Merge "Move general methods under utils file"
diff --git a/manila_tempest_tests/tests/api/base.py b/manila_tempest_tests/tests/api/base.py
index a24a6b1..6372034 100755
--- a/manila_tempest_tests/tests/api/base.py
+++ b/manila_tempest_tests/tests/api/base.py
@@ -723,35 +723,6 @@
return replica
@classmethod
- def _get_access_rule_data_from_config(cls):
- """Get the first available access type/to combination from config.
-
- This method opportunistically picks the first configured protocol
- to create the share. Do not use this method in tests where you need
- to test depth and breadth in the access types and access recipients.
- """
- protocol = cls.shares_v2_client.share_protocol
-
- if protocol in CONF.share.enable_ip_rules_for_protocols:
- access_type = "ip"
- access_to = utils.rand_ip()
- elif protocol in CONF.share.enable_user_rules_for_protocols:
- access_type = "user"
- access_to = CONF.share.username_for_user_rules
- elif protocol in CONF.share.enable_cert_rules_for_protocols:
- access_type = "cert"
- access_to = "client3.com"
- elif protocol in CONF.share.enable_cephx_rules_for_protocols:
- access_type = "cephx"
- access_to = data_utils.rand_name(
- cls.__class__.__name__ + '-cephx-id')
- else:
- message = "Unrecognized protocol and access rules configuration."
- raise cls.skipException(message)
-
- return access_type, access_to
-
- @classmethod
def create_share_network(cls, client=None,
cleanup_in_class=False,
add_security_services=True, **kwargs):
@@ -1020,7 +991,8 @@
raise_rule_in_error_state=True, cleanup=True):
client = client or self.shares_v2_client
- a_type, a_to = self._get_access_rule_data_from_config()
+ a_type, a_to = utils.get_access_rule_data_from_config(
+ client.share_protocol)
access_type = access_type or a_type
access_to = access_to or a_to
diff --git a/manila_tempest_tests/tests/api/test_access_rules_metadata.py b/manila_tempest_tests/tests/api/test_access_rules_metadata.py
index ee541ac..6b0aa2d 100644
--- a/manila_tempest_tests/tests/api/test_access_rules_metadata.py
+++ b/manila_tempest_tests/tests/api/test_access_rules_metadata.py
@@ -55,8 +55,8 @@
@classmethod
def resource_setup(cls):
super(AccessRulesMetadataTest, cls).resource_setup()
- cls.protocol = cls.shares_v2_client.share_protocol
- cls.access_type, __ = cls._get_access_rule_data_from_config()
+ cls.access_type, __ = utils.get_access_rule_data_from_config(
+ cls.shares_v2_client.share_protocol)
int_range = range(20, 50)
cls.access_to = {
# list of unique values is required for ability to create lots
diff --git a/manila_tempest_tests/tests/api/test_access_rules_metadata_negative.py b/manila_tempest_tests/tests/api/test_access_rules_metadata_negative.py
index c848ed3..98a1361 100644
--- a/manila_tempest_tests/tests/api/test_access_rules_metadata_negative.py
+++ b/manila_tempest_tests/tests/api/test_access_rules_metadata_negative.py
@@ -55,9 +55,9 @@
@classmethod
def resource_setup(cls):
super(AccessesMetadataNegativeTest, cls).resource_setup()
- cls.protocol = cls.shares_v2_client.share_protocol
cls.access_type, cls.access_to = (
- cls._get_access_rule_data_from_config()
+ utils.get_access_rule_data_from_config(
+ cls.shares_v2_client.share_protocol)
)
# create share type
cls.share_type = cls.create_share_type()
diff --git a/manila_tempest_tests/tests/api/test_replication.py b/manila_tempest_tests/tests/api/test_replication.py
index 7873926..9a9a478 100644
--- a/manila_tempest_tests/tests/api/test_replication.py
+++ b/manila_tempest_tests/tests/api/test_replication.py
@@ -330,7 +330,8 @@
@tc.attr(base.TAG_POSITIVE, base.TAG_BACKEND)
def test_add_access_rule_create_replica_delete_rule(self):
