summaryrefslogtreecommitdiff
path: root/functionaltests/cli/v1/smoke/test_acl.py
diff options
context:
space:
mode:
authorArun Kant <arun.kant@hp.com>2015-08-02 22:06:24 -0700
committerArun Kant <arun.kant@hpe.com>2015-10-06 08:41:40 -0700
commitaf771fecf4df15ebcecd3fcf5eed34f9d357f90d (patch)
tree3604f38dd1d34ca744d35131accc6787d11cd6b9 /functionaltests/cli/v1/smoke/test_acl.py
parent020e24061b43c1af531bab2348c267bc9f708b31 (diff)
downloadpython-barbicanclient-af771fecf4df15ebcecd3fcf5eed34f9d357f90d.tar.gz
Part 3: Adding ACL functional tests.
Added functional tests for CLI commands. Added functional tests for client API. Modified ACL client API functional test not to use behavior class as per recent change in secrets, containers, and orders. Change-Id: Ibacf33e834daa2c70ef1b0032495bbe443957cac
Diffstat (limited to 'functionaltests/cli/v1/smoke/test_acl.py')
-rw-r--r--functionaltests/cli/v1/smoke/test_acl.py244
1 files changed, 244 insertions, 0 deletions
diff --git a/functionaltests/cli/v1/smoke/test_acl.py b/functionaltests/cli/v1/smoke/test_acl.py
new file mode 100644
index 0000000..105681f
--- /dev/null
+++ b/functionaltests/cli/v1/smoke/test_acl.py
@@ -0,0 +1,244 @@
+# Copyright (c) 2015 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from functionaltests import utils
+from functionaltests.cli.base import CmdLineTestCase
+from functionaltests.cli.v1.behaviors import acl_behaviors
+from functionaltests.cli.v1.behaviors import container_behaviors
+from functionaltests.cli.v1.behaviors import secret_behaviors
+from testtools import testcase
+
+ARGS_TYPE = {'short_arg_false': [False],
+ 'short_arg_true': [True]}
+
+
+@utils.parameterized_test_case
+class ACLTestCase(CmdLineTestCase):
+
+ def setUp(self):
+ super(ACLTestCase, self).setUp()
+ self.secret_behaviors = secret_behaviors.SecretBehaviors()
+ self.container_behaviors = container_behaviors.ContainerBehaviors()
+ self.acl_behaviors = acl_behaviors.ACLBehaviors()
+
+ def tearDown(self):
+ super(ACLTestCase, self).tearDown()
+ self.acl_behaviors.delete_all_created_acls()
+ self.container_behaviors.delete_all_created_containers()
+ self.secret_behaviors.delete_all_created_secrets()
+
+ @utils.parameterized_dataset(ARGS_TYPE)
+ @testcase.attr('positive')
+ def test_acl_submit(self, use_short_arg):
+ secret_ref = self.secret_behaviors.store_secret()
+ container_ref = self.container_behaviors.create_container(
+ secret_hrefs=[secret_ref])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ users=['u1', 'u2'],
+ use_short_arg=use_short_arg)
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertIn('u2', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertIn(secret_ref, data['Secret ACL Ref'])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=container_ref,
+ users=['u2', 'u3'],
+ use_short_arg=use_short_arg)
+ self.assertIsNotNone(data)
+ self.assertIn('u3', data['Users'])
+ self.assertNotIn('u1', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertIn(container_ref, data['Container ACL Ref'])
+
+ @utils.parameterized_dataset(ARGS_TYPE)
+ @testcase.attr('positive')
+ def test_acl_submit_for_overwriting_existing_users(self, use_short_arg):
+ secret_ref = self.secret_behaviors.store_secret()
+ container_ref = self.container_behaviors.create_container(
+ secret_hrefs=[secret_ref])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ users=['u1', 'u2'],
+ project_access=False,
+ use_short_arg=use_short_arg)
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertIn('u2', data['Users'])
+ self.assertEqual('False', data['Project Access'])
+ self.assertIn(secret_ref, data['Secret ACL Ref'])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=container_ref,
+ users=[],
+ project_access=True,
+ use_short_arg=use_short_arg)
+ self.assertIsNotNone(data)
+ self.assertNotIn('u1', data['Users'])
+ self.assertNotIn('u2', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertIn(container_ref, data['Container ACL Ref'])
+
+ @utils.parameterized_dataset(ARGS_TYPE)
+ @testcase.attr('positive')
+ def test_acl_add(self, use_short_arg):
+ secret_ref = self.secret_behaviors.store_secret()
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ project_access=False,
+ users=['u1', 'u2'])
+ self.assertIsNotNone(data)
+ self.assertEqual('False', data['Project Access'])
+
+ acls = self.acl_behaviors.acl_add(entity_ref=secret_ref,
+ users=['u2', 'u3'],
+ use_short_arg=use_short_arg)
+ data = acls[0] # get 'read' operation ACL data
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertIn('u3', data['Users'])
+ self.assertEqual('False', data['Project Access'])
+ self.assertIn(secret_ref, data['Secret ACL Ref'])
