From 96d8ca30b2877236dc292f494ef59284eab07793 Mon Sep 17 00:00:00 2001 From: Vasyl Khomenko Date: Wed, 17 Apr 2013 09:54:07 -0700 Subject: [PATCH] Adding negative test to check limits of Security Groups and rules A negative test which verifies that creating security groups and rules cannot exeed limits. Added tests: test_security_groups_exceed_limit test_security_groups_rules_exceed_limit Change-Id: I5c49eb16750bce5dcaad4481e48ee3400cab4ce4 --- tempest/tests/compute/admin/test_quotas.py | 56 ++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/tempest/tests/compute/admin/test_quotas.py b/tempest/tests/compute/admin/test_quotas.py index 8f520f97ec..5bb48d0c38 100644 --- a/tempest/tests/compute/admin/test_quotas.py +++ b/tempest/tests/compute/admin/test_quotas.py @@ -15,6 +15,7 @@ # License for the specific language governing permissions and limitations # under the License. +from tempest.common.utils.data_utils import rand_name from tempest import exceptions from tempest.test import attr from tempest.tests.compute import base @@ -30,6 +31,7 @@ class QuotasAdminTestJSON(base.BaseComputeAdminTest): cls.client = cls.os.quotas_client cls.adm_client = cls.os_adm.quotas_client cls.identity_admin_client = cls._get_identity_admin_client() + cls.sg_client = cls.security_groups_client resp, tenants = cls.identity_admin_client.list_tenants() @@ -157,6 +159,60 @@ class QuotasAdminTestJSON(base.BaseComputeAdminTest): instances=default_instances_quota) self.assertRaises(exceptions.OverLimit, self.create_server) + @attr(type='negative') + def test_security_groups_exceed_limit(self): + # Negative test: Creation Security Groups over limit should FAIL + + resp, quota_set = self.client.get_quota_set(self.demo_tenant_id) + default_sg_quota = quota_set['security_groups'] + sg_quota = 0 # Set the quota to zero to conserve resources + + resp, quota_set =\ + self.adm_client.update_quota_set(self.demo_tenant_id, + security_groups=sg_quota) + + self.addCleanup(self.adm_client.update_quota_set, + self.demo_tenant_id, + security_groups=default_sg_quota) + + # Check we cannot create anymore + self.assertRaises(exceptions.OverLimit, + self.sg_client.create_security_group, + "sg-overlimit", "sg-desc") + + @attr(type='negative') + def test_security_groups_rules_exceed_limit(self): + # Negative test: Creation of Security Group Rules should FAIL + # when we reach limit maxSecurityGroupRules + + resp, quota_set = self.client.get_quota_set(self.demo_tenant_id) + default_sg_rules_quota = quota_set['security_group_rules'] + sg_rules_quota = 0 # Set the quota to zero to conserve resources + + resp, quota_set =\ + self.adm_client.update_quota_set( + self.demo_tenant_id, + security_group_rules=sg_rules_quota) + + self.addCleanup(self.adm_client.update_quota_set, + self.demo_tenant_id, + security_group_rules=default_sg_rules_quota) + + s_name = rand_name('securitygroup-') + s_description = rand_name('description-') + resp, securitygroup =\ + self.sg_client.create_security_group(s_name, s_description) + self.addCleanup(self.sg_client.delete_security_group, + securitygroup['id']) + + secgroup_id = securitygroup['id'] + ip_protocol = 'tcp' + + # Check we cannot create SG rule anymore + self.assertRaises(exceptions.OverLimit, + self.sg_client.create_security_group_rule, + secgroup_id, ip_protocol, 1025, 1025) + class QuotasAdminTestXML(QuotasAdminTestJSON): _interface = 'xml'