openstack
/
nova
Code Issues Proposed changes

clean up fake auth manager in other places

This commit is contained in:
Vishvananda Ishaya 2011-07-22 21:36:41 +00:00
parent e8defa6bdd
commit ccb5119280
12 changed files with 21 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nova/api/ec2/__init__.py
View File

@ -175,7 +175,6 @@ class Authenticate(wsgi.Middleware):
if FLAGS.use_forwarded_for:
remote_address = req.headers.get('X-Forwarded-For', remote_address)
roles = authman.get_active_roles(user, project)
LOG.warn(roles)
ctxt = context.RequestContext(user_id=user.id,
project_id=project.id,
is_admin=user.is_admin(),
@ -299,7 +298,6 @@ class Authorizer(wsgi.Middleware):
def _matches_any_role(self, context, roles):
"""Return True if any role in roles is allowed in context."""
LOG.info(context.roles)
if context.is_admin:
return True
if 'all' in roles:

3
nova/auth/manager.py
View File

@ -521,8 +521,7 @@ class AuthManager(object):
def get_active_roles(self, user, project=None):
"""Get all active roles for context"""
if project:
roles = FLAGS.allowed_roles
roles.append('projectmanager')
roles = FLAGS.allowed_roles + ['projectmanager']
else:
roles = FLAGS.global_roles
return [role for role in roles if self.has_role(user, role, project)]

5
nova/tests/api/openstack/contrib/test_floating_ips.py
View File

@ -74,12 +74,8 @@ class FloatingIpTest(test.TestCase):
def setUp(self):
super(FloatingIpTest, self).setUp()
self.controller = FloatingIPController()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_auth(self.stubs)
self.stubs.Set(network.api.API, "get_floating_ip",
network_api_get_floating_ip)
self.stubs.Set(network.api.API, "list_floating_ips",
@ -96,7 +92,6 @@ class FloatingIpTest(test.TestCase):
self._create_floating_ip()
def tearDown(self):
self.stubs.UnsetAll()
self._delete_floating_ip()
super(FloatingIpTest, self).tearDown()

8
nova/tests/api/openstack/contrib/test_multinic_xs.py
View File

@ -42,22 +42,14 @@ def compute_api_remove_fixed_ip(self, context, instance_id, address):
class FixedIpTest(test.TestCase):
def setUp(self):
super(FixedIpTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_auth(self.stubs)
self.stubs.Set(compute.api.API, "add_fixed_ip",
compute_api_add_fixed_ip)
self.stubs.Set(compute.api.API, "remove_fixed_ip",
compute_api_remove_fixed_ip)
self.context = context.get_admin_context()
def tearDown(self):
self.stubs.UnsetAll()
super(FixedIpTest, self).tearDown()
def test_add_fixed_ip(self):
global last_add_fixed_ip
last_add_fixed_ip = (None, None)

17
nova/tests/api/openstack/test_adminapi.py
View File

@ -16,14 +16,10 @@
# under the License.
import stubout
import webob
from paste import urlmap
from nova import flags
from nova import test
from nova.api import openstack
from nova.api.openstack import auth
from nova.tests.api.openstack import fakes
FLAGS = flags.FLAGS
@ -33,21 +29,12 @@ class AdminAPITest(test.TestCase):
def setUp(self):
super(AdminAPITest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_auth(self.stubs)
self.allow_admin = FLAGS.allow_admin_api
def tearDown(self):
self.stubs.UnsetAll()
FLAGS.allow_admin_api = self.allow_admin
super(AdminAPITest, self).tearDown()
def test_admin_enabled(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
# We should still be able to access public operations.
req = webob.Request.blank('/v1.0/flavors')
res = req.get_response(fakes.wsgi_app())
@ -55,7 +42,7 @@ class AdminAPITest(test.TestCase):
# TODO: Confirm admin operations are available.
def test_admin_disabled(self):
FLAGS.allow_admin_api = False
self.flags(allow_admin_api=False)
# We should still be able to access public operations.
req = webob.Request.blank('/v1.0/flavors')
res = req.get_response(fakes.wsgi_app())

5
nova/tests/api/openstack/test_flavors.py
View File

@ -16,7 +16,6 @@
# under the License.
import json
import stubout
import webob
import xml.dom.minidom as minidom
@ -56,12 +55,8 @@ def return_instance_type_not_found(context, flavor_id):
class FlavorsTest(test.TestCase):
def setUp(self):
super(FlavorsTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_auth(self.stubs)
self.stubs.Set(nova.db.api, "instance_type_get_all",
return_instance_types)
self.stubs.Set(nova.db.api, "instance_type_get_by_flavor_id",

