Merge "add tests for security_group updating"
diff --git a/tempest/api/compute/security_groups/test_security_groups.py b/tempest/api/compute/security_groups/test_security_groups.py
index 95e9171..4ae65be 100644
--- a/tempest/api/compute/security_groups/test_security_groups.py
+++ b/tempest/api/compute/security_groups/test_security_groups.py
@@ -15,17 +15,10 @@
# License for the specific language governing permissions and limitations
# under the License.
-import testtools
-import uuid
-
from tempest.api.compute import base
from tempest.common.utils import data_utils
-from tempest import config
from tempest import exceptions
-from tempest.test import attr
-from tempest.test import skip_because
-
-CONF = config.CONF
+from tempest import test
class SecurityGroupsTestJSON(base.BaseV2ComputeTest):
@@ -35,13 +28,12 @@
def setUpClass(cls):
super(SecurityGroupsTestJSON, cls).setUpClass()
cls.client = cls.security_groups_client
- cls.neutron_available = cls.config.service_available.neutron
def _delete_security_group(self, securitygroup_id):
resp, _ = self.client.delete_security_group(securitygroup_id)
self.assertEqual(202, resp.status)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_security_groups_create_list_delete(self):
# Positive test:Should return the list of Security Groups
# Create 3 Security Groups
@@ -69,7 +61,7 @@
# TODO(afazekas): scheduled for delete,
# test_security_group_create_get_delete covers it
- @attr(type='gate')
+ @test.attr(type='gate')
def test_security_group_create_delete(self):
# Security Group should be created, verified and deleted
s_name = data_utils.rand_name('securitygroup-')
@@ -88,7 +80,7 @@
"The created Security Group name is "
"not equal to the requested name")
- @attr(type='gate')
+ @test.attr(type='gate')
def test_security_group_create_get_delete(self):
# Security Group should be created, fetched and deleted
s_name = data_utils.rand_name('securitygroup-')
@@ -112,121 +104,7 @@
"The fetched Security Group is different "
"from the created Group")
- @attr(type=['negative', 'smoke'])
- def test_security_group_get_nonexistant_group(self):
- # Negative test:Should not be able to GET the details
- # of non-existent Security Group
- security_group_id = []
- resp, body = self.client.list_security_groups()
- for i in range(len(body)):
- security_group_id.append(body[i]['id'])
- # Creating a non-existent Security Group id
- while True:
- non_exist_id = data_utils.rand_int_id(start=999)
- if self.neutron_available:
- non_exist_id = str(uuid.uuid4())
- if non_exist_id not in security_group_id:
- break
- self.assertRaises(exceptions.NotFound, self.client.get_security_group,
- non_exist_id)
-
- @skip_because(bug="1161411",
- condition=CONF.service_available.neutron)
- @attr(type=['negative', 'gate'])
- def test_security_group_create_with_invalid_group_name(self):
- # Negative test: Security Group should not be created with group name
- # as an empty string/with white spaces/chars more than 255
- s_description = data_utils.rand_name('description-')
- # Create Security Group with empty string as group name
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, "", s_description)
- # Create Security Group with white space in group name
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, " ",
- s_description)
- # Create Security Group with group name longer than 255 chars
- s_name = 'securitygroup-'.ljust(260, '0')
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, s_name,
- s_description)
-
- @skip_because(bug="1161411",
- condition=CONF.service_available.neutron)
- @attr(type=['negative', 'gate'])
- def test_security_group_create_with_invalid_group_description(self):
- # Negative test:Security Group should not be created with description
- # as an empty string/with white spaces/chars more than 255
- s_name = data_utils.rand_name('securitygroup-')
- # Create Security Group with empty string as description
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, s_name, "")
- # Create Security Group with white space in description
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, s_name, " ")
- # Create Security Group with group description longer than 255 chars
- s_description = 'description-'.ljust(260, '0')
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, s_name,
- s_description)
-
- @testtools.skipIf(CONF.service_available.neutron,
- "Neutron allows duplicate names for security groups")
- @attr(type=['negative', 'gate'])
- def test_security_group_create_with_duplicate_name(self):
- # Negative test:Security Group with duplicate name should not
- # be created
