commit feec999bde210930fe1e8b16bbc60c093927c608
author Zuul <zuul@review.openstack.org> Sat Nov 25 22:20:29 2017 +0000
committer Gerrit Code Review <review@openstack.org> Sat Nov 25 22:20:29 2017 +0000
tree 2e505102a7edadf212f9ba53b63e9ae3e328e5f5
parent ae37f5ceeb6b9b8dd469da65b8c6f3396aa688a1
parent f89b7f235938b4dcf483b82642e4e03406500e57

Merge "Add get_router high availaibility test policy"

patrole_tempest_plugin/tests/api/network/test_routers_rbac.py

diff --git a/patrole_tempest_plugin/tests/api/network/test_routers_rbac.py b/patrole_tempest_plugin/tests/api/network/test_routers_rbac.py
index c3ed9e1..fff2ada 100644
--- a/patrole_tempest_plugin/tests/api/network/test_routers_rbac.py
+++ b/patrole_tempest_plugin/tests/api/network/test_routers_rbac.py
@@ -176,6 +176,27 @@
             raise rbac_exceptions.RbacMalformedResponse(
                 attribute='distributed')
 
+    @decorators.idempotent_id('defc502c-4159-4824-b4d9-3cdcc39015b2')
+    @utils.requires_ext(extension='l3-ha', service='network')
+    @rbac_rule_validation.action(service="neutron",
+                                 rule="get_router:ha")
+    def test_show_high_availability_router(self):
+        """GET high-availability router
+
+        RBAC test for the neutron get_router:ha policy
+        """
+        router = self.routers_client.create_router(ha=True)['router']
+        self.addCleanup(self.routers_client.delete_router, router['id'])
+
+        self.rbac_utils.switch_role(self, toggle_rbac_role=True)
+        retrieved_fields = self.routers_client.show_router(
+            router['id'], fields=['ha'])['router']
+
+        # Rather than throwing a 403, the field is not present, so raise exc.
+        if 'ha' not in retrieved_fields:
+            raise rbac_exceptions.RbacMalformedResponse(
+                attribute='ha')
+
     @rbac_rule_validation.action(
         service="neutron", rule="update_router")
     @decorators.idempotent_id('3d182f4e-0023-4218-9aa0-ea2b0ae0bd7a')