# Add access rule to the share
- access_type, access_to = self._get_access_rule_data_from_config()
+ access_type, access_to = utils.get_access_rule_data_from_config(
+ self.shares_v2_client.share_protocol)
self.allow_access(
self.shares[0]["id"], access_type=access_type, access_to=access_to,
access_level='ro')
@@ -346,7 +347,8 @@
@decorators.idempotent_id('3af3f19a-1195-464e-870b-1a3918914f1b')
@tc.attr(base.TAG_POSITIVE, base.TAG_BACKEND)
def test_create_replica_add_access_rule_delete_replica(self):
- access_type, access_to = self._get_access_rule_data_from_config()
+ access_type, access_to = utils.get_access_rule_data_from_config(
+ self.shares_v2_client.share_protocol)
# Create the replica
share_replica = self._verify_create_replica()
@@ -408,7 +410,8 @@
share = self.create_shares([self.creation_data])[0]
# Add access rule
- access_type, access_to = self._get_access_rule_data_from_config()
+ access_type, access_to = utils.get_access_rule_data_from_config(
+ self.shares_v2_client.share_protocol)
self.allow_access(
share["id"], access_type=access_type, access_to=access_to,
access_level='ro')
diff --git a/manila_tempest_tests/tests/api/test_replication_negative.py b/manila_tempest_tests/tests/api/test_replication_negative.py
index 15b20e5..dde5d80 100644
--- a/manila_tempest_tests/tests/api/test_replication_negative.py
+++ b/manila_tempest_tests/tests/api/test_replication_negative.py
@@ -190,7 +190,8 @@
@decorators.idempotent_id('600a13d2-5cf0-482e-97af-9f598b55a407')
@tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
def test_add_access_rule_share_replica_error_status(self):
- access_type, access_to = self._get_access_rule_data_from_config()
+ access_type, access_to = utils.get_access_rule_data_from_config(
+ self.shares_v2_client.share_protocol)
# Create the replica
share_replica = self.create_share_replica(self.share1["id"],
self.replica_zone,
diff --git a/manila_tempest_tests/tests/api/test_rules.py b/manila_tempest_tests/tests/api/test_rules.py
index 979bf06..925b725 100644
--- a/manila_tempest_tests/tests/api/test_rules.py
+++ b/manila_tempest_tests/tests/api/test_rules.py
@@ -437,9 +437,9 @@
@classmethod
def resource_setup(cls):
super(ShareRulesTest, cls).resource_setup()
- cls.protocol = cls.shares_v2_client.share_protocol
cls.access_type, cls.access_to = (
- cls._get_access_rule_data_from_config()
+ utils.get_access_rule_data_from_config(
+ cls.shares_v2_client.share_protocol)
)
cls.share_type = cls.create_share_type()
cls.share_type_id = cls.share_type['id']
diff --git a/manila_tempest_tests/tests/api/test_rules_negative.py b/manila_tempest_tests/tests/api/test_rules_negative.py
index 1eb858d..a4b53f5 100644
--- a/manila_tempest_tests/tests/api/test_rules_negative.py
+++ b/manila_tempest_tests/tests/api/test_rules_negative.py
@@ -153,7 +153,8 @@
@decorators.idempotent_id('d2856c7d-9417-416d-8d08-e68376ee5b2e')
@tc.attr(base.TAG_NEGATIVE, base.TAG_API_WITH_BACKEND)
def test_add_access_rule_on_share_with_no_host(self):
- access_type, access_to = self._get_access_rule_data_from_config()
+ access_type, access_to = utils.get_access_rule_data_from_config(
+ self.protocol)
extra_specs = self.add_extra_specs_to_dict(
{"share_backend_name": 'invalid_backend'})
share_type = self.create_share_type('invalid_backend',
diff --git a/manila_tempest_tests/tests/rbac/test_availability_zones.py b/manila_tempest_tests/tests/rbac/test_availability_zones.py
new file mode 100644
index 0000000..1754726
--- /dev/null
+++ b/manila_tempest_tests/tests/rbac/test_availability_zones.py
@@ -0,0 +1,69 @@
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import abc
