Merge "Adding 4 "False Positive" test cases for a zone suite."
diff --git a/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py b/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
index f494cde..9523175 100644
--- a/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
@@ -60,26 +60,30 @@
return resp, body
@base.handle_errors
- def show_transfer_request(self, uuid, params=None):
+ def show_transfer_request(self, uuid, params=None, headers=None):
"""Gets a specific transfer_requestsed zone.
:param uuid: Unique identifier of the transfer_requestsed zone in
UUID format.
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+
+ :param headers (dict): The headers to use for the request.
:return: Serialized transfer_requestsed zone as a dictionary.
"""
return self._show_request(
- 'zones/tasks/transfer_requests', uuid, params=params)
+ 'zones/tasks/transfer_requests', uuid,
+ params=params, headers=headers)
@base.handle_errors
- def list_transfer_requests(self, params=None):
+ def list_transfer_requests(self, params=None, headers=None):
"""Gets all the transfer_requestsed zones
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized transfer_requestsed zone as a list.
"""
return self._list_request(
- 'zones/tasks/transfer_requests', params=params)
+ 'zones/tasks/transfer_requests', params=params, headers=headers)
@base.handle_errors
def delete_transfer_request(self, uuid, params=None):
diff --git a/designate_tempest_plugin/services/dns/v2/json/zones_client.py b/designate_tempest_plugin/services/dns/v2/json/zones_client.py
index ac360e6..60e669a 100644
--- a/designate_tempest_plugin/services/dns/v2/json/zones_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/zones_client.py
@@ -23,7 +23,7 @@
@base.handle_errors
def create_zone(self, name=None, email=None, ttl=None, description=None,
- wait_until=False, params=None):
+ attributes=None, wait_until=False, params=None):
"""Create a zone with the specified parameters.
:param name: The name of the zone.
@@ -34,6 +34,10 @@
Default: Random Value
:param description: A description of the zone.
Default: Random Value
+ :param attributes: Key:Value pairs of information about this zone,
+ and the pool the user would like to place the zone in.
+ This information can be used by the scheduler to place
+ zones on the correct pool.
:param wait_until: Block until the zone reaches the desiered status
:param params: A Python dict that represents the query paramaters to
include in the request URI.
@@ -44,6 +48,8 @@
'email': email or dns_data_utils.rand_email(),
'ttl': ttl or dns_data_utils.rand_ttl(),
'description': description or data_utils.rand_name('test-zone'),
+ 'attributes': attributes or {
+ 'attribute_key': data_utils.rand_name('attribute_value')}
}
resp, body = self._create_request('zones', zone, params=params)
diff --git a/designate_tempest_plugin/tests/api/v2/test_recordset.py b/designate_tempest_plugin/tests/api/v2/test_recordset.py
index 53d148d..a0e24a8 100644
--- a/designate_tempest_plugin/tests/api/v2/test_recordset.py
+++ b/designate_tempest_plugin/tests/api/v2/test_recordset.py
@@ -435,35 +435,55 @@
recordsets_created = {}
for client in clients_list:
if client == 'primary':
+ # Create a zone and wait till it's ACTIVE
zone = self.zone_client.create_zone()[1]
self.addCleanup(self.wait_zone_delete,
self.zone_client,
zone['id'])
+ waiters.wait_for_zone_status(
+ self.zone_client, zone['id'], 'ACTIVE')
+
+ # Create a recordset and wait till it's ACTIVE
recordset_data = data_utils.rand_recordset_data(
record_type='A', zone_name=zone['name'])
resp, body = self.client.create_recordset(
zone['id'], recordset_data)
self.assertEqual('PENDING', body['status'],
'Failed, expected status is PENDING')
- waiters.wait_for_zone_status(
- self.zone_client, zone['id'], 'ACTIVE')
+ LOG.info('Wait until the recordset is active')
+ waiters.wait_for_recordset_status(
+ self.client, zone['id'],
+ body['id'], 'ACTIVE')
+
+ # Add "project_id" into the recordset_data
recordset_data['project_id'] = zone['project_id']
recordsets_created['primary'] = recordset_data
+
if client == 'alt':
+ # Create a zone and wait till it's ACTIVE
alt_zone = self.alt_zone_client.create_zone()[1]
self.addCleanup(self.wait_zone_delete,
self.alt_zone_client,
alt_zone['id'])
+ waiters.wait_for_zone_status(
+ self.alt_zone_client, alt_zone['id'], 'ACTIVE')
+
+ # Create a recordset and wait till it's ACTIVE
