Merge "New test cases for "zone recordsets" test suite"
diff --git a/designate_tempest_plugin/clients.py b/designate_tempest_plugin/clients.py
index 87b43c4..43ec5a7 100644
--- a/designate_tempest_plugin/clients.py
+++ b/designate_tempest_plugin/clients.py
@@ -47,6 +47,8 @@
import TransferAcceptClient
from designate_tempest_plugin.services.dns.v2.json.tsigkey_client \
import TsigkeyClient
+from designate_tempest_plugin.services.dns.v2.json.service_client \
+ import SevriceClient
CONF = config.CONF
@@ -93,6 +95,7 @@
self.transfer_request_client = TransferRequestClient(**params)
self.transfer_accept_client = TransferAcceptClient(**params)
self.tsigkey_client = TsigkeyClient(**params)
+ self.service_client = SevriceClient(**params)
self.query_client = QueryClient(
nameservers=CONF.dns.nameservers,
diff --git a/designate_tempest_plugin/common/constants.py b/designate_tempest_plugin/common/constants.py
new file mode 100644
index 0000000..7ebcc87
--- /dev/null
+++ b/designate_tempest_plugin/common/constants.py
@@ -0,0 +1,16 @@
+# Copyright 2021 Red Hat.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# API statuses
+UP = 'UP'
diff --git a/designate_tempest_plugin/services/dns/v2/json/service_client.py b/designate_tempest_plugin/services/dns/v2/json/service_client.py
new file mode 100644
index 0000000..fd24047
--- /dev/null
+++ b/designate_tempest_plugin/services/dns/v2/json/service_client.py
@@ -0,0 +1,27 @@
+# Copyright 2021 Red Hat.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+from designate_tempest_plugin.services.dns.v2.json import base
+
+
+class SevriceClient(base.DnsClientV2Base):
+
+ @base.handle_errors
+ def list_statuses(self, headers=None):
+ """List all Services and statuses
+
+ :param headers: (dict): The headers to use for the request.
+ :return: Serialized service statuses as a list.
+ """
+ return self._list_request(
+ 'service_statuses', headers=headers)[1]['service_statuses']
diff --git a/designate_tempest_plugin/services/dns/v2/json/transfer_accepts_client.py b/designate_tempest_plugin/services/dns/v2/json/transfer_accepts_client.py
index fe0fd0f..a0612e9 100644
--- a/designate_tempest_plugin/services/dns/v2/json/transfer_accepts_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/transfer_accepts_client.py
@@ -47,3 +47,15 @@
"""
return self._show_request(
'zones/tasks/transfer_accepts', uuid, params=params)
+
+ @base.handle_errors
+ def list_transfer_accept(self, params=None, headers=None):
+ """Lists all accepted zone transfers.
+ :param params: A Python dict that represents the query paramaters to
+ include in the accept URI.
+ :param headers (dict): The headers to use for the request.
+ :return: List of accepted zone transfers
+ """
+ return self._list_request(
+ 'zones/tasks/transfer_accepts', params=params,
+ headers=headers)[1]['transfer_accepts']
diff --git a/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py b/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
index f494cde..9523175 100644
--- a/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/transfer_request_client.py
@@ -60,26 +60,30 @@
return resp, body
@base.handle_errors
- def show_transfer_request(self, uuid, params=None):
+ def show_transfer_request(self, uuid, params=None, headers=None):
"""Gets a specific transfer_requestsed zone.
:param uuid: Unique identifier of the transfer_requestsed zone in
UUID format.
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+
+ :param headers (dict): The headers to use for the request.
:return: Serialized transfer_requestsed zone as a dictionary.
"""
return self._show_request(
- 'zones/tasks/transfer_requests', uuid, params=params)
+ 'zones/tasks/transfer_requests', uuid,
+ params=params, headers=headers)
@base.handle_errors
- def list_transfer_requests(self, params=None):
+ def list_transfer_requests(self, params=None, headers=None):
"""Gets all the transfer_requestsed zones
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized transfer_requestsed zone as a list.
"""
return self._list_request(
- 'zones/tasks/transfer_requests', params=params)
+ 'zones/tasks/transfer_requests', params=params, headers=headers)
@base.handle_errors
def delete_transfer_request(self, uuid, params=None):
diff --git a/designate_tempest_plugin/services/dns/v2/json/zone_exports_client.py b/designate_tempest_plugin/services/dns/v2/json/zone_exports_client.py
index 3bbd6c9..8915ceb 100644
--- a/designate_tempest_plugin/services/dns/v2/json/zone_exports_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/zone_exports_client.py
@@ -43,16 +43,17 @@
return resp, body
@base.handle_errors
- def show_zone_export(self, uuid, params=None):
+ def show_zone_export(self, uuid, params=None, headers=None):
"""Get the zone export task
:param uuid: Unique identifier of the zone export task in UUID format.
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized exported zone as a dictionary.
