diff options
| author | Chuck Short <zulcss@ubuntu.com> | 2011-03-20 10:51:44 -0400 |
|---|---|---|
| committer | Chuck Short <zulcss@ubuntu.com> | 2011-03-20 10:51:44 -0400 |
| commit | a19d643af217d4aa40e48f4e9a75205af51b96dc (patch) | |
| tree | 639c846a580ea4de598e487068c2c62f783ca6d4 | |
| parent | b9480c99adbb7b4849812fa16118712b24de1820 (diff) | |
| parent | 3e255ad1bc685c0d39631540e664bde49e0670db (diff) | |
| download | nova-a19d643af217d4aa40e48f4e9a75205af51b96dc.tar.gz nova-a19d643af217d4aa40e48f4e9a75205af51b96dc.tar.xz nova-a19d643af217d4aa40e48f4e9a75205af51b96dc.zip | |
Merge trunk
40 files changed, 1284 insertions, 390 deletions
diff --git a/bin/nova-ajax-console-proxy b/bin/nova-ajax-console-proxy index bbd60bade..b4ba157e1 100755 --- a/bin/nova-ajax-console-proxy +++ b/bin/nova-ajax-console-proxy @@ -1,5 +1,5 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 +# pylint: disable=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the diff --git a/bin/nova-api b/bin/nova-api index 06bb855cb..a1088c23d 100755 --- a/bin/nova-api +++ b/bin/nova-api @@ -1,5 +1,5 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 +# pylint: disable=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the diff --git a/bin/nova-direct-api b/bin/nova-direct-api index bf29d9a5e..a2c9f1557 100755 --- a/bin/nova-direct-api +++ b/bin/nova-direct-api @@ -1,5 +1,5 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 +# pylint: disable=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the diff --git a/bin/nova-instancemonitor b/bin/nova-instancemonitor index 24cc9fd23..b9d4e49d7 100755 --- a/bin/nova-instancemonitor +++ b/bin/nova-instancemonitor @@ -50,7 +50,7 @@ if __name__ == '__main__': if __name__ == '__builtin__': LOG.warn(_('Starting instance monitor')) - # pylint: disable-msg=C0103 + # pylint: disable=C0103 monitor = monitor.InstanceMonitor() # This is the parent service that twistd will be looking for when it diff --git a/bin/nova-objectstore b/bin/nova-objectstore index 9fbe228a2..94ef2a8d5 100755 --- a/bin/nova-objectstore +++ b/bin/nova-objectstore @@ -49,4 +49,4 @@ if __name__ == '__main__': twistd.serve(__file__) if __name__ == '__builtin__': - application = handler.get_application() # pylint: disable-msg=C0103 + application = handler.get_application() # pylint: disable=C0103 diff --git a/contrib/boto_v6/ec2/connection.py b/contrib/boto_v6/ec2/connection.py index 23466e5d7..868c93c11 100644 --- a/contrib/boto_v6/ec2/connection.py +++ b/contrib/boto_v6/ec2/connection.py @@ -4,8 +4,10 @@ Created on 2010/12/20 @author: Nachi Ueno <ueno.nachi@lab.ntt.co.jp> ''' import boto +import base64 import boto.ec2 from boto_v6.ec2.instance import ReservationV6 +from boto.ec2.securitygroup import SecurityGroup class EC2ConnectionV6(boto.ec2.EC2Connection): @@ -39,3 +41,101 @@ class EC2ConnectionV6(boto.ec2.EC2Connection): self.build_filter_params(params, filters) return self.get_list('DescribeInstancesV6', params, [('item', ReservationV6)]) + + def run_instances(self, image_id, min_count=1, max_count=1, + key_name=None, security_groups=None, + user_data=None, addressing_type=None, + instance_type='m1.small', placement=None, + kernel_id=None, ramdisk_id=None, + monitoring_enabled=False, subnet_id=None, + block_device_map=None): + """ + Runs an image on EC2. + + :type image_id: string + :param image_id: The ID of the image to run + + :type min_count: int + :param min_count: The minimum number of instances to launch + + :type max_count: int + :param max_count: The maximum number of instances to launch + + :type key_name: string + :param key_name: The name of the key pair with which to + launch instances + + :type security_groups: list of strings + :param security_groups: The names of the security groups with + which to associate instances + + :type user_data: string + :param user_data: The user data passed to the launched instances + + :type instance_type: string + :param instance_type: The type of instance to run + (m1.small, m1.large, m1.xlarge) + + :type placement: string + :param placement: The availability zone in which to launch + the instances + + :type kernel_id: string + :param kernel_id: The ID of the kernel with which to + launch the instances + + :type ramdisk_id: string + :param ramdisk_id: The ID of the RAM disk with which to + launch the instances + + :type monitoring_enabled: bool + :param monitoring_enabled: Enable CloudWatch monitoring + on the instance. + + :type subnet_id: string + :param subnet_id: The subnet ID within which to launch + the instances for VPC. + + :type block_device_map: + :class:`boto.ec2.blockdevicemapping.BlockDeviceMapping` + :param block_device_map: A BlockDeviceMapping data structure + describing the EBS volumes associated + with the Image. + + :rtype: Reservation + :return: The :class:`boto.ec2.instance.ReservationV6` + associated with the request for machines + """ + params = {'ImageId': image_id, + 'MinCount': min_count, + 'MaxCount': max_count} + if key_name: + params['KeyName'] = key_name + if security_groups: + l = [] + for group in security_groups: + if isinstance(group, SecurityGroup): + l.append(group.name) + else: + l.append(group) + self.build_list_params(params, l, 'SecurityGroup') + if user_data: + params['UserData'] = base64.b64encode(user_data) + if addressing_type: + params['AddressingType'] = addressing_type + if instance_type: + params['InstanceType'] = instance_type + if placement: + params['Placement.AvailabilityZone'] = placement + if kernel_id: + params['KernelId'] = kernel_id + if ramdisk_id: + params['RamdiskId'] = ramdisk_id + if monitoring_enabled: + params['Monitoring.Enabled'] = 'true' + if subnet_id: + params['SubnetId'] = subnet_id + if block_device_map: + block_device_map.build_list_params(params) + return self.get_object('RunInstances', params, + ReservationV6, verb='POST') diff --git a/etc/api-paste.ini b/etc/api-paste.ini index a4483d3f8..d95350fc7 100644 --- a/etc/api-paste.ini +++ b/etc/api-paste.ini @@ -80,7 +80,7 @@ paste.filter_factory = nova.api.openstack:FaultWrapper.factory paste.filter_factory = nova.api.openstack.auth:AuthMiddleware.factory [filter:ratelimit] -paste.filter_factory = nova.api.openstack.ratelimiting:RateLimitingMiddleware.factory +paste.filter_factory = nova.api.openstack.limits:RateLimitingMiddleware.factory [app:osapiapp] paste.app_factory = nova.api.openstack:APIRouter.factory diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py index fccebca5d..20701cfa8 100644 --- a/nova/api/ec2/__init__.py +++ b/nova/api/ec2/__init__.py @@ -31,7 +31,7 @@ from nova import log as logging from nova import utils from nova import wsgi from nova.api.ec2 import apirequest -from nova.api.ec2 import cloud +from nova.api.ec2 import ec2utils from nova.auth import manager @@ -319,13 +319,13 @@ class Executor(wsgi.Application): except exception.InstanceNotFound as ex: LOG.info(_('InstanceNotFound raised: %s'), unicode(ex), context=context) - ec2_id = cloud.id_to_ec2_id(ex.instance_id) + ec2_id = ec2utils.id_to_ec2_id(ex.instance_id) message = _('Instance %s not found') % ec2_id return self._error(req, context, type(ex).__name__, message) except exception.VolumeNotFound as ex: LOG.info(_('VolumeNotFound raised: %s'), unicode(ex), context=context) - ec2_id = cloud.id_to_ec2_id(ex.volume_id, 'vol-%08x') + ec2_id = ec2utils.id_to_ec2_id(ex.volume_id, 'vol-%08x') message = _('Volume %s not found') % ec2_id return self._error(req, context, type(ex).__name__, message) except exception.NotFound as ex: diff --git a/nova/api/openstack/__init__.py b/nova/api/openstack/__init__.py index 0244bc93c..b4c352b08 100644 --- a/nova/api/openstack/__init__.py +++ b/nova/api/openstack/__init__.py @@ -33,6 +33,7 @@ from nova.api.openstack import backup_schedules from nova.api.openstack import consoles from nova.api.openstack import flavors from nova.api.openstack import images +from nova.api.openstack import limits from nova.api.openstack import servers from nova.api.openstack import shared_ip_groups from nova.api.openstack import users @@ -114,12 +115,17 @@ class APIRouter(wsgi.Router): mapper.resource("image", "images", controller=images.Controller(), collection={'detail': 'GET'}) + mapper.resource("flavor", "flavors", controller=flavors.Controller(), collection={'detail': 'GET'}) + mapper.resource("shared_ip_group", "shared_ip_groups", collection={'detail': 'GET'}, controller=shared_ip_groups.Controller()) + _limits = limits.LimitsController() + mapper.resource("limit", "limits", controller=_limits) + super(APIRouter, self).__init__(mapper) diff --git a/nova/api/openstack/faults.py b/nova/api/openstack/faults.py index 2fd733299..0e9c4b26f 100644 --- a/nova/api/openstack/faults.py +++ b/nova/api/openstack/faults.py @@ -61,3 +61,42 @@ class Fault(webob.exc.HTTPException): content_type = req.best_match_content_type() self.wrapped_exc.body = serializer.serialize(fault_data, content_type) return self.wrapped_exc + + +class OverLimitFault(webob.exc.HTTPException): + """ + Rate-limited request response. + """ + + _serialization_metadata = { + "application/xml": { + "attributes": { + "overLimitFault": "code", + }, + }, + } + + def __init__(self, message, details, retry_time): + """ + Initialize new `OverLimitFault` with relevant information. + """ + self.wrapped_exc = webob.exc.HTTPForbidden() + self.content = { + "overLimitFault": { + "code": self.wrapped_exc.status_int, + "message": message, + "details": details, + }, + } + + @webob.dec.wsgify(RequestClass=wsgi.Request) + def __call__(self, request): + """ + Return the wrapped exception with a serialized body conforming to our + error format. + """ + serializer = wsgi.Serializer(self._serialization_metadata) + content_type = request.best_match_content_type() + content = serializer.serialize(self.content, content_type) + self.wrapped_exc.body = content + return self.wrapped_exc diff --git a/nova/api/openstack/limits.py b/nova/api/openstack/limits.py new file mode 100644 index 000000000..efc7d193d --- /dev/null +++ b/nova/api/openstack/limits.py @@ -0,0 +1,358 @@ +# Copyright 2011 OpenStack LLC. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License.import datetime + +""" +Module dedicated functions/classes dealing with rate limiting requests. +""" + +import copy +import httplib +import json +import math +import re +import time +import urllib +import webob.exc + +from collections import defaultdict + +from webob.dec import wsgify + +from nova import wsgi +from nova.api.openstack import faults +from nova.wsgi import Controller +from nova.wsgi import Middleware + + +# Convenience constants for the limits dictionary passed to Limiter(). +PER_SECOND = 1 +PER_MINUTE = 60 +PER_HOUR = 60 * 60 +PER_DAY = 60 * 60 * 24 + + +class LimitsController(Controller): + """ + Controller for accessing limits in the OpenStack API. + """ + + _serialization_metadata = { + "application/xml": { + "attributes": { + "limit": ["verb", "URI", "regex", "value", "unit", + "resetTime", "remaining", "name"], + }, + "plurals": { + "rate": "limit", + }, + }, + } + + def index(self, req): + """ + Return all global and rate limit information. + """ + abs_limits = {} + rate_limits = req.environ.get("nova.limits", []) + + return { + "limits": { + "rate": rate_limits, + "absolute": abs_limits, + }, + } + + +class Limit(object): + """ + Stores information about a limit for HTTP requets. + """ + + UNITS = { + 1: "SECOND", + 60: "MINUTE", + 60 * 60: "HOUR", + 60 * 60 * 24: "DAY", + } + + def __init__(self, verb, uri, regex, value, unit): + """ + Initialize a new `Limit`. + + @param verb: HTTP verb (POST, PUT, etc.) + @param uri: Human-readable URI + @param regex: Regular expression format for this limit + @param value: Integer number of requests which can be made + @param unit: Unit of measure for the value parameter + """ + self.verb = verb + self.uri = uri + self.regex = regex + self.value = int(value) + self.unit = unit + self.unit_string = self.display_unit().lower() + self.remaining = int(value) + + if value <= 0: + raise ValueError("Limit value must be > 0") + + self.last_request = None + self.next_request = None + + self.water_level = 0 + self.capacity = self.unit + self.request_value = float(self.capacity) / float(self.value) + self.error_message = _("Only %(value)s %(verb)s request(s) can be "\ + "made to %(uri)s every %(unit_string)s." % self.__dict__) + + def __call__(self, verb, url): + """ + Represents a call to this limit from a relevant request. + + @param verb: string http verb (POST, GET, etc.) + @param url: string URL + """ + if self.verb != verb or not re.match(self.regex, url): + return + + now = self._get_time() + + if self.last_request is None: + self.last_request = now + + leak_value = now - self.last_request + + self.water_level -= leak_value + self.water_level = max(self.water_level, 0) + self.water_level += self.request_value + + difference = self.water_level - self.capacity + + self.last_request = now + + if difference > 0: + self.water_level -= self.request_value + self.next_request = now + difference + return difference + + cap = self.capacity + water = self.water_level + val = self.value + + self.remaining = math.floor(((cap - water) / cap) * val) + self.next_request = now + + def _get_time(self): + """Retrieve the current time. Broken out for testability.""" + return time.time() + + def display_unit(self): + """Display the string name of the unit.""" + return self.UNITS.get(self.unit, "UNKNOWN") + + def display(self): + """Return a useful representation of this class.""" + return { + "verb": self.verb, + "URI": self.uri, + "regex": self.regex, + "value": self.value, + "remaining": int(self.remaining), + "unit": self.display_unit(), + "resetTime": int(self.next_request or self._get_time()), + } + +# "Limit" format is a dictionary with the HTTP verb, human-readable URI, +# a regular-expression to match, value and unit of measure (PER_DAY, etc.) + +DEFAULT_LIMITS = [ + Limit("POST", "*", ".*", 10, PER_MINUTE), + Limit("POST", "*/servers", "^/servers", 50, PER_DAY), + Limit("PUT", "*", ".*", 10, PER_MINUTE), + Limit("GET", "*changes-since*", ".*changes-since.*", 3, PER_MINUTE), + Limit("DELETE", "*", ".*", 100, PER_MINUTE), +] + + +class RateLimitingMiddleware(Middleware): + """ + Rate-limits requests passing through this middleware. All limit information + is stored in memory for this implementation. + """ + + def __init__(self, application, limits=None): + """ + Initialize new `RateLimitingMiddleware`, which wraps the given WSGI + application and sets up the given limits. + + @param application: WSGI application to wrap + @param limits: List of dictionaries describing limits + """ + Middleware.__init__(self, application) + self._limiter = Limiter(limits or DEFAULT_LIMITS) + + @wsgify(RequestClass=wsgi.Request) + def __call__(self, req): + """ + Represents a single call through this middleware. We should record the + request if we have a limit relevant to it. If no limit is relevant to + the request, ignore it. + + If the request should be rate limited, return a fault telling the user + they are over the limit and need to retry later. + """ + verb = req.method + url = req.url + context = req.environ.get("nova.context") + + if context: + username = context.user_id + else: + username = None + + delay, error = self._limiter.check_for_delay(verb, url, username) + + if delay: + msg = _("This request was rate-limited.") + retry = time.time() + delay + return faults.OverLimitFault(msg, error, retry) + + req.environ["nova.limits"] = self._limiter.get_limits(username) + + return self.application + + +class Limiter(object): + """ + Rate-limit checking class which handles limits in memory. + """ + + def __init__(self, limits): + """ + Initialize the new `Limiter`. + + @param limits: List of `Limit` objects + """ + self.limits = copy.deepcopy(limits) + self.levels = defaultdict(lambda: copy.deepcopy(limits)) + + def get_limits(self, username=None): + """ + Return the limits for a given user. + """ + return [limit.display() for limit in self.levels[username]] + + def check_for_delay(self, verb, url, username=None): + """ + Check the given verb/user/user triplet for limit. + + @return: Tuple of delay (in seconds) and error message (or None, None) + """ + delays = [] + + for limit in self.levels[username]: + delay = limit(verb, url) + if delay: + delays.append((delay, limit.error_message)) + + if delays: + delays.sort() + return delays[0] + + return None, None + + +class WsgiLimiter(object): + """ + Rate-limit checking from a WSGI application. Uses an in-memory `Limiter`. + + To use: + POST /<username> with JSON data such as: + { + "verb" : GET, + "path" : "/servers" + } + + and receive a 204 No Content, or a 403 Forbidden with an X-Wait-Seconds + header containing the number of seconds to wait before the action would + succeed. + """ + + def __init__(self, limits=None): + """ + Initialize the new `WsgiLimiter`. + + @param limits: List of `Limit` objects + """ + self._limiter = Limiter(limits or DEFAULT_LIMITS) + + @wsgify(RequestClass=wsgi.Request) + def __call__(self, request): + """ + Handles a call to this application. Returns 204 if the request is + acceptable to the limiter, else a 403 is returned with a relevant + header indicating when the request *will* succeed. + """ + if request.method != "POST": + raise webob.exc.HTTPMethodNotAllowed() + + try: + info = dict(json.loads(request.body)) + except ValueError: + raise webob.exc.HTTPBadRequest() + + username = request.path_info_pop() + verb = info.get("verb") + path = info.get("path") + + delay, error = self._limiter.check_for_delay(verb, path, username) + + if delay: + headers = {"X-Wait-Seconds": "%.2f" % delay} + return webob.exc.HTTPForbidden(headers=headers, explanation=error) + else: + return webob.exc.HTTPNoContent() + + +class WsgiLimiterProxy(object): + """ + Rate-limit requests based on answers from a remote source. + """ + + def __init__(self, limiter_address): + """ + Initialize the new `WsgiLimiterProxy`. + + @param limiter_address: IP/port combination of where to request limit + """ + self.limiter_address = limiter_address + + def check_for_delay(self, verb, path, username=None): + body = json.dumps({"verb": verb, "path": path}) + headers = {"Content-Type": "application/json"} + + conn = httplib.HTTPConnection(self.limiter_address) + + if username: + conn.request("POST", "/%s" % (username), body, headers) + else: + conn.request("POST", "/", body, headers) + + resp = conn.getresponse() + + if 200 >= resp.status < 300: + return None, None + + return resp.getheader("X-Wait-Seconds"), resp.read() or None diff --git a/nova/api/openstack/users.py b/nova/api/openstack/users.py index ebd0f4512..d3ab3d553 100644 --- a/nova/api/openstack/users.py +++ b/nova/api/openstack/users.py @@ -13,13 +13,14 @@ # License for the specific language governing permissions and limitations # under the License. -import common +from webob import exc from nova import exception from nova import flags from nova import log as logging from nova import wsgi - +from nova.api.openstack import common +from nova.api.openstack import faults from nova.auth import manager FLAGS = flags.FLAGS @@ -63,7 +64,17 @@ class Controller(wsgi.Controller): def show(self, req, id): """Return data about the given user id""" - user = self.manager.get_user(id) + + #NOTE(justinsb): The drivers are a little inconsistent in how they + # deal with "NotFound" - some throw, some return None. + try: + user = self.manager.get_user(id) + except exception.NotFound: + user = None + + if user is None: + raise faults.Fault(exc.HTTPNotFound()) + return dict(user=_translate_keys(user)) def delete(self, req, id): diff --git a/nova/auth/fakeldap.py b/nova/auth/fakeldap.py index 4466051f0..79afb9109 100644 --- a/nova/auth/fakeldap.py +++ b/nova/auth/fakeldap.py @@ -90,12 +90,12 @@ MOD_DELETE = 1 MOD_REPLACE = 2 -class NO_SUCH_OBJECT(Exception): # pylint: disable-msg=C0103 +class NO_SUCH_OBJECT(Exception): # pylint: disable=C0103 """Duplicate exception class from real LDAP module.""" pass -class OBJECT_CLASS_VIOLATION(Exception): # pylint: disable-msg=C0103 +class OBJECT_CLASS_VIOLATION(Exception): # pylint: disable=C0103 """Duplicate exception class from real LDAP module.""" pass @@ -268,7 +268,7 @@ class FakeLDAP(object): # get the attributes from the store attrs = store.hgetall(key) # turn the values from the store into lists - # pylint: disable-msg=E1103 + # pylint: disable=E1103 attrs = dict([(k, _from_json(v)) for k, v in attrs.iteritems()]) # filter the objects by query @@ -277,12 +277,12 @@ class FakeLDAP(object): attrs = dict([(k, v) for k, v in attrs.iteritems() if not fields or k in fields]) objects.append((key[len(self.