+
+from tempest.lib import decorators
+from testtools import testcase as tc
+
+from manila_tempest_tests.tests.api import base
+from manila_tempest_tests.tests.rbac import base as rbac_base
+
+
+class ShareRbacAvailabilityZonesTests(rbac_base.ShareRbacBaseTests,
+ metaclass=abc.ABCMeta):
+
+ @classmethod
+ def setup_clients(cls):
+ super(ShareRbacAvailabilityZonesTests, cls).setup_clients()
+ cls.persona = getattr(cls, 'os_%s' % cls.credentials[0])
+ cls.client = cls.persona.share_v2.SharesV2Client()
+
+ @abc.abstractmethod
+ def test_list_availability_zones(self):
+ pass
+
+
+class TestProjectAdminTestsNFS(ShareRbacAvailabilityZonesTests,
+ base.BaseSharesTest):
+
+ credentials = ['project_admin']
+
+ @decorators.idempotent_id('87d9bb1c-f4de-40e5-8f25-05a6e1055c0b')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_availability_zones(self):
+ self.do_request('list_availability_zones', expected_status=200)
+
+
+class TestProjectMemberTestsNFS(ShareRbacAvailabilityZonesTests,
+ base.BaseSharesTest):
+
+ credentials = ['project_member']
+
+ @decorators.idempotent_id('ee2db349-176a-47bc-a20d-5ba9b5f8a813')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_availability_zones(self):
+ self.do_request('list_availability_zones', expected_status=200)
+
+
+class TestProjectReaderTestsNFS(ShareRbacAvailabilityZonesTests,
+ base.BaseSharesTest):
+
+ credentials = ['project_reader']
+
+ @decorators.idempotent_id('a095fac8-ae62-4be7-8a3e-b0fc1bc71348')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_availability_zones(self):
+ self.do_request('list_availability_zones', expected_status=200)
diff --git a/manila_tempest_tests/tests/rbac/test_share_types.py b/manila_tempest_tests/tests/rbac/test_share_types.py
index 2263747..e4e6016 100644
--- a/manila_tempest_tests/tests/rbac/test_share_types.py
+++ b/manila_tempest_tests/tests/rbac/test_share_types.py
@@ -155,7 +155,7 @@
class ProjectReaderTests(ShareRbacShareTypesTests, base.BaseSharesTest):
- credentials = ['project_reader', 'project_member']
+ credentials = ['project_reader']
@decorators.idempotent_id('f4c352c4-c12b-4722-9fe7-9a2ec639ee63')
@tc.attr(base.TAG_NEGATIVE, base.TAG_API)
diff --git a/manila_tempest_tests/tests/rbac/test_user_messages.py b/manila_tempest_tests/tests/rbac/test_user_messages.py
new file mode 100644
index 0000000..b659f93
--- /dev/null
+++ b/manila_tempest_tests/tests/rbac/test_user_messages.py
@@ -0,0 +1,249 @@
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import abc
+
+from tempest import config
+from tempest.lib.common.utils import data_utils
+from tempest.lib import decorators
+from tempest.lib import exceptions as lib_exc
+from testtools import testcase as tc
+
+from manila_tempest_tests.common import waiters
+from manila_tempest_tests.tests.api import base
+from manila_tempest_tests.tests.rbac import base as rbac_base
+
+CONF = config.CONF
+
+
+class ShareRbacUserMessageTests(rbac_base.ShareRbacBaseTests,
+ metaclass=abc.ABCMeta):
+
+ @classmethod
+ def setup_clients(cls):
+ super(ShareRbacUserMessageTests, cls).setup_clients()
+ cls.persona = getattr(cls, 'os_%s' % cls.credentials[0])
+ cls.client = cls.persona.share_v2.SharesV2Client()
+ cls.share_admin_client = cls.os_project_admin.share_v2.SharesV2Client()
+ cls.alt_project_share_v2_client = (
+ cls.os_project_alt_member.share_v2.SharesV2Client())
+
+ @classmethod
+ def resource_setup(cls):
+ # One of the options for generating a user message is to create a share
+ # type with invalid extra_specs. Creating a manila share with this
+ # share type will fail because no valid host is found.
