Adding new test cases to: "Zone Ownership Transfers" test suite.
1) test_show_transfer_request_impersonate_another_project Test is based on: "x-auth-sudo-project-id" HTTP header 2) test_list_transfer_requests_all_projects Test is based on: "x-auth-all-projects" HTTP header 3) test_zone_transfer_target_project Test validates that only targeted project is able to accept the transfer request. 4) Improving the existing scenario test: "test_zone_transfer" Zone ownership transfer shouldn't work more than once. Change-Id: I1b345de2c9756ba1bcb0ec7b361c90baff3acb60
This commit is contained in:
parent
e98a05ac35
commit
5ec73286a2
|
@ -60,26 +60,30 @@ class TransferRequestClient(base.DnsClientV2Base):
|
|||
return resp, body
|
||||
|
||||
@base.handle_errors
|
||||
def show_transfer_request(self, uuid, params=None):
|
||||
def show_transfer_request(self, uuid, params=None, headers=None):
|
||||
"""Gets a specific transfer_requestsed zone.
|
||||
:param uuid: Unique identifier of the transfer_requestsed zone in
|
||||
UUID format.
|
||||
:param params: A Python dict that represents the query paramaters to
|
||||
include in the request URI.
|
||||
|
||||
:param headers (dict): The headers to use for the request.
|
||||
:return: Serialized transfer_requestsed zone as a dictionary.
|
||||
"""
|
||||
return self._show_request(
|
||||
'zones/tasks/transfer_requests', uuid, params=params)
|
||||
'zones/tasks/transfer_requests', uuid,
|
||||
params=params, headers=headers)
|
||||
|
||||
@base.handle_errors
|
||||
def list_transfer_requests(self, params=None):
|
||||
def list_transfer_requests(self, params=None, headers=None):
|
||||
"""Gets all the transfer_requestsed zones
|
||||
:param params: A Python dict that represents the query paramaters to
|
||||
include in the request URI.
|
||||
:param headers (dict): The headers to use for the request.
|
||||
:return: Serialized transfer_requestsed zone as a list.
|
||||
"""
|
||||
return self._list_request(
|
||||
'zones/tasks/transfer_requests', params=params)
|
||||
'zones/tasks/transfer_requests', params=params, headers=headers)
|
||||
|
||||
@base.handle_errors
|
||||
def delete_transfer_request(self, uuid, params=None):
|
||||
|
|
|
@ -27,7 +27,7 @@ class BaseTransferRequestTest(base.BaseDnsV2Test):
|
|||
|
||||
|
||||
class TransferRequestTest(BaseTransferRequestTest):
|
||||
credentials = ['primary', 'alt']
|
||||
credentials = ['primary', 'alt', 'admin']
|
||||
|
||||
@classmethod
|
||||
def setup_credentials(cls):
|
||||
|
@ -40,8 +40,10 @@ class TransferRequestTest(BaseTransferRequestTest):
|
|||
super(TransferRequestTest, cls).setup_clients()
|
||||
|
||||
cls.zone_client = cls.os_primary.zones_client
|
||||
cls.alt_zone_client = cls.os_alt.zones_client
|
||||
cls.client = cls.os_primary.transfer_request_client
|
||||
cls.alt_client = cls.os_alt.transfer_request_client
|
||||
cls.admin_client = cls.os_admin.transfer_request_client
|
||||
|
||||
@decorators.idempotent_id('2381d489-ad84-403d-b0a2-8b77e4e966bf')
|
||||
def test_create_transfer_request(self):
|
||||
|
@ -107,6 +109,34 @@ class TransferRequestTest(BaseTransferRequestTest):
|
|||
'created transfer_request')
|
||||
self.assertExpected(transfer_request, body, self.excluded_keys)
|
||||
|
||||
@decorators.idempotent_id('5bed4582-9cfb-11eb-a160-74e5f9e2a801')
|
||||
@decorators.skip_because(bug="1926572")
|
||||
def test_show_transfer_request_impersonate_another_project(self):
|
||||
LOG.info('Create a zone')
|
||||
zone = self.zone_client.create_zone()[1]
|
||||
self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
|
||||
|
||||
LOG.info('Create a zone transfer_request')
|
||||
transfer_request = self.client.create_transfer_request(zone['id'])[1]
|
||||
self.addCleanup(self.client.delete_transfer_request,
|
||||
transfer_request['id'])
|
||||
|
||||
LOG.info('As Admin tenant fetch the transfer_request without using '
|
||||
'"x-auth-sudo-project-id" HTTP header. Expected: 404')
|
||||
self.assertRaises(lib_exc.NotFound,
|
||||
lambda: self.admin_client.show_transfer_request(
|
||||
transfer_request['id']))
|
||||
|
||||
LOG.info('As Admin tenant fetch the transfer_request using '
|
||||
'"x-auth-sudo-project-id" HTTP header.')