__prefix):], attrs)) - # pylint: enable-msg=E1103 + # pylint: enable=E1103 if objects == []: raise NO_SUCH_OBJECT() return objects @property - def __prefix(self): # pylint: disable-msg=R0201 + def __prefix(self): # pylint: disable=R0201 """Get the prefix to use for all keys.""" return 'ldap:' diff --git a/nova/auth/ldapdriver.py b/nova/auth/ldapdriver.py index 647f70db1..fcac55510 100644 --- a/nova/auth/ldapdriver.py +++ b/nova/auth/ldapdriver.py @@ -634,6 +634,6 @@ class LdapDriver(object): class FakeLdapDriver(LdapDriver): """Fake Ldap Auth driver""" - def __init__(self): # pylint: disable-msg=W0231 + def __init__(self): # pylint: disable=W0231 __import__('nova.auth.fakeldap') self.ldap = sys.modules['nova.auth.fakeldap'] diff --git a/nova/auth/manager.py b/nova/auth/manager.py index 450ab803a..486845399 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -22,7 +22,7 @@ Nova authentication management import os import shutil -import string # pylint: disable-msg=W0402 +import string # pylint: disable=W0402 import tempfile import uuid import zipfile @@ -96,10 +96,19 @@ class AuthBase(object): class User(AuthBase): - """Object representing a user""" + """Object representing a user + + The following attributes are defined: + :id: A system identifier for the user. A string (for LDAP) + :name: The user name, potentially in some more friendly format + :access: The 'username' for EC2 authentication + :secret: The 'password' for EC2 authenticatoin + :admin: ??? + """ def __init__(self, id, name, access, secret, admin): AuthBase.__init__(self) + assert isinstance(id, basestring) self.id = id self.name = name self.access = access diff --git a/nova/compute/manager.py b/nova/compute/manager.py index 92deca813..c2781f6fb 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -220,7 +220,7 @@ class ComputeManager(manager.Manager): self.db.instance_update(context, instance_id, {'launched_at': now}) - except Exception: # pylint: disable-msg=W0702 + except Exception: # pylint: disable=W0702 LOG.exception(_("instance %s: Failed to spawn"), instance_id, context=context) self.db.instance_set_state(context, @@ -692,7 +692,7 @@ class ComputeManager(manager.Manager): volume_id, instance_id, mountpoint) - except Exception as exc: # pylint: disable-msg=W0702 + except Exception as exc: # pylint: disable=W0702 # NOTE(vish): The inline callback eats the exception info so we # log the traceback here and reraise the same # ecxception below. diff --git a/nova/db/api.py b/nova/db/api.py index 3cb0e5811..94777f413 100644 --- a/nova/db/api.py +++ b/nova/db/api.py @@ -608,7 +608,7 @@ def network_get_all(context): return IMPL.network_get_all(context) -# pylint: disable-msg=C0103 +# pylint: disable=C0103 def network_get_associated_fixed_ips(context, network_id): """Get all network's ips that have been associated.""" return IMPL.network_get_associated_fixed_ips(context, network_id) diff --git a/nova/db/base.py b/nova/db/base.py index 1d1e80866..a0f2180c6 100644 --- a/nova/db/base.py +++ b/nova/db/base.py @@ -33,4 +33,4 @@ class Base(object): def __init__(self, db_driver=None): if not db_driver: db_driver = FLAGS.db_driver - self.db = utils.import_object(db_driver) # pylint: disable-msg=C0103 + self.db = utils.import_object(db_driver) # pylint: disable=C0103 diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py index 9d9b86c1d..684574401 100644 --- a/nova/db/sqlalchemy/api.py +++ b/nova/db/sqlalchemy/api.py @@ -806,6 +806,11 @@ def instance_destroy(context, instance_id): update({'deleted': 1, 'deleted_at': datetime.datetime.utcnow(), 'updated_at': literal_column('updated_at')}) + session.query(models.InstanceMetadata).\ + filter_by(instance_id=instance_id).\ + update({'deleted': 1, + 'deleted_at': datetime.datetime.utcnow(), + 'updated_at': literal_column('updated_at')}) @require_context @@ -1249,7 +1254,7 @@ def network_get_all(context): # NOTE(vish): pylint complains because of the long method name, but # it fits with the names of the rest of the methods -# pylint: disable-msg=C0103 +# pylint: disable=C0103 @require_admin_context diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py index 7106e6164..565732869 100644 --- a/nova/network/linux_net.py +++ b/nova/network/linux_net.py @@ -582,7 +582,7 @@ def update_dhcp(context, network_id): try: _execute('sudo', 'kill', '-HUP', pid) return - except Exception as exc: # pylint: disable-msg=W0703 + except Exception as exc: # pylint: disable=W0703 LOG.debug(_("Hupping dnsmasq threw %s"), exc) else: LOG.debug(_("Pid %d is stale, relaunching dnsmasq"), pid) @@ -626,7 +626,7 @@ interface %s if conffile in out: try: _execute('sudo', 'kill', pid) - except Exception as exc: # pylint: disable-msg=W0703 + except Exception as exc: # pylint: disable=W0703 LOG.debug(_("killing radvd threw %s"), exc) else: LOG.debug(_("Pid %d is stale, relaunching radvd"), pid) @@ -713,7 +713,7 @@ def _stop_dnsmasq(network): if pid: try: _execute('sudo', 'kill', '-TERM', pid) - except Exception as exc: # pylint: disable-msg=W0703 + except Exception as exc: # pylint: disable=W0703 LOG.debug(_("Killing dnsmasq threw %s"), exc) diff --git a/nova/network/manager.py b/nova/network/manager.py index 3dfc48934..0decb126a 100644 --- a/nova/network/manager.py +++ b/nova/network/manager.py @@ -322,12 +322,12 @@ class NetworkManager(manager.Manager): self._create_fixed_ips(context, network_ref['id']) @property - def _bottom_reserved_ips(self): # pylint: disable-msg=R0201 + def _bottom_reserved_ips(self): # pylint: disable=R0201 """Number of reserved ips at the bottom of the range.""" return 2 # network, gateway @property - def _top_reserved_ips(self): # pylint: disable-msg=R0201 + def _top_reserved_ips(self): # pylint: disable=R0201 """Number of reserved ips at the top of the range.""" return 1 # broadcast diff --git a/nova/objectstore/handler.py b/nova/objectstore/handler.py index 05ddace4b..554c72848 100644 --- a/nova/objectstore/handler.py +++ b/nova/objectstore/handler.py @@ -167,7 +167,7 @@ class S3(ErrorHandlingResource): def __init__(self): ErrorHandlingResource.__init__(self) - def getChild(self, name, request): # pylint: disable-msg=C0103 + def getChild(self, name, request): # pylint: disable=C0103 """Returns either the image or bucket resource""" request.context = get_context(request) if name == '': @@ -177,7 +177,7 @@ class S3(ErrorHandlingResource): else: return BucketResource(name) - def render_GET(self, request): # pylint: disable-msg=R0201 + def render_GET(self, request): # pylint: disable=R0201 """Renders the GET request for a list of buckets as XML""" LOG.debug(_('List of buckets requested'), context=request.context) buckets = [b for b in bucket.Bucket.all() @@ -355,7 +355,7 @@ class ImagesResource(resource.Resource): else: return ImageResource(name) - def render_GET(self, request): # pylint: disable-msg=R0201 + def render_GET(self, request): # pylint: disable=R0201 """ returns a json listing of all images that a user has permissions to see """ @@ -384,7 +384,7 @@ class ImagesResource(resource.Resource): request.finish() return server.NOT_DONE_YET - def render_PUT(self, request): # pylint: disable-msg=R0201 + def render_PUT(self, request): # pylint: disable=R0201 """ create a new registered image """ image_id = get_argument(request, 'image_id', u'') @@ -413,7 +413,7 @@ class ImagesResource(resource.Resource): p.start() return '' - def render_POST(self, request): # pylint: disable-msg=R0201 + def render_POST(self, request): # pylint: disable=R0201 """Update image attributes: public/private""" # image_id required for all requests @@ -441,7 +441,7 @@ class ImagesResource(resource.Resource): image_object.update_user_editable_fields(clean_args) return '' - def render_DELETE(self, request): # pylint: disable-msg=R0201 + def render_DELETE(self, request): # pylint: disable=R0201 """Delete a registered image""" image_id = get_argument(request, "image_id", u"") image_object = image.Image(image_id) @@ -471,7 +471,7 @@ def get_application(): application = service.Application("objectstore") # Disabled because of lack of proper introspection in Twisted # or possibly different versions of twisted? - # pylint: disable-msg=E1101 + # pylint: disable=E1101 objectStoreService = internet.TCPServer(FLAGS.s3_port, factory, interface=FLAGS.s3_listen_host) objectStoreService.setServiceParent(application) diff --git a/nova/rpc.py b/nova/rpc.py index 58715963a..5935e1fb3 100644 --- a/nova/rpc.py +++ b/nova/rpc.py @@ -62,7 +62,7 @@ class Connection(carrot_connection.BrokerConnection): params['backend_cls'] = fakerabbit.Backend # NOTE(vish): magic is fun! - # pylint: disable-msg=W0142 + # pylint: disable=W0142 if new: return cls(**params) else: @@ -114,7 +114,7 @@ class Consumer(messaging.Consumer): if self.failed_connection: # NOTE(vish): connection is defined