Merge "Fixes bug 972130- Testcases to CREATE, GET, DELETE, FILTER volumes"
diff --git a/etc/tempest.conf.sample b/etc/tempest.conf.sample
index c7c403c..bfb7e59 100644
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@@ -126,3 +126,9 @@
password = {$ADMIN_PASSWORD}
# The above administrative user's tenant name
tenant_name = {$ADMIN_TENANT_NAME}
+
+[network]
+# This section contains configuration options used when executing tests
+# against the OpenStack Network API.
+api_version = v1.1
+catalog_type = network
diff --git a/tempest/config.py b/tempest/config.py
index 0a76ce5..08e90fd 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -260,6 +260,24 @@
return self.get("tenant_name", "demo")
+class NetworkConfig(BaseConfig):
+ """Provides configuration information for connecting to an OpenStack
+ Network Service.
+ """
+
+ SECTION_NAME = "network"
+
+ @property
+ def catalog_type(self):
+ """Catalog type of the Quantum service."""
+ return self.get("catalog_type", 'network')
+
+ @property
+ def api_version(self):
+ """Version of Quantum API"""
+ return self.get("api_version", "v1.1")
+
+
# TODO(jaypipes): Move this to a common utils (not data_utils...)
def singleton(cls):
"""Simple wrapper for classes that should only have a single instance"""
@@ -306,6 +324,7 @@
self.compute_admin = ComputeAdminConfig(self._conf)
self.identity = IdentityConfig(self._conf)
self.images = ImagesConfig(self._conf)
+ self.network = NetworkConfig(self._conf)
def load_config(self, path):
"""Read configuration from given path and return a config object."""
diff --git a/tempest/openstack.py b/tempest/openstack.py
index 6e58272..18af647 100644
--- a/tempest/openstack.py
+++ b/tempest/openstack.py
@@ -20,6 +20,7 @@
import tempest.config
from tempest import exceptions
from tempest.services.image import service as image_service
+from tempest.services.network.json.network_client import NetworkClient
from tempest.services.nova.json.images_client import ImagesClient
from tempest.services.nova.json.flavors_client import FlavorsClient
from tempest.services.nova.json.servers_client import ServersClient
@@ -83,6 +84,7 @@
self.volumes_client = VolumesClient(*client_args)
self.admin_client = AdminClient(*client_args)
self.token_client = TokenClient(self.config)
+ self.network_client = NetworkClient(*client_args)
class AltManager(Manager):
diff --git a/tempest/services/identity/json/admin_client.py b/tempest/services/identity/json/admin_client.py
index 7784d81..314814e 100644
--- a/tempest/services/identity/json/admin_client.py
+++ b/tempest/services/identity/json/admin_client.py
@@ -57,6 +57,29 @@
resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
return resp, body
+ def list_user_roles(self, user_id):
+ """Returns a list of roles assigned to a user for a tenant"""
+ resp, body = self.get('users/%s/roleRefs' % user_id)
+ body = json.loads(body)
+ return resp, body['roles']
+
+ def assign_user_role(self, user_id, role_id, tenant_id):
+ """Assigns a role to a user for a tenant"""
+ post_body = {
+ 'roleId': role_id,
+ 'tenantId': tenant_id
+ }
+ post_body = json.dumps({'role': post_body})
+ resp, body = self.post('users/%s/roleRefs' % user_id, post_body,
+ self.headers)
+ body = json.loads(body)
+ return resp, body['role']
+
+ def remove_user_role(self, user_id, role_id):
+ """Removes a role assignment for a user on a tenant"""
+ resp, body = self.delete('users/%s/roleRefs/%s' % (user_id, role_id))
+ return resp, body
+
def delete_tenant(self, tenant_id):
"""Delete a tenant"""
resp, body = self.delete('tenants/%s' % str(tenant_id))
diff --git a/tempest/services/network/__init__.py b/tempest/services/network/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tempest/services/network/__init__.py
diff --git a/tempest/services/network/json/__init__.py b/tempest/services/network/json/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tempest/services/network/json/__init__.py
diff --git a/tempest/services/network/json/network_client.py b/tempest/services/network/json/network_client.py
new file mode 100644
index 0000000..49b83fe
--- /dev/null
+++ b/tempest/services/network/json/network_client.py
@@ -0,0 +1,103 @@
+import json
+from tempest.common.rest_client import RestClient
+
+
+class NetworkClient(RestClient):
+
+ def __init__(self, config, username, password, auth_url, tenant_name=None):
+ super(NetworkClient, self).__init__(config, username, password,
+ auth_url, tenant_name)
+ self.service = self.config.network.catalog_type
+
+ def list_networks(self):
+ resp, body = self.get('networks')
+ body = json.loads(body)
+ return resp, body
+
+ def create_network(self, name, key="network"):
+ post_body = {
+ key: {
+ 'name': name
+ }
+ }