recordset_data = data_utils.rand_recordset_data(
record_type='A', zone_name=alt_zone['name'])
resp, body = self.alt_client.create_recordset(
alt_zone['id'], recordset_data)
self.assertEqual('PENDING', body['status'],
'Failed, expected status is PENDING')
- waiters.wait_for_zone_status(
- self.alt_zone_client, alt_zone['id'], 'ACTIVE')
+ LOG.info('Wait until the recordset is active')
+ waiters.wait_for_recordset_status(
+ self.alt_client, alt_zone['id'],
+ body['id'], 'ACTIVE')
+
+ # Add "project_id" into the recordset_data
recordset_data['project_id'] = alt_zone['project_id']
recordsets_created['alt'] = recordset_data
+
return recordsets_created
@decorators.idempotent_id('9c0f58ad-1b31-4899-b184-5380720604e5')
diff --git a/designate_tempest_plugin/tests/api/v2/test_transfer_request.py b/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
index bae2510..666fd79 100644
--- a/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
+++ b/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
@@ -27,7 +27,7 @@
class TransferRequestTest(BaseTransferRequestTest):
- credentials = ['primary', 'alt']
+ credentials = ['primary', 'alt', 'admin']
@classmethod
def setup_credentials(cls):
@@ -40,8 +40,10 @@
super(TransferRequestTest, cls).setup_clients()
cls.zone_client = cls.os_primary.zones_client
+ cls.alt_zone_client = cls.os_alt.zones_client
cls.client = cls.os_primary.transfer_request_client
cls.alt_client = cls.os_alt.transfer_request_client
+ cls.admin_client = cls.os_admin.transfer_request_client
@decorators.idempotent_id('2381d489-ad84-403d-b0a2-8b77e4e966bf')
def test_create_transfer_request(self):
@@ -107,6 +109,34 @@
'created transfer_request')
self.assertExpected(transfer_request, body, self.excluded_keys)
+ @decorators.idempotent_id('5bed4582-9cfb-11eb-a160-74e5f9e2a801')
+ @decorators.skip_because(bug="1926572")
+ def test_show_transfer_request_impersonate_another_project(self):
+ LOG.info('Create a zone')
+ zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
+
+ LOG.info('Create a zone transfer_request')
+ transfer_request = self.client.create_transfer_request(zone['id'])[1]
+ self.addCleanup(self.client.delete_transfer_request,
+ transfer_request['id'])
+
+ LOG.info('As Admin tenant fetch the transfer_request without using '
+ '"x-auth-sudo-project-id" HTTP header. Expected: 404')
+ self.assertRaises(lib_exc.NotFound,
+ lambda: self.admin_client.show_transfer_request(
+ transfer_request['id']))
+
+ LOG.info('As Admin tenant fetch the transfer_request using '
+ '"x-auth-sudo-project-id" HTTP header.')
+ body = self.admin_client.show_transfer_request(
+ transfer_request['id'],
+ headers={'x-auth-sudo-project-id': zone['project_id']})[1]
+
+ LOG.info('Ensure the fetched response matches the '
+ 'created transfer_request')
+ self.assertExpected(transfer_request, body, self.excluded_keys)
+
@decorators.idempotent_id('235ded87-0c47-430b-8cad-4f3194b927a6')
def test_show_transfer_request_as_target(self):
# Checks the target of a scoped transfer request can see
@@ -166,6 +196,48 @@
self.assertGreater(len(body['transfer_requests']), 0)
+ @decorators.idempotent_id('db985892-9d02-11eb-a160-74e5f9e2a801')
+ def test_list_transfer_requests_all_projects(self):
+ LOG.info('Create a Primary zone')
+ primary_zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.zone_client, primary_zone['id'])
+
+ LOG.info('Create an Alt zone')
+ alt_zone = self.alt_zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.alt_zone_client, alt_zone['id'])
+
+ LOG.info('Create a zone transfer_request using Primary client')
+ primary_transfer_request = self.client.create_transfer_request(
+ primary_zone['id'])[1]
+ self.addCleanup(self.client.delete_transfer_request,
+ primary_transfer_request['id'])
+
+ LOG.info('Create a zone transfer_request using Alt client')
+ alt_transfer_request = self.alt_client.create_transfer_request(
+ alt_zone['id'])[1]
+ self.addCleanup(self.alt_client.delete_transfer_request,
+ alt_transfer_request['id'])
+
+ LOG.info('List transfer_requests for all projects using Admin tenant '
+ 'without "x-auth-all-projects" HTTP header. '
+ 'Expected: empty list')
+ self.assertEqual([], self.admin_client.list_transfer_requests()[1][
+ 'transfer_requests'], 'Failed, requests list is not empty')
+
+ LOG.info('List transfer_requests for all projects using Admin tenant '
+ 'and "x-auth-all-projects" HTTP header.')