in the parent class, we can # recreate it as long as we create the backend too - # pylint: disable-msg=W0201 + # pylint: disable=W0201 self.connection = Connection.recreate() self.backend = self.connection.create_backend() self.declare() @@ -125,7 +125,7 @@ class Consumer(messaging.Consumer): # NOTE(vish): This is catching all errors because we really don't # want exceptions to be logged 10 times a second if some # persistent failure occurs. - except Exception: # pylint: disable-msg=W0703 + except Exception: # pylint: disable=W0703 if not self.failed_connection: LOG.exception(_("Failed to fetch message from queue")) self.failed_connection = True diff --git a/nova/service.py b/nova/service.py index d60df987c..52bb15ad7 100644 --- a/nova/service.py +++ b/nova/service.py @@ -217,7 +217,7 @@ class Service(object): logging.error(_("Recovered model server connection!")) # TODO(vish): this should probably only catch connection errors - except Exception: # pylint: disable-msg=W0702 + except Exception: # pylint: disable=W0702 if not getattr(self, "model_disconnected", False): self.model_disconnected = True logging.exception(_("model server went away")) diff --git a/nova/tests/api/openstack/__init__.py b/nova/tests/api/openstack/__init__.py index e18120285..bac7181f7 100644 --- a/nova/tests/api/openstack/__init__.py +++ b/nova/tests/api/openstack/__init__.py @@ -20,7 +20,7 @@ from nova import test from nova import context from nova import flags -from nova.api.openstack.ratelimiting import RateLimitingMiddleware +from nova.api.openstack.limits import RateLimitingMiddleware from nova.api.openstack.common import limited from nova.tests.api.openstack import fakes from webob import Request diff --git a/nova/tests/api/openstack/fakes.py b/nova/tests/api/openstack/fakes.py index a08fe385a..75eade4d0 100644 --- a/nova/tests/api/openstack/fakes.py +++ b/nova/tests/api/openstack/fakes.py @@ -34,7 +34,7 @@ from nova import utils import nova.api.openstack.auth from nova.api import openstack from nova.api.openstack import auth -from nova.api.openstack import ratelimiting +from nova.api.openstack import limits from nova.auth.manager import User, Project from nova.image import glance from nova.image import local @@ -77,7 +77,7 @@ def wsgi_app(inner_application=None): inner_application = openstack.APIRouter() mapper = urlmap.URLMap() api = openstack.FaultWrapper(auth.AuthMiddleware( - ratelimiting.RateLimitingMiddleware(inner_application))) + limits.RateLimitingMiddleware(inner_application))) mapper['/v1.0'] = api mapper['/v1.1'] = api mapper['/'] = openstack.FaultWrapper(openstack.Versions()) @@ -116,13 +116,13 @@ def stub_out_auth(stubs): def stub_out_rate_limiting(stubs): def fake_rate_init(self, app): - super(ratelimiting.RateLimitingMiddleware, self).__init__(app) + super(limits.RateLimitingMiddleware, self).__init__(app) self.application = app - stubs.Set(nova.api.openstack.ratelimiting.RateLimitingMiddleware, + stubs.Set(nova.api.openstack.limits.RateLimitingMiddleware, '__init__', fake_rate_init) - stubs.Set(nova.api.openstack.ratelimiting.RateLimitingMiddleware, + stubs.Set(nova.api.openstack.limits.RateLimitingMiddleware, '__call__', fake_wsgi) @@ -234,52 +234,57 @@ class FakeAuthDatabase(object): class FakeAuthManager(object): - auth_data = {} + #NOTE(justinsb): Accessing static variables through instances is FUBAR + #NOTE(justinsb): This should also be private! + auth_data = [] projects = {} @classmethod def clear_fakes(cls): - cls.auth_data = {} + cls.auth_data = [] cls.projects = {} @classmethod def reset_fake_data(cls): - cls.auth_data = dict(acc1=User('guy1', 'guy1', 'acc1', - 'fortytwo!', False)) + u1 = User('id1', 'guy1', 'acc1', 'secret1', False) + cls.auth_data = [u1] cls.projects = dict(testacct=Project('testacct', 'testacct', - 'guy1', + 'id1', 'test', [])) - def add_user(self, key, user): - FakeAuthManager.auth_data[key] = user + def add_user(self, user): + FakeAuthManager.auth_data.append(user) def get_users(self): - return FakeAuthManager.auth_data.values() + return FakeAuthManager.auth_data def get_user(self, uid): - for k, v in FakeAuthManager.auth_data.iteritems(): - if v.id == uid: - return v + for user in FakeAuthManager.auth_data: + if user.id == uid: + return user + return None + + def get_user_from_access_key(self, key): + for user in FakeAuthManager.auth_data: + if user.access == key: + return user return None def delete_user(self, uid): - for k, v in FakeAuthManager.auth_data.items(): - if v.id == uid: - del FakeAuthManager.auth_data[k] + for user in FakeAuthManager.auth_data: + if user.id == uid: + FakeAuthManager.auth_data.remove(user) return None def create_user(self, name, access=None, secret=None, admin=False): u = User(name, name, access, secret, admin) - FakeAuthManager.auth_data[access] = u + FakeAuthManager.auth_data.append(u) return u def modify_user(self, user_id, access=None, secret=None, admin=None): - user = None - for k, v in FakeAuthManager.auth_data.iteritems(): - if v.id == user_id: - user = v + user = self.get_user(user_id) if user: user.access = access user.secret = secret @@ -326,12 +331,6 @@ class FakeAuthManager(object): if (user.id in p.member_ids) or (user.id == p.project_manager_id)] - def get_user_from_access_key(self, key): - try: - return FakeAuthManager.auth_data[key] - except KeyError: - raise exc.NotFound - class FakeRateLimiter(object): def __init__(self, application): diff --git a/nova/tests/api/openstack/test_accounts.py b/nova/tests/api/openstack/test_accounts.py index 60edce769..64abcf48c 100644 --- a/nova/tests/api/openstack/test_accounts.py +++ b/nova/tests/api/openstack/test_accounts.py @@ -19,11 +19,9 @@ import json import stubout import webob -import nova.api -import nova.api.openstack.auth -from nova import context from nova import flags from nova import test +from nova.api.openstack import accounts from nova.auth.manager import User from nova.tests.api.openstack import fakes @@ -44,9 +42,9 @@ class AccountsTest(test.TestCase): def setUp(self): super(AccountsTest, self).setUp() self.stubs = stubout.StubOutForTesting() - self.stubs.Set(nova.api.openstack.accounts.Controller, '__init__', + self.stubs.Set(accounts.Controller, '__init__', fake_init) - self.stubs.Set(nova.api.openstack.accounts.Controller, '_check_admin', + self.stubs.Set(accounts.Controller, '_check_admin', fake_admin_check) fakes.FakeAuthManager.clear_fakes() fakes.FakeAuthDatabase.data = {} @@ -57,10 +55,10 @@ class AccountsTest(test.TestCase): self.allow_admin = FLAGS.allow_admin_api FLAGS.allow_admin_api = True fakemgr = fakes.FakeAuthManager() - joeuser = User('guy1', 'guy1', 'acc1', 'fortytwo!', False) - superuser = User('guy2', 'guy2', 'acc2', 'swordfish', True) - fakemgr.add_user(joeuser.access, joeuser) - fakemgr.add_user(superuser.access, superuser) + joeuser = User('id1', 'guy1', 'acc1', 'secret1', False) + superuser = User('id2', 'guy2', 'acc2', 'secret2', True) + fakemgr.add_user(joeuser) + fakemgr.add_user(superuser) fakemgr.create_project('test1', joeuser) fakemgr.create_project('test2', superuser) @@ -76,7 +74,7 @@ class AccountsTest(test.TestCase): self.assertEqual(res_dict['account']['id'], 'test1') self.assertEqual(res_dict['account']['name'], 'test1') - self.assertEqual(res_dict['account']['manager'], 'guy1') + self.assertEqual(res_dict['account']['manager'], 'id1') self.assertEqual(res.status_int, 200) def test_account_delete(self): @@ -88,7 +86,7 @@ class AccountsTest(test.TestCase): def test_account_create(self): body = dict(account=dict(description='test account', - manager='guy1')) + manager='id1')) req = webob.Request.blank('/v1.0/accounts/newacct') req.headers["Content-Type"] = "application/json" req.method = 'PUT' @@ -101,14 +99,14 @@ class AccountsTest(test.TestCase): self.assertEqual(res_dict['account']['id'], 'newacct') self.assertEqual(res_dict['account']['name'], 'newacct') self.assertEqual(res_dict['account']['description'], 'test account') - self.assertEqual(res_dict['account']['manager'], 'guy1') + self.assertEqual(res_dict['account']['manager'], 'id1') self.assertTrue('newacct' in fakes.FakeAuthManager.projects) self.assertEqual(len(fakes.FakeAuthManager.projects.values()), 3) def test_account_update(self): body = dict(account=dict(description='test account', - manager='guy2')) + manager='id2')) req = webob.Request.blank('/v1.0/accounts/test1') req.headers["Content-Type"] = "application/json" req.method = 'PUT' @@ -121,5 +119,5 @@ class AccountsTest(test.TestCase): self.assertEqual(res_dict['account']['id'], 'test1') self.assertEqual(res_dict['account']['name'], 'test1') self.assertEqual(res_dict['account']['description'], 'test account') - self.assertEqual(res_dict['account']['manager'], 'guy2') + self.assertEqual(res_dict['account']['manager'], 'id2') self.assertEqual(len(fakes.FakeAuthManager.projects.values()), 2) diff --git a/nova/tests/api/openstack/test_adminapi.py b/nova/tests/api/openstack/test_adminapi.py index 4568cb9f5..e87255b18 100644 --- a/nova/tests/api/openstack/test_adminapi.py +++ b/nova/tests/api/openstack/test_adminapi.py @@ -23,7 +23,6 @@ from paste import urlmap from nova import flags from nova import test from nova.api import openstack -from nova.api.openstack import ratelimiting from nova.api.openstack import auth from nova.tests.api.openstack import fakes diff --git a/nova/tests/api/openstack/test_auth.py b/nova/tests/api/openstack/test_auth.py index 0448ed701..21596fb25 100644 --- a/nova/tests/api/openstack/test_auth.py +++ b/nova/tests/api/openstack/test_auth.py @@ -39,7 +39,7 @@ class Test(test.TestCase): self.stubs.Set(nova.api.openstack.auth.AuthMiddleware, '__init__', fakes.fake_auth_init) self.stubs.Set(context, 'RequestContext', fakes.FakeRequestContext) - fakes.FakeAuthManager.auth_data = {} + fakes.FakeAuthManager.clear_fakes() fakes.FakeAuthDatabase.data = {} fakes.stub_out_rate_limiting(self.stubs) fakes.stub_out_networking(self.stubs) @@ -51,8 +51,8 @@ class Test(test.TestCase): def test_authorize_user(self): f = fakes.FakeAuthManager() - f.add_user('user1_key', - nova.auth.manager.User(1, 'user1', None, None, None)) + user = nova.auth.manager.User('id1', 'user1', 'user1_key', None, None) + f.add_user(user) req = webob.Request.blank('/v1.0/') req.headers['X-Auth-User'] = 'user1' @@ -66,9 +66,9 @@ class Test(test.TestCase): def test_authorize_token(self): f = fakes.FakeAuthManager() - u = nova.auth.manager.User(1, 'user1', None, None, None) - f.add_user('user1_key', u) - f.create_project('user1_project', u) + user = nova.auth.manager.User('id1', 'user1', 'user1_key', None, None) + f.add_user(user) + f.create_project('user1_project', user) req = webob.Request.blank('/v1.0/', {'HTTP_HOST': 'foo'}) req.headers['X-Auth-User'] = 'user1' @@ -124,8 +124,8 @@ class Test(test.TestCase): def test_bad_user_good_key(self): f = fakes.FakeAuthManager() - u = nova.auth.manager.User(1, 'user1', None, None, None) - f.add_user('user1_key', u) + user = nova.auth.manager.User('id1', 'user1', 'user1_key', None, None) + f.add_user(user) req = webob.Request.blank('/v1.0/') req.headers['X-Auth-User'] = 'unknown_user' @@ -179,7 +179,7 @@ class TestLimiter(test.TestCase): self.stubs.Set(nova.api.openstack.auth.AuthMiddleware, '__init__', fakes.fake_auth_init) self.stubs.Set(context, 'RequestContext', fakes.FakeRequestContext) - fakes.FakeAuthManager.auth_data = {} + fakes.FakeAuthManager.clear_fakes() fakes.FakeAuthDatabase.data = {} fakes.stub_out_networking(self.stubs) @@ -190,9 +190,9 @@ class TestLimiter(test.TestCase): def test_authorize_token(self): f = fakes.FakeAuthManager() - u = nova.auth.manager.User(1, 'user1', None, None, None) - f.add_user('user1_key', u) - f.create_project('test', u) + user = nova.auth.manager.User('id1', 'user1', 'user1_key', None, None) + f.add_user(user) + f.create_project('test', user) req = webob.Request.blank('/v1.0/') req.headers['X-Auth-User'] = 'user1' diff --git a/nova/tests/api/openstack/test_limits.py b/nova/tests/api/openstack/test_limits.py new file mode 100644 index 000000000..05cfacc60 --- /dev/null +++ b/nova/tests/api/openstack/test_limits.py @@ -0,0 +1,584 @@ +# Copyright 2011 OpenStack LLC. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +""" +Tests dealing with HTTP rate-limiting. +""" + +import httplib +import json +import StringIO +import stubout +import time +import unittest +import webob + +from xml.dom.minidom import parseString + +from nova.api.openstack import limits +from nova.api.openstack.limits import Limit + + +TEST_LIMITS = [ + Limit("GET", "/delayed", "^/delayed", 1, limits.PER_MINUTE), + Limit("POST", "*", ".*", 7, limits.PER_MINUTE), + Limit("POST", "/servers", "^/servers", 3, limits.PER_MINUTE), + Limit("PUT", "*", "", 10, limits.PER_MINUTE), + Limit("PUT", "/servers", "^/servers", 5, limits.PER_MINUTE), +] + + +class BaseLimitTestSuite(unittest.TestCase): + """Base test suite which provides relevant stubs and time abstraction.""" + + def setUp(self): + """Run before each test.""" + self.time = 0.0 + self.stubs = stubout.StubOutForTesting() + self.stubs.Set(limits.Limit, "_get_time", self._get_time) + + def tearDown(self): + """Run after each test.""" + self.stubs.UnsetAll() + + def _get_time(self): + """Return the "time" according to this test suite.""" + return self.time + + +class LimitsControllerTest(BaseLimitTestSuite): + """ + Tests for `limits.LimitsController` class. + """ + + def setUp(self): + """Run before each test.""" + BaseLimitTestSuite.setUp(self) + self.controller = limits.LimitsController() + + def _get_index_request(self, accept_header="application/json"): + """Helper to set routing arguments.""" + request = webob.Request.blank("/") + request.accept = accept_header + request.environ["wsgiorg.routing_args"] = (None, { + "action": "index", + "controller": "", + }) + return request + + def _populate_limits(self, request): + """Put limit info into a request.""" + _limits = [ + Limit("GET", "*", ".*", 10, 60).display(), + Limit("POST", "*", ".*", 5, 60 * 60).display(), + ] + request.environ["nova.limits"] = _limits + return request + + def test_empty_index_json(self): + """Test getting empty limit details in JSON.""" + request = self._get_index_request() + response = request.get_response(self.controller) + expected = { + "limits": { + "rate": [], + "absolute": {}, + }, + } + body = json.loads(response.body) + self.assertEqual(expected, body) + + def test_index_json(self): + """Test getting limit details in JSON.""" + request = self._get_index_request() + request = self._populate_limits(request) + response = request.get_response(self.controller) + expected = { + "limits": { + "rate": [{ + "regex": ".*", + "resetTime": 0, + "URI": "*", + "value": 10, + "verb": "GET", + "remaining": 10, + "unit": "MINUTE", + }, + { + "regex": ".*", + "resetTime": 0, + "URI": "*", + "value": 5, + "verb": "POST", + "remaining": 5, + "unit": "HOUR", + }], + "absolute": {}, + }, + } + body = json.loads(response.body) + self.assertEqual(expected, body) + + def test_empty_index_xml(self): + """Test getting limit details in XML.""" + request = self._get_index_request("application/xml") + response = request.get_response(self.controller) + + expected = "<limits><rate/><absolute/></limits>" + body = response.body.replace("\n", "").replace(" ", "") + + self.assertEqual(expected, body) + + def test_index_xml(self): + """Test getting limit details in XML.""" + request = self._get_index_request("application/xml") + request = self._populate_limits(request) + response = request.get_response(self.controller) + + expected = parseString(""" + <limits> + <rate> + <limit URI="*" regex=".*" remaining="10" resetTime="0" + unit="MINUTE" value="10" verb="GET"/> + <limit URI="*" regex=".*" remaining="5" resetTime="0" + unit="HOUR" value="5" verb="POST"/> + </rate> + <absolute/> + </limits> + """.replace(" ", "")) + body = parseString(response.body.replace(" ", "")) + + self.assertEqual(expected.toxml(), body.toxml()) + + +class LimitMiddlewareTest(BaseLimitTestSuite): + """ + Tests for the `limits.RateLimitingMiddleware` class. + """ + + @webob.dec.wsgify + def _empty_app(self, request): + """Do-nothing WSGI app.""" + pass + + def setUp(self): + """Prepare middleware for use through fake WSGI app.""" + BaseLimitTestSuite.setUp(self) + _limits = [ + Limit("GET", "*", ".*", 1, 60), + ] + self.app = limits.RateLimitingMiddleware(self._empty_app, _limits) + + def test_good_request(self): + """Test successful GET request through middleware.""" + request = webob.Request.blank("/") + response = request.get_response(self.app) + self.assertEqual(200, response.status_int) + + def test_limited_request_json(self): + """Test a rate-limited (403) GET request through middleware.""" + request = webob.Request.blank("/") + response = request.get_response(self.app) + self.assertEqual(200, response.status_int) + + request = webob.Request.blank("/") + response = request.get_response(self.app) + self.assertEqual(response.status_int, 403) + + body = json.loads(response.body) + expected = "Only 1 GET request(s) can be made to * every minute." + value = body["overLimitFault"]["details"].strip() + self.assertEqual(value, expected) + + def test_limited_request_xml(self): + """Test a rate-limited (403) response as XML""" + request = webob.Request.blank("/") + response = request.get_response(self.app) + self.assertEqual(200, response.status_int) + + request = webob.Request.blank("/") + request.accept = "application/xml" + response = request.get_response(self.app) + self.assertEqual(response.status_int, 403) + + root = parseString(response.body).childNodes[0] + expected = "Only 1 GET request(s) can be made to * every minute." + + details = root.getElementsByTagName("details") + self.assertEqual(details.length, 1) + + value = details.item(0).firstChild.data.strip() + self.assertEqual(value, expected) + + +class LimitTest(BaseLimitTestSuite): + """ + Tests for the `limits.Limit` class. + """ + + def test_GET_no_delay(self): + """Test a limit handles 1 GET per second.""" + limit = Limit("GET", "*", ".*", 1, 1) + delay = limit("GET", "/anything") + self.assertEqual(None, delay) + self.assertEqual(0, limit.next_request) + self.assertEqual(0, limit.last_request) + + def test_GET_delay(self): + """Test two calls to 1 GET per second limit.""" + limit = Limit("GET", "*", ".