+ headers = {'Content-Type': 'application/json'}
+ body = json.dumps(post_body)
+ resp, body = self.post('networks',
+ headers=headers,
+ body=body)
+ body = json.loads(body)
+ return resp, body
+
+ def list_networks_details(self):
+ resp, body = self.get('networks/detail')
+ body = json.loads(body)
+ return resp, body
+
+ def get_network(self, uuid):
+ resp, body = self.get('networks/%s' % uuid)
+ body = json.loads(body)
+ return resp, body
+
+ def get_network_details(self, uuid):
+ resp, body = self.get('networks/%s/detail' % uuid)
+ body = json.loads(body)
+ return resp, body
+
+ def delete_network(self, uuid):
+ resp, body = self.delete('networks/%s' % uuid)
+ return resp, body
+
+ def create_port(self, network_id, zone, state=None, key='port'):
+ if not state:
+ state = 'ACTIVE'
+ post_body = {
+ key: {
+ 'state': state,
+ 'nova_id': zone
+ }
+ }
+ headers = {'Content-Type': 'application/json'}
+ body = json.dumps(post_body)
+ resp, body = self.post('networks/%s/ports.json' % network_id,
+ headers=headers, body=body)
+ body = json.loads(body)
+ return resp, body
+
+ def delete_port(self, network_id, port_id):
+ resp, body = self.delete('networks/%s/ports/%s.json' %
+ (network_id, port_id))
+ return resp, body
+
+ def list_ports(self, network_id):
+ resp, body = self.get('networks/%s/ports.json' % network_id)
+ body = json.loads(body)
+ return resp, body
+
+ def list_port_details(self, network_id):
+ url = 'networks/%s/ports/detail.json' % network_id
+ resp, body = self.get(url)
+ body = json.loads(body)
+ return resp, body
+
+ def attach_port(self, network_id, port_id, interface_id):
+ post_body = {
+ 'attachment': {
+ 'id': interface_id
+ }
+ }
+ headers = {'Content-Type': 'application/json'}
+ body = json.dumps(post_body)
+ url = 'networks/%s/ports/%s/attachment.json' % (network_id, port_id)
+ resp, body = self.put(url, headers=headers, body=body)
+ return resp, body
+
+ def detach_port(self, network_id, port_id):
+ url = 'networks/%s/ports/%s/attachment.json' % (network_id, port_id)
+ resp, body = self.delete(url)
+ return resp, body
+
+ def list_port_attachment(self, network_id, port_id):
+ url = 'networks/%s/ports/%s/attachment.json' % (network_id, port_id)
+ resp, body = self.get(url)
+ body = json.loads(body)
+ return resp, body
diff --git a/tempest/tests/compute/admin/test_flavors.py b/tempest/tests/compute/admin/test_flavors.py
index 377781b..e6e48ce 100644
--- a/tempest/tests/compute/admin/test_flavors.py
+++ b/tempest/tests/compute/admin/test_flavors.py
@@ -106,6 +106,16 @@
resp, _ = self.admin_client.delete_flavor(self.new_flavor_id)
self.assertEqual(resp.status, 202)
- # Get deleted flavor details
- self.assertRaises(exceptions.NotFound,
- self.admin_client.get_flavor_details, self.new_flavor_id)
+ # Deleted flavors can be seen via detailed GET
+ resp, flavor = self.admin_client.get_flavor_details(self.new_flavor_id)
+ self.assertEqual(resp.status, 200)
+ self.assertEqual(flavor['name'], self.flavor_name)
+
+ # Deleted flavors should not show up in a list however
+ resp, flavors = self.admin_client.list_flavors_with_detail()
+ self.assertEqual(resp.status, 200)
+ flag = True
+ for flavor in flavors:
+ if flavor['name'] == self.flavor_name:
+ flag = False
+ self.assertTrue(flag)
diff --git a/tempest/tests/identity/base_admin_test.py b/tempest/tests/identity/base_admin_test.py
index e8796c2..d5ba944 100644
--- a/tempest/tests/identity/base_admin_test.py
+++ b/tempest/tests/identity/base_admin_test.py
@@ -48,13 +48,13 @@
return user[0]
def get_tenant_by_name(self, name):
- _, tenants = self.client.get_tenants()
+ _, tenants = self.client.list_tenants()
tenant = [t for t in tenants if t['name'] == name]
if len(tenant) > 0:
return tenant[0]
def get_role_by_name(self, name):
- _, roles = self.client.get_roles()
+ _, roles = self.client.list_roles()
role = [r for r in roles if r['name'] == name]
if len(role) > 0:
return role[0]
@@ -92,9 +92,9 @@
def setup_test_role(self):
"""Set up a test role"""
- self.role_name = rand_name('role')
- resp, role = self.client.create_role(self.role_name)
- self.roles.append(role)
+ self.test_role = rand_name('role')
+ resp, self.role = self.client.create_role(self.test_role)
+ self.roles.append(self.role)
def teardown_all(self):
for user in self.users:
diff --git a/tempest/tests/identity/test_roles.py b/tempest/tests/identity/test_roles.py
index 1d413d7..f46fb8f 100644
--- a/tempest/tests/identity/test_roles.py
+++ b/tempest/tests/identity/test_roles.py
@@ -1,40 +1,45 @@
import unittest2 as unittest
-
-import nose
-
-from tempest import openstack
from tempest import exceptions
from tempest.common.utils.data_utils import rand_name
-from tempest.tests import utils
+from base_admin_test import BaseAdminTest