"""
return self._show_request(
- 'zones/tasks/exports', uuid, params=params)
+ 'zones/tasks/exports', uuid, params=params, headers=headers)
@base.handle_errors
def show_exported_zonefile(self, uuid, params=None):
@@ -70,15 +71,16 @@
headers=headers, params=params)
@base.handle_errors
- def list_zone_exports(self, params=None):
+ def list_zone_exports(self, params=None, headers=None):
"""List zone export tasks
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized exported zone as a list.
"""
return self._list_request(
- 'zones/tasks/exports', params=params)
+ 'zones/tasks/exports', params=params, headers=headers)
@base.handle_errors
def delete_zone_export(self, uuid, params=None):
diff --git a/designate_tempest_plugin/services/dns/v2/json/zones_client.py b/designate_tempest_plugin/services/dns/v2/json/zones_client.py
index ac360e6..9c5c056 100644
--- a/designate_tempest_plugin/services/dns/v2/json/zones_client.py
+++ b/designate_tempest_plugin/services/dns/v2/json/zones_client.py
@@ -23,7 +23,7 @@
@base.handle_errors
def create_zone(self, name=None, email=None, ttl=None, description=None,
- wait_until=False, params=None):
+ attributes=None, wait_until=False, params=None):
"""Create a zone with the specified parameters.
:param name: The name of the zone.
@@ -34,6 +34,10 @@
Default: Random Value
:param description: A description of the zone.
Default: Random Value
+ :param attributes: Key:Value pairs of information about this zone,
+ and the pool the user would like to place the zone in.
+ This information can be used by the scheduler to place
+ zones on the correct pool.
:param wait_until: Block until the zone reaches the desiered status
:param params: A Python dict that represents the query paramaters to
include in the request URI.
@@ -44,6 +48,8 @@
'email': email or dns_data_utils.rand_email(),
'ttl': ttl or dns_data_utils.rand_ttl(),
'description': description or data_utils.rand_name('test-zone'),
+ 'attributes': attributes or {
+ 'attribute_key': data_utils.rand_name('attribute_value')}
}
resp, body = self._create_request('zones', zone, params=params)
@@ -57,23 +63,26 @@
return resp, body
@base.handle_errors
- def show_zone(self, uuid, params=None):
+ def show_zone(self, uuid, params=None, headers=None):
"""Gets a specific zone.
:param uuid: Unique identifier of the zone in UUID format.
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized zone as a dictionary.
"""
- return self._show_request('zones', uuid, params=params)
+ return self._show_request(
+ 'zones', uuid, params=params, headers=headers)
@base.handle_errors
- def list_zones(self, params=None):
+ def list_zones(self, params=None, headers=None):
"""Gets a list of zones.
:param params: A Python dict that represents the query paramaters to
include in the request URI.
+ :param headers (dict): The headers to use for the request.
:return: Serialized zones as a list.
"""
- return self._list_request('zones', params=params)
+ return self._list_request('zones', params=params, headers=headers)
@base.handle_errors
def delete_zone(self, uuid, params=None):
diff --git a/designate_tempest_plugin/tests/api/v2/test_service_statuses.py b/designate_tempest_plugin/tests/api/v2/test_service_statuses.py
new file mode 100644
index 0000000..68396c5
--- /dev/null
+++ b/designate_tempest_plugin/tests/api/v2/test_service_statuses.py
@@ -0,0 +1,66 @@
+# Copyright 2021 Red Hat.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+from oslo_log import log as logging
+from designate_tempest_plugin.common import constants as const
+from tempest import config
+from tempest.lib import decorators
+
+from designate_tempest_plugin.tests import base
+
+LOG = logging.getLogger(__name__)
+
+
+CONF = config.CONF
+
+
+class ServiceStatus(base.BaseDnsV2Test):
+
+ credentials = ['primary', 'admin']
+
+ @classmethod
+ def setup_credentials(cls):
+ # Do not create network resources for these test.
+ cls.set_network_resources()
+ super(ServiceStatus, cls).setup_credentials()
+
+ @classmethod
+ def setup_clients(cls):
+ super(ServiceStatus, cls).setup_clients()
+
+ cls.client = cls.os_primary.service_client
+ cls.admin_client = cls.os_admin.service_client
+
+ @decorators.idempotent_id('bf277a76-8583-11eb-a557-74e5f9e2a801')
+ def test_list_service_statuses(self):
+
+ services_statuses_tup = [
+ (item['service_name'],
+ item['status']) for item in self.admin_client.list_statuses()]
+ LOG.info("Listed service tuples: (name,status)' are:{} ".format(
+ services_statuses_tup))
+
+ LOG.info('Make sure that all expected/mandatory services are '
+ 'listed in API response.')
+ expected_services = ['central', 'mdns', 'worker', 'producer']
+ for service in expected_services:
+ self.assertIn(
+ service, [item[0] for item in services_statuses_tup],
+ "Failed, expected service: {} wasn't detected in API "
+ "response".format(service))
+
+ LOG.info('Make sure that all listed services are in UP status.')