*", 1, 1) + delay = limit("GET", "/anything") + self.assertEqual(None, delay) + + delay = limit("GET", "/anything") + self.assertEqual(1, delay) + self.assertEqual(1, limit.next_request) + self.assertEqual(0, limit.last_request) + + self.time += 4 + + delay = limit("GET", "/anything") + self.assertEqual(None, delay) + self.assertEqual(4, limit.next_request) + self.assertEqual(4, limit.last_request) + + +class LimiterTest(BaseLimitTestSuite): + """ + Tests for the in-memory `limits.Limiter` class. + """ + + def setUp(self): + """Run before each test.""" + BaseLimitTestSuite.setUp(self) + self.limiter = limits.Limiter(TEST_LIMITS) + + def _check(self, num, verb, url, username=None): + """Check and yield results from checks.""" + for x in xrange(num): + yield self.limiter.check_for_delay(verb, url, username)[0] + + def _check_sum(self, num, verb, url, username=None): + """Check and sum results from checks.""" + results = self._check(num, verb, url, username) + return sum(item for item in results if item) + + def test_no_delay_GET(self): + """ + Simple test to ensure no delay on a single call for a limit verb we + didn"t set. + """ + delay = self.limiter.check_for_delay("GET", "/anything") + self.assertEqual(delay, (None, None)) + + def test_no_delay_PUT(self): + """ + Simple test to ensure no delay on a single call for a known limit. + """ + delay = self.limiter.check_for_delay("PUT", "/anything") + self.assertEqual(delay, (None, None)) + + def test_delay_PUT(self): + """ + Ensure the 11th PUT will result in a delay of 6.0 seconds until + the next request will be granced. + """ + expected = [None] * 10 + [6.0] + results = list(self._check(11, "PUT", "/anything")) + + self.assertEqual(expected, results) + + def test_delay_POST(self): + """ + Ensure the 8th POST will result in a delay of 6.0 seconds until + the next request will be granced. + """ + expected = [None] * 7 + results = list(self._check(7, "POST", "/anything")) + self.assertEqual(expected, results) + + expected = 60.0 / 7.0 + results = self._check_sum(1, "POST", "/anything") + self.failUnlessAlmostEqual(expected, results, 8) + + def test_delay_GET(self): + """ + Ensure the 11th GET will result in NO delay. + """ + expected = [None] * 11 + results = list(self._check(11, "GET", "/anything")) + + self.assertEqual(expected, results) + + def test_delay_PUT_servers(self): + """ + Ensure PUT on /servers limits at 5 requests, and PUT elsewhere is still + OK after 5 requests...but then after 11 total requests, PUT limiting + kicks in. + """ + # First 6 requests on PUT /servers + expected = [None] * 5 + [12.0] + results = list(self._check(6, "PUT", "/servers")) + self.assertEqual(expected, results) + + # Next 5 request on PUT /anything + expected = [None] * 4 + [6.0] + results = list(self._check(5, "PUT", "/anything")) + self.assertEqual(expected, results) + + def test_delay_PUT_wait(self): + """ + Ensure after hitting the limit and then waiting for the correct + amount of time, the limit will be lifted. + """ + expected = [None] * 10 + [6.0] + results = list(self._check(11, "PUT", "/anything")) + self.assertEqual(expected, results) + + # Advance time + self.time += 6.0 + + expected = [None, 6.0] + results = list(self._check(2, "PUT", "/anything")) + self.assertEqual(expected, results) + + def test_multiple_delays(self): + """ + Ensure multiple requests still get a delay. + """ + expected = [None] * 10 + [6.0] * 10 + results = list(self._check(20, "PUT", "/anything")) + self.assertEqual(expected, results) + + self.time += 1.0 + + expected = [5.0] * 10 + results = list(self._check(10, "PUT", "/anything")) + self.assertEqual(expected, results) + + def test_multiple_users(self): + """ + Tests involving multiple users. + """ + # User1 + expected = [None] * 10 + [6.0] * 10 + results = list(self._check(20, "PUT", "/anything", "user1")) + self.assertEqual(expected, results) + + # User2 + expected = [None] * 10 + [6.0] * 5 + results = list(self._check(15, "PUT", "/anything", "user2")) + self.assertEqual(expected, results) + + self.time += 1.0 + + # User1 again + expected = [5.0] * 10 + results = list(self._check(10, "PUT", "/anything", "user1")) + self.assertEqual(expected, results) + + self.time += 1.0 + + # User1 again + expected = [4.0] * 5 + results = list(self._check(5, "PUT", "/anything", "user2")) + self.assertEqual(expected, results) + + +class WsgiLimiterTest(BaseLimitTestSuite): + """ + Tests for `limits.WsgiLimiter` class. + """ + + def setUp(self): + """Run before each test.""" + BaseLimitTestSuite.setUp(self) + self.app = limits.WsgiLimiter(TEST_LIMITS) + + def _request_data(self, verb, path): + """Get data decribing a limit request verb/path.""" + return json.dumps({"verb": verb, "path": path}) + + def _request(self, verb, url, username=None): + """Make sure that POSTing to the given url causes the given username + to perform the given action. Make the internal rate limiter return + delay and make sure that the WSGI app returns the correct response. + """ + if username: + request = webob.Request.blank("/%s" % username) + else: + request = webob.Request.blank("/") + + request.method = "POST" + request.body = self._request_data(verb, url) + response = request.get_response(self.app) + + if "X-Wait-Seconds" in response.headers: + self.assertEqual(response.status_int, 403) + return response.headers["X-Wait-Seconds"] + + self.assertEqual(response.status_int, 204) + + def test_invalid_methods(self): + """Only POSTs should work.""" + requests = [] + for method in ["GET", "PUT", "DELETE", "HEAD", "OPTIONS"]: + request = webob.Request.blank("/") + request.body = self._request_data("GET", "/something") + response = request.get_response(self.app) + self.assertEqual(response.status_int, 405) + + def test_good_url(self): + delay = self._request("GET", "/something") + self.assertEqual(delay, None) + + def test_escaping(self): + delay = self._request("GET", "/something/jump%20up") + self.assertEqual(delay, None) + + def test_response_to_delays(self): + delay = self._request("GET", "/delayed") + self.assertEqual(delay, None) + + delay = self._request("GET", "/delayed") + self.assertEqual(delay, '60.00') + + def test_response_to_delays_usernames(self): + delay = self._request("GET", "/delayed", "user1") + self.assertEqual(delay, None) + + delay = self._request("GET", "/delayed", "user2") + self.assertEqual(delay, None) + + delay = self._request("GET", "/delayed", "user1") + self.assertEqual(delay, '60.00') + + delay = self._request("GET", "/delayed", "user2") + self.assertEqual(delay, '60.00') + + +class FakeHttplibSocket(object): + """ + Fake `httplib.HTTPResponse` replacement. + """ + + def __init__(self, response_string): + """Initialize new `FakeHttplibSocket`.""" + self._buffer = StringIO.StringIO(response_string) + + def makefile(self, _mode, _other): + """Returns the socket's internal buffer.""" + return self._buffer + + +class FakeHttplibConnection(object): + """ + Fake `httplib.HTTPConnection`. + """ + + def __init__(self, app, host): + """ + Initialize `FakeHttplibConnection`. + """ + self.app = app + self.host = host + + def request(self, method, path, body="", headers={}): + """ + Requests made via this connection actually get translated and routed + into our WSGI app, we then wait for the response and turn it back into + an `httplib.HTTPResponse`. + """ + req = webob.Request.blank(path) + req.method = method + req.headers = headers + req.host = self.host + req.body = body + + resp = str(req.get_response(self.app)) + resp = "HTTP/1.0 %s" % resp + sock = FakeHttplibSocket(resp) + self.http_response = httplib.HTTPResponse(sock) + self.http_response.begin() + + def getresponse(self): + """Return our generated response from the request.""" + return self.http_response + + +def wire_HTTPConnection_to_WSGI(host, app): + """Monkeypatches HTTPConnection so that if you try to connect to host, you + are instead routed straight to the given WSGI app. + + After calling this method, when any code calls + + httplib.HTTPConnection(host) + + the connection object will be a fake. Its requests will be sent directly + to the given WSGI app rather than through a socket. + + Code connecting to hosts other than host will not be affected. + + This method may be called multiple times to map different hosts to + different apps. + """ + class HTTPConnectionDecorator(object): + """Wraps the real HTTPConnection class so that when you instantiate + the class you might instead get a fake instance.""" + + def __init__(self, wrapped): + self.wrapped = wrapped + + def __call__(self, connection_host, *args, **kwargs): + if connection_host == host: + return FakeHttplibConnection(app, host) + else: + return self.wrapped(connection_host, *args, **kwargs) + + httplib.HTTPConnection = HTTPConnectionDecorator(httplib.HTTPConnection) + + +class WsgiLimiterProxyTest(BaseLimitTestSuite): + """ + Tests for the `limits.WsgiLimiterProxy` class. + """ + + def setUp(self): + """ + Do some nifty HTTP/WSGI magic which allows for WSGI to be called + directly by something like the `httplib` library. + """ + BaseLimitTestSuite.setUp(self) + self.app = limits.WsgiLimiter(TEST_LIMITS) + wire_HTTPConnection_to_WSGI("169.254.0.1:80", self.app) + self.proxy = limits.WsgiLimiterProxy("169.254.0.1:80") + + def test_200(self): + """Successful request test.""" + delay = self.proxy.check_for_delay("GET", "/anything") + self.assertEqual(delay, (None, None)) + + def test_403(self): + """Forbidden request test.""" + delay = self.proxy.check_for_delay("GET", "/delayed") + self.assertEqual(delay, (None, None)) + + delay, error = self.proxy.check_for_delay("GET", "/delayed") + error = error.strip() + + expected = ("60.00", "403 Forbidden\n\nOnly 1 GET request(s) can be "\ + "made to /delayed every minute.") + + self.assertEqual((delay, error), expected) diff --git a/nova/tests/api/openstack/test_ratelimiting.py b/nova/tests/api/openstack/test_ratelimiting.py deleted file mode 100644 index 9ae90ee20..000000000 --- a/nova/tests/api/openstack/test_ratelimiting.py +++ /dev/null @@ -1,243 +0,0 @@ -import httplib -import StringIO -import time -import webob - -from nova import test -import nova.api.openstack.ratelimiting as ratelimiting - - -class LimiterTest(test.TestCase): - - def setUp(self): - super(LimiterTest, self).setUp() - self.limits = { - 'a': (5, ratelimiting.PER_SECOND), - 'b': (5, ratelimiting.PER_MINUTE), - 'c': (5, ratelimiting.PER_HOUR), - 'd': (1, ratelimiting.PER_SECOND), - 'e': (100, ratelimiting.PER_SECOND)} - self.rl = ratelimiting.Limiter(self.limits) - - def exhaust(self, action, times_until_exhausted, **kwargs): - for i in range(times_until_exhausted): - when = self.rl.perform(action, **kwargs) - self.assertEqual(when, None) - num, period = self.limits[action] - delay = period * 1.0 / num - # Verify that we are now thoroughly delayed - for i in range(10): - when = self.rl.perform(action, **kwargs) - self.assertAlmostEqual(when, delay, 2) - - def test_second(self): - self.exhaust('a', 5) - time.sleep(0.2) - self.exhaust('a', 1) - time.sleep(1) - self.exhaust('a', 5) - - def test_minute(self): - self.exhaust('b', 5) - - def test_one_per_period(self): - def allow_once_and_deny_once(): - when = self.rl.perform('d') - self.assertEqual(when, None) - when = self.rl.perform('d') - self.assertAlmostEqual(when, 1, 2) - return when - time.sleep(allow_once_and_deny_once()) - time.sleep(allow_once_and_deny_once()) - allow_once_and_deny_once() - - def test_we_can_go_indefinitely_if_we_spread_out_requests(self): - for i in range(200): - when = self.rl.perform('e') - self.assertEqual(when, None) - time.sleep(0.01) - - def test_users_get_separate_buckets(self): - self.exhaust('c', 5, username='alice') - self.exhaust('c', 5, username='bob') - self.exhaust('c', 5, username='chuck') - self.exhaust('c', 0, username='chuck') - self.exhaust('c', 0, username='bob') - self.exhaust('c', 0, username='alice') - - -class FakeLimiter(object): - """Fake Limiter class that you can tell how to behave.""" - - def __init__(self, test): - self._action = self._username = self._delay = None - self.test = test - - def mock(self, action, username, delay): - self._action = action - self._username = username - self._delay = delay - - def perform(self, action, username): - self.test.assertEqual(action, self._action) - self.test.assertEqual(username, self._username) - return self._delay - - -class WSGIAppTest(test.TestCase): - - def setUp(self): - super(WSGIAppTest, self).setUp() - self.limiter = FakeLimiter(self) - self.app = ratelimiting.WSGIApp(self.limiter) - - def test_invalid_methods(self): - requests = [] - for method in ['GET', 'PUT', 'DELETE']: - req = webob.Request.blank('/limits/michael/breakdance', - dict(REQUEST_METHOD=method)) - requests.append(req) - for req in requests: - self.assertEqual(req.get_response(self.app).status_int, 405) - - def test_invalid_urls(self): - requests = [] - for prefix in ['limit', '', 'limiter2', 'limiter/limits', 'limiter/1']: - req = webob.Request.blank('/%s/michael/breakdance' % prefix, - dict(REQUEST_METHOD='POST')) - requests.append(req) - for req in requests: - self.assertEqual(req.get_response(self.app).status_int, 404) - - def verify(self, url, username, action, delay=None): - """Make sure that POSTing to the given url causes the given username - to perform the given action. Make the internal rate limiter return - delay and make sure that the WSGI app returns the correct response. - """ - req = webob.Request.blank(url, dict(REQUEST_METHOD='POST')) - self.limiter.mock(action, username, delay) - resp = req.get_response(self.app) - if not delay: - self.assertEqual(resp.status_int, 200) - else: - self.assertEqual(resp.status_int, 403) - self.assertEqual(resp.headers['X-Wait-Seconds'], "%.2f" % delay) - - def test_good_urls(self): - self.verify('/limiter/michael/hoot', 'michael', 'hoot') - - def test_escaping(self): - self.verify('/limiter/michael/jump%20up', 'michael', 'jump up') - - def test_response_to_delays(self): - self.verify('/limiter/michael/hoot', 'michael', 'hoot', 1) - self.verify('/limiter/michael/hoot', 'michael', 'hoot', 1.56) - self.verify('/limiter/michael/hoot', 'michael', 'hoot', 1000) - - -class FakeHttplibSocket(object): - """a fake socket implementation for httplib.HTTPResponse, trivial""" - - def __init__(self, response_string): - self._buffer = StringIO.StringIO(response_string) - - def makefile(self, _mode, _other): - """Returns the socket's internal buffer""" - return self._buffer - - -class FakeHttplibConnection(object): - """A fake httplib.HTTPConnection - - Requests made via this connection actually get translated and routed into - our WSGI app, we then wait for the response and turn it back into - an httplib.HTTPResponse. - """ - def __init__(self, app, host, is_secure=False): - self.app = app - self.host = host - - def request(self, method, path, data='', headers={}): - req = webob.Request.blank(path) - req.method = method - req.body = data - req.headers = headers - req.host = self.host - # Call the WSGI app, get the HTTP response - resp = str(req.get_response(self.app)) - # For some reason, the response doesn't have "HTTP/1.0 " prepended; I - # guess that's a function the web server usually provides. - resp = "HTTP/1.0 %s" % resp - sock = FakeHttplibSocket(resp) - self.http_response = httplib.HTTPResponse(sock) - self.http_response.begin() - - def getresponse(self): - return self.http_response - - -def wire_HTTPConnection_to_WSGI(host, app): - """Monkeypatches HTTPConnection so that if you try to connect to host, you - are instead routed straight to the given WSGI app. - - After calling this method, when any code calls - - httplib.HTTPConnection(host) - - the connection object will be a fake. Its requests will be sent directly - to the given WSGI app rather than through a socket. - - Code connecting to hosts other than host will not be affected. - - This method may be called multiple times to map different hosts to - different apps. - """ - class HTTPConnectionDecorator(object): - """Wraps the real HTTPConnection class so that when you instantiate - the class you might instead get a fake instance.""" - - def __init__(self, wrapped): - self.wrapped = wrapped - - def __call__(self, connection_host, *args, **kwargs): - if connection_host == host: - return FakeHttplibConnection(app, host) - else: - return self.wrapped(connection_host, *args, **kwargs) - - httplib.HTTPConnection = HTTPConnectionDecorator(httplib.HTTPConnection) - - -class WSGIAppProxyTest(test.TestCase): - - def setUp(self): - """Our WSGIAppProxy is going to call across an HTTPConnection to a - WSGIApp running a limiter. The proxy will send input, and the proxy - should receive that same input, pass it to the limiter who gives a - result, and send the expected result back. - - The HTTPConnection isn't real -- it's monkeypatched to point straight - at the WSGIApp. And the limiter isn't real -- it's a fake that - behaves the way we tell it to. - """ - super(WSGIAppProxyTest, self).setUp() - self.limiter = FakeLimiter(self) - app = ratelimiting.WSGIApp(self.limiter) - wire_HTTPConnection_to_WSGI('100.100.100.100:80', app) - self.proxy = ratelimiting.WSGIAppProxy('100.100.100.100:80') - - def test_200(self): - self.limiter.mock('conquer', 'caesar', None) - when = self.proxy.perform('conquer', 'caesar') - self.assertEqual(when, None) - - def test_403(self): - self.limiter.mock('grumble', 'proletariat', 1.5) - when = self.proxy.perform('grumble', 'proletariat') - self.assertEqual(when, 1.5) - - def test_failure(self): - def shouldRaise(): - self.limiter.mock('murder', 'brutus', None) - self.proxy.perform('stab', 'brutus') - self.assertRaises(AssertionError, shouldRaise) diff --git a/nova/tests/api/openstack/test_users.py b/nova/tests/api/openstack/test_users.py index 2dda4319b..effb2f592 100644 --- a/nova/tests/api/openstack/test_users.py +++ b/nova/tests/api/openstack/test_users.py @@ -18,11 +18,10 @@ import json import stubout import webob -import nova.api -import nova.api.openstack.auth -from nova import context from nova import flags from nova import test +from nova import utils +from nova.api.openstack import users from nova.auth.manager import User, Project from nova.tests.api.openstack import fakes @@ -43,14 +42,14 @@ class UsersTest(test.TestCase): def setUp(self): super(UsersTest, self).setUp() self.stubs = stubout.StubOutForTesting() - self.stubs.Set(nova.api.openstack.users.Controller, '__init__', + self.stubs.Set(users.Controller, '__init__', fake_init) - self.stubs.Set(nova.api.openstack.users.Controller, '_check_admin', + self.stubs.Set(users.Controller, '_check_admin', fake_admin_check) - fakes.FakeAuthManager.auth_data = {} + fakes.FakeAuthManager.clear_fakes() fakes.FakeAuthManager.projects = dict(testacct=Project('testacct', 'testacct', - 'guy1', + 'id1', 'test', [])) fakes.FakeAuthDatabase.data = {} @@ -61,10 +60,8 @@ class UsersTest(test.TestCase): self.allow_admin = FLAGS.allow_admin_api FLAGS.allow_admin_api = True fakemgr = fakes.FakeAuthManager() - fakemgr.add_user('acc1', User('guy1', 'guy1', 'acc1', - 'fortytwo!', False)) - fakemgr.add_user('acc2', User('guy2', 'guy2', 'acc2', - 'swordfish', True)) + fakemgr.add_user(User('id1', 'guy1', 'acc1', 'secret1', False)) + fakemgr.add_user(User('id2', 'guy2', 'acc2', 'secret2', True)) def tearDown(self): self.stubs.UnsetAll() @@ -80,28 +77,44 @@ class UsersTest(test.TestCase): self.assertEqual(len(res_dict['users']), 2) def test_get_user_by_id(self): - req = webob.Request.blank('/v1.0/users/guy2') + req = webob.Request.blank('/v1.0/users/id2') res = req.get_response(fakes.wsgi_app()) res_dict = json.loads(res.body) - self.assertEqual(res_dict['user']['id'], 'guy2') + self.assertEqual(res_dict['user']['id'], 'id2') self.assertEqual(res_dict['user']['name'], 'guy2') - self.assertEqual(res_dict['user']['secret'], 'swordfish') + self.assertEqual(res_dict['user']['secret'], 'secret2') self.assertEqual(res_dict['user']['admin'], True) self.assertEqual(res.status_int, 200) def test_user_delete(self): - req = webob.Request.blank('/v1.0/users/guy1') + # Check the user exists + req = webob.Request.blank('/v1.0/users/id1') + res = req.get_response(fakes.wsgi_app()) + res_dict = json.loads(res.body) + + self.assertEqual(res_dict['user']['id'], 'id1') + self.assertEqual(res.status_int, 200) + + # Delete the user + req = webob.Request.blank('/v1.0/users/id1') req.method = 'DELETE' res = req.get_response(fakes.wsgi_app()) - self.assertTrue('guy1' not in [u.id for u in - fakes.FakeAuthManager.auth_data.values()]) + self.assertTrue('id1' not in [u.id for u in + fakes.FakeAuthManager.auth_data]) self.assertEqual(res.status_int, 200) + # Check the user is not returned (and returns 404) + req = webob.Request.blank('/v1.0/users/id1') + res = req.get_response(fakes.wsgi_app()) + res_dict = json.loads(res.body) + self.assertEqual(res.status_int, 404) + def test_user_create(self): + secret = utils.generate_password() body = dict(user=dict(name='test_guy', access='acc3', - secret='invasionIsInNormandy', + secret=secret, admin=True)) req = webob.Request.blank('/v1.0/users') req.headers["Content-Type"] = "application/json" @@ -112,20 +125,25 @@ class UsersTest(test.TestCase): res_dict = json.loads(res.body) self.assertEqual(res.status_int, 200) + + # NOTE(justinsb): This is a questionable assertion in general + # fake sets id=name, but others might not... self.assertEqual(res_dict['user']['id'], 'test_guy') + self.assertEqual(res_dict['user']['name'], 'test_guy') self.assertEqual(res_dict['user']['access'], 'acc3') - self.assertEqual(res_dict['user']['secret'], 'invasionIsInNormandy') + self.assertEqual(res_dict['user']['secret'], secret) self.assertEqual(res_dict['user']['admin'], True) self.assertTrue('test_guy' in [u.id for u in - fakes.FakeAuthManager.auth_data.values()]) - self.assertEqual(len(fakes.FakeAuthManager.auth_data.values()), 3) + fakes.FakeAuthManager.auth_data]) + self.assertEqual(len(fakes.FakeAuthManager.auth_data), 3) def test_user_update(self): + new_secret = utils.generate_password() body = dict(user=dict(name='guy2', access='acc2', - secret='invasionIsInNormandy')) - req = webob.Request.blank('/v1.0/users/guy2') + secret=new_secret)) + req = webob.Request.blank('/v1.0/users/id2') req.headers["Content-Type"] = "application/json" req.method = 'PUT' req.body = json.dumps(body) @@ -134,8 +152,8 @@ class UsersTest(test.TestCase): res_dict = json.loads(res.body) self.assertEqual(res.status_int, 200) - self.assertEqual(res_dict['user']['id'], 'guy2') + self.assertEqual(res_dict['user']['id'], 'id2') self.assertEqual(res_dict['user']['name'], 'guy2') self.assertEqual(res_dict['user']['access'], 'acc2') - self.assertEqual(res_dict['user']['secret'], 'invasionIsInNormandy') + self.assertEqual(res_dict['user']['secret'], new_secret) self.assertEqual(res_dict['user']['admin'], True) diff --git a/nova/tests/api/test_wsgi.py b/nova/tests/api/test_wsgi.py index b1a849cf9..1ecdd1cfb 100644 --- a/nova/tests/api/test_wsgi.py +++ b/nova/tests/api/test_wsgi.py @@ -80,7 +80,7 @@ class ControllerTest(test.TestCase): "attributes": { "test": ["id"]}}} - def show(self, req, id): # pylint: disable-msg=W0622,C0103 + def show(self, req, id): # pylint: disable=W0622,C0103 return {"test": {"id": id}} def __init__(self): diff --git a/nova/tests/hyperv_unittest.py b/nova/tests/hyperv_unittest.py index 3980ae3cb..042819b9c 100644 --- a/nova/tests/hyperv_unittest.py +++ b/nova/tests/hyperv_unittest.py @@ -51,7 +51,7 @@ class HyperVTestCase(test.TestCase): instance_ref = db.instance_create(self.context, instance) conn = hyperv.get_connection(False) - conn._create_vm(instance_ref) # pylint: disable-msg=W0212 + conn._create_vm(instance_ref) # pylint: disable=W0212 found = [n for n in conn.list_instances() if n == instance_ref['name']] self.assertTrue(len(found) == 1) diff --git a/nova/tests/objectstore_unittest.py b/nova/tests/objectstore_unittest.py index 5a1be08eb..4e2ac205e 100644 --- a/nova/tests/objectstore_unittest.py +++ b/nova/tests/objectstore_unittest.py @@ -179,7 +179,7 @@ class ObjectStoreTestCase(test.TestCase): class TestHTTPChannel(http.HTTPChannel): """Dummy site required for twisted.web""" - def checkPersistence(self, _, __): # pylint: disable-msg=C0103 + def checkPersistence(self, _, __): # pylint: disable=C0103 """Otherwise we end up with an unclean reactor.""" return False @@ -209,10 +209,10 @@ class S3APITestCase(test.TestCase): root = S3() self.site = TestSite(root) - # pylint: disable-msg=E1101 + # pylint: disable=E1101 self.listening_port = reactor.listenTCP(0, self.site, interface='127.0.0.1') - # pylint: enable-msg=E1101 + # pylint: enable=E1101 self.tcp_port = self.listening_port.getHost().port if not boto.config.has_section('Boto'): @@ -231,11 +231,11 @@ class S3APITestCase(test.TestCase): self.conn.get_http_connection = get_http_connection - def _ensure_no_buckets(self, buckets): # pylint: disable-msg=C0111 + def _ensure_no_buckets(self, buckets): # pylint: disable=C0111 self.assertEquals(len(buckets), 0, "Bucket list was not empty") return True - def _ensure_one_bucket(self, buckets, name): # pylint: disable-msg=C0111 + def _ensure_one_bucket(self, buckets, name): # pylint: disable=C0111 self.assertEquals(len(buckets), 1, "Bucket list didn't have exactly one element in it") self.assertEquals(buckets[0].name, name, "Wrong name") diff --git a/nova/tests/test_api.py b/nova/tests/test_api.py index d5c54a1c3..fa0e56597 100644 --- a/nova/tests/test_api.py +++ b/nova/tests/test_api.py @@ -20,6 +20,7 @@ import boto from boto.ec2 import regioninfo +from boto.exception import EC2ResponseError import datetime import httplib import random @@ -124,7 +125,7 @@ class ApiEc2TestCase(test.TestCase): self.mox.StubOutWithMock(self.ec2, 'new_http_connection') self.http = FakeHttplibConnection( self.app, '%s:8773' % (self.host), False) - # pylint: disable-msg=E1103 + # pylint: disable=E1103 self.ec2.new_http_connection(host, is_secure).AndReturn(self.http) return self.http @@ -177,6 +178,17 @@ class ApiEc2TestCase(test.TestCase): self.manager.delete_project(project) self.manager.delete_user(user) + def test_terminate_invalid_instance(self): + """Attempt to terminate an invalid instance""" + self.expect_http() + self.mox.ReplayAll() + user = self.manager.create_user('fake', 'fake', 'fake') + project = self.manager.create_project('fake', 'fake', 'fake') + self.assertRaises(EC2ResponseError, self.ec2.terminate_instances, + "i-00000005") + self.manager.delete_project(project) + self.manager.delete_user(user) + def test_get_all_key_pairs(self): """Test that, after creating a user and project and generating a key pair, that the API call to list key pairs works properly""" diff --git a/nova/tests/test_middleware.py b/nova/tests/test_middleware.py index 9d49167ba..6564a6955 100644 --- a/nova/tests/test_middleware.py +++ b/nova/tests/test_middleware.py @@ -40,12 +40,12 @@ def conditional_forbid(req): class LockoutTestCase(test.TestCase): """Test case for the Lockout middleware.""" - def setUp(self): # pylint: disable-msg=C0103 + def setUp(self): # pylint: disable=C0103 super(LockoutTestCase, self).setUp() utils.set_time_override() self.lockout = ec2.Lockout(conditional_forbid) - def tearDown(self): # pylint: disable-msg=C0103 + def tearDown(self): # pylint: disable=C0103 utils.clear_time_override() super(LockoutTestCase, self).tearDown() diff --git a/po/nova.pot b/po/nova.pot index ce88d731b..58140302d 100644 --- a/po/nova.pot +++ b/po/nova.pot @@ -300,7 +300,7 @@ msgstr "" msgid "instance %s: starting..." msgstr "" -#. pylint: disable-msg=W0702 +#. pylint: disable=W0702 #: ../nova/compute/manager.py:219 #, python-format msgid "instance %s: Failed to spawn" @@ -440,7 +440,7 @@ msgid "" "instance %(instance_id)s: attaching volume %(volume_id)s to %(mountpoint)s" msgstr "" -#. pylint: disable-msg=W0702 +#. pylint: disable=W0702 #. NOTE(vish): The inline callback eats the exception info so we #. log the traceback here and reraise the same #. ecxception below. @@ -591,7 +591,7 @@ msgstr "" msgid "Starting Bridge interface for %s" msgstr "" -#. pylint: disable-msg=W0703 +#. pylint: disable=W0703 #: ../nova/network/linux_net.py:314 #, python-format msgid "Hupping dnsmasq threw %s" @@ -602,7 +602,7 @@ msgstr "" msgid "Pid %d is stale, relaunching dnsmasq" msgstr "" -#. pylint: disable-msg=W0703 +#. pylint: disable=W0703 #: ../nova/network/linux_net.py:358 #, python-format msgid "killing radvd threw %s" @@ -613,7 +613,7 @@ msgstr "" msgid "Pid %d is stale, relaunching radvd" msgstr "" -#. pylint: disable-msg=W0703 +#. pylint: disable=W0703 #: ../nova/network/linux_net.py:449 #, python-format msgid "Killing dnsmasq threw %s" diff --git a/smoketests/sysadmin_smoketests.py b/smoketests/sysadmin_smoketests.py index e3b84d3d3..2bfc1ac88 100644 --- a/smoketests/sysadmin_smoketests.py +++ b/smoketests/sysadmin_smoketests.py @@ -34,8 +34,6 @@ if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')): from smoketests import flags from smoketests import base - - FLAGS = flags.FLAGS flags.DEFINE_string('bundle_kernel', 'openwrt-x86-vmlinuz', 'Local kernel file to use for bundling tests') @@ -46,6 +44,8 @@ TEST_PREFIX = 'test%s' % int(random.random() * 1000000) TEST_BUCKET = '%s_bucket' % TEST_PREFIX TEST_KEY = '%s_key' % TEST_PREFIX TEST_GROUP = '%s_group' % TEST_PREFIX + + class ImageTests(base.UserSmokeTestCase): def test_001_can_bundle_image(self): self.assertTrue(self.bundle_image(FLAGS.bundle_image)) @@ -148,7 +148,8 @@ class InstanceTests(base.UserSmokeTestCase): self.fail('could not ping instance') if FLAGS.use_ipv6: - if not self.wait_for_ping(self.data['instance'].ip_v6, "ping6"): + if not self.wait_for_ping(self.data['instance'].dns_name_v6, + "ping6"): self.fail('could not ping instance v6') def test_005_can_ssh_to_private_ip(self): @@ -157,7 +158,7 @@ class InstanceTests(base.UserSmokeTestCase): self.fail('could not ssh to instance') if FLAGS.use_ipv6: - if not self.wait_for_ssh(self.data['instance'].ip_v6, + if not self.wait_for_ssh(self.data['instance'].dns_name_v6, TEST_KEY): self.fail('could not ssh to instance v6') @@ -284,10 +285,8 @@ class VolumeTests(base.UserSmokeTestCase): self.conn.terminate_instances([self.data['instance'].id]) self.conn.delete_key_pair(TEST_KEY) - if __name__ == "__main__": suites = {'image': unittest.makeSuite(ImageTests), 'instance': unittest.makeSuite(InstanceTests), - 'volume': unittest.makeSuite(VolumeTests) - } + 'volume': unittest.makeSuite(VolumeTests)} sys.exit(base.run_tests(suites)) diff --git a/tools/euca-get-ajax-console b/tools/euca-get-ajax-console index e407dd566..3df3dcb53 100755 --- a/tools/euca-get-ajax-console +++ b/tools/euca-get-ajax-console @@ -1,5 +1,5 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 +# pylint: disable=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the |