Events RBAC needs scoped token
The role based access control of events api needs project- scoped tokens to process the request. The project information has to be available in the request header to be able to filter events based on the project.In addition to the project, the user information is also mandated as part of this change. The request fails with a 403 if this information is not available in the request. Change-Id: I55e3d8eaf278024e89e43e36a9dbb92b1c432646 blueprint: events-rbac
This commit is contained in:
parent
f4df5cb3f5
commit
d79593c943
|
@ -237,6 +237,7 @@ class EventTypesController(rest.RestController):
|
|||
class EventsController(rest.RestController):
|
||||
"""Works on Events."""
|
||||
|
||||
@v2_utils.requires_context
|
||||
@v2_utils.requires_admin
|
||||
@wsme_pecan.wsexpose([Event], [EventQuery], int)
|
||||
def get_all(self, q=None, limit=None):
|
||||
|
@ -257,6 +258,7 @@ class EventsController(rest.RestController):
|
|||
pecan.request.event_storage_conn.get_events(event_filter,
|
||||
limit)]
|
||||
|
||||
@v2_utils.requires_context
|
||||
@v2_utils.requires_admin
|
||||
@wsme_pecan.wsexpose(Event, wtypes.text)
|
||||
def get_one(self, message_id):
|
||||
|
|
|
@ -353,3 +353,17 @@ def requires_admin(func):
|
|||
return func(*args, **kwargs)
|
||||
|
||||
return wrapped
|
||||
|
||||
|
||||
def requires_context(func):
|
||||
|
||||
@functools.wraps(func)
|
||||
def wrapped(*args, **kwargs):
|
||||
req_usr = pecan.request.headers.get('X-User-Id')
|
||||
proj_usr = pecan.request.headers.get('X-Project-Id')
|
||||
if ((not req_usr) or (not proj_usr)):
|
||||
pecan.core.abort(status_code=403,
|
||||
detail='RBAC Authorization Failed')
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return wrapped
|
||||
|
|
|
@ -212,9 +212,48 @@ class TestAPIACL(v2.FunctionalTest,
|
|||
}])
|
||||
self.assertEqual(401, data.status_int)
|
||||
|
||||
|
||||
class TestAPIEventACL(TestAPIACL):
|
||||
|
||||
PATH = '/events'
|
||||
|
||||
def test_non_admin_get_events(self):
|
||||
data = self.get_json(self.PATH, expect_errors=True,
|
||||
headers={"X-Roles": "Member",
|
||||
"X-Auth-Token": VALID_TOKEN2,
|
||||
"X-Project-Id": "project-good",
|
||||
"X-User-Id": "user-good"})
|
||||
self.assertEqual(401, data.status_int)
|
||||
|
||||
def test_non_admin_get_event_types(self):
|
||||
data = self.get_json('/event_types', expect_errors=True,
|
||||
headers={"X-Roles": "Member",
|
||||
"X-Auth-Token": VALID_TOKEN2,
|
||||
"X-Project-Id": "project-good"})
|
||||
self.assertEqual(401, data.status_int)
|
||||
|
||||
|
||||
class TestApiEventRBAC(v2.FunctionalTest,
|
||||
tests_db.MixinTestsWithBackendScenarios):
|
||||
|
||||
PATH = '/events'
|
||||
|
||||
def test_get_events_without_project(self):
|
||||
headers_no_proj = {"X-Roles": "admin", "X-User-Id": "user-good"}
|
||||
resp = self.get_json(self.PATH, expect_errors=True,
|
||||
headers=headers_no_proj, status=403)
|
||||
self.assertEqual(403, resp.status_int)
|
||||
|
||||
def test_get_events_without_user(self):
|
||||
headers_no_user = {"X-Roles": "admin", "X-Project-Id": "project-good"}
|
||||