14
nova/tests/api/openstack/test_image_metadata.py
View File

@ -16,8 +16,6 @@
# under the License.
import json
import stubout
import unittest
import webob
import xml.dom.minidom as minidom
@ -85,23 +83,13 @@ class ImageMetaDataTest(test.TestCase):
def setUp(self):
super(ImageMetaDataTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
self.orig_image_service = FLAGS.image_service
FLAGS.image_service = 'nova.image.glance.GlanceImageService'
fakes.FakeAuthManager.auth_data = {}
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_auth(self.stubs)
self.flags(image_service='nova.image.glance.GlanceImageService')
# NOTE(dprince) max out properties/metadata in image 3 for testing
img3 = self.IMAGE_FIXTURES[2]
for num in range(FLAGS.quota_metadata_items):
img3['properties']['key%i' % num] = "blah"
fakes.stub_out_glance(self.stubs, self.IMAGE_FIXTURES)
def tearDown(self):
self.stubs.UnsetAll()
FLAGS.image_service = self.orig_image_service
super(ImageMetaDataTest, self).tearDown()
def test_index(self):
req = webob.Request.blank('/v1.1/images/1/meta')
req.environ['api.version'] = '1.1'

14
nova/tests/api/openstack/test_server_metadata.py
View File

@ -16,14 +16,12 @@
# under the License.
import json
import stubout
import unittest
import webob
from nova import exception
from nova import flags
from nova.api import openstack
from nova import test
from nova.tests.api.openstack import fakes
import nova.wsgi
@ -76,21 +74,13 @@ def return_server_nonexistant(context, server_id):
raise exception.InstanceNotFound()
class ServerMetaDataTest(unittest.TestCase):
class ServerMetaDataTest(test.TestCase):
def setUp(self):
super(ServerMetaDataTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.auth_data = {}
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_auth(self.stubs)
fakes.stub_out_key_pair_funcs(self.stubs)
self.stubs.Set(nova.db.api, 'instance_get', return_server)
def tearDown(self):
self.stubs.UnsetAll()
super(ServerMetaDataTest, self).tearDown()
def test_index(self):
self.stubs.Set(nova.db.api, 'instance_metadata_get',
return_server_metadata)

38
nova/tests/api/openstack/test_servers.py
View File

@ -20,7 +20,6 @@ import json
import unittest
from xml.dom import minidom
import stubout
import webob
from nova import context
@ -224,8 +223,6 @@ class ServersTest(test.TestCase):
def setUp(self):
super(ServersTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_key_pair_funcs(self.stubs)
@ -250,15 +247,9 @@ class ServersTest(test.TestCase):
self.stubs.Set(nova.compute.API, 'resume', fake_compute_api)
self.stubs.Set(nova.compute.API, "get_diagnostics", fake_compute_api)
self.stubs.Set(nova.compute.API, "get_actions", fake_compute_api)
self.allow_admin = FLAGS.allow_admin_api
self.webreq = common.webob_factory('/v1.0/servers')
def tearDown(self):
self.stubs.UnsetAll()
FLAGS.allow_admin_api = self.allow_admin
super(ServersTest, self).tearDown()
def test_get_server_by_id(self):
req = webob.Request.blank('/v1.0/servers/1')
res = req.get_response(fakes.wsgi_app())
@ -853,7 +844,7 @@ class ServersTest(test.TestCase):
def test_create_instance_via_zones(self):
"""Server generated ReservationID"""
self._setup_for_create_instance()
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=3, flavorId=2,
@ -875,7 +866,7 @@ class ServersTest(test.TestCase):
def test_create_instance_via_zones_with_resid(self):
"""User supplied ReservationID"""
self._setup_for_create_instance()
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=3, flavorId=2,
@ -1305,7 +1296,7 @@ class ServersTest(test.TestCase):
self.assertEqual(s['flavorId'], 1)
def test_server_pause(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1317,7 +1308,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_server_unpause(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1329,7 +1320,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_server_suspend(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1341,7 +1332,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_server_resume(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1353,7 +1344,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_server_reset_network(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1365,7 +1356,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_server_inject_network_info(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = dict(server=dict(
name='server_test', imageId=2, flavorId=2, metadata={},
personality={}))
@ -1652,7 +1643,7 @@ class ServersTest(test.TestCase):
self.assertEqual(self.server_delete_called, True)
def test_rescue_accepted(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = {}
self.called = False
@ -1671,7 +1662,7 @@ class ServersTest(test.TestCase):
self.assertEqual(res.status_int, 202)
def test_rescue_raises_handled(self):
FLAGS.allow_admin_api = True
self.flags(allow_admin_api=True)
body = {}
def rescue_mock(*args, **kwargs):
@ -2160,17 +2151,8 @@ class TestServerInstanceCreation(test.TestCase):
def setUp(self):
super(TestServerInstanceCreation, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_auth(self.stubs)
fakes.stub_out_image_service(self.stubs)
fakes.stub_out_key_pair_funcs(self.stubs)
self.allow_admin = FLAGS.allow_admin_api
def tearDown(self):
self.stubs.UnsetAll()
FLAGS.allow_admin_api = self.allow_admin
super(TestServerInstanceCreation, self).tearDown()
def _setup_mock_compute_api_for_personality(self):

