[Negative] Test different tenants cannot use same cephx id
This test uses two tenants (alt and primary) and uses one
cephx id. The test validates that a same cephx id can not
be used in different tenants.
Change-Id: I8dede49a32f432d05637e63177f9f5feae245adc
diff --git a/manila_tempest_tests/tests/api/test_rules_negative.py b/manila_tempest_tests/tests/api/test_rules_negative.py
index 764533c..33b82a4 100644
--- a/manila_tempest_tests/tests/api/test_rules_negative.py
+++ b/manila_tempest_tests/tests/api/test_rules_negative.py
@@ -20,6 +20,7 @@
from testtools import testcase as tc
from manila_tempest_tests.common import constants
+from manila_tempest_tests import share_exceptions
from manila_tempest_tests.tests.api import base
from manila_tempest_tests import utils
@@ -385,6 +386,28 @@
self.share["id"], self.access_type, self.access_to,
access_level="su")
+ @tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
+ def test_different_tenants_cannot_use_same_cephx_id(self):
+ # Grant access to the share
+ access1 = self.shares_v2_client.create_access_rule(
+ self.share['id'], self.access_type, self.access_to, 'rw')
+ self.shares_v2_client.wait_for_access_rule_status(
+ self.share['id'], access1['id'], 'active')
+
+ # Create second share by the new user
+ share2 = self.create_share(client=self.alt_shares_v2_client,
+ share_protocol=self.protocol,
+ share_type_id=self.share_type_id)
+
+ # Try grant access to the second share using the same cephx id as used
+ # on the first share
+ access2 = self.alt_shares_v2_client.create_access_rule(
+ share2['id'], self.access_type, self.access_to, 'rw')
+ self.assertRaises(
+ share_exceptions.AccessRuleBuildErrorException,
+ self.alt_shares_v2_client.wait_for_access_rule_status,
+ share2['id'], access2['id'], 'active')
+
def skip_if_cephx_access_type_not_supported_by_client(self, client):
if client == 'shares_client':