Merge "Fixes bug 972673-Incorrect named parameters in BuildErrorException in test_volumes_list"
diff --git a/tempest/tests/identity/test_tenants.py b/tempest/tests/identity/test_tenants.py
index 92feea8..0313ab3 100644
--- a/tempest/tests/identity/test_tenants.py
+++ b/tempest/tests/identity/test_tenants.py
@@ -1,4 +1,4 @@
-import nose
+import unittest2 as unittest
from tempest import exceptions
from tempest.common.utils.data_utils import rand_name
from base_admin_test import BaseAdminTest
@@ -10,9 +10,6 @@
def setUpClass(cls):
super(TenantsTest, cls).setUpClass()
- if not cls.client.has_admin_extensions():
- raise nose.SkipTest("Admin extensions disabled")
-
for _ in xrange(5):
resp, tenant = cls.client.create_tenant(rand_name('tenant-'))
cls.data.tenants.append(tenant)
@@ -30,6 +27,18 @@
self.assertEqual(len(found), len(self.data.tenants))
self.assertTrue(resp['status'].startswith('2'))
+ def test_list_tenants_by_unauthorized_user(self):
+ """Non-admin user should not be able to list tenants"""
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.list_tenants)
+
+ def test_list_tenant_request_without_token(self):
+ """Request to list tenants without a valid token should fail"""
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized, self.client.list_tenants)
+ self.client.clear_auth()
+
def test_tenant_delete(self):
"""Create several tenants and delete them"""
tenants = []
@@ -48,6 +57,28 @@
self.assertTrue(any(found_1), 'Tenants not created')
self.assertFalse(any(found_2), 'Tenants failed to delete')
+ def test_tenant_delete_by_unauthorized_user(self):
+ """Non-admin user should not be able to delete a tenant"""
+ tenant_name = rand_name('tenant-')
+ resp, tenant = self.client.create_tenant(tenant_name)
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.delete_tenant, tenant['id'])
+
+ def test_tenant_delete_request_without_token(self):
+ """Request to delete a tenant without a valid token should fail"""
+ tenant_name = rand_name('tenant-')
+ resp, tenant = self.client.create_tenant(tenant_name)
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized, self.client.delete_tenant,
+ tenant['id'])
+ self.client.clear_auth()
+
+ def test_delete_non_existent_tenant(self):
+ """Attempt to delete a non existent tenant should fail"""
+ self.assertRaises(exceptions.NotFound, self.client.delete_tenant,
+ 'junk_tenant_123456abc')
+
def test_tenant_create_with_description(self):
"""Create tenant with a description"""
tenant_name = rand_name('tenant-')
@@ -109,6 +140,34 @@
if tenant1_id:
self.client.delete_tenant(tenant1_id)
+ def test_create_tenant_by_unauthorized_user(self):
+ """Non-admin user should not be authorized to create a tenant"""
+ tenant_name = rand_name('tenant-')
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.create_tenant, tenant_name)
+
+ def test_create_tenant_request_without_token(self):
+ """Create tenant request without a token should not be authorized"""
+ tenant_name = rand_name('tenant-')
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized, self.client.create_tenant,
+ tenant_name)
+ self.client.clear_auth()
+
+ @unittest.skip("Until Bug 987121 is fixed")
+ def test_create_tenant_with_empty_name(self):
+ """Tenant name should not be empty"""
+ self.assertRaises(exceptions.BadRequest, self.client.create_tenant,
+ name='')
+
+ @unittest.skip("Until Bug 966249 is fixed")
+ def test_create_tenants_name_length_over_64(self):
+ """Tenant name length should not be greater than 64 characters"""
+ tenant_name = 'a' * 64
+ self.assertRaises(exceptions.BadRequest, self.client.create_tenant,
+ tenant_name)
+
def test_tenant_update_name(self):
"""Update name attribute of a tenant"""
t_name1 = rand_name('tenant-')
diff --git a/tempest/tests/test_authorization.py b/tempest/tests/test_authorization.py
index e66446d..44000a5 100644
--- a/tempest/tests/test_authorization.py
+++ b/tempest/tests/test_authorization.py
@@ -16,6 +16,7 @@
cls.os = openstack.Manager()
cls.client = cls.os.servers_client
cls.images_client = cls.os.images_client
+ cls.keypairs_client = cls.os.keypairs_client
cls.config = cls.os.config
cls.image_ref = cls.config.compute.image_ref
cls.flavor_ref = cls.config.compute.flavor_ref
@@ -37,6 +38,7 @@
cls.other_manager = openstack.AltManager()
cls.other_client = cls.other_manager.servers_client
cls.other_images_client = cls.other_manager.images_client
+ cls.other_keypairs_client = cls.other_manager.keypairs_client
except exceptions.AuthenticationFailure:
# multi_user is already set to false, just fall through
pass
@@ -56,11 +58,16 @@
cls.images_client.wait_for_image_status(image_id, 'ACTIVE')
resp, cls.image = cls.images_client.get_image(image_id)
+ cls.keypairname = rand_name('keypair')
+ resp, keypair = \
+ cls.keypairs_client.create_keypair(cls.keypairname)
+
@classmethod
def tearDownClass(cls):
if cls.multi_user:
cls.client.delete_server(cls.server['id'])
cls.images_client.delete_image(cls.image['id'])
+ cls.keypairs_client.delete_keypair(cls.keypairname)
@raises(exceptions.NotFound)
@attr(type='negative')
@@ -160,3 +167,43 @@
finally:
