summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLiam Young <liam.young@canonical.com>2017-12-12 15:50:09 +0000
committerLiam Young <liam.young@canonical.com>2017-12-12 15:50:09 +0000
commit6ea5e98786cf144d2bb92c0edebcfa10bb938e6a (patch)
treea7aba004d64ce72e5127ae3d7bd8a7c6456a68ce
parent9a883e7dad281490514904c556fbb2dc2336c13c (diff)
Add unit tests to cover permissions requests
Add unit tests to increase coverage of permissions requests from broker. This is a prerequisite for work to add object prefix permissions. Sort permissions list to ensure permissions string does keep changing when running under py3. Change-Id: Ib7f9f59d157edbd223e848e7e2fde2e27556f079
Notes
Notes (review): Code-Review+2: Chris MacNaughton <chris.macnaughton@canonical.com> Workflow+1: Chris MacNaughton <chris.macnaughton@canonical.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 13 Dec 2017 09:42:11 +0000 Reviewed-on: https://review.openstack.org/527442 Project: openstack/charms.ceph Branch: refs/heads/master
-rw-r--r--ceph/broker.py2
-rw-r--r--unit_tests/test_broker.py148
2 files changed, 149 insertions, 1 deletions
diff --git a/ceph/broker.py b/ceph/broker.py
index 95ee779..cb1968d 100644
--- a/ceph/broker.py
+++ b/ceph/broker.py
@@ -233,7 +233,7 @@ def pool_permission_list_for_service(service):
233 """Build the permission string for Ceph for a given service""" 233 """Build the permission string for Ceph for a given service"""
234 permissions = [] 234 permissions = []
235 permission_types = collections.OrderedDict() 235 permission_types = collections.OrderedDict()
236 for permission, group in service["group_names"].items(): 236 for permission, group in sorted(service["group_names"].items()):
237 if permission not in permission_types: 237 if permission not in permission_types:
238 permission_types[permission] = [] 238 permission_types[permission] = []
239 for item in group: 239 for item in group:
diff --git a/unit_tests/test_broker.py b/unit_tests/test_broker.py
index c37ee93..9e78b5a 100644
--- a/unit_tests/test_broker.py
+++ b/unit_tests/test_broker.py
@@ -111,6 +111,29 @@ class CephBrokerTestCase(unittest.TestCase):
111 'osd', 111 'osd',
112 'allow rwx pool=glance']) 112 'allow rwx pool=glance'])
113 113
114 def test_pool_permission_list_for_service_multi(self):
115 service = {
116 'group_names': {'rwx': ['images', 'group1'], 'r': ['group2']},
117 'groups': {
118 'images': {
119 'pools': ['glance'],
120 'services': ['nova']},
121 'group1': {
122 'pools': ['p1'],
123 'services': ['svc1']},
124 'group2': {
125 'pools': ['p2'],
126 'services': ['svc2']}}
127 }
128 result = ceph.broker.pool_permission_list_for_service(service)
129 self.assertEqual(
130 result,
131 [
132 'mon',
133 'allow r',
134 'osd',
135 'allow r pool=p2, allow rwx pool=glance, allow rwx pool=p1'])
136
114 @patch.object(ceph.broker, 'monitor_key_set') 137 @patch.object(ceph.broker, 'monitor_key_set')
115 def test_save_service(self, _monitor_key_set): 138 def test_save_service(self, _monitor_key_set):
116 service = { 139 service = {
@@ -383,3 +406,128 @@ class CephBrokerTestCase(unittest.TestCase):
383 self.assertEqual(json.loads(rc)['stderr'], 406 self.assertEqual(json.loads(rc)['stderr'],
384 "Missing or invalid api version (0)") 407 "Missing or invalid api version (0)")
385 self.assertEqual(json.loads(rc)['request-id'], '1ef5aede') 408 self.assertEqual(json.loads(rc)['request-id'], '1ef5aede')
409
410 @patch.object(ceph.broker, 'handle_add_permissions_to_key')
411 @patch.object(ceph.broker, 'log')