+
+ # make sure there is no change in existing users with blank users add
+ acls = self.acl_behaviors.acl_add(entity_ref=secret_ref,
+ users=[], project_access=False,
+ use_short_arg=use_short_arg)
+ data = acls[0] # get 'read' operation ACL data
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertIn('u2', data['Users'])
+ self.assertIn('u3', data['Users'])
+
+ acls = self.acl_behaviors.acl_add(entity_ref=secret_ref,
+ users=None, project_access=True,
+ use_short_arg=use_short_arg)
+ data = acls[0] # get 'read' operation ACL data
+ self.assertIsNotNone(data)
+ self.assertIn('u2', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+
+ @utils.parameterized_dataset(ARGS_TYPE)
+ @testcase.attr('positive')
+ def test_acl_remove(self, use_short_arg):
+ secret_ref = self.secret_behaviors.store_secret()
+ container_ref = self.container_behaviors.create_container(
+ secret_hrefs=[secret_ref])
+ secret_ref = self.secret_behaviors.store_secret()
+
+ data = self.acl_behaviors.acl_submit(entity_ref=container_ref,
+ project_access=False,
+ users=['u1', 'u2'])
+ self.assertIsNotNone(data)
+ self.assertEqual('False', data['Project Access'])
+
+ acls = self.acl_behaviors.acl_remove(entity_ref=container_ref,
+ users=['u2', 'u3'],
+ use_short_arg=use_short_arg)
+ data = acls[0] # get 'read' operation ACL data
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertNotIn('u2', data['Users'])
+ self.assertEqual('False', data['Project Access'])
+ self.assertIn(container_ref, data['Container ACL Ref'])
+
+ # make sure there is no change in existing users with blank users
+ # remove
+ acls = self.acl_behaviors.acl_remove(entity_ref=container_ref,
+ users=[], project_access=False,
+ use_short_arg=use_short_arg)
+ data = acls[0] # get 'read' operation ACL data
+ self.assertIsNotNone(data)
+ self.assertIn('u1', data['Users'])
+ self.assertEqual('False', data['Project Access'])
+
+ @testcase.attr('positive')
+ def test_acl_get(self):
+ secret_ref = self.secret_behaviors.store_secret()
+ container_ref = self.container_behaviors.create_container(
+ secret_hrefs=[secret_ref])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ users=['u1', 'u2'])
+ self.assertIsNotNone(data)
+
+ data = self.acl_behaviors.acl_get(entity_ref=secret_ref)
+
+ self.assertIn('u2', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertEqual(secret_ref + "/acl", data['Secret ACL Ref'])
+
+ data = self.acl_behaviors.acl_get(entity_ref=secret_ref + "///")
+
+ self.assertIn('u2', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertEqual(secret_ref + "/acl", data['Secret ACL Ref'])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=container_ref,
+ project_access=False,
+ users=['u4', 'u5'])
+ self.assertIsNotNone(data)
+
+ data = self.acl_behaviors.acl_get(entity_ref=container_ref)
+
+ self.assertIn('u4', data['Users'])
+ self.assertIn('u5', data['Users'])
+ self.assertEqual('False', data['Project Access'])
+ self.assertEqual(container_ref + '/acl', data['Container ACL Ref'])
+
+ @testcase.attr('positive')
+ def test_acl_delete(self):
+ secret_ref = self.secret_behaviors.store_secret()
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ users=['u1', 'u2'])
+ self.assertIsNotNone(data)
+
+ self.acl_behaviors.acl_delete(entity_ref=secret_ref)
+
+ data = self.acl_behaviors.acl_get(entity_ref=secret_ref)
+
+ self.assertEqual('[]', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+ self.assertEqual(secret_ref + "/acl", data['Secret ACL Ref'])
+
+ # deleting again should be okay as secret or container always has
+ # default ACL settings
+ self.acl_behaviors.acl_delete(entity_ref=secret_ref + '////')
+ data = self.acl_behaviors.acl_get(entity_ref=secret_ref)
+
+ self.assertEqual('[]', data['Users'])
+ self.assertEqual('True', data['Project Access'])
+
+ @testcase.attr('negative')
+ def test_acl_entity_ref_input_with_acl_uri(self):
+ secret_ref = self.secret_behaviors.store_secret()
+ container_ref = self.container_behaviors.create_container(
+ secret_hrefs=[secret_ref])
+
+ data = self.acl_behaviors.acl_submit(entity_ref=secret_ref,
+ users=['u1', 'u2'])
+ self.assertIsNotNone(data)
+
+ err = self.acl_behaviors.acl_delete(entity_ref=container_ref + '/acl')
+ # above container ACL ref is passed instead of expected container_ref
+ self.assertIn('Container ACL URI', err)
+
+ err = self.acl_behaviors.acl_delete(entity_ref=secret_ref + '/acl')
+ # above secret ACL ref is passed instead of expected secret_ref
+ self.assertIn('Secret ACL URI', err)
+
+ err = self.acl_behaviors.acl_delete(entity_ref=None)
+ self.assertIn("Secret or container href", err)
View Lorry Controller Status