openstack
/
placement
Code Issues Proposed changes
placement/placement/tests/functional/gabbits/resource-provider-legacy-rb...

211 lines
5.8 KiB
YAML
Raw Blame History

---
fixtures:
- LegacyRBACPolicyFixture
vars:
- &project_id $ENVIRON['PROJECT_ID']
- &system_admin_headers
x-auth-token: user
x-roles: admin,member,reader
accept: application/json
content-type: application/json
openstack-api-version: placement latest
openstack-system-scope: all
- &system_reader_headers
x-auth-token: user
x-roles: reader
accept: application/json
content-type: application/json
openstack-api-version: placement latest
openstack-system-scope: all
- &project_admin_headers
x-auth-token: user
x-roles: admin,member,reader
x-project-id: *project_id
accept: application/json
content-type: application/json
openstack-api-version: placement latest
- &project_member_headers
x-auth-token: user
x-roles: member,reader
x-project-id: *project_id
accept: application/json
content-type: application/json
openstack-api-version: placement latest
- &project_reader_headers
x-auth-token: user
x-roles: reader
x-project-id: *project_id
accept: application/json
content-type: application/json
openstack-api-version: placement latest
tests:
- name: system admin can list resource providers
GET: /resource_providers
request_headers: *system_admin_headers
response_json_paths:
$.resource_providers: []
- name: system reader can list resource providers
GET: /resource_providers
request_headers: *system_reader_headers
response_json_paths:
$.resource_providers: []
- name: project admin can list resource providers
GET: /resource_providers
request_headers: *project_admin_headers
response_json_paths:
$.resource_providers: []
- name: project member cannot list resource providers
GET: /resource_providers
request_headers: *project_member_headers
status: 403
- name: project reader cannot list resource providers
GET: /resource_providers
request_headers: *project_reader_headers
status: 403
- name: system admin can create resource providers
POST: /resource_providers
request_headers: *system_admin_headers
data:
name: $ENVIRON['RP_NAME']
uuid: $ENVIRON['RP_UUID']
status: 200
response_json_paths:
$.uuid: $ENVIRON['RP_UUID']
- name: system reader cannot create resource providers
POST: /resource_providers
request_headers: *system_reader_headers
data:
name: $ENVIRON['RP_NAME']
uuid: $ENVIRON['RP_UUID']
status: 403
- name: system admin can delete resource provider
DELETE: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_admin_headers
status: 204
- name: project admin can create resource providers
POST: /resource_providers
request_headers: *project_admin_headers
data:
name: $ENVIRON['RP_NAME']
uuid: $ENVIRON['RP_UUID']
response_json_paths:
$.uuid: $ENVIRON['RP_UUID']
- name: project member cannot create resource providers
POST: /resource_providers
request_headers: *project_member_headers
data:
name: $ENVIRON['RP_NAME']
uuid: $ENVIRON['RP_UUID']
status: 403
- name: project reader cannot create resource providers
POST: /resource_providers
request_headers: *project_reader_headers
data:
name: $ENVIRON['RP_NAME']
uuid: $ENVIRON['RP_UUID']
status: 403
- name: system admin can show resource provider
GET: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_admin_headers
response_json_paths:
$.uuid: $ENVIRON['RP_UUID']
- name: system reader can show resource provider
GET: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_reader_headers
response_json_paths:
$.uuid: $ENVIRON['RP_UUID']
- name: project admin can show resource provider
GET: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_admin_headers
response_json_paths:
$.uuid: $ENVIRON['RP_UUID']
- name: project member cannot show resource provider
GET: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_member_headers
status: 403
- name: project reader cannot show resource provider
GET: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_reader_headers
status: 403
- name: system admin can update resource provider
PUT: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_admin_headers
data:
name: new name
status: 200
response_json_paths:
$.name: new name
$.uuid: $ENVIRON['RP_UUID']
- name: system reader cannot update resource provider
PUT: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_reader_headers
data:
name: new name
status: 403
- name: project admin can update resource provider
PUT: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_admin_headers
data:
name: new name
status: 200
response_json_paths:
$.name: new name
$.uuid: $ENVIRON['RP_UUID']
- name: project member cannot update resource provider
PUT: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_member_headers
data:
name: new name
status: 403
- name: project reader cannot update resource provider
PUT: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_reader_headers
data:
name: new name
status: 403
- name: system reader cannot delete resource provider
DELETE: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *system_reader_headers
status: 403
- name: project member cannot delete resource provider
DELETE: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_member_headers
status: 403
- name: project reader cannot delete resource provider
DELETE: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_reader_headers
status: 403
- name: project admin can delete resource provider
DELETE: /resource_providers/$ENVIRON['RP_UUID']
request_headers: *project_admin_headers
status: 204
# We tested that system admins can delete resource providers above
View Git Blame Copy Permalink