+ self.assertEqual(
+ {const.UP}, set([item[1] for item in services_statuses_tup]),
+ "Failed, not all listed services are in UP status, "
+ "services: {}".format(services_statuses_tup))
diff --git a/designate_tempest_plugin/tests/api/v2/test_transfer_accepts.py b/designate_tempest_plugin/tests/api/v2/test_transfer_accepts.py
index 70c9e30..1f7c1e1 100644
--- a/designate_tempest_plugin/tests/api/v2/test_transfer_accepts.py
+++ b/designate_tempest_plugin/tests/api/v2/test_transfer_accepts.py
@@ -13,6 +13,7 @@
# under the License.
from oslo_log import log as logging
from tempest.lib import decorators
+from tempest.lib import exceptions as lib_exc
from designate_tempest_plugin.tests import base
@@ -25,6 +26,8 @@
class TransferAcceptTest(BaseTransferAcceptTest):
+ credentials = ['primary', 'alt', 'admin']
+
@classmethod
def setup_credentials(cls):
# Do not create network resources for these test.
@@ -35,20 +38,32 @@
def setup_clients(cls):
super(TransferAcceptTest, cls).setup_clients()
- cls.zone_client = cls.os_primary.zones_client
- cls.request_client = cls.os_primary.transfer_request_client
- cls.client = cls.os_primary.transfer_accept_client
+ # Primary clients
+ cls.prm_zone_client = cls.os_primary.zones_client
+ cls.prm_request_client = cls.os_primary.transfer_request_client
+ cls.prm_accept_client = cls.os_primary.transfer_accept_client
+
+ # Alt clients
+ cls.alt_zone_client = cls.os_alt.zones_client
+ cls.alt_request_client = cls.os_alt.transfer_request_client
+ cls.alt_accept_client = cls.os_alt.transfer_accept_client
+
+ # Admin clients
+ cls.admin_zone_client = cls.os_admin.zones_client
+ cls.admin_request_client = cls.os_admin.transfer_request_client
+ cls.admin_accept_client = cls.os_admin.transfer_accept_client
@decorators.idempotent_id('1c6baf97-a83e-4d2e-a5d8-9d37fb7808f3')
def test_create_transfer_accept(self):
LOG.info('Create a zone')
- _, zone = self.zone_client.create_zone()
- self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
+ _, zone = self.prm_zone_client.create_zone()
+ self.addCleanup(
+ self.wait_zone_delete, self.prm_zone_client, zone['id'])
LOG.info('Create a zone transfer_request')
- _, transfer_request = self.request_client.create_transfer_request(
- zone['id'])
- self.addCleanup(self.request_client.delete_transfer_request,
+ _, transfer_request = self.prm_request_client.create_transfer_request(
+ zone['id'])
+ self.addCleanup(self.prm_request_client.delete_transfer_request,
transfer_request['id'])
data = {
@@ -56,7 +71,8 @@
"zone_transfer_request_id": transfer_request['id']
}
LOG.info('Create a zone transfer_accept')
- _, transfer_accept = self.client.create_transfer_accept(data)
+ _, transfer_accept = self.prm_accept_client.create_transfer_accept(
+ data)
LOG.info('Ensure we respond with ACTIVE status')
self.assertEqual('COMPLETE', transfer_accept['status'])
@@ -64,13 +80,14 @@
@decorators.idempotent_id('37c6afbb-3ea3-4fd8-94ea-a426244f019a')
def test_show_transfer_accept(self):
LOG.info('Create a zone')
- _, zone = self.zone_client.create_zone()
- self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
+ _, zone = self.prm_zone_client.create_zone()
+ self.addCleanup(
+ self.wait_zone_delete, self.prm_zone_client, zone['id'])
LOG.info('Create a zone transfer_request')
- _, transfer_request = self.request_client.create_transfer_request(
+ _, transfer_request = self.prm_request_client.create_transfer_request(
zone['id'])
- self.addCleanup(self.request_client.delete_transfer_request,
+ self.addCleanup(self.prm_request_client.delete_transfer_request,
transfer_request['id'])
data = {
@@ -79,11 +96,123 @@
}
LOG.info('Create a zone transfer_accept')
- _, transfer_accept = self.client.create_transfer_accept(data)
+ _, transfer_accept = self.prm_accept_client.create_transfer_accept(
+ data)
LOG.info('Fetch the transfer_accept')
- _, body = self.client.show_transfer_accept(transfer_accept['id'])
+ _, body = self.prm_accept_client.show_transfer_accept(
+ transfer_accept['id'])
LOG.info('Ensure the fetched response matches the '
'created transfer_accept')
self.assertExpected(transfer_accept, body, self.excluded_keys)
+
+ @decorators.idempotent_id('89b516f0-8c9f-11eb-a322-74e5f9e2a801')
+ def test_ownership_transferred_zone(self):
+
+ LOG.info('Create a Primary zone')
+ zone = self.prm_zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.prm_zone_client,
+ zone['id'], ignore_errors=lib_exc.NotFound)
+
+ LOG.info('Create a Primary zone transfer_request')
+ transfer_request = self.prm_request_client.create_transfer_request(
+ zone['id'])[1]
+ self.addCleanup(self.prm_request_client.delete_transfer_request,
+ transfer_request['id'])
+
+ data = {
+ "key": transfer_request['key'],
+ "zone_transfer_request_id": transfer_request['id']
+ }
+ LOG.info('Create an Alt zone transfer_accept')
+ transfer_accept = self.alt_accept_client.create_transfer_accept(
+ data)[1]
+
+ LOG.info('Ensure we respond with ACTIVE status')
+ self.assertEqual('COMPLETE', transfer_accept['status'])
+
+ # Make sure that the "project_id" of transferred zone has been changed