resp = self.get_json(self.PATH, expect_errors=True,
|
||||
headers=headers_no_user, status=403)
|
||||
self.assertEqual(403, resp.status_int)
|
||||
|
||||
def test_get_events_without_scope(self):
|
||||
headers_no_user_proj = {"X-Roles": "admin"}
|
||||
resp = self.get_json(self.PATH,
|
||||
expect_errors=True,
|
||||
headers=headers_no_user_proj,
|
||||
status=403)
|
||||
self.assertEqual(403, resp.status_int)
|
||||
|
|
|
@ -49,8 +49,12 @@ class TestAPIUpgradePath(v2.FunctionalTest):
|
|||
status=410)
|
||||
self.assertIn(b'Gnocchi API', response.body)
|
||||
|
||||
headers_events = {"X-Roles": "admin",
|
||||
"X-User-Id": "user1",
|
||||
"X-Project-Id": "project1"}
|
||||
for endpoint in ['events', 'event_types']:
|
||||
self.app.get(self.PATH_PREFIX + '/' + endpoint,
|
||||
headers=headers_events,
|
||||
status=200)
|
||||
|
||||
response = self.post_json('/query/samples',
|
||||
|
|
|
@ -23,7 +23,11 @@ from ceilometer.event.storage import models
|
|||
from ceilometer.tests import db as tests_db
|
||||
from ceilometer.tests.functional.api import v2
|
||||
|
||||
headers = {"X-Roles": "admin"}
|
||||
USER_ID = uuid.uuid4().hex
|
||||
PROJ_ID = uuid.uuid4().hex
|
||||
HEADERS = {"X-Roles": "admin",
|
||||
"X-User-Id": USER_ID,
|
||||
"X-Project-Id": PROJ_ID}
|
||||
|
||||
|
||||
class EventTestBase(v2.FunctionalTest,
|
||||
|
@ -71,7 +75,7 @@ class TestEventTypeAPI(EventTestBase):
|
|||
PATH = '/event_types'
|
||||
|
||||
def test_event_types(self):
|
||||
data = self.get_json(self.PATH, headers=headers)
|
||||
data = self.get_json(self.PATH, headers=HEADERS)
|
||||
for event_type in ['Foo', 'Bar', 'Zoo']:
|
||||
self.assertIn(event_type, data)
|
||||
|
||||
|
@ -82,35 +86,35 @@ class TestTraitAPI(EventTestBase):
|
|||
|
||||
def test_get_traits_for_event(self):
|
||||
path = self.PATH % "Foo"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
|
||||
self.assertEqual(4, len(data))
|
||||
|
||||
def test_get_event_invalid_path(self):
|
||||
data = self.get_json('/event_types/trait_A/', headers=headers,
|
||||
data = self.get_json('/event_types/trait_A/', headers=HEADERS,
|
||||
expect_errors=True)
|
||||
self.assertEqual(404, data.status_int)
|
||||
|
||||
def test_get_traits_for_non_existent_event(self):
|
||||
path = self.PATH % "NO_SUCH_EVENT_TYPE"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
|
||||
self.assertEqual([], data)
|
||||
|
||||
def test_get_trait_data_for_event(self):
|
||||
path = (self.PATH % "Foo") + "/trait_A"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
self.assertEqual(1, len(data))
|
||||
self.assertEqual("trait_A", data[0]['name'])
|
||||
|
||||
path = (self.PATH % "Foo") + "/trait_B"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
self.assertEqual(1, len(data))
|
||||
self.assertEqual("trait_B", data[0]['name'])
|
||||
self.assertEqual("1", data[0]['value'])
|
||||
|
||||
path = (self.PATH % "Foo") + "/trait_D"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
self.assertEqual(1, len(data))
|
||||
self.assertEqual("trait_D", data[0]['name'])
|
||||
self.assertEqual((self.trait_time - datetime.timedelta(days=3)).