- s_name = data_utils.rand_name('securitygroup-')
- s_description = data_utils.rand_name('description-')
- resp, security_group =\
- self.client.create_security_group(s_name, s_description)
- self.assertEqual(200, resp.status)
-
- self.addCleanup(self.client.delete_security_group,
- security_group['id'])
- # Now try the Security Group with the same 'Name'
- self.assertRaises(exceptions.BadRequest,
- self.client.create_security_group, s_name,
- s_description)
-
- @attr(type=['negative', 'gate'])
- def test_delete_the_default_security_group(self):
- # Negative test:Deletion of the "default" Security Group should Fail
- default_security_group_id = None
- resp, body = self.client.list_security_groups()
- for i in range(len(body)):
- if body[i]['name'] == 'default':
- default_security_group_id = body[i]['id']
- break
- # Deleting the "default" Security Group
- self.assertRaises(exceptions.BadRequest,
- self.client.delete_security_group,
- default_security_group_id)
-
- @attr(type=['negative', 'smoke'])
- def test_delete_nonexistant_security_group(self):
- # Negative test:Deletion of a non-existent Security Group should Fail
- security_group_id = []
- resp, body = self.client.list_security_groups()
- for i in range(len(body)):
- security_group_id.append(body[i]['id'])
- # Creating non-existent Security Group
- while True:
- non_exist_id = data_utils.rand_int_id(start=999)
- if self.neutron_available:
- non_exist_id = str(uuid.uuid4())
- if non_exist_id not in security_group_id:
- break
- self.assertRaises(exceptions.NotFound,
- self.client.delete_security_group, non_exist_id)
-
- @attr(type=['negative', 'gate'])
- def test_delete_security_group_without_passing_id(self):
- # Negative test:Deletion of a Security Group with out passing ID
- # should Fail
- self.assertRaises(exceptions.NotFound,
- self.client.delete_security_group, '')
-
- @attr(type='gate')
+ @test.attr(type='gate')
def test_server_security_groups(self):
# Checks that security groups may be added and linked to a server
# and not deleted if the server is active.
@@ -282,6 +160,33 @@
self.client.delete_security_group(sg2_id)
self.assertEqual(202, resp.status)
+ @test.attr(type='gate')
+ def test_update_security_groups(self):
+ # Update security group name and description
+ # Create a security group
+ s_name = data_utils.rand_name('sg-')
+ s_description = data_utils.rand_name('description-')
+ resp, securitygroup = \
+ self.client.create_security_group(s_name, s_description)
+ self.assertEqual(200, resp.status)
+ self.assertIn('id', securitygroup)
+ securitygroup_id = securitygroup['id']
+ self.addCleanup(self._delete_security_group,
+ securitygroup_id)
+ # Update the name and description
+ s_new_name = data_utils.rand_name('sg-hth-')
+ s_new_des = data_utils.rand_name('description-hth-')
+ resp, sg_new = \
+ self.client.update_security_group(securitygroup_id,
+ name=s_new_name,
+ description=s_new_des)
+ self.assertEqual(200, resp.status)
+ # get the security group
+ resp, fetched_group = \
+ self.client.get_security_group(securitygroup_id)
+ self.assertEqual(s_new_name, fetched_group['name'])
+ self.assertEqual(s_new_des, fetched_group['description'])
+
class SecurityGroupsTestXML(SecurityGroupsTestJSON):
_interface = 'xml'
diff --git a/tempest/api/compute/security_groups/test_security_groups_negative.py b/tempest/api/compute/security_groups/test_security_groups_negative.py
new file mode 100644
index 0000000..6a8e604
--- /dev/null
+++ b/tempest/api/compute/security_groups/test_security_groups_negative.py
@@ -0,0 +1,216 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013 Huawei Technologies Co.,LTD.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import testtools
+
+from tempest.api.compute import base
+from tempest.common.utils import data_utils
+from tempest import config
+from tempest import exceptions
+from tempest import test
+
+CONF = config.CONF
+
+
+class SecurityGroupsNegativeTestJSON(base.BaseV2ComputeTest):
+ _interface = 'json'
+
+ @classmethod
+ def setUpClass(cls):
+ super(SecurityGroupsNegativeTestJSON, cls).setUpClass()
+ cls.client = cls.security_groups_client
+ cls.neutron_available = cls.config.service_available.neutron
+
+ def _delete_security_group(self, securitygroup_id):
+ resp, _ = self.client.delete_security_group(securitygroup_id)
+ self.assertEqual(202, resp.status)
+
+ def _generate_a_non_existent_security_group_id(self):
+ security_group_id = []
+ resp, body = self.client.list_security_groups()
+ for i in range(len(body)):
+ security_group_id.append(body[i]['id'])
+ # Generate a non-existent security group id
+ while True:
+ non_exist_id = data_utils.rand_int_id(start=999)
+ if self.neutron_available:
+ non_exist_id = data_utils.rand_uuid()
+ if non_exist_id not in security_group_id:
+ break
+ return non_exist_id
+
+ @test.attr(type=['negative', 'smoke'])
+ def test_security_group_get_nonexistent_group(self):
+ # Negative test:Should not be able to GET the details
+ # of non-existent Security Group
+ non_exist_id = self._generate_a_non_existent_security_group_id()
+ self.assertRaises(exceptions.NotFound, self.client.get_security_group,
+ non_exist_id)
+
+ @test.skip_because(bug="1161411",
+ condition=CONF.service_available.neutron)
+ @test.attr(type=['negative', 'gate'])
+ def test_security_group_create_with_invalid_group_name(self):
+ # Negative test: Security Group should not be created with group name
+ # as an empty string/with white spaces/chars more than 255
+ s_description = data_utils.rand_name('description-')
+ # Create Security Group with empty string as group name
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, "", s_description)
+ # Create Security Group with white space in group name
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, " ",
+ s_description)
+ # Create Security Group with group name longer than 255 chars
+ s_name = 'securitygroup-'.ljust(260, '0')
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, s_name,
+ s_description)
+
+ @test.skip_because(bug="1161411",
+ condition=CONF.service_available.neutron)
+ @test.attr(type=['negative', 'gate'])
+ def test_security_group_create_with_invalid_group_description(self):
+ # Negative test:Security Group should not be created with description
+ # as an empty string/with white spaces/chars more than 255
+ s_name = data_utils.rand_name('securitygroup-')
+ # Create Security Group with empty string as description
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, s_name, "")
+ # Create Security Group with white space in description
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, s_name, " ")
+ # Create Security Group with group description longer than 255 chars
+ s_description = 'description-'.ljust(260, '0')
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, s_name,
+ s_description)
+
+ @testtools.skipIf(CONF.service_available.neutron,
+ "Neutron allows duplicate names for security groups")
+ @test.attr(type=['negative', 'gate'])
+ def test_security_group_create_with_duplicate_name(self):
+ # Negative test:Security Group with duplicate name should not
+ # be created
+ s_name = data_utils.rand_name('securitygroup-')
+ s_description = data_utils.rand_name('description-')
+ resp, security_group =\
+ self.client.create_security_group(s_name, s_description)
+ self.assertEqual(200, resp.status)
+
+ self.addCleanup(self.client.delete_security_group,
+ security_group['id'])
+ # Now try the Security Group with the same 'Name'
+ self.assertRaises(exceptions.BadRequest,
+ self.client.create_security_group, s_name,
+ s_description)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_delete_the_default_security_group(self):
+ # Negative test:Deletion of the "default" Security Group should Fail
+ default_security_group_id = None
+ resp, body = self.client.list_security_groups()
+ for i in range(len(body)):
+ if body[i]['name'] == 'default':
+ default_security_group_id = body[i]['id']
+ break
+ # Deleting the "default" Security Group
+ self.assertRaises(exceptions.BadRequest,
+ self.client.delete_security_group,
+ default_security_group_id)
+
+ @test.attr(type=['negative', 'smoke'])
+ def test_delete_nonexistent_security_group(self):
+ # Negative test:Deletion of a non-existent Security Group should fail
+ non_exist_id = self._generate_a_non_existent_security_group_id()
+ self.assertRaises(exceptions.NotFound,
+ self.client.delete_security_group, non_exist_id)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_delete_security_group_without_passing_id(self):
+ # Negative test:Deletion of a Security Group with out passing ID
+ # should Fail
+ self.assertRaises(exceptions.NotFound,
+ self.client.delete_security_group, '')
+
+ @testtools.skipIf(CONF.service_available.neutron,
+ "Neutron not check the security_group_id")
+ @test.attr(type=['negative', 'gate'])
+ def test_update_security_group_with_invalid_sg_id(self):
+ # Update security_group with invalid sg_id should fail
+ s_name = data_utils.rand_name('sg-')
+ s_description = data_utils.rand_name('description-')
+ # Create a non int sg_id
+ sg_id_invalid = data_utils.rand_name('sg-')
+ self.assertRaises(exceptions.BadRequest,
+ self.client.update_security_group, sg_id_invalid,
+ name=s_name, description=s_description)