+ alt_transferred_zone = self.alt_zone_client.show_zone(zone['id'])[1]
+
+ self.assertNotEqual(
+ zone['project_id'], alt_transferred_zone['project_id'],
+ 'Failed, shown "project_id" for a transferred zone:{} should be '
+ 'different than the original "project_id" used in '
+ 'creation {}:'.format(
+ alt_transferred_zone['project_id'], zone['project_id']))
+
+ @decorators.idempotent_id('0fcd314c-8cae-11eb-a322-74e5f9e2a801')
+ def test_list_transfer_accepts(self):
+ """Test list API including filtering result option"""
+
+ number_of_zones_to_transfer = 3
+ transfer_request_ids = []
+ for _ in range(number_of_zones_to_transfer):
+
+ LOG.info('Create a Primary zone')
+ zone = self.prm_zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.prm_zone_client,
+ zone['id'], ignore_errors=lib_exc.NotFound)
+
+ LOG.info('Create a Primary zone transfer_request')
+ transfer_request = self.prm_request_client.create_transfer_request(
+ zone['id'])[1]
+ self.addCleanup(self.prm_request_client.delete_transfer_request,
+ transfer_request['id'])
+
+ data = {
+ "key": transfer_request['key'],
+ "zone_transfer_request_id": transfer_request['id']
+ }
+ LOG.info('Create an Alt zone transfer_accept')
+ transfer_accept = self.alt_accept_client.create_transfer_accept(
+ data)[1]
+
+ LOG.info('Ensure we respond with ACTIVE status')
+ self.assertEqual('COMPLETE', transfer_accept['status'])
+ transfer_request_ids.append(transfer_accept['id'])
+
+ # As Admin list all accepted zone transfers, expected:
+ # each previously transferred zone is listed.
+ LOG.info('Use Admin client to list all "accepted zone transfers"')
+ admin_client_accept_ids = [
+ item['id'] for item in
+ self.admin_accept_client.list_transfer_accept(
+ headers={'x-auth-all-projects': True})]
+ for tr_id in transfer_request_ids:
+ self.assertIn(
+ tr_id, admin_client_accept_ids,
+ 'Failed, expected transfer accept ID:{} is not listed in'
+ ' transfer accept IDs:{} '.format(tr_id, transfer_request_ids))
+
+ # As Admin list all accepted zone transfers in COMPLETE status only,
+ # expected: each previously transferred zone is listed.
+ LOG.info('Use Admin client to list all "accepted zone transfers", '
+ 'filter COMPLETE status only accepts.')
+ admin_client_accept_ids = [
+ item['id'] for item in
+ self.admin_accept_client.list_transfer_accept(
+ headers={'x-auth-all-projects': True},
+ params={'status': 'COMPLETE'})]
+ for tr_id in transfer_request_ids:
+ self.assertIn(
+ tr_id, admin_client_accept_ids,
+ 'Failed, expected transfer accept ID:{} is not listed in'
+ ' transfer accept IDs:{} '.format(
+ tr_id, transfer_request_ids))
+
+ # As Admin list all accepted zone transfers in "non existing" status,
+ # expected: received list is empty.
+ not_existing_status = 'zahlabut'
+ LOG.info('Use Admin client to list all "accepted zone transfers", '
+ 'filter {} status only accepts.'.format(not_existing_status))
+ admin_client_accept_ids = [
+ item['id'] for item in
+ self.admin_accept_client.list_transfer_accept(
+ headers={'x-auth-all-projects': True},
+ params={'status': not_existing_status})]
+ self.assertEmpty(
+ admin_client_accept_ids,
+ "Failed, filtered list should be empty, but actually it's not, "
+ "filtered IDs:{} ".format(admin_client_accept_ids))
diff --git a/designate_tempest_plugin/tests/api/v2/test_transfer_request.py b/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
index bae2510..666fd79 100644
--- a/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
+++ b/designate_tempest_plugin/tests/api/v2/test_transfer_request.py
@@ -27,7 +27,7 @@
class TransferRequestTest(BaseTransferRequestTest):
- credentials = ['primary', 'alt']
+ credentials = ['primary', 'alt', 'admin']
@classmethod
def setup_credentials(cls):
@@ -40,8 +40,10 @@
super(TransferRequestTest, cls).setup_clients()
cls.zone_client = cls.os_primary.zones_client
+ cls.alt_zone_client = cls.os_alt.zones_client
cls.client = cls.os_primary.transfer_request_client
cls.alt_client = cls.os_alt.transfer_request_client
+ cls.admin_client = cls.os_admin.transfer_request_client
@decorators.idempotent_id('2381d489-ad84-403d-b0a2-8b77e4e966bf')
def test_create_transfer_request(self):
@@ -107,6 +109,34 @@
'created transfer_request')
self.assertExpected(transfer_request, body, self.excluded_keys)
+ @decorators.idempotent_id('5bed4582-9cfb-11eb-a160-74e5f9e2a801')
+ @decorators.skip_because(bug="1926572")
+ def test_show_transfer_request_impersonate_another_project(self):
+ LOG.info('Create a zone')
+ zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
+
+ LOG.info('Create a zone transfer_request')
+ transfer_request = self.client.create_transfer_request(zone['id'])[1]
+ self.addCleanup(self.client.delete_transfer_request,
+ transfer_request['id'])
+
+ LOG.info('As Admin tenant fetch the transfer_request without using '
+ '"x-auth-sudo-project-id" HTTP header. Expected: 404')
+ self.assertRaises(lib_exc.NotFound,
+ lambda: self.admin_client.show_transfer_request(
+ transfer_request['id']))
+
+ LOG.info('As Admin tenant fetch the transfer_request using '
+ '"x-auth-sudo-project-id" HTTP header.')