|
||||
|
@ -118,13 +122,13 @@ class TestTraitAPI(EventTestBase):
|
|||
|
||||
def test_get_trait_data_for_non_existent_event(self):
|
||||
path = (self.PATH % "NO_SUCH_EVENT") + "/trait_A"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
|
||||
self.assertEqual([], data)
|
||||
|
||||
def test_get_trait_data_for_non_existent_trait(self):
|
||||
path = (self.PATH % "Foo") + "/no_such_trait"
|
||||
data = self.get_json(path, headers=headers)
|
||||
data = self.get_json(path, headers=HEADERS)
|
||||
|
||||
self.assertEqual([], data)
|
||||
|
||||
|
@ -134,7 +138,7 @@ class TestEventAPI(EventTestBase):
|
|||
PATH = '/events'
|
||||
|
||||
def test_get_events(self):
|
||||
data = self.get_json(self.PATH, headers=headers)
|
||||
data = self.get_json(self.PATH, headers=HEADERS)
|
||||
self.assertEqual(3, len(data))
|
||||
# We expect to get native UTC generated time back
|
||||
trait_time = self.s_time
|
||||
|
@ -151,7 +155,7 @@ class TestEventAPI(EventTestBase):
|
|||
trait_time += datetime.timedelta(days=1)
|
||||
|
||||
def test_get_event_by_message_id(self):
|
||||
event = self.get_json(self.PATH + "/100", headers=headers)
|
||||
event = self.get_json(self.PATH + "/100", headers=HEADERS)
|
||||
expected_traits = [{'name': 'trait_A',
|
||||
'type': 'string',
|
||||
'value': 'my_Bar_text'},
|
||||
|
@ -170,18 +174,18 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual(expected_traits, event['traits'])
|
||||
|
||||
def test_get_event_by_message_id_no_such_id(self):
|
||||
data = self.get_json(self.PATH + "/DNE", headers=headers,
|
||||
data = self.get_json(self.PATH + "/DNE", headers=HEADERS,
|
||||
expect_errors=True)
|
||||
self.assertEqual(404, data.status_int)
|
||||
|
||||
def test_get_events_filter_event_type(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'event_type',
|
||||
'value': 'Foo'}])
|
||||
self.assertEqual(1, len(data))
|
||||
|
||||
def test_get_events_filter_trait_no_type(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text'}])
|
||||
self.assertEqual(1, len(data))
|
||||
|
@ -189,7 +193,7 @@ class TestEventAPI(EventTestBase):
|
|||
|
||||
def test_get_events_filter_trait_empty_type(self):
|
||||
return
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'type': ''}])
|
||||
|
@ -197,7 +201,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('Foo', data[0]['event_type'])
|
||||
|
||||
def test_get_events_filter_trait_invalid_type(self):
|
||||
resp = self.get_json(self.PATH, headers=headers,
|
||||
resp = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'type': 'whats-up'}],
|
||||
|
@ -209,7 +213,7 @@ class TestEventAPI(EventTestBase):
|
|||
resp.json['error_message']['faultstring'])
|
||||
|
||||
def test_get_events_filter_operator_invalid_type(self):
|
||||
resp = self.get_json(self.PATH, headers=headers,
|
||||
resp = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'op': 'whats-up'}],
|
||||
|
@ -221,7 +225,7 @@ class TestEventAPI(EventTestBase):
|
|||
resp.json['error_message']['faultstring'])
|
||||
|
||||
def test_get_events_filter_text_trait(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'type': 'string'}])
|
||||
|
@ -229,7 +233,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('Foo', data[0]['event_type'])
|
||||
|
||||
def test_get_events_filter_int_trait(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '101',
|
||||
'type': 'integer'}])
|
||||
|
@ -242,7 +246,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('101', traits[0]['value'])
|
||||
|
||||
def test_get_events_filter_float_trait(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '200.123456',
|
||||
'type': 'float'}])
|
||||
|
@ -255,7 +259,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('200.123456', traits[0]['value'])
|
||||
|
||||
def test_get_events_filter_datetime_trait(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2014-01-01T05:00:00',
|
||||
'type': 'datetime'}])
|
||||
|
@ -266,7 +270,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('2014-01-01T05:00:00', traits[0]['value'])
|
||||
|
||||
def test_get_events_multiple_filters(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '1',
|
||||
'type': 'integer'},
|
||||
|
@ -277,7 +281,7 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual('Foo', data[0]['event_type'])
|
||||
|
||||
def test_get_events_multiple_filters_no_matches(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '101',
|
||||
'type': 'integer'},
|
||||
|
@ -288,42 +292,42 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual(0, len(data))