+ request_ids = [
+ item['id'] for item in self.admin_client.list_transfer_requests(
+ headers={'x-auth-all-projects': True})[1]['transfer_requests']]
+
+ for request_id in [primary_transfer_request['id'],
+ alt_transfer_request['id']]:
+ self.assertIn(request_id, request_ids,
+ "Failed, transfer request ID:{} wasn't found in "
+ "listed IDs{}".format(request_id, request_ids))
+
@decorators.idempotent_id('de5e9d32-c723-4518-84e5-58da9722cc13')
def test_update_transfer_request(self):
LOG.info('Create a zone')
diff --git a/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py b/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
index c12bd96..88e9c8f 100644
--- a/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
+++ b/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
@@ -16,22 +16,25 @@
from tempest.lib import exceptions as lib_exc
from designate_tempest_plugin.tests import base
+from designate_tempest_plugin import data_utils as dns_data_utils
LOG = logging.getLogger(__name__)
class ZonesTransferTest(base.BaseDnsV2Test):
- credentials = ['primary', 'alt']
+ credentials = ['primary', 'alt', 'admin']
@classmethod
def setup_clients(cls):
super(ZonesTransferTest, cls).setup_clients()
cls.zones_client = cls.os_primary.zones_client
cls.alt_zones_client = cls.os_alt.zones_client
+ cls.admin_zones_client = cls.os_admin.zones_client
cls.request_client = cls.os_primary.transfer_request_client
cls.alt_request_client = cls.os_alt.transfer_request_client
cls.accept_client = cls.os_primary.transfer_accept_client
cls.alt_accept_client = cls.os_alt.transfer_accept_client
+ cls.admin_accept_client = cls.os_admin.transfer_accept_client
@decorators.idempotent_id('60bd80ac-c979-4686-9a03-f2f775f272ab')
def test_zone_transfer(self):
@@ -63,3 +66,43 @@
LOG.info('Ensure 404 when fetching the zone as primary tenant')
self.assertRaises(lib_exc.NotFound,
lambda: self.zones_client.show_zone(zone['id']))
+
+ LOG.info('Accept the request as admin tenant, should fail '
+ 'with: "invalid_zone_transfer_request"')
+ with self.assertRaisesDns(
+ lib_exc.BadRequest, 'invalid_zone_transfer_request', 400):
+ self.admin_accept_client.create_transfer_accept(accept_data)
+
+ @decorators.idempotent_id('5855b772-a036-11eb-9973-74e5f9e2a801')
+ def test_zone_transfer_target_project(self):
+ LOG.info('Create a zone as "primary" tenant')
+ zone = self.zones_client.create_zone()[1]
+
+ LOG.info('Create transfer_request with target project set to '
+ '"Admin" tenant')
+ transfer_request_data = dns_data_utils.rand_transfer_request_data(
+ target_project_id=self.os_admin.credentials.project_id)
+ transfer_request = self.request_client.create_transfer_request(
+ zone['id'], transfer_request_data)[1]
+ self.addCleanup(self.request_client.delete_transfer_request,
+ transfer_request['id'])
+ LOG.info('Ensure we respond with ACTIVE status')
+ self.assertEqual('ACTIVE', transfer_request['status'])
+
+ LOG.info('Accept the request as "alt" tenant, Expected: should fail '
+ 'as "admin" was set as a target project.')
+ accept_data = {
+ "key": transfer_request['key'],
+ "zone_transfer_request_id": transfer_request['id']
+ }
+ self.assertRaises(
+ lib_exc.Forbidden, self.alt_accept_client.create_transfer_accept,
+ transfer_accept_data=accept_data)
+
+ LOG.info('Accept the request as "Admin" tenant, Expected: should work')
+ self.admin_accept_client.create_transfer_accept(accept_data)
+ LOG.info('Fetch the zone as "Admin" tenant')
+ admin_zone = self.admin_zones_client.show_zone(zone['id'])[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.admin_zones_client,
+ admin_zone['id'])