+ body = self.admin_client.show_transfer_request(
+ transfer_request['id'],
+ headers={'x-auth-sudo-project-id': zone['project_id']})[1]
+
+ LOG.info('Ensure the fetched response matches the '
+ 'created transfer_request')
+ self.assertExpected(transfer_request, body, self.excluded_keys)
+
@decorators.idempotent_id('235ded87-0c47-430b-8cad-4f3194b927a6')
def test_show_transfer_request_as_target(self):
# Checks the target of a scoped transfer request can see
@@ -166,6 +196,48 @@
self.assertGreater(len(body['transfer_requests']), 0)
+ @decorators.idempotent_id('db985892-9d02-11eb-a160-74e5f9e2a801')
+ def test_list_transfer_requests_all_projects(self):
+ LOG.info('Create a Primary zone')
+ primary_zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.zone_client, primary_zone['id'])
+
+ LOG.info('Create an Alt zone')
+ alt_zone = self.alt_zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.alt_zone_client, alt_zone['id'])
+
+ LOG.info('Create a zone transfer_request using Primary client')
+ primary_transfer_request = self.client.create_transfer_request(
+ primary_zone['id'])[1]
+ self.addCleanup(self.client.delete_transfer_request,
+ primary_transfer_request['id'])
+
+ LOG.info('Create a zone transfer_request using Alt client')
+ alt_transfer_request = self.alt_client.create_transfer_request(
+ alt_zone['id'])[1]
+ self.addCleanup(self.alt_client.delete_transfer_request,
+ alt_transfer_request['id'])
+
+ LOG.info('List transfer_requests for all projects using Admin tenant '
+ 'without "x-auth-all-projects" HTTP header. '
+ 'Expected: empty list')
+ self.assertEqual([], self.admin_client.list_transfer_requests()[1][
+ 'transfer_requests'], 'Failed, requests list is not empty')
+
+ LOG.info('List transfer_requests for all projects using Admin tenant '
+ 'and "x-auth-all-projects" HTTP header.')
+ request_ids = [
+ item['id'] for item in self.admin_client.list_transfer_requests(
+ headers={'x-auth-all-projects': True})[1]['transfer_requests']]
+
+ for request_id in [primary_transfer_request['id'],
+ alt_transfer_request['id']]:
+ self.assertIn(request_id, request_ids,
+ "Failed, transfer request ID:{} wasn't found in "
+ "listed IDs{}".format(request_id, request_ids))
+
@decorators.idempotent_id('de5e9d32-c723-4518-84e5-58da9722cc13')
def test_update_transfer_request(self):
LOG.info('Create a zone')
diff --git a/designate_tempest_plugin/tests/api/v2/test_zones.py b/designate_tempest_plugin/tests/api/v2/test_zones.py
index ee31b9b..94e162f 100644
--- a/designate_tempest_plugin/tests/api/v2/test_zones.py
+++ b/designate_tempest_plugin/tests/api/v2/test_zones.py
@@ -11,6 +11,7 @@
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
+import uuid
from oslo_log import log as logging
from tempest.lib import decorators
from tempest.lib import exceptions as lib_exc
@@ -19,6 +20,7 @@
from designate_tempest_plugin import data_utils as dns_data_utils
from designate_tempest_plugin.tests import base
+from designate_tempest_plugin.common import waiters
LOG = logging.getLogger(__name__)
@@ -62,6 +64,18 @@
LOG.info('Ensure the fetched response matches the created zone')
self.assertExpected(zone, body, self.excluded_keys)
+ @decorators.idempotent_id('49268b24-92de-11eb-9d02-74e5f9e2a801')
+ def test_show_not_existing_zone(self):
+ LOG.info('Fetch non existing zone')
+ self.assertRaises(lib_exc.NotFound,
+ lambda: self.client.show_zone(uuid.uuid1()))
+
+ @decorators.idempotent_id('736e3b50-92e0-11eb-9d02-74e5f9e2a801')
+ def test_use_invalid_id_to_show_zone(self):
+ LOG.info('Fetch the zone using invalid zone ID')
+ with self.assertRaisesDns(lib_exc.BadRequest, 'invalid_uuid', 400):
+ self.client.show_zone(uuid='zahlabut')
+
@decorators.attr(type='smoke')
@decorators.idempotent_id('a4791906-6cd6-4d27-9f15-32273db8bb3d')
def test_delete_zone(self):
@@ -77,6 +91,12 @@
self.assertEqual('DELETE', body['action'])
self.assertEqual('PENDING', body['status'])
+ @decorators.idempotent_id('79921370-92e1-11eb-9d02-74e5f9e2a801')
+ def test_delete_non_existing_zone(self):
+ LOG.info('Delete non existing zone')
+ self.assertRaises(lib_exc.NotFound,
+ lambda: self.client.delete_zone(uuid.uuid1()))
+
@decorators.idempotent_id('5bfa3cfe-5bc8-443b-bf48-cfba44cbb247')
def test_list_zones(self):
LOG.info('Create a zone')
@@ -110,6 +130,13 @@
LOG.info('Ensure we respond with updated values')
self.assertEqual(description, zone['description'])
+ @decorators.idempotent_id('e391e30a-92e0-11eb-9d02-74e5f9e2a801')
+ def test_update_non_existing_zone(self):
+ LOG.info('Update non existing zone')
+ self.assertRaises(lib_exc.NotFound,
+ lambda: self.client.update_zone(
+ uuid.uuid1(), description=data_utils.rand_name()))
+
@decorators.idempotent_id('925192f2-0ed8-4591-8fe7-a9fa028f90a0')
def test_list_zones_dot_json_fails(self):
uri = self.client.get_uri('zones.json')
@@ -119,7 +146,7 @@
class ZonesAdminTest(BaseZonesTest):
- credentials = ['primary', 'admin']
+ credentials = ['primary', 'admin', 'alt']
@classmethod
def setup_credentials(cls):
@@ -133,19 +160,82 @@
cls.client = cls.os_primary.zones_client
cls.admin_client = cls.os_admin.zones_client
+ cls.alt_client = cls.os_alt.zones_client
- @decorators.idempotent_id('6477f92d-70ba-46eb-bd6c-fc50c405e222')
- def test_get_other_tenant_zone(self):
- LOG.info('Create a zone as a user')
- _, zone = self.client.create_zone()
+ @decorators.idempotent_id('f6fe8cce-8b04-11eb-a861-74e5f9e2a801')
+ def test_show_zone_impersonate_another_project(self):
+ LOG.info('Create zone "A" using primary client')
+ zone = self.client.create_zone()[1]
self.addCleanup(self.wait_zone_delete, self.client, zone['id'])
- LOG.info('Fetch the zone as an admin')
- _, body = self.admin_client.show_zone(
- zone['id'], params={'all_projects': True})
+ LOG.info('As Alt tenant show zone created by Primary tenant. '
+ 'Expected: 404 NotFound')
+ self.assertRaises(
+ lib_exc.NotFound, self.alt_client.show_zone, uuid=zone['id'])
- LOG.info('Ensure the fetched response matches the created zone')
- self.assertExpected(zone, body, self.excluded_keys)
+ LOG.info('As Admin tenant show zone created by Primary tenant. '
+ 'Expected: 404 NotFound')
+ self.assertRaises(
+ lib_exc.NotFound, self.admin_client.show_zone, uuid=zone['id'])
+
+ LOG.info('As Alt tenant show zone created by Primary tenant using '
+ '"x-auth-sudo-project-id" HTTP header. '
+ 'Expected: 403 Forbidden')
+ self.assertRaises(
+ lib_exc.Forbidden, self.alt_client.show_zone, uuid=None,
+ headers={'x-auth-sudo-project-id': zone['project_id']})
+
+ LOG.info('As Admin user impersonate another project '
+ '(using "x-auth-sudo-project-id" HTTP header) to show '
+ 'a Primary tenant zone.')
+ body = self.admin_client.show_zone(
+ uuid=None, headers={
+ 'x-auth-sudo-project-id': zone['project_id']})[1]
+
+ LOG.info('Ensure the fetched response matches the impersonated'
+ ' project, it means the ID of a zone "A"')
+ self.assertExpected(zone, body['zones'][0], self.excluded_keys)
+
+ @decorators.idempotent_id('e1cf7104-8b06-11eb-a861-74e5f9e2a801')
+ def test_list_all_projects_zones(self):
+
+ LOG.info('Create zone "A" using Primary client')
+ primary_zone = self.client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.client, primary_zone['id'])
+ LOG.info('Wait till the zone is ACTIVE')
+ waiters.wait_for_zone_status(
+ self.client, primary_zone['id'], 'ACTIVE')
+
+ LOG.info('Create zone "B" using Alt client')
+ alt_zone = self.alt_client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.alt_client, alt_zone['id'])
+ LOG.info('Wait till the zone is ACTIVE')
+ waiters.wait_for_zone_status(
+ self.alt_client, alt_zone['id'], 'ACTIVE')
+
+ LOG.info('Create zone "C" using Admin client')
+ admin_zone = self.admin_client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.admin_client, admin_zone['id'])
+ LOG.info('Wait till the zone is ACTIVE')
+ waiters.wait_for_zone_status(
+ self.admin_client, admin_zone['id'], 'ACTIVE')
+
+ LOG.info('As admin user list all projects zones')
+ body = self.admin_client.list_zones(
+ headers={'x-auth-all-projects': True})[1]['zones']
+ listed_zone_ids = [item['id'] for item in body]
+
+ LOG.info('Ensure the fetched response includes all zone '
+ 'IDs created within the test')
+
+ for id in [primary_zone['id'], alt_zone['id'], admin_zone['id']]:
+ self.assertIn(
+ id, listed_zone_ids,
+ 'Failed, id:{} was not found in listed zones:{} '.format(
+ id, listed_zone_ids))
class ZoneOwnershipTest(BaseZonesTest):
diff --git a/designate_tempest_plugin/tests/api/v2/test_zones_exports.py b/designate_tempest_plugin/tests/api/v2/test_zones_exports.py
index 13cd077..34a2c41 100644
--- a/designate_tempest_plugin/tests/api/v2/test_zones_exports.py
+++ b/designate_tempest_plugin/tests/api/v2/test_zones_exports.py
@@ -27,6 +27,8 @@
class ZonesExportTest(BaseZoneExportsTest):
+ credentials = ['primary', 'admin', 'alt']
+
@classmethod
def setup_credentials(cls):
# Do not create network resources for these test.
@@ -38,7 +40,10 @@
super(ZonesExportTest, cls).setup_clients()
cls.zone_client = cls.os_primary.zones_client
+ cls.alt_zone_client = cls.os_alt.zones_client
cls.client = cls.os_primary.zone_exports_client
+ cls.alt_client = cls.os_alt.zone_exports_client
+ cls.admin_client = cls.os_admin.zone_exports_client
@decorators.idempotent_id('2dd8a9a0-98a2-4bf6-bb51-286583b30f40')
def test_create_zone_export(self):
@@ -53,6 +58,12 @@
LOG.info('Ensure we respond with PENDING')
self.assertEqual('PENDING', zone_export['status'])
+ @decorators.idempotent_id('76ab8ec4-95fd-11eb-b1cd-74e5f9e2a801')
+ def test_create_zone_export_using_invalid_zone_id(self):
+ self.assertRaises(
+ lib_exc.NotFound, self.client.create_zone_export,
+ 'e35bc796-9841-11eb-898b-74e5f9e2a801')
+
@decorators.attr(type='smoke')
@decorators.idempotent_id('2d29a2a9-1941-4b7e-9d8a-ad6c2140ea68')
def test_show_zone_export(self):
@@ -70,6 +81,29 @@
LOG.info('Ensure the fetched response matches the zone export')
self.assertExpected(zone_export, body, self.excluded_keys)
+ @decorators.idempotent_id('fb04507c-9600-11eb-b1cd-74e5f9e2a801')
+ def test_show_zone_export_impersonate_another_project(self):
+ LOG.info('Create a zone')
+ zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'])
+
+ LOG.info('Create a zone export using primary client')
+ resp, zone_export = self.client.create_zone_export(zone['id'])
+ self.addCleanup(self.client.delete_zone_export, zone_export['id'])
+
+ LOG.info('Impersonate "primary" client, to show created zone exports')
+ body = self.admin_client.show_zone_export(uuid=None, headers={
+ 'x-auth-sudo-project-id': zone['project_id']})[1]['exports']
+ listed_export_ids = [item['id'] for item in body]
+
+ LOG.info('Ensure that the fetched response, contains the ID '
+ 'for a zone export created by primary client.')
+ self.assertIn(
+ zone_export['id'], listed_export_ids,
+ 'Failed, expected ID:{} was not found in listed export zones '
+ 'for a primary client: {}'.format(
+ zone_export['id'], listed_export_ids))
+
@decorators.idempotent_id('97234f00-8bcb-43f8-84dd-874f8bc4a80e')
def test_delete_zone_export(self):
LOG.info('Create a zone')
@@ -100,3 +134,59 @@
_, body = self.client.list_zone_exports()
self.assertGreater(len(body['exports']), 0)
+
+ @decorators.idempotent_id('f34e7f34-9613-11eb-b1cd-74e5f9e2a801')
+ def test_list_zone_exports_all_projects(self):
+ LOG.info('Create a primary zone and its export')
+ primary_zone = self.zone_client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.zone_client, primary_zone['id'])
+ primary_export = self.client.create_zone_export(primary_zone['id'])[1]
+ self.addCleanup(self.client.delete_zone_export, primary_export['id'])
+
+ LOG.info('Create an alt zone and its export')
+ alt_zone = self.alt_zone_client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.alt_zone_client, alt_zone['id'])
+ alt_export = self.alt_client.create_zone_export(alt_zone['id'])[1]
+ self.addCleanup(self.alt_client.delete_zone_export, alt_export['id'])
+
+ LOG.info('As admin user list zone exports for all projects')
+ listed_exports_ids = [
+ item['id'] for item in self.admin_client.list_zone_exports(
+ headers={'x-auth-all-projects': True})[1]['exports']]
+
+ LOG.info('Make sure that all previously created zone '
+ 'export IDs are listed')
+ for id in [primary_export['id'], alt_export['id']]:
+ self.assertIn(
+ id, listed_exports_ids,
+ 'Failed, expected ID:{} was not found in '
+ 'listed IDs:{}'.format(id, listed_exports_ids))
+
+ @decorators.idempotent_id('943dad4a-9617-11eb-b1cd-74e5f9e2a801')
+ def test_export_not_your_zone(self):
+ LOG.info('Create a primary zone.')
+ primary_zone = self.zone_client.create_zone()[1]
+ self.addCleanup(
+ self.wait_zone_delete, self.zone_client, primary_zone['id'])
+
+ LOG.info('Make sure that "404 NotFound" status code is raised.')
+ self.assertRaises(
+ lib_exc.NotFound, self.alt_client.create_zone_export,
+ primary_zone['id'])
+
+ @decorators.idempotent_id('518dc308-9604-11eb-b1cd-74e5f9e2a801')
+ def test_create_zone_export_using_deleted_zone(self):
+ LOG.info('Create a zone')
+ zone = self.zone_client.create_zone()[1]
+ self.addCleanup(self.wait_zone_delete, self.zone_client, zone['id'],
+ ignore_errors=lib_exc.NotFound)
+
+ LOG.info("Delete the zone and wait till it's done.")
+ self.zone_client.delete_zone(zone['id'])[1]
+ self.wait_zone_delete(self.zone_client, zone['id'])
+
+ LOG.info('Ensure we respond with NotFound exception')
+ self.assertRaises(
+ lib_exc.NotFound, self.client.create_zone_export, zone['id'])
diff --git a/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py b/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
index c12bd96..88e9c8f 100644
--- a/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
+++ b/designate_tempest_plugin/tests/scenario/v2/test_zones_transfer.py
@@ -16,22 +16,25 @@
from tempest.lib import exceptions as lib_exc
from designate_tempest_plugin.tests import base
+from designate_tempest_plugin import data_utils as dns_data_utils
LOG = logging.getLogger(__name__)
class ZonesTransferTest(base.BaseDnsV2Test):
- credentials = ['primary', 'alt']
+ credentials = ['primary', 'alt', 'admin']
@classmethod
def setup_clients(cls):
super(ZonesTransferTest, cls).setup_clients()
cls.zones_client = cls.os_primary.zones_client
cls.alt_zones_client = cls.os_alt.zones_client
+ cls.admin_zones_client = cls.os_admin.zones_client
cls.request_client = cls.os_primary.transfer_request_client
cls.alt_request_client = cls.os_alt.transfer_request_client
cls.accept_client = cls.os_primary.transfer_accept_client
cls.alt_accept_client = cls.os_alt.transfer_accept_client
+ cls.admin_accept_client = cls.os_admin.transfer_accept_client
@decorators.idempotent_id('60bd80ac-c979-4686-9a03-f2f775f272ab')
def test_zone_transfer(self):
@@ -63,3 +66,43 @@
LOG.info('Ensure 404 when fetching the zone as primary tenant')
self.assertRaises(lib_exc.NotFound,
lambda: self.zones_client.show_zone(zone['id']))
+
+ LOG.info('Accept the request as admin tenant, should fail '
+ 'with: "invalid_zone_transfer_request"')
+ with self.assertRaisesDns(
+ lib_exc.BadRequest, 'invalid_zone_transfer_request', 400):
+ self.admin_accept_client.create_transfer_accept(accept_data)
+
+ @decorators.idempotent_id('5855b772-a036-11eb-9973-74e5f9e2a801')
+ def test_zone_transfer_target_project(self):
+ LOG.info('Create a zone as "primary" tenant')
+ zone = self.zones_client.create_zone()[1]
+
+ LOG.info('Create transfer_request with target project set to '
+ '"Admin" tenant')
+ transfer_request_data = dns_data_utils.rand_transfer_request_data(
+ target_project_id=self.os_admin.credentials.project_id)
+ transfer_request = self.request_client.create_transfer_request(
+ zone['id'], transfer_request_data)[1]
+ self.addCleanup(self.request_client.delete_transfer_request,
+ transfer_request['id'])
+ LOG.info('Ensure we respond with ACTIVE status')
+ self.assertEqual('ACTIVE', transfer_request['status'])
+
+ LOG.info('Accept the request as "alt" tenant, Expected: should fail '
+ 'as "admin" was set as a target project.')
+ accept_data = {
+ "key": transfer_request['key'],
+ "zone_transfer_request_id": transfer_request['id']
+ }
+ self.assertRaises(
+ lib_exc.Forbidden, self.alt_accept_client.create_transfer_accept,
+ transfer_accept_data=accept_data)
+
+ LOG.info('Accept the request as "Admin" tenant, Expected: should work')
+ self.admin_accept_client.create_transfer_accept(accept_data)
+ LOG.info('Fetch the zone as "Admin" tenant')
+ admin_zone = self.admin_zones_client.show_zone(zone['id'])[1]
+ self.addCleanup(self.wait_zone_delete,
+ self.admin_zones_client,
+ admin_zone['id'])