|
||||
|
||||
def test_get_events_not_filters(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[])
|
||||
self.assertEqual(3, len(data))
|
||||
|
||||
def test_get_events_filter_op_string(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'type': 'string',
|
||||
'op': 'eq'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Bar_text',
|
||||
'type': 'string',
|
||||
'op': 'lt'}])
|
||||
self.assertEqual(0, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Zoo_text',
|
||||
'type': 'string',
|
||||
'op': 'le'}])
|
||||
self.assertEqual(3, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Foo_text',
|
||||
'type': 'string',
|
||||
'op': 'ne'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Bar_text',
|
||||
'type': 'string',
|
||||
'op': 'gt'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_A',
|
||||
'value': 'my_Zoo_text',
|
||||
'type': 'string',
|
||||
|
@ -331,37 +335,37 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual(1, len(data))
|
||||
|
||||
def test_get_events_filter_op_integer(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '101',
|
||||
'type': 'integer',
|
||||
'op': 'eq'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '201',
|
||||
'type': 'integer',
|
||||
'op': 'lt'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '1',
|
||||
'type': 'integer',
|
||||
'op': 'le'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '101',
|
||||
'type': 'integer',
|
||||
'op': 'ne'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '201',
|
||||
'type': 'integer',
|
||||
'op': 'gt'}])
|
||||
self.assertEqual(0, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '1',
|
||||
'type': 'integer',
|
||||
|
@ -369,37 +373,37 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual(3, len(data))
|
||||
|
||||
def test_get_events_filter_op_float(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '100.123456',
|
||||
'type': 'float',
|
||||
'op': 'eq'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '200.123456',
|
||||
'type': 'float',
|
||||
'op': 'lt'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '0.123456',
|
||||
'type': 'float',
|
||||
'op': 'le'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '100.123456',
|
||||
'type': 'float',
|
||||
'op': 'ne'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '200.123456',
|
||||
'type': 'float',
|
||||
'op': 'gt'}])
|
||||
self.assertEqual(0, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_C',
|
||||
'value': '0.123456',
|
||||
'type': 'float',
|
||||
|
@ -407,37 +411,37 @@ class TestEventAPI(EventTestBase):
|
|||
self.assertEqual(3, len(data))
|
||||
|
||||
def test_get_events_filter_op_datatime(self):
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2014-01-01T05:00:00',
|
||||
'type': 'datetime',
|
||||
'op': 'eq'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2014-01-02T05:00:00',
|
||||
'type': 'datetime',
|
||||
'op': 'lt'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2013-12-31T05:00:00',
|
||||
'type': 'datetime',
|
||||
'op': 'le'}])
|
||||
self.assertEqual(1, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2014-01-01T05:00:00',
|
||||
'type': 'datetime',
|
||||
'op': 'ne'}])
|
||||
self.assertEqual(2, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2014-01-02T05:00:00',
|
||||
'type': 'datetime',
|
||||
'op': 'gt'}])
|
||||
self.assertEqual(0, len(data))
|
||||
data = self.get_json(self.PATH, headers=headers,
|
||||
data = self.get_json(self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_D',
|
||||
'value': '2013-12-31T05:00:00',
|
||||
'type': 'datetime',
|
||||
|
@ -446,7 +450,7 @@ class TestEventAPI(EventTestBase):
|
|||
|
||||
def test_get_events_filter_wrong_op(self):
|
||||
self.assertRaises(webtest.app.AppError,
|
||||
self.get_json, self.PATH, headers=headers,
|
||||
self.get_json, self.PATH, headers=HEADERS,
|
||||
q=[{'field': 'trait_B',
|
||||
'value': '1',
|
||||
'type': 'integer',
|
||||
|
@ -491,17 +495,17 @@ class EventRestrictionTestBase(v2.FunctionalTest,
|
|||
class TestEventRestriction(EventRestrictionTestBase):
|
||||
|
||||
def test_get_limit(self):
|
||||
data = self.get_json('/events?limit=1', headers=headers)
|
||||
data = self.get_json('/events?limit=1', headers=HEADERS)
|
||||
self.assertEqual(1, len(data))
|
||||
|
||||
def test_get_limit_negative(self):
|
||||
self.assertRaises(webtest.app.AppError,
|
||||
self.get_json, '/events?limit=-2', headers=headers)
|
||||
self.get_json, '/events?limit=-2', headers=HEADERS)