# Reset the base_url...
self.other_client.base_url = saved_base_url
+
+ @raises(exceptions.BadRequest)
+ @attr(type='negative')
+ @utils.skip_unless_attr('multi_user', 'Second user not configured')
+ def test_create_keypair_in_another_user_tenant(self):
+ """
+ A create keypair request should fail if the tenant id does not match
+ the current user
+ """
+ #POST keypair with other user tenant
+ k_name = rand_name('keypair-')
+ self.other_keypairs_client._set_auth()
+ self.saved_base_url = self.other_keypairs_client.base_url
+ try:
+ # Change the base URL to impersonate another user
+ self.other_keypairs_client.base_url = self.keypairs_client.base_url
+ resp = {}
+ resp['status'] = None
+ resp, _ = self.other_keypairs_client.create_keypair(k_name)
+ finally:
+ # Reset the base_url...
+ self.other_keypairs_client.base_url = self.saved_base_url
+ if (resp['status'] != None):
+ resp, _ = self.other_keypairs_client.delete_keypair(k_name)
+ self.fail("Create keypair request should not happen if the"
+ " tenant id does not match the current user")
+
+ @raises(exceptions.NotFound)
+ @attr(type='negative')
+ @utils.skip_unless_attr('multi_user', 'Second user not configured')
+ def test_get_keypair_of_other_account_fails(self):
+ """A GET request for another user's keypair should fail"""
+ self.other_keypairs_client.get_keypair(self.keypairname)
+
+ @raises(exceptions.NotFound)
+ @attr(type='negative')
+ @utils.skip_unless_attr('multi_user', 'Second user not configured')
+ def test_delete_keypair_of_other_account_fails(self):
+ """A DELETE request for another user's keypair should fail"""
+ self.other_keypairs_client.delete_keypair(self.keypairname)
diff --git a/tempest/tests/test_keypairs.py b/tempest/tests/test_keypairs.py
index fde9de1..d3ba213 100644
--- a/tempest/tests/test_keypairs.py
+++ b/tempest/tests/test_keypairs.py
@@ -62,6 +62,29 @@
self.assertEqual(202, resp.status)
@attr(type='smoke')
+ @unittest.skip("Skipped until the Bug #980688 is resolved")
+ def test_get_keypair_detail(self):
+ """Keypair should be created, Got details by name and deleted"""
+ k_name = rand_name('keypair-')
+ resp, keypair = self.client.create_keypair(k_name)
+ try:
+ resp, keypair_detail = self.client.get_keypair(k_name)
+ self.assertEqual(200, resp.status)
+ self.assertTrue('name' in keypair_detail)
+ self.assertTrue('public_key' in keypair_detail)
+ self.assertEqual(keypair_detail['name'], k_name,
+ "The created keypair name is not equal to requested name")
+ public_key = keypair_detail['public_key']
+ self.assertTrue(public_key is not None,
+ "Field public_key is empty or not found.")
+ except:
+ self.fail("GET keypair details requested by keypair name"
+ " has failed")
+ finally:
+ resp, _ = self.client.delete_keypair(k_name)
+ self.assertEqual(202, resp.status)
+
+ @attr(type='smoke')
def test_keypair_create_with_pub_key(self):
"""Keypair should be created with a given public key"""
k_name = rand_name('keypair-')