211 lines
5.8 KiB
YAML
211 lines
5.8 KiB
YAML
---
|
|
fixtures:
|
|
- LegacyRBACPolicyFixture
|
|
|
|
vars:
|
|
- &project_id $ENVIRON['PROJECT_ID']
|
|
- &system_admin_headers
|
|
x-auth-token: user
|
|
x-roles: admin,member,reader
|
|
accept: application/json
|
|
content-type: application/json
|
|
openstack-api-version: placement latest
|
|
openstack-system-scope: all
|
|
- &system_reader_headers
|
|
x-auth-token: user
|
|
x-roles: reader
|
|
accept: application/json
|
|
content-type: application/json
|
|
openstack-api-version: placement latest
|
|
openstack-system-scope: all
|
|
- &project_admin_headers
|
|
x-auth-token: user
|
|
x-roles: admin,member,reader
|
|
x-project-id: *project_id
|
|
accept: application/json
|
|
content-type: application/json
|
|
openstack-api-version: placement latest
|
|
- &project_member_headers
|
|
x-auth-token: user
|
|
x-roles: member,reader
|
|
x-project-id: *project_id
|
|
accept: application/json
|
|
content-type: application/json
|
|
openstack-api-version: placement latest
|
|
- &project_reader_headers
|
|
x-auth-token: user
|
|
x-roles: reader
|
|
x-project-id: *project_id
|
|
accept: application/json
|
|
content-type: application/json
|
|
openstack-api-version: placement latest
|
|
|
|
tests:
|
|
|
|
- name: system admin can list resource providers
|
|
GET: /resource_providers
|
|
request_headers: *system_admin_headers
|
|
response_json_paths:
|
|
$.resource_providers: []
|
|
|
|
- name: system reader can list resource providers
|
|
GET: /resource_providers
|
|
request_headers: *system_reader_headers
|
|
response_json_paths:
|
|
$.resource_providers: []
|
|
|
|
- name: project admin can list resource providers
|
|
GET: /resource_providers
|
|
request_headers: *project_admin_headers
|
|
response_json_paths:
|
|
$.resource_providers: []
|
|
|
|
- name: project member cannot list resource providers
|
|
GET: /resource_providers
|
|
request_headers: *project_member_headers
|
|
status: 403
|
|
|
|
- name: project reader cannot list resource providers
|
|
GET: /resource_providers
|
|
request_headers: *project_reader_headers
|
|
status: 403
|
|
|
|
- name: system admin can create resource providers
|
|
POST: /resource_providers
|
|
request_headers: *system_admin_headers
|
|
data:
|
|
name: $ENVIRON['RP_NAME']
|
|
uuid: $ENVIRON['RP_UUID']
|
|
status: 200
|
|
response_json_paths:
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: system reader cannot create resource providers
|
|
POST: /resource_providers
|
|
request_headers: *system_reader_headers
|
|
data:
|
|
name: $ENVIRON['RP_NAME']
|
|
uuid: $ENVIRON['RP_UUID']
|
|
status: 403
|
|
|
|
- name: system admin can delete resource provider
|
|
DELETE: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_admin_headers
|
|
status: 204
|
|
|
|
- name: project admin can create resource providers
|
|
POST: /resource_providers
|
|
request_headers: *project_admin_headers
|
|
data:
|
|
name: $ENVIRON['RP_NAME']
|
|
uuid: $ENVIRON['RP_UUID']
|
|
response_json_paths:
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: project member cannot create resource providers
|
|
POST: /resource_providers
|
|
request_headers: *project_member_headers
|
|
data:
|
|
name: $ENVIRON['RP_NAME']
|
|
uuid: $ENVIRON['RP_UUID']
|
|
status: 403
|
|
|
|
- name: project reader cannot create resource providers
|
|
POST: /resource_providers
|
|
request_headers: *project_reader_headers
|
|
data:
|
|
name: $ENVIRON['RP_NAME']
|
|
uuid: $ENVIRON['RP_UUID']
|
|
status: 403
|
|
|
|
- name: system admin can show resource provider
|
|
GET: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_admin_headers
|
|
response_json_paths:
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: system reader can show resource provider
|
|
GET: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_reader_headers
|
|
response_json_paths:
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: project admin can show resource provider
|
|
GET: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_admin_headers
|
|
response_json_paths:
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: project member cannot show resource provider
|
|
GET: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_member_headers
|
|
status: 403
|
|
|
|
- name: project reader cannot show resource provider
|
|
GET: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_reader_headers
|
|
status: 403
|
|
|
|
- name: system admin can update resource provider
|
|
PUT: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_admin_headers
|
|
data:
|
|
name: new name
|
|
status: 200
|
|
response_json_paths:
|
|
$.name: new name
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: system reader cannot update resource provider
|
|
PUT: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_reader_headers
|
|
data:
|
|
name: new name
|
|
status: 403
|
|
|
|
- name: project admin can update resource provider
|
|
PUT: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_admin_headers
|
|
data:
|
|
name: new name
|
|
status: 200
|
|
response_json_paths:
|
|
$.name: new name
|
|
$.uuid: $ENVIRON['RP_UUID']
|
|
|
|
- name: project member cannot update resource provider
|
|
PUT: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_member_headers
|
|
data:
|
|
name: new name
|
|
status: 403
|
|
|
|
- name: project reader cannot update resource provider
|
|
PUT: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_reader_headers
|
|
data:
|
|
name: new name
|
|
status: 403
|
|
|
|
- name: system reader cannot delete resource provider
|
|
DELETE: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *system_reader_headers
|
|
status: 403
|
|
|
|
- name: project member cannot delete resource provider
|
|
DELETE: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_member_headers
|
|
status: 403
|
|
|
|
- name: project reader cannot delete resource provider
|
|
DELETE: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_reader_headers
|
|
status: 403
|
|
|
|
- name: project admin can delete resource provider
|
|
DELETE: /resource_providers/$ENVIRON['RP_UUID']
|
|
request_headers: *project_admin_headers
|
|
status: 204
|
|
|
|
# We tested that system admins can delete resource providers above
|