Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / patrole / 07a8a7cf0ab4a0c8765a69fc636e945210f29377 / . / patrole_tempest_plugin / tests / unit / fixtures.py
blob: 01b99db38f1596c4bbf0c578b8a7ab052b3c62e5 [file] [log] [blame]
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]1# Copyright 2017 AT&T Corporation.
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
16"""Fixtures for Patrole tests."""
Sean McGinnisc5ea6f22020-04-18 11:57:10 -0500[diff] [blame]17from unittest import mock
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]18
19import fixtures
Felipe Monteirob18a3f62017-09-19 04:25:51 +0100[diff] [blame]20import time
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]21
22from tempest import config
Felipe Monteirob18a3f62017-09-19 04:25:51 +0100[diff] [blame]23from tempest import test
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]24
25from patrole_tempest_plugin import rbac_utils
26
27
28CONF = config.CONF
29
30
31class ConfPatcher(fixtures.Fixture):
32 """Fixture to patch and restore global CONF. Adopted from Nova.
33
34 This also resets overrides for everything that is patched during
35 its teardown.
36 """
37
38 def __init__(self, **kwargs):
39 """Constructor
40
41 :params group: if specified all config options apply to that group.
42 :params **kwargs: the rest of the kwargs are processed as a
43 set of key/value pairs to be set as configuration override.
44 """
45 super(ConfPatcher, self).__init__()
46 self.group = kwargs.pop('group', None)
47 self.args = kwargs
48
49 def setUp(self):
50 super(ConfPatcher, self).setUp()
51 for k, v in self.args.items():
52 self.addCleanup(CONF.clear_override, k, self.group)
53 CONF.set_override(k, v, self.group)
54
55
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]56class FakeBaseRbacTest(rbac_utils.RbacUtilsMixin, test.BaseTestCase):
Lingxian Kong27f671f2020-12-30 21:23:03 +1300[diff] [blame]57 credentials = []
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]58 os_primary = None
59
60 def runTest(self):
61 pass
62
63
64class RbacUtilsMixinFixture(fixtures.Fixture):
Felipe Monteiro2693bf72017-08-12 22:56:47 +0100[diff] [blame]65 """Fixture for `RbacUtils` class."""
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]66
67 USER_ID = mock.sentinel.user_id
68 PROJECT_ID = mock.sentinel.project_id
69
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]70 def __init__(self, do_reset_mocks=True, rbac_test_roles=None):
71 self._do_reset_mocks = do_reset_mocks
72 self._rbac_test_roles = rbac_test_roles or ['member']
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]73
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]74 def patchobject(self, target, attribute, *args, **kwargs):
75 p = mock.patch.object(target, attribute, *args, **kwargs)
76 m = p.start()
77 self.addCleanup(p.stop)
78 return m
79
80 def setUp(self):
81 super(RbacUtilsMixinFixture, self).setUp()
82
83 self.useFixture(ConfPatcher(rbac_test_roles=self._rbac_test_roles,
Mykola Yakovlieve0f35502018-09-26 18:26:57 -0500[diff] [blame]84 group='patrole'))
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]85 self.useFixture(ConfPatcher(
86 admin_role='admin', auth_version='v3', group='identity'))
Felipe Monteirobf524fb2018-10-03 09:03:35 -0500[diff] [blame]87 self.useFixture(ConfPatcher(
88 api_v3=True, group='identity-feature-enabled'))
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]89
Felipe Monteirob18a3f62017-09-19 04:25:51 +0100[diff] [blame]90 # Mock out functionality that can't be used by unit tests. Mocking out
91 # time.sleep is a test optimization.
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]92 self.mock_time = self.patchobject(rbac_utils, 'time',
93 __name__='mock_time', spec=time)
Lingxian Kong27f671f2020-12-30 21:23:03 +1300[diff] [blame]94
95 test_obj_kwargs = {
96 'credentials.user_id': self.USER_ID,
97 'credentials.tenant_id': self.PROJECT_ID,
98 'credentials.project_id': self.PROJECT_ID,
99 }
100
101 class FakeRbacTest(FakeBaseRbacTest):
102 os_primary = mock.Mock()
103 os_admin = mock.Mock()
104
105 FakeRbacTest.os_primary.configure_mock(**test_obj_kwargs)
106
107 self.admin_roles_client = FakeRbacTest.os_admin.roles_v3_client
Sergey Vilgelm19e3bec2019-01-07 11:59:41 -0600[diff] [blame]108 self.admin_roles_client.list_all_role_inference_rules.return_value = {
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]109 "role_inferences": [
110 {
111 "implies": [{"id": "reader_id", "name": "reader"}],
112 "prior_role": {"id": "member_id", "name": "member"}
113 },
114 {
115 "implies": [{"id": "member_id", "name": "member"}],
116 "prior_role": {"id": "admin_id", "name": "admin"}
117 }
118 ]
119 }
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]120
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]121 default_roles = {'admin', 'member', 'reader'}.union(
122 set(self._rbac_test_roles))
123 self.set_roles(list(default_roles), [])
Felipe Monteiro2693bf72017-08-12 22:56:47 +0100[diff] [blame]124
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]125 FakeRbacTest.setUpClass()
126 self.test_obj = FakeRbacTest()
127 if self._do_reset_mocks:
128 self.admin_roles_client.reset_mock()
129 self.test_obj.os_primary.reset_mock()
Lingxian Kong27f671f2020-12-30 21:23:03 +1300[diff] [blame]130 self.test_obj.os_admin.reset_mock()
Sergey Vilgelmace8ea32018-11-19 16:25:10 -0600[diff] [blame]131 self.mock_time.reset_mock()
Mykola Yakovliev11376ab2018-08-06 15:34:22 -0500[diff] [blame]132
Felipe Monteiro2693bf72017-08-12 22:56:47 +0100[diff] [blame]133 def set_roles(self, roles, roles_on_project=None):
134 """Set the list of available roles in the system.
135
136 :param roles: List of roles returned by ``list_roles``.
137 :param roles_on_project: List of roles returned by
138 ``list_user_roles_on_project``.
139 :returns: None.
140 """
141 if not roles_on_project:
142 roles_on_project = []
143 if not isinstance(roles, list):
144 roles = [roles]
145 if not isinstance(roles_on_project, list):
146 roles_on_project = [roles_on_project]
147
148 available_roles = {
Felipe Monteiroffa47e62017-07-05 03:37:55 +0100[diff] [blame]149 'roles': [{'name': role, 'id': '%s_id' % role} for role in roles]
150 }
Felipe Monteiro2693bf72017-08-12 22:56:47 +0100[diff] [blame]151 available_project_roles = {
152 'roles': [{'name': role, 'id': '%s_id' % role}
153 for role in roles_on_project]
154 }
155
Mykola Yakovlieve0f35502018-09-26 18:26:57 -0500[diff] [blame]156 self.admin_roles_client.list_roles.return_value = available_roles
157 self.admin_roles_client.list_user_roles_on_project.return_value = (
Felipe Monteiro2693bf72017-08-12 22:56:47 +0100[diff] [blame]158 available_project_roles)