|
||||
|
||||
def test_get_limit_bigger(self):
|
||||
data = self.get_json('/events?limit=100', headers=headers)
|
||||
data = self.get_json('/events?limit=100', headers=HEADERS)
|
||||
self.assertEqual(20, len(data))
|
||||
|
||||
def test_get_default_limit(self):
|
||||
data = self.get_json('/events', headers=headers)
|
||||
data = self.get_json('/events', headers=HEADERS)
|
||||
self.assertEqual(10, len(data))
|
||||
|
|
|
@ -9,21 +9,65 @@ tests:
|
|||
# this attempts to get all the events and expects an empty list back
|
||||
- name: get all events
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events
|
||||
response_strings:
|
||||
- "[]"
|
||||
|
||||
# this attempts to get all the events with no role/user/project
|
||||
# info in header and expects a 403
|
||||
- name: get events with bad headers
|
||||
url: /v2/events
|
||||
status: 403
|
||||
|
||||
# this attempts to get all the events with no user/project
|
||||
# info in header and expects a 403
|
||||
- name: get events with admin only header
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
status: 403
|
||||
|
||||
# this attempts to get all the events with no project
|
||||
# info in header and expects a 403
|
||||
- name: get events with no project header
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
status: 403
|
||||
|
||||
# this attempts to get all the events with no user
|
||||
# info in header and expects a 403
|
||||
- name: get events with no user header
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-Project-Id: project1
|
||||
status: 403
|
||||
|
||||
# this attempts to get all the events with invalid parameters and expects a 400
|
||||
- name: get events with bad params
|
||||
url: /v2/events?bad_Stuff_here
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 400
|
||||
|
||||
# this attempts to query the events with the correct parameterized query syntax
|
||||
# and expects an empty list
|
||||
- name: get events that match query
|
||||
url: /v2/events?q.field=event_type&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events?q.field=event_type&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
|
@ -36,6 +80,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
q:
|
||||
- field: event_type
|
||||
|
@ -52,6 +99,10 @@ tests:
|
|||
# but a bad field name and expects an empty list
|
||||
- name: get events that match bad query
|
||||
url: /v2/events?q.field=bad_field&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events?q.field=bad_field&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
|
@ -64,6 +115,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
q:
|
||||
- field: bad_field
|
||||
|
@ -82,6 +136,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
- field: bad_field
|
||||
op: eq
|
||||
|
@ -96,6 +153,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: text/plain
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
"field: bad_field op: eq type: string value: cookies_chocolate.chip xfail: True"
|
||||
status: 415
|
||||
|
@ -103,11 +163,19 @@ tests:
|
|||
# Get a single event by message_id no data is present so should return a 404
|
||||
- name: get a single event
|
||||
url: /v2/events/fea1b15a-1d47-4175-85a5-a4bb2c729240
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 404
|
||||
|
||||
# Get all the event types should return an empty list
|
||||
- name: get all event types
|
||||
url: /v2/event_types
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types
|
||||
|
@ -117,11 +185,19 @@ tests:
|
|||
# Get a single event type by name, this API is unused and should return a 404
|
||||
- name: get event types for good event_type unused api
|
||||
url: /v2/event_types/cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 404
|
||||
|
||||
# Get all traits for an event type should return an empty list
|
||||
- name: get all traits for event type
|
||||
url: /v2/event_types/cookies_chocolate.chip/traits
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/cookies_chocolate.chip/traits
|
||||
|
@ -131,6 +207,10 @@ tests:
|
|||
# Get all traits named ate for an event type should return an empty list
|
||||
- name: get all traits named ate for event type
|
||||
url: /v2/event_types/cookies_chocolate.chip/traits/ate
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/cookies_chocolate.chip/traits/ate
|
||||
|
|
|
@ -8,6 +8,10 @@ tests:
|
|||
# this attempts to get all the events and checks to make sure they are valid
|
||||
- name: get all events