+ extra_specs = {
+ 'key': 'value',
+ 'driver_handles_share_servers': CONF.share.multitenancy_enabled,
+ }
+ share_type_name = data_utils.rand_name('share-type')
+ cls.share_type = cls.share_admin_client.create_share_type(
+ name=share_type_name, extra_specs=extra_specs)['share_type']
+ cls.addClassResourceCleanup(
+ cls.share_admin_client.delete_share_type, cls.share_type['id'])
+
+ def create_user_message(self, client, cleanup=True):
+ # Trigger a 'no valid host' situation to generate a message.
+ share = client.create_share(
+ share_type_id=self.share_type['id'])['share']
+ self.addCleanup(client.delete_share, share['id'])
+ waiters.wait_for_resource_status(client, share['id'], 'error')
+
+ message = waiters.wait_for_message(client, share['id'])
+ if cleanup:
+ self.addCleanup(client.delete_message, message['id'])
+ return message
+
+ @abc.abstractmethod
+ def test_list_messages(self):
+ pass
+
+ @abc.abstractmethod
+ def test_show_message(self):
+ pass
+
+ @abc.abstractmethod
+ def test_delete_message(self):
+ pass
+
+
+class ProjectAdminTests(ShareRbacUserMessageTests, base.BaseSharesTest):
+
+ credentials = ['project_admin', 'project_alt_member']
+
+ @classmethod
+ def setup_clients(cls):
+ super(ProjectAdminTests, cls).setup_clients()
+ project_member = cls.setup_user_client(
+ cls.persona, project_id=cls.persona.credentials.project_id)
+ cls.share_member_client = project_member.share_v2.SharesV2Client()
+
+ @decorators.idempotent_id('2067d8ba-953d-4035-b65d-6001b3d4ea8f')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_messages(self):
+ message = self.create_user_message(
+ self.share_member_client, self.share_type)
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, self.share_type)
+
+ message_list = self.do_request(
+ 'list_messages', expected_status=200)['messages']
+ message_id_list = [
+ s['id'] for s in message_list
+ ]
+
+ self.assertIn(message['id'], message_id_list)
+ self.assertIn(message_alt['id'], message_id_list)
+
+ @decorators.idempotent_id('ec46f10e-c768-4df5-b75a-0ce3e22d8038')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_show_message(self):
+ message = self.create_user_message(
+ self.share_member_client, self.share_type)
+ self.do_request(
+ 'get_message', message_id=message['id'], expected_status=200)
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, self.share_type)
+ self.do_request(
+ 'get_message', message_id=message_alt['id'], expected_status=200)
+
+ @decorators.idempotent_id('b91c355b-a5f8-47aa-8ab4-00a350f8ac7f')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_delete_message(self):
+ message = self.create_user_message(
+ self.share_member_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message['id'], expected_status=204)
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message_alt['id'],
+ expected_status=204)
+
+
+class ProjectMemberTests(ShareRbacUserMessageTests, base.BaseSharesTest):
+ """Test suite for basic share use message operations by member user
+
+ In order to test share user message operations we need to preform an action
+ that generates a user message. One of the reasons for generating a user
+ message is share creation that fails because no valid host is found.
+ To achieve this goal we need to create a share type.
+ Since only user with admin credentials can create a share type, we have to
+ initialize these credentials within project member class.
+ """
+
+ credentials = ['project_member', 'project_admin', 'project_alt_member']
+
+ @decorators.idempotent_id('1fd0f86d-cb1e-4694-a54e-4b7774c7c652')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_messages(self):
+ share_client = getattr(self, 'share_member_client', self.client)
+ message = self.create_user_message(share_client, self.share_type)
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, self.share_type)
+
+ message_list = self.do_request(
+ 'list_messages', expected_status=200)['messages']
+ message_id_list = [
+ s['id'] for s in message_list
+ ]
+
+ self.assertIn(message['id'], message_id_list)
+ self.assertNotIn(message_alt['id'], message_id_list)
+
+ @decorators.idempotent_id('283d33be-727b-4180-a503-95d31cc99a79')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_show_message(self):
+ share_client = getattr(self, 'share_member_client', self.client)
+ message = self.create_user_message(share_client, self.share_type)
+ self.do_request(
+ 'get_message', message_id=message['id'], expected_status=200)
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, self.share_type)
+ self.do_request(
+ 'get_message', message_id=message_alt['id'],
+ expected_status=lib_exc.NotFound)
+
+ @decorators.idempotent_id('5821a3a9-6194-414a-9668-0d933a0d4fb0')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_delete_message(self):
+ share_client = getattr(self, 'share_member_client', self.client)
+ message = self.create_user_message(
+ share_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message['id'],
+ expected_status=204)
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message_alt['id'],
+ expected_status=lib_exc.NotFound)
+ self.addCleanup(self.share_admin_client.delete_message,
+ message_alt['id'])
+
+
+class ProjectReaderTests(ProjectMemberTests):
+ """Test suite for basic share use message operations by reader user
+
+ In order to test certain share operations we must create a share resource
+ for this. Since reader user is limited in resources creation, we are forced
+ to use admin credentials, so we can test other share operations.