13
nova/tests/api/openstack/test_shared_ip_groups.py
View File

@ -15,26 +15,13 @@
# License for the specific language governing permissions and limitations
# under the License.
import stubout
import webob
from nova import test
from nova.api.openstack import shared_ip_groups
from nova.tests.api.openstack import fakes
class SharedIpGroupsTest(test.TestCase):
def setUp(self):
super(SharedIpGroupsTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
fakes.stub_out_auth(self.stubs)
def tearDown(self):
self.stubs.UnsetAll()
super(SharedIpGroupsTest, self).tearDown()
def test_get_shared_ip_groups(self):
req = webob.Request.blank('/v1.0/shared_ip_groups')
res = req.get_response(fakes.wsgi_app())

24
nova/tests/api/openstack/test_zones.py
View File

@ -95,31 +95,15 @@ def zone_select(context, specs):
class ZonesTest(test.TestCase):
def setUp(self):
super(ZonesTest, self).setUp()
self.stubs = stubout.StubOutForTesting()
fakes.FakeAuthManager.reset_fake_data()
fakes.FakeAuthDatabase.data = {}
self.flags(allow_admin_api=True)
fakes.stub_out_networking(self.stubs)
fakes.stub_out_rate_limiting(self.stubs)
fakes.stub_out_auth(self.stubs)
self.allow_admin = FLAGS.allow_admin_api
FLAGS.allow_admin_api = True
self.stubs.Set(nova.db, 'zone_get', zone_get)
self.stubs.Set(nova.db, 'zone_update', zone_update)
self.stubs.Set(nova.db, 'zone_create', zone_create)
self.stubs.Set(nova.db, 'zone_delete', zone_delete)
self.old_zone_name = FLAGS.zone_name
self.old_zone_capabilities = FLAGS.zone_capabilities
def tearDown(self):
self.stubs.UnsetAll()
FLAGS.allow_admin_api = self.allow_admin
FLAGS.zone_name = self.old_zone_name
FLAGS.zone_capabilities = self.old_zone_capabilities
super(ZonesTest, self).tearDown()
def test_get_zone_list_scheduler(self):
self.stubs.Set(api, '_call_scheduler', zone_get_all_scheduler)
req = webob.Request.blank('/v1.0/zones')
@ -190,8 +174,8 @@ class ZonesTest(test.TestCase):
self.assertFalse('username' in res_dict['zone'])
def test_zone_info(self):
FLAGS.zone_name = 'darksecret'
FLAGS.zone_capabilities = ['cap1=a;b', 'cap2=c;d']
caps = ['cap1=a;b', 'cap2=c;d']
self.flags(zone_name='darksecret', zone_capabilities=caps)
self.stubs.Set(api, '_call_scheduler', zone_capabilities)
body = dict(zone=dict(username='zeb', password='sneaky'))
@ -205,7 +189,7 @@ class ZonesTest(test.TestCase):
self.assertEqual(res_dict['zone']['cap2'], 'c;d')
def test_zone_select(self):
FLAGS.build_plan_encryption_key = 'c286696d887c9aa0611bbb3e2025a45a'
self.flags(build_plan_encryption_key='c286696d887c9aa0611bbb3e2025a45a')
self.stubs.Set(api, 'select', zone_select)
req = webob.Request.blank('/v1.0/zones/select')

3
nova/tests/test_objectstore.py
View File

@ -52,8 +52,7 @@ class S3APITestCase(test.TestCase):
def setUp(self):
"""Setup users, projects, and start a test server."""
super(S3APITestCase, self).setUp()
self.flags(auth_driver='nova.auth.ldapdriver.FakeLdapDriver',
buckets_path=os.path.join(OSS_TEMPDIR, 'buckets'),
self.flags(buckets_path=os.path.join(OSS_TEMPDIR, 'buckets'),
s3_host='127.0.0.1')
shutil.rmtree(FLAGS.buckets_path)