-class RolesTest(unittest.TestCase):
+class RolesTest(BaseAdminTest):
@classmethod
def setUpClass(cls):
- cls.os = openstack.AdminManager()
- cls.client = cls.os.admin_client
- cls.config = cls.os.config
+ super(RolesTest, cls).setUpClass()
- if not cls.client.has_admin_extensions():
- raise nose.SkipTest("Admin extensions disabled")
-
- cls.roles = []
for _ in xrange(5):
- resp, body = cls.client.create_role(rand_name('role-'))
- cls.roles.append(body['id'])
+ resp, role = cls.client.create_role(rand_name('role-'))
+ cls.data.roles.append(role)
- @classmethod
- def tearDownClass(cls):
- for role in cls.roles:
- cls.client.delete_role(role)
+ def _get_role_params(self):
+ self.data.setup_test_user()
+ self.data.setup_test_role()
+ user = self.get_user_by_name(self.data.test_user)
+ tenant = self.get_tenant_by_name(self.data.test_tenant)
+ role = self.get_role_by_name(self.data.test_role)
+ return (user, tenant, role)
def test_list_roles(self):
"""Return a list of all roles"""
resp, body = self.client.list_roles()
- found = [role for role in body if role['id'] in self.roles]
+ found = [role for role in body if role in self.data.roles]
self.assertTrue(any(found))
- self.assertEqual(len(found), len(self.roles))
+ self.assertEqual(len(found), len(self.data.roles))
+
+ def test_list_roles_by_unauthorized_user(self):
+ """Non admin user should not be able to list roles"""
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.list_roles)
+
+ def test_list_roles_request_without_token(self):
+ """Request to list roles without a valid token should fail"""
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized, self.client.list_roles)
+ self.client.clear_auth()
def test_role_create_delete(self):
"""Role should be created, verified, and deleted"""
@@ -83,3 +88,141 @@
except exceptions.Duplicate:
pass
self.client.delete_role(role1_id)
+
+
+class UserRolesTest(RolesTest):
+
+ @classmethod
+ def setUpClass(cls):
+ super(UserRolesTest, cls).setUpClass()
+
+ def test_assign_user_role(self):
+ """Assign a role to a user on a tenant"""
+ (user, tenant, role) = self._get_role_params()
+ self.client.assign_user_role(user['id'], role['id'], tenant['id'])
+ resp, roles = self.client.list_user_roles(user['id'])
+ self.assertEquals(tenant['id'], roles[0]['tenantId'])
+
+ def test_assign_user_role_by_unauthorized_user(self):
+ """Non admin user should not be authorized to assign a role to user"""
+ (user, tenant, role) = self._get_role_params()
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.assign_user_role,
+ user['id'], role['id'], tenant['id'])
+
+ def test_assign_user_role_request_without_token(self):
+ """Request to assign a role to a user without a valid token"""
+ (user, tenant, role) = self._get_role_params()
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized,
+ self.client.assign_user_role, user['id'], role['id'],
+ tenant['id'])
+ self.client.clear_auth()
+
+ @unittest.skip("Until Bug 999608 is fixed")
+ def test_assign_user_role_for_non_existent_user(self):
+ """Attempt to assign a role to a non existent user should fail"""
+ (user, tenant, role) = self._get_role_params()
+ self.assertRaises(exceptions.NotFound, self.client.assign_user_role,
+ 'junk-user-id-999', role['id'], tenant['id'])
+
+ @unittest.skip("Until Bug 999608 is fixed")
+ def test_assign_user_role_for_non_existent_role(self):
+ """Attempt to assign a non existent role to user should fail"""
+ (user, tenant, role) = self._get_role_params()
+ self.assertRaises(exceptions.NotFound, self.client.assign_user_role,
+ user['id'], 'junk-role-id-12345', tenant['id'])
+
+ @unittest.skip("Until Bug 999608 is fixed")
+ def test_assign_user_role_for_non_existent_tenant(self):
+ """Attempt to assign a role on a non existent tenant should fail"""
+ (user, tenant, role) = self._get_role_params()
+ self.assertRaises(exceptions.NotFound, self.client.assign_user_role,
+ user['id'], role['id'], 'junk-tenant-1234')
+
+ @unittest.skip("Until Bug 999594 is fixed")
+ def test_assign_duplicate_user_role(self):
+ """Duplicate user role should not get assigned"""
+ (user, tenant, role) = self._get_role_params()
+ self.client.create_user_role(user['id'], role['id'], tenant['id'])
+ resp, body = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ self.assertRaises(exceptions.Duplicate, self.client.assign_user_role,
+ user['id'], role['id'], tenant['id'])
+
+ @unittest.skip("Until Bug 999219 is fixed")
+ def test_remove_user_role(self):
+ """Remove a role assigned to a user on a tenant"""
+ (user, tenant, role) = self._get_role_params()
+ resp, user_role = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ resp, body = self.client.remove_user_role(user['id'], user_role['id