+ In this class we use admin user to create a member user within reader
+ project. That way we can perform a reader actions on this resource.
+ """
+
+ credentials = ['project_reader', 'project_admin', 'project_alt_member']
+
+ @classmethod
+ def setup_clients(cls):
+ super(ProjectReaderTests, cls).setup_clients()
+ project_member = cls.setup_user_client(
+ cls.os_project_admin,
+ project_id=cls.persona.credentials.project_id)
+ cls.share_member_client = project_member.share_v2.SharesV2Client()
+
+ @decorators.idempotent_id('ab3b8812-47df-4472-a410-7f84d52999f3')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_list_messages(self):
+ super(ProjectReaderTests, self).test_list_messages()
+
+ @decorators.idempotent_id('f0603a61-b620-4f89-afc5-006d1195fa7f')
+ @tc.attr(base.TAG_POSITIVE, base.TAG_API)
+ def test_show_message(self):
+ super(ProjectReaderTests, self).test_show_message()
+
+ @decorators.idempotent_id('a03695c7-e05a-4c89-9a04-7d94a8dd2419')
+ @tc.attr(base.TAG_NEGATIVE, base.TAG_API)
+ def test_delete_message(self):
+ message = self.create_user_message(
+ self.share_member_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message['id'],
+ expected_status=lib_exc.Forbidden)
+ self.addCleanup(self.share_admin_client.delete_message, message['id'])
+
+ message_alt = self.create_user_message(
+ self.alt_project_share_v2_client, cleanup=False)
+ self.do_request(
+ 'delete_message', message_id=message_alt['id'],
+ expected_status=lib_exc.Forbidden)
+ self.addCleanup(self.share_admin_client.delete_message,
+ message_alt['id'])
diff --git a/manila_tempest_tests/utils.py b/manila_tempest_tests/utils.py
index caf4caf..d7d86f1 100644
--- a/manila_tempest_tests/utils.py
+++ b/manila_tempest_tests/utils.py
@@ -227,6 +227,33 @@
return extra_specs
+def get_access_rule_data_from_config(protocol):
+ """Get the first available access type/to combination from config.
+
+ This method opportunistically picks the first configured protocol
+ to create the share. Do not use this method in tests where you need
+ to test depth and breadth in the access types and access recipients.
+ """
+
+ if protocol in CONF.share.enable_ip_rules_for_protocols:
+ access_type = "ip"
+ access_to = rand_ip()
+ elif protocol in CONF.share.enable_user_rules_for_protocols:
+ access_type = "user"
+ access_to = CONF.share.username_for_user_rules
+ elif protocol in CONF.share.enable_cert_rules_for_protocols:
+ access_type = "cert"
+ access_to = "client3.com"
+ elif protocol in CONF.share.enable_cephx_rules_for_protocols:
+ access_type = "cephx"
+ access_to = data_utils.rand_name("cephx-id")
+ else:
+ message = "Unrecognized protocol and access rules configuration."
+ raise testtools.TestCase.skipException(message)
+
+ return access_type, access_to
+
+
def replication_with_multitenancy_support():
return (share_network_subnets_are_supported() and
CONF.share.multitenancy_enabled)
diff --git a/tox.ini b/tox.ini
index 153ebbf..907516f 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,7 +1,6 @@
[tox]
minversion = 3.1.1
-envlist = py3,pypy,pep8
-skipsdist = True
+envlist = py3,pep8
[testenv]
basepython = python3