Merge "[placement] Add functional test to verify presence of policy"
This commit is contained in:
commit
7107eff2a2
|
@ -0,0 +1,50 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
|
||||
from nova.api.openstack.placement import direct
|
||||
from nova.api.openstack.placement import handler
|
||||
from nova.tests.functional.api.openstack.placement import base
|
||||
|
||||
|
||||
CONF = cfg.CONF
|
||||
|
||||
|
||||
class TestVerifyPolicy(base.TestCase):
|
||||
"""Verify that all defined placement routes have a policy."""
|
||||
|
||||
# Paths that don't need a policy check
|
||||
EXCEPTIONS = ['/', '']
|
||||
|
||||
def _test_request_403(self, client, method, route):
|
||||
headers = {
|
||||
'x-auth-token': 'user',
|
||||
'content-type': 'application/json'
|
||||
}
|
||||
request_method = getattr(client, method.lower())
|
||||
# We send an empty request body on all requests. Because
|
||||
# policy handling comes before other processing, the value
|
||||
# of the body is irrelevant.
|
||||
response = request_method(route, data='', headers=headers)
|
||||
self.assertEqual(
|
||||
403, response.status_code,
|
||||
'method %s on route %s is open for user, status: %s' %
|
||||
(method, route, response.status_code))
|
||||
|
||||
def test_verify_policy(self):
|
||||
with direct.PlacementDirect(CONF, latest_microversion=True) as client:
|
||||
for route, methods in handler.ROUTE_DECLARATIONS.items():
|
||||
if route in self.EXCEPTIONS:
|
||||
continue
|
||||
for method in methods:
|
||||
self._test_request_403(client, method, route)
|
Loading…
Reference in New Issue