|
||||
body = self.admin_client.show_transfer_request(
|
||||
transfer_request['id'],
|
||||
headers={'x-auth-sudo-project-id': zone['project_id']})[1]
|
||||
|
||||
LOG.info('Ensure the fetched response matches the '
|
||||
'created transfer_request')
|
||||
self.assertExpected(transfer_request, body, self.excluded_keys)
|
||||
|
||||
@decorators.idempotent_id('235ded87-0c47-430b-8cad-4f3194b927a6')
|
||||
def test_show_transfer_request_as_target(self):
|
||||
# Checks the target of a scoped transfer request can see
|
||||
|
@ -166,6 +196,48 @@ class TransferRequestTest(BaseTransferRequestTest):
|
|||
|
||||
self.assertGreater(len(body['transfer_requests']), 0)
|
||||
|
||||
@decorators.idempotent_id('db985892-9d02-11eb-a160-74e5f9e2a801')
|
||||
def test_list_transfer_requests_all_projects(self):
|
||||
LOG.info('Create a Primary zone')
|
||||
primary_zone = self.zone_client.create_zone()[1]
|
||||
self.addCleanup(self.wait_zone_delete,
|
||||
self.zone_client, primary_zone['id'])
|
||||
|
||||
LOG.info('Create an Alt zone')
|
||||
alt_zone = self.alt_zone_client.create_zone()[1]
|
||||
self.addCleanup(self.wait_zone_delete,
|
||||
self.alt_zone_client, alt_zone['id'])
|
||||
|
||||
LOG.info('Create a zone transfer_request using Primary client')
|
||||
primary_transfer_request = self.client.create_transfer_request(
|
||||
primary_zone['id'])[1]
|
||||
self.addCleanup(self.client.delete_transfer_request,
|
||||
primary_transfer_request['id'])
|
||||
|
||||
LOG.info('Create a zone transfer_request using Alt client')
|
||||
alt_transfer_request = self.alt_client.create_transfer_request(
|
||||
alt_zone['id'])[1]
|
||||
self.addCleanup(self.alt_client.delete_transfer_request,
|
||||
alt_transfer_request['id'])
|
||||
|
||||
LOG.info('List transfer_requests for all projects using Admin tenant '
|
||||
'without "x-auth-all-projects" HTTP header. '
|
||||
'Expected: empty list')
|
||||
self.assertEqual([], self.admin_client.list_transfer_requests()[1][
|
||||
'transfer_requests'], 'Failed, requests list is not empty')
|
||||
|
||||
LOG.info('List transfer_requests for all projects using Admin tenant '
|
||||
'and "x-auth-all-projects" HTTP header.')
