Adding negative test to check limits of Security Groups and rules

A negative test which verifies that creating security groups and rules cannot exeed limits. Added tests: test_security_groups_exceed_limit test_security_groups_rules_exceed_limit Change-Id: I5c49eb16750bce5dcaad4481e48ee3400cab4ce4
2013-04-17 09:54:07 -07:00 · 2013-04-17 09:54:07 -07:00 · 96d8ca30b2
commit 96d8ca30b2
parent 0ad0a61dfa
1 changed files with 56 additions and 0 deletions
--- a/tempest/tests/compute/admin/test_quotas.py
+++ b/tempest/tests/compute/admin/test_quotas.py
@ -15,6 +15,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

+from tempest.common.utils.data_utils import rand_name
 from tempest import exceptions
 from tempest.test import attr
 from tempest.tests.compute import base
@ -30,6 +31,7 @@ class QuotasAdminTestJSON(base.BaseComputeAdminTest):
        cls.client = cls.os.quotas_client
        cls.adm_client = cls.os_adm.quotas_client
        cls.identity_admin_client = cls._get_identity_admin_client()
+        cls.sg_client = cls.security_groups_client

        resp, tenants = cls.identity_admin_client.list_tenants()

@ -157,6 +159,60 @@ class QuotasAdminTestJSON(base.BaseComputeAdminTest):
                        instances=default_instances_quota)
        self.assertRaises(exceptions.OverLimit, self.create_server)

+    @attr(type='negative')
+    def test_security_groups_exceed_limit(self):
+        # Negative test: Creation Security Groups over limit should FAIL
+
+        resp, quota_set = self.client.get_quota_set(self.demo_tenant_id)
+        default_sg_quota = quota_set['security_groups']
+        sg_quota = 0  # Set the quota to zero to conserve resources
+
+        resp, quota_set =\
+            self.adm_client.update_quota_set(self.demo_tenant_id,
+                                             security_groups=sg_quota)
+
+        self.addCleanup(self.adm_client.update_quota_set,
+                        self.demo_tenant_id,
+                        security_groups=default_sg_quota)
+
+        # Check we cannot create anymore
+        self.assertRaises(exceptions.OverLimit,
+                          self.sg_client.create_security_group,
+                          "sg-overlimit", "sg-desc")
+
+    @attr(type='negative')
+    def test_security_groups_rules_exceed_limit(self):
+        # Negative test: Creation of Security Group Rules should FAIL
+        # when we reach limit maxSecurityGroupRules
+
+        resp, quota_set = self.client.get_quota_set(self.demo_tenant_id)
+        default_sg_rules_quota = quota_set['security_group_rules']
+        sg_rules_quota = 0  # Set the quota to zero to conserve resources
+
+        resp, quota_set =\
+            self.adm_client.update_quota_set(
+                self.demo_tenant_id,
+                security_group_rules=sg_rules_quota)
+
+        self.addCleanup(self.adm_client.update_quota_set,
+                        self.demo_tenant_id,
+                        security_group_rules=default_sg_rules_quota)
+
+        s_name = rand_name('securitygroup-')
+        s_description = rand_name('description-')
+        resp, securitygroup =\
+            self.sg_client.create_security_group(s_name, s_description)
+        self.addCleanup(self.sg_client.delete_security_group,
+                        securitygroup['id'])
+
+        secgroup_id = securitygroup['id']
+        ip_protocol = 'tcp'
+
+        # Check we cannot create SG rule anymore
+        self.assertRaises(exceptions.OverLimit,
+                          self.sg_client.create_security_group_rule,
+                          secgroup_id, ip_protocol, 1025, 1025)
+

 class QuotasAdminTestXML(QuotasAdminTestJSON):
    _interface = 'xml'