diff options
| author | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-11-30 17:03:25 -0800 |
|---|---|---|
| committer | Vishvananda Ishaya <vishvananda@gmail.com> | 2012-12-10 18:04:32 -0800 |
| commit | a2101c4e7017715af0a29675b89e14ee2884bd89 (patch) | |
| tree | a1e71cf5ba4af4eb175835ec98bf22be775f4324 /nova/tests | |
| parent | 255692feea3eee12bfc763f75fc8f3dabdbe9ba5 (diff) | |
Allows an instance to post encrypted password
Exposes a new url in openstack metadata with two methods:
GET 169.254.169.254/openstack/latest/password # get password
POST 169.254.169.254/openstack/latest/password # post password
The password can only be set once and will be stored in an
instance_system_metadata value with the key 'password'
Part of blueprint get-password
Change-Id: I4bbee8326a09fe38d6393e9e70f009daae0c6ece
Diffstat (limited to 'nova/tests')
| -rw-r--r-- | nova/tests/test_metadata.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/nova/tests/test_metadata.py b/nova/tests/test_metadata.py index d72bf57f5..39c84c1d8 100644 --- a/nova/tests/test_metadata.py +++ b/nova/tests/test_metadata.py @@ -27,6 +27,7 @@ import webob from nova.api.metadata import base from nova.api.metadata import handler +from nova.api.metadata import password from nova import block_device from nova import db from nova.db.sqlalchemy import api @@ -319,6 +320,14 @@ class OpenStackMetadataTestCase(test.TestCase): for key, val in extra.iteritems(): self.assertEqual(mddict[key], val) + def test_password(self): + # make sure extra_md makes it through to metadata + inst = copy(self.instance) + mdinst = fake_InstanceMetadata(self.stubs, inst) + + result = mdinst.lookup("/openstack/latest/password") + self.assertEqual(result, password.handle_password) + def test_userdata(self): inst = copy(self.instance) mdinst = fake_InstanceMetadata(self.stubs, inst) @@ -351,6 +360,20 @@ class MetadataHandlerTestCase(test.TestCase): self.mdinst = fake_InstanceMetadata(self.stubs, self.instance, address=None, sgroups=None) + def test_callable(self): + + def verify(req, meta_data): + self.assertTrue(isinstance(meta_data, CallableMD)) + return "foo" + + class CallableMD(object): + def lookup(self, path_info): + return verify + + response = fake_request(self.stubs, CallableMD(), "/bar") + self.assertEqual(response.status_int, 200) + self.assertEqual(response.body, "foo") + def test_root(self): expected = "\n".join(base.VERSIONS) + "\nlatest" response = fake_request(self.stubs, self.mdinst, "/") @@ -469,3 +492,47 @@ class MetadataHandlerTestCase(test.TestCase): '8387b96cbc5bd2474665192d2ec28' '8ffb67'}) self.assertEqual(response.status_int, 500) + + +class MetadataPasswordTestCase(test.TestCase): + def setUp(self): + super(MetadataPasswordTestCase, self).setUp() + fake_network.stub_out_nw_api_get_instance_nw_info(self.stubs, + spectacular=True) + self.instance = copy(INSTANCES[0]) + self.mdinst = fake_InstanceMetadata(self.stubs, self.instance, + address=None, sgroups=None) + + def test_get_password(self): + request = webob.Request.blank('') + self.mdinst.password = 'foo' + result = password.handle_password(request, self.mdinst) + self.assertEqual(result, 'foo') + + def test_bad_method(self): + request = webob.Request.blank('') + request.method = 'PUT' + self.assertRaises(webob.exc.HTTPBadRequest, + password.handle_password, request, self.mdinst) + + def _try_set_password(self, val='bar'): + request = webob.Request.blank('') + request.method = 'POST' + request.body = val + self.stubs.Set(db, 'instance_system_metadata_update', + lambda *a, **kw: None) + password.handle_password(request, self.mdinst) + + def test_set_password(self): + self.mdinst.password = '' + self._try_set_password() + + def test_conflict(self): + self.mdinst.password = 'foo' + self.assertRaises(webob.exc.HTTPConflict, + self._try_set_password) + + def test_too_large(self): + self.mdinst.password = '' + self.assertRaises(webob.exc.HTTPBadRequest, + self._try_set_password, 'a' * 257) |