 +54,10 @@ class CertificatesController(object):
            raise webob.exc.HTTPNotFound(explanation=e.format_message())
        return {'certificate': _translate_certificate_view(cert)}

+    # NOTE(gmann): Here should be 201 instead of 200 by v2.1
+    # +microversions because the resource certificate has been created
+    # completely when returning a response.
    @extensions.expected_errors(())
-    @wsgi.response(201)
    def create(self, req, body=None):
        """Create a certificate."""
        context = req.environ['nova.context']
--- a/nova/tests/api/openstack/compute/contrib/test_certificates.py
+++ b/nova/tests/api/openstack/compute/contrib/test_certificates.py
@ -19,7 +19,9 @@ import mock
 import mox
 from webob import exc

-from nova.api.openstack.compute.contrib import certificates
+from nova.api.openstack.compute.contrib import certificates as certificates_v2
+from nova.api.openstack.compute.plugins.v3 import certificates \
+    as certificates_v21
 from nova.cert import rpcapi
 from nova import context
 from nova import exception
@ -29,15 +31,21 @@ from nova import test
 from nova.tests.api.openstack import fakes


-class CertificatesTest(test.NoDBTestCase):
+class CertificatesTestV21(test.NoDBTestCase):
+    certificates = certificates_v21
+    url = '/v3/os-certificates'
+    certificate_show_extension = 'compute_extension:v3:os-certificates:show'
+    certificate_create_extension = \
+        'compute_extension:v3:os-certificates:create'
+
    def setUp(self):
-        super(CertificatesTest, self).setUp()
+        super(CertificatesTestV21, self).setUp()
        self.context = context.RequestContext('fake', 'fake')
-        self.controller = certificates.CertificatesController()
+        self.controller = self.certificates.CertificatesController()

    def test_translate_certificate_view(self):
        pk, cert = 'fakepk', 'fakecert'
-        view = certificates._translate_certificate_view(cert, pk)
+        view = self.certificates._translate_certificate_view(cert, pk)
        self.assertEqual(view['data'], cert)
        self.assertEqual(view['private_key'], pk)

@ -49,7 +57,7 @@ class CertificatesTest(test.NoDBTestCase):

        self.mox.ReplayAll()

-        req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
+        req = fakes.HTTPRequest.blank(self.url + '/root')
        res_dict = self.controller.show(req, 'root')

        response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
@ -57,14 +65,14 @@ class CertificatesTest(test.NoDBTestCase):

    def test_certificates_show_policy_failed(self):
        rules = {
-            "compute_extension:certificates":
+            self.certificate_show_extension:
            common_policy.parse_rule("!")
        }
        policy.set_rules(rules)
-        req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
+        req = fakes.HTTPRequest.blank(self.url + '/root')
        exc = self.assertRaises(exception.PolicyNotAuthorized,
                                self.controller.show, req, 'root')
-        self.assertIn("compute_extension:certificates",
+        self.assertIn(self.certificate_show_extension,
                      exc.format_message())

    def test_certificates_create_certificate(self):
@ -78,7 +86,7 @@ class CertificatesTest(test.NoDBTestCase):

        self.mox.ReplayAll()

-        req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/')
+        req = fakes.HTTPRequest.blank(self.url)
        res_dict = self.controller.create(req)

        response = {
@ -89,29 +97,36 @@ class CertificatesTest(test.NoDBTestCase):

    def test_certificates_create_policy_failed(self):
        rules = {
-            "compute_extension:certificates":
+            self.certificate_create_extension:
            common_policy.parse_rule("!")
        }
        policy.set_rules(rules)
-        req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/')
+        req = fakes.HTTPRequest.blank(self.url)
        exc = self.assertRaises(exception.PolicyNotAuthorized,
                                self.controller.create, req)
-        self.assertIn("compute_extension:certificates",
+        self.assertIn(self.certificate_create_extension,
                      exc.format_message())

    @mock.patch.object(rpcapi.CertAPI, 'fetch_ca',
                side_effect=exception.CryptoCAFileNotFound(project='fake'))
    def test_non_exist_certificates_show(self, mock_fetch_ca):
-        req = fakes.HTTPRequest.blank('/v2/fake/os-certificates/root')
+        req = fakes.HTTPRequest.blank(self.url + '/root')
        self.assertRaises(
            exc.HTTPNotFound,
            self.controller.show,
            req, 'root')


