From 817b596bccd38f84f72e1ee73df3c3b35287c75c Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Tue, 16 Aug 2011 09:15:14 -0700 Subject: refactoring tests to not use authmanager, and now returning 403 when non admin user tries to update quotas --- nova/api/openstack/contrib/quotas.py | 4 +- nova/tests/api/openstack/contrib/test_quotas.py | 113 ++++++++++++------------ 2 files changed, 58 insertions(+), 59 deletions(-) diff --git a/nova/api/openstack/contrib/quotas.py b/nova/api/openstack/contrib/quotas.py index 5f2b54d57..f7e7b4105 100644 --- a/nova/api/openstack/contrib/quotas.py +++ b/nova/api/openstack/contrib/quotas.py @@ -15,6 +15,7 @@ # License for the specific language governing permissions and limitations # under the License. +import webob import urlparse from nova import db @@ -54,7 +55,6 @@ class QuotaSetsController(object): resources = ['metadata_items', 'injected_file_content_bytes', 'volumes', 'gigabytes', 'ram', 'floating_ips', 'instances', 'injected_files', 'cores'] - for key in body['quota_set'].keys(): if key in resources: value = int(body['quota_set'][key]) @@ -62,6 +62,8 @@ class QuotaSetsController(object): db.quota_update(context, project_id, key, value) except exception.ProjectQuotaNotFound: db.quota_create(context, project_id, key, value) + except exception.AdminRequired as e: + return webob.Response(status_int=403) return {'quota_set': quota.get_project_quotas(context, project_id)} def defaults(self, req): diff --git a/nova/tests/api/openstack/contrib/test_quotas.py b/nova/tests/api/openstack/contrib/test_quotas.py index decc76b4e..e2bd05428 100644 --- a/nova/tests/api/openstack/contrib/test_quotas.py +++ b/nova/tests/api/openstack/contrib/test_quotas.py @@ -39,39 +39,18 @@ def quota_set_list(): quota_set('update_me')]} -def create_project(project_name, manager_user): - auth_manager.AuthManager().create_project(project_name, manager_user) - - -def delete_project(project_name): - auth_manager.AuthManager().delete_project(project_name) - - -def create_admin_user(name): - auth_manager.AuthManager().create_user(name, admin=True) - - -def delete_user(name): - auth_manager.AuthManager().delete_user(name) - - class QuotaSetsTest(test.TestCase): def setUp(self): super(QuotaSetsTest, self).setUp() self.controller = QuotaSetsController() - self.context = context.get_admin_context() - - create_admin_user('foo') - create_project('1234', 'foo') - create_project('5678', 'foo') - create_project('update_me', 'foo') - - def tearDown(self): - delete_project('1234') - delete_project('5678') - delete_project('update_me') - delete_user('foo') + self.user_id = 'fake' + self.project_id = 'fake' + self.user_context = context.RequestContext(self.user_id, + self.project_id) + self.admin_context = context.RequestContext(self.user_id, + self.project_id, + is_admin=True) def test_format_quota_set(self): raw_quota_set = { @@ -83,22 +62,22 @@ class QuotaSetsTest(test.TestCase): 'floating_ips': 10, 'metadata_items': 128, 'injected_files': 5, - 'injected_file_content_bytes': 10240, - } - - quota_set = QuotaSetsController()._format_quota_set('1234', raw_quota_set) - quota_set_check = quota_set['quota_set'] - - self.assertEqual(quota_set_check['id'], '1234') - self.assertEqual(quota_set_check['instances'], 10) - self.assertEqual(quota_set_check['cores'], 20) - self.assertEqual(quota_set_check['ram'], 51200) - self.assertEqual(quota_set_check['volumes'], 10) - self.assertEqual(quota_set_check['gigabytes'], 1000) - self.assertEqual(quota_set_check['floating_ips'], 10) - self.assertEqual(quota_set_check['metadata_items'], 128) - self.assertEqual(quota_set_check['injected_files'], 5) - self.assertEqual(quota_set_check['injected_file_content_bytes'], 10240) + 'injected_file_content_bytes': 10240} + + quota_set = QuotaSetsController()._format_quota_set('1234', + raw_quota_set) + qs = quota_set['quota_set'] + + self.assertEqual(qs['id'], '1234') + self.assertEqual(qs['instances'], 10) + self.assertEqual(qs['cores'], 20) + self.assertEqual(qs['ram'], 51200) + self.assertEqual(qs['volumes'], 10) + self.assertEqual(qs['gigabytes'], 1000) + self.assertEqual(qs['floating_ips'], 10) + self.assertEqual(qs['metadata_items'], 128) + self.assertEqual(qs['injected_files'], 5) + self.assertEqual(qs['injected_file_content_bytes'], 10240) def test_quotas_defaults(self): req = webob.Request.blank('/v1.1/os-quota-sets/defaults') @@ -108,16 +87,16 @@ class QuotaSetsTest(test.TestCase): self.assertEqual(res.status_int, 200) expected = {'quota_set': { - 'id': 'defaults', - 'instances': 10, - 'cores': 20, - 'ram': 51200, - 'volumes': 10, - 'gigabytes': 1000, - 'floating_ips': 10, - 'metadata_items': 128, - 'injected_files': 5, - 'injected_file_content_bytes': 10240}} + 'id': 'defaults', + 'instances': 10, + 'cores': 20, + 'ram': 51200, + 'volumes': 10, + 'gigabytes': 1000, + 'floating_ips': 10, + 'metadata_items': 128, + 'injected_files': 5, + 'injected_file_content_bytes': 10240}} self.assertEqual(json.loads(res.body), expected) @@ -125,12 +104,13 @@ class QuotaSetsTest(test.TestCase): req = webob.Request.blank('/v1.1/os-quota-sets/1234') req.method = 'GET' req.headers['Content-Type'] = 'application/json' - res = req.get_response(fakes.wsgi_app()) + res = req.get_response(fakes.wsgi_app(fake_auth_context= + self.admin_context)) self.assertEqual(res.status_int, 200) self.assertEqual(json.loads(res.body), quota_set('1234')) - def test_quotas_update(self): + def test_quotas_update_as_admin(self): updated_quota_set = {'quota_set': {'instances': 50, 'cores': 50, 'ram': 51200, 'volumes': 10, 'gigabytes': 1000, 'floating_ips': 10, @@ -143,7 +123,24 @@ class QuotaSetsTest(test.TestCase): req.headers['Content-Type'] = 'application/json' res = req.get_response(fakes.wsgi_app(fake_auth_context= - context.RequestContext('fake', 'fake', - is_admin=True))) + self.admin_context)) self.assertEqual(json.loads(res.body), updated_quota_set) + + + def test_quotas_update_as_user(self): + updated_quota_set = {'quota_set': {'instances': 50, + 'cores': 50, 'ram': 51200, 'volumes': 10, + 'gigabytes': 1000, 'floating_ips': 10, + 'metadata_items': 128, 'injected_files': 5, + 'injected_file_content_bytes': 10240}} + + req = webob.Request.blank('/v1.1/os-quota-sets/update_me') + req.method = 'PUT' + req.body = json.dumps(updated_quota_set) + req.headers['Content-Type'] = 'application/json' + + res = req.get_response(fakes.wsgi_app(fake_auth_context= + self.user_context)) + + self.assertEqual(res.status_int, 403) -- cgit