+
+ @testtools.skipIf(CONF.service_available.neutron,
+ "Neutron not check the security_group_name")
+ @test.attr(type=['negative', 'gate'])
+ def test_update_security_group_with_invalid_sg_name(self):
+ # Update security_group with invalid sg_name should fail
+ s_name = data_utils.rand_name('sg-')
+ s_description = data_utils.rand_name('description-')
+ resp, securitygroup = \
+ self.client.create_security_group(s_name, s_description)
+ self.assertEqual(200, resp.status)
+ self.assertIn('id', securitygroup)
+ securitygroup_id = securitygroup['id']
+ self.addCleanup(self._delete_security_group,
+ securitygroup_id)
+ # Update Security Group with group name longer than 255 chars
+ s_new_name = 'securitygroup-'.ljust(260, '0')
+ self.assertRaises(exceptions.BadRequest,
+ self.client.update_security_group,
+ securitygroup_id, name=s_new_name)
+
+ @testtools.skipIf(CONF.service_available.neutron,
+ "Neutron not check the security_group_description")
+ @test.attr(type=['negative', 'gate'])
+ def test_update_security_group_with_invalid_sg_des(self):
+ # Update security_group with invalid sg_des should fail
+ s_name = data_utils.rand_name('sg-')
+ s_description = data_utils.rand_name('description-')
+ resp, securitygroup = \
+ self.client.create_security_group(s_name, s_description)
+ self.assertEqual(200, resp.status)
+ self.assertIn('id', securitygroup)
+ securitygroup_id = securitygroup['id']
+ self.addCleanup(self._delete_security_group,
+ securitygroup_id)
+ # Update Security Group with group description longer than 255 chars
+ s_new_des = 'des-'.ljust(260, '0')
+ self.assertRaises(exceptions.BadRequest,
+ self.client.update_security_group,
+ securitygroup_id, description=s_new_des)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_update_non_existent_security_group(self):
+ # Update a non-existent Security Group should Fail
+ non_exist_id = self._generate_a_non_existent_security_group_id()
+ s_name = data_utils.rand_name('sg-')
+ s_description = data_utils.rand_name('description-')
+ self.assertRaises(exceptions.NotFound,
+ self.client.update_security_group,
+ non_exist_id, name=s_name,
+ description=s_description)
+
+
+class SecurityGroupsNegativeTestXML(SecurityGroupsNegativeTestJSON):
+ _interface = 'xml'
diff --git a/tempest/services/compute/json/security_groups_client.py b/tempest/services/compute/json/security_groups_client.py
index 1f01437..361ec36 100644
--- a/tempest/services/compute/json/security_groups_client.py
+++ b/tempest/services/compute/json/security_groups_client.py
@@ -63,6 +63,25 @@
body = json.loads(body)
return resp, body['security_group']
+ def update_security_group(self, security_group_id, name=None,
+ description=None):
+ """
+ Update a security group.
+ security_group_id: a security_group to update
+ name: new name of security group
+ description: new description of security group
+ """
+ post_body = {}
+ if name:
+ post_body['name'] = name
+ if description:
+ post_body['description'] = description
+ post_body = json.dumps({'security_group': post_body})
+ resp, body = self.put('os-security-groups/%s' % str(security_group_id),
+ post_body, self.headers)
+ body = json.loads(body)
+ return resp, body['security_group']
+
def delete_security_group(self, security_group_id):
"""Deletes the provided Security Group."""
return self.delete('os-security-groups/%s' % str(security_group_id))
diff --git a/tempest/services/compute/xml/security_groups_client.py b/tempest/services/compute/xml/security_groups_client.py
index 5d86790..aebeb4d 100644
--- a/tempest/services/compute/xml/security_groups_client.py
+++ b/tempest/services/compute/xml/security_groups_client.py
@@ -79,6 +79,30 @@
body = self._parse_body(etree.fromstring(body))
return resp, body
+ def update_security_group(self, security_group_id, name=None,
+ description=None):
+ """
+ Update a security group.
+ security_group_id: a security_group to update
+ name: new name of security group
+ description: new description of security group
+ """
+ security_group = Element("security_group")
+ if name:
+ sg_name = Element("name")
+ sg_name.append(Text(content=name))
+ security_group.append(sg_name)
+ if description:
+ des = Element("description")
+ des.append(Text(content=description))
+ security_group.append(des)
+ resp, body = self.put('os-security-groups/%s' %
+ str(security_group_id),
+ str(Document(security_group)),
+ self.headers)
+ body = self._parse_body(etree.fromstring(body))
+ return resp, body
+
def delete_security_group(self, security_group_id):
"""Deletes the provided Security Group."""
return self.delete('os-security-groups/%s' %