|
||||
request_ids = [
|
||||
item['id'] for item in self.admin_client.list_transfer_requests(
|
||||
headers={'x-auth-all-projects': True})[1]['transfer_requests']]
|
||||
|
||||
for request_id in [primary_transfer_request['id'],
|
||||
alt_transfer_request['id']]:
|
||||
self.assertIn(request_id, request_ids,
|
||||
"Failed, transfer request ID:{} wasn't found in "
|
||||
"listed IDs{}".format(request_id, request_ids))
|
||||
|
||||
@decorators.idempotent_id('de5e9d32-c723-4518-84e5-58da9722cc13')
|
||||
def test_update_transfer_request(self):
|
||||
LOG.info('Create a zone')
|
||||
|
|
|
@ -16,22 +16,25 @@ from tempest.lib import decorators
|
|||
from tempest.lib import exceptions as lib_exc
|
||||
|
||||
from designate_tempest_plugin.tests import base
|
||||
from designate_tempest_plugin import data_utils as dns_data_utils
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ZonesTransferTest(base.BaseDnsV2Test):
|
||||
credentials = ['primary', 'alt']
|
||||
credentials = ['primary', 'alt', 'admin']
|
||||
|
||||
@classmethod
|
||||
def setup_clients(cls):
|
||||
super(ZonesTransferTest, cls).setup_clients()
|
||||
cls.zones_client = cls.os_primary.zones_client
|
||||
cls.alt_zones_client = cls.os_alt.zones_client
|
||||
cls.admin_zones_client = cls.os_admin.zones_client
|
||||
cls.request_client = cls.os_primary.transfer_request_client
|
||||
cls.alt_request_client = cls.os_alt.transfer_request_client
|
||||
cls.accept_client = cls.os_primary.transfer_accept_client
|
||||
cls.alt_accept_client = cls.os_alt.transfer_accept_client
|
||||
cls.admin_accept_client = cls.os_admin.transfer_accept_client
|
||||
|
||||
@decorators.idempotent_id('60bd80ac-c979-4686-9a03-f2f775f272ab')
|
||||
def test_zone_transfer(self):
|
||||
|
@ -63,3 +66,43 @@ class ZonesTransferTest(base.BaseDnsV2Test):
|
|||
LOG.info('Ensure 404 when fetching the zone as primary tenant')
|
||||
self.assertRaises(lib_exc.NotFound,
|
||||
lambda: self.zones_client.show_zone(zone['id']))
|
||||
|
||||
LOG.info('Accept the request as admin tenant, should fail '
|
||||
'with: "invalid_zone_transfer_request"')
|
||||
with self.assertRaisesDns(
|
||||
lib_exc.BadRequest, 'invalid_zone_transfer_request', 400):
|
||||
self.admin_accept_client.create_transfer_accept(accept_data)
|
||||
|
||||
@decorators.idempotent_id('5855b772-a036-11eb-9973-74e5f9e2a801')
|
||||
def test_zone_transfer_target_project(self):
|
||||
LOG.info('Create a zone as "primary" tenant')
|
||||
zone = self.zones_client.create_zone()[1]
|
||||
|
||||
LOG.info('Create transfer_request with target project set to '
|
||||
'"Admin" tenant')
|
||||
transfer_request_data = dns_data_utils.rand_transfer_request_data(
|
||||
target_project_id=self.os_admin.credentials.project_id)
|
||||
transfer_request = self.request_client.create_transfer_request(
|
||||
zone['id'], transfer_request_data)[1]
|
||||
self.addCleanup(self.request_client.delete_transfer_request,
|
||||
transfer_request['id'])
|
||||
LOG.info('Ensure we respond with ACTIVE status')
|
||||
self.assertEqual('ACTIVE', transfer_request['status'])
|
||||
|
||||
LOG.info('Accept the request as "alt" tenant, Expected: should fail '
|
||||
'as "admin" was set as a target project.')
|
||||
accept_data = {
|
||||
"key": transfer_request['key'],
|
||||
"zone_transfer_request_id": transfer_request['id']
|
||||
}
|
||||
self.assertRaises(
|
||||
lib_exc.Forbidden, self.alt_accept_client.create_transfer_accept,
|
||||
transfer_accept_data=accept_data)
|
||||
|
||||
LOG.info('Accept the request as "Admin" tenant, Expected: should work')
|
||||
self.admin_accept_client.create_transfer_accept(accept_data)
|
||||
LOG.info('Fetch the zone as "Admin" tenant')
|
||||
admin_zone = self.admin_zones_client.show_zone(zone['id'])[1]
|
||||
self.addCleanup(self.wait_zone_delete,
|
||||
self.admin_zones_client,
|
||||
admin_zone['id'])
|
||||
|
|
Loading…
Reference in New Issue