+class CertificatesTestV2(CertificatesTestV21):
+    certificates = certificates_v2
+    url = '/v2/fake/os-certificates'
+    certificate_show_extension = 'compute_extension:certificates'
+    certificate_create_extension = 'compute_extension:certificates'
+
+
 class CertificatesSerializerTest(test.NoDBTestCase):
    def test_index_serializer(self):
-        serializer = certificates.CertificateTemplate()
+        serializer = certificates_v2.CertificateTemplate()
        text = serializer.serialize(dict(
                certificate=dict(
                    data='fakecert',
--- a/nova/tests/api/openstack/compute/plugins/v3/test_certificates.py
+++ b/nova/tests/api/openstack/compute/plugins/v3/test_certificates.py
@ -1,96 +0,0 @@
-# Copyright (c) 2012 OpenStack Foundation
-# All Rights Reserved.
-# Copyright 2013 Red Hat, Inc.
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-import mox
-
-from nova.api.openstack.compute.plugins.v3 import certificates
-from nova import context
-from nova import exception
-from nova.openstack.common import policy as common_policy
-from nova import policy
-from nova import test
-from nova.tests.api.openstack import fakes
-
-
-class CertificatesTest(test.NoDBTestCase):
-    def setUp(self):
-        super(CertificatesTest, self).setUp()
-        self.context = context.RequestContext('fake', 'fake')
-        self.controller = certificates.CertificatesController()
-
-    def test_translate_certificate_view(self):
-        pk, cert = 'fakepk', 'fakecert'
-        view = certificates._translate_certificate_view(cert, pk)
-        self.assertEqual(view['data'], cert)
-        self.assertEqual(view['private_key'], pk)
-
-    def test_certificates_show_root(self):
-        self.mox.StubOutWithMock(self.controller.cert_rpcapi, 'fetch_ca')
-
-        self.controller.cert_rpcapi.fetch_ca(
-            mox.IgnoreArg(), project_id='fake').AndReturn('fakeroot')
-
-        self.mox.ReplayAll()
-
-        req = fakes.HTTPRequestV3.blank('/os-certificates/root')
-        res_dict = self.controller.show(req, 'root')
-
-        response = {'certificate': {'data': 'fakeroot', 'private_key': None}}
-        self.assertEqual(res_dict, response)
-
-    def test_certificates_show_policy_failed(self):
-        rules = {
-            "compute_extension:v3:os-certificates:show":
-            common_policy.parse_rule("!")
-        }
-        policy.set_rules(rules)
-        req = fakes.HTTPRequestV3.blank('/os-certificates/root')
-        exc = self.assertRaises(exception.PolicyNotAuthorized,
-                                self.controller.show, req, 'root')
-        self.assertIn("compute_extension:v3:os-certificates:show",
-                      exc.format_message())
-
-    def test_certificates_create_certificate(self):
-        self.mox.StubOutWithMock(self.controller.cert_rpcapi,
-                                 'generate_x509_cert')
-
-        self.controller.cert_rpcapi.generate_x509_cert(
-            mox.IgnoreArg(),
-            user_id='fake_user',
-            project_id='fake').AndReturn(('fakepk', 'fakecert'))
-        self.mox.ReplayAll()
-
-        req = fakes.HTTPRequestV3.blank('/os-certificates/')
-        res_dict = self.controller.create(req)
-
-        response = {
-            'certificate': {'data': 'fakecert',
-                            'private_key': 'fakepk'}
-        }
-        self.assertEqual(res_dict, response)
-        self.assertEqual(self.controller.create.wsgi_code, 201)
-
-    def test_certificates_create_policy_failed(self):
-        rules = {
-            "compute_extension:v3:os-certificates:create":
-            common_policy.parse_rule("!")
-        }
-        policy.set_rules(rules)
-        req = fakes.HTTPRequestV3.blank('/os-certificates/')
-        exc = self.assertRaises(exception.PolicyNotAuthorized,
-                                self.controller.create, req)
-        self.assertIn("compute_extension:v3:os-certificates:create",
-                      exc.format_message())
--- a/nova/tests/integrated/v3/test_certificates.py
+++ b/nova/tests/integrated/v3/test_certificates.py
@ -23,7 +23,7 @@ class CertificatesSamplesJsonTest(api_sample_base.ApiSampleTestBaseV3):
        response = self._do_post('os-certificates',
                                 'certificate-create-req', {})
        subs = self._get_regexes()
-        self._verify_response('certificate-create-resp', subs, response, 201)
+        self._verify_response('certificate-create-resp', subs, response, 200)

    def test_get_root_certificate(self):
        response = self._do_get('os-certificates/root')