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events
|
||||
|
@ -28,12 +32,20 @@ tests:
|
|||
# this attempts to get all the events with invalid parameters and expects a 400
|
||||
- name: get events with bad params
|
||||
url: /v2/events?bad_Stuff_here
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 400
|
||||
|
||||
# this attempts to query the events with the correct parameterized query syntax
|
||||
# and expects a matching event
|
||||
- name: get events that match query
|
||||
url: /v2/events?q.field=event_type&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events?q.field=event_type&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
|
@ -47,6 +59,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
q:
|
||||
- field: event_type
|
||||
|
@ -64,6 +79,10 @@ tests:
|
|||
# but a bad field name and expects an empty list
|
||||
- name: get events that match bad query
|
||||
url: /v2/events?q.field=bad_field&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events?q.field=bad_field&q.op=eq&q.type=string&q.value=cookies_chocolate.chip
|
||||
|
@ -76,6 +95,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
q:
|
||||
- field: bad_field
|
||||
|
@ -94,6 +116,9 @@ tests:
|
|||
url: /v2/events
|
||||
request_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
data:
|
||||
- field: bad_field
|
||||
op: eq
|
||||
|
@ -104,6 +129,10 @@ tests:
|
|||
# Get a single event by message_id should return an event
|
||||
- name: get a single event
|
||||
url: /v2/events/fea1b15a-1d47-4175-85a5-a4bb2c729240
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/events/fea1b15a-1d47-4175-85a5-a4bb2c729240
|
||||
|
@ -115,11 +144,19 @@ tests:
|
|||
# Get a single event by message_id no data is present so should return a 404
|
||||
- name: get a single event that does not exist
|
||||
url: /v2/events/bad-id
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 404
|
||||
|
||||
# Get all the event types should return a list of event types
|
||||
- name: get all event types
|
||||
url: /v2/event_types
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types
|
||||
|
@ -131,16 +168,28 @@ tests:
|
|||
# Get a single event type by valid name, this API is unused and should return a 404
|
||||
- name: get event types for good event_type unused api
|
||||
url: /v2/event_types/cookies_chocolate.chip
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 404
|
||||
|
||||
# Get a single event type by invalid name, this API is unused and should return a 404
|
||||
- name: get event types for bad event_type unused api
|
||||
url: /v2/event_types/bad_event_type
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
status: 404
|
||||
|
||||
# Get all traits for a valid event type should return an list of traits
|
||||
- name: get all traits for event type
|
||||
url: /v2/event_types/cookies_chocolate.chip/traits
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/cookies_chocolate.chip/traits
|
||||
|
@ -151,6 +200,10 @@ tests:
|
|||
# Get all traits for an invalid event type should return an empty list
|
||||
- name: get all traits names for event type bad event type
|
||||
url: /v2/event_types/bad_event_type/traits
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/bad_event_type/traits
|
||||
|
@ -161,6 +214,10 @@ tests:
|
|||
# traits
|
||||
- name: get all traits of type ate for event type
|
||||
url: /v2/event_types/cookies_chocolate.chip/traits/ate
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/cookies_chocolate.chip/traits/ate
|
||||
|
@ -172,6 +229,10 @@ tests:
|
|||
# list
|
||||
- name: get all traits of type for event type bad event type
|
||||
url: /v2/event_types/bad_event_type/traits/ate
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/bad_event_type/traits/ate
|
||||
|
@ -182,6 +243,10 @@ tests:
|
|||
# empty list
|
||||
- name: get all traits of type instances for event type bad trait name
|
||||
url: /v2/event_types/cookies_chocolate.chip/traits/bad_trait_name
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: $SCHEME://$NETLOC/v2/event_types/cookies_chocolate.chip/traits/bad_trait_name
|
||||
|
|
|
@ -8,6 +8,10 @@ tests:
|
|||
|
||||
- name: get all events
|
||||
url: /v2/events
|
||||
request_headers:
|
||||
X-Roles: admin
|
||||
X-User-Id: user1
|
||||
X-Project-Id: project1
|
||||
response_headers:
|
||||
content-type: application/json; charset=UTF-8
|
||||
content-location: /$SCHEME://.*/telemetry/v2/events/
|
||||
|
|
Loading…
Reference in New Issue