412 def test_process_requests_add_perms(self, mock_log,
413 mock_handle_add_permissions_to_key):
414 request = {
415 "api-version": 1,
416 "request-id": "0155c14b",
417 "ops": [
418 {
419 "namespace": None,
420 "group-permission": "rwx",
421 "group": "images",
422 "name": "glance",
423 "op": "add-permissions-to-key"
424 }
425 ]
426 }
427 reqs = json.dumps(request)
428 rc = ceph.broker.process_requests(reqs)
429 mock_handle_add_permissions_to_key.assert_called_once_with(
430 request={
431 u'namespace': None,
432 u'group-permission': u'rwx',
433 u'group': u'images',
434 u'name': u'glance',
435 u'op': u'add-permissions-to-key'},
436 service='admin')
437 self.assertEqual(
438 json.loads(rc),
439 {'exit-code': 0, u'request-id': u'0155c14b'})
440
441 @patch.object(ceph.broker, 'handle_add_permissions_to_key')
442 @patch.object(ceph.broker, 'log')
443 def test_process_requests_add_multi_perms(self, mock_log,
444 mock_handle_add_perms_to_key):
445 request = {
446 "api-version": 1,
447 "request-id": "0155c14b",
448 "ops": [
449 {
450 "namespace": None,
451 "group-permission": "rwx",
452 "group": "images",
453 "name": "glance",
454 "op": "add-permissions-to-key"
455 },
456 {
457 "namespace": None,
458 "group-permission": "r",
459 "group": "volumes",
460 "name": "cinder",
461 "op": "add-permissions-to-key"
462 }
463 ]
464 }
465 reqs = json.dumps(request)
466 rc = ceph.broker.process_requests(reqs)
467 call1 = call(
468 request={
469 u'namespace': None,
470 u'group-permission': u'rwx',
471 u'group': u'images',
472 u'name': u'glance',
473 u'op': u'add-permissions-to-key'},
474 service='admin')
475 call2 = call(
476 request={
477 u'namespace': None,
478 u'group-permission': u'r',
479 u'group': u'volumes',
480 u'name': u'cinder',
481 u'op': u'add-permissions-to-key'},
482 service='admin')
483 mock_handle_add_perms_to_key.assert_has_calls([call1, call2])
484 self.assertEqual(
485 json.loads(rc),
486 {'exit-code': 0, u'request-id': u'0155c14b'})
487
488 @patch.object(ceph.broker, 'save_service')
489 @patch.object(ceph.broker, 'save_group')
490 @patch.object(ceph.broker, 'monitor_key_get')
491 @patch.object(ceph.broker, 'update_service_permissions')
492 def test_handle_add_permissions_to_key(self,
493 mock_update_service_permissions,
494 mock_monitor_key_get,
495 mock_save_group,
496 mock_save_service):
497 mkey = {
498 'cephx.services.glance': ('{"groups": {}, '
499 '"group_names": {"rwx": ["images"]}}'),
500 'cephx.groups.images': ('{"services": ["glance", "cinder-ceph", '
501 '"nova-compute"], "pools": ["glance"]}')}
502 mock_monitor_key_get.side_effect = lambda service, key: mkey[key]
503 expect_service_name = u'glance'
504 expected_group = {
505 u'services': [
506 u'glance',
507 u'cinder-ceph',
508 u'nova-compute'],
509 u'pools': [u'glance']}
510 expect_service_obj = {
511 u'groups': {
512 u'images': expected_group},
513 u'group_names': {
514 u'rwx': [u'images']}}
515 expect_group_namespace = None
516 ceph.broker.handle_add_permissions_to_key(
517 request={
518 u'namespace': None,
519 u'group-permission': u'rwx',
520 u'group': u'images',
521 u'name': u'glance',
522 u'op': u'add-permissions-to-key'},
523 service='admin')
524 mock_save_group.assert_called_once_with(
525 group=expected_group,
526 group_name='images')
527 mock_save_service.assert_called_once_with(
528 service=expect_service_obj,
529 service_name=expect_service_name)
530 mock_update_service_permissions.assert_called_once_with(
531 expect_service_name,
532 expect_service_obj,
533 expect_group_namespace)