From 03eba771f47d3328b21fb47667650ef934682ca7 Mon Sep 17 00:00:00 2001 From: zhaodan Date: Tue, 18 Dec 2018 14:50:00 +0800 Subject: [PATCH] add test for get_one() when server_uuid not found Closes-Bug:#1808918 Change-Id: I265defee39a8c5795f3d23c617af00bc1d5c3c96 --- mogan/tests/unit/api/v1/test_server.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/mogan/tests/unit/api/v1/test_server.py b/mogan/tests/unit/api/v1/test_server.py index 6e1d305b..7f1481bb 100644 --- a/mogan/tests/unit/api/v1/test_server.py +++ b/mogan/tests/unit/api/v1/test_server.py @@ -140,6 +140,14 @@ class TestServerAuthorization(v1_test.APITestV1): headers=headers) self.assertNotIn('node', resp) + def test_server_get_one_by_owner_with_wrong_uuid(self): + # not admin but the owner + self.context.tenant = self.server1.project_id + headers = self.gen_headers(self.context, roles="no-admin") + resp = self.get_json('/servers/%s' % uuidutils.generate_uuid(), + expect_errors=True, headers=headers) + self.assertEqual(resp.status_code, 404) + def test_server_get_one_by_admin(self): # when the evil tenant is admin, he can do everything. self.context.tenant = self.evil_project @@ -148,6 +156,14 @@ class TestServerAuthorization(v1_test.APITestV1): headers=headers) self.assertIn('node', resp) + def test_server_get_one_by_admin_with_wrong_uuid(self): + # when the evil tenant is admin, he can do everything. + self.context.tenant = self.evil_project + headers = self.gen_headers(self.context, roles="admin") + resp = self.get_json('/servers/%s' % uuidutils.generate_uuid(), + expect_errors=True, headers=headers) + self.assertEqual(resp.status_code, 404) + def test_server_get_one_unauthorized(self): # not admin and not the owner self.context.tenant = self.evil_project