commit 7967b0e91a516d152ef6d736668f8df0c3a5fd54
author Jenkins <jenkins@review.openstack.org> Sat Aug 27 13:39:25 2016 +0000
committer Gerrit Code Review <review@openstack.org> Sat Aug 27 13:39:25 2016 +0000
tree bae3fa49ae25522f9b257284096980bd79c83f15
parent 46124d6eff98744cd4423d58f14a5e712487c32a
parent 62f9d490f8a7fcbfb7b2092176493a8244ad8b95

Merge "Add tests for various RRSet types"

designate_tempest_plugin/tests/api/v2/test_recordset.py

diff --git a/designate_tempest_plugin/tests/api/v2/test_recordset.py b/designate_tempest_plugin/tests/api/v2/test_recordset.py
index a4b50e3..9096f76 100644
--- a/designate_tempest_plugin/tests/api/v2/test_recordset.py
+++ b/designate_tempest_plugin/tests/api/v2/test_recordset.py
@@ -329,3 +329,71 @@
         recordsets = body['recordsets']
 
         self.assertEqual(zone_recordset['id'], recordsets[0]['id'])
+
+
+class RecordsetOwnershipTest(BaseRecordsetsTest):
+
+    credentials = ['primary', 'alt']
+
+    @classmethod
+    def setup_clients(cls):
+        super(RecordsetOwnershipTest, cls).setup_clients()
+
+        cls.client = cls.os.recordset_client
+        cls.zone_client = cls.os.zones_client
+        cls.alt_zone_client = cls.os_alt.zones_client
+        cls.alt_client = cls.os_alt.recordset_client
+
+    @decorators.idempotent_id('9c0f58ad-1b31-4899-b184-5380720604e5')
+    def test_no_create_recordset_by_alt_tenant(self):
+        # try with name=A123456.zone.com.
+        recordset_data = data_utils.rand_recordset_data(
+            record_type='A', zone_name=self.zone['name'])
+        resp, rrset = self.client.create_recordset(
+            self.zone['id'], recordset_data)
+        self.assertRaises(
+            lib_exc.RestClientException,
+            lambda: self.alt_client.create_recordset(
+                self.zone['id'], recordset_data)
+        )
+
+    @decorators.idempotent_id('d4a9aad9-c778-429b-9a0c-4cd2b61a0a01')
+    def test_no_create_super_recordsets(self):
+        zone_name = data_utils.rand_zone_name()
+
+        LOG.info('Create a zone as a default user')
+        _, zone = self.zone_client.create_zone(name='a.b.' + zone_name)
+        self.addCleanup(self.zone_client.delete_zone, zone['id'])
+
+        rrset_data = data_utils.rand_recordset_data(
+            record_type='A', zone_name=zone_name)
+
+        LOG.info('Create a zone as an alt user with existing superdomain')
+        self.assertRaises(
+            lib_exc.NotFound,
+            self.alt_client.create_recordset,
+            self.zone['id'], rrset_data)
+
+    @decorators.idempotent_id('3dbe244d-fa85-4afc-869b-0306388d8746')
+    def test_no_create_recordset_via_alt_domain(self):
+        _, zone = self.zone_client.create_zone()
+        _, alt_zone = self.alt_zone_client.create_zone()
+
+        # alt attempts to create record with name A12345.{zone}
+        recordset_data = data_utils.rand_recordset_data(
+            record_type='A', zone_name=zone['name'])
+
+        self.assertRaises(
+            lib_exc.RestClientException,
+            lambda: self.alt_client.create_recordset(
+                zone['id'],
+                recordset_data
+            )
+        )
+        self.assertRaises(
+            lib_exc.RestClientException,
+            lambda: self.alt_client.create_recordset(
+                alt_zone['id'],
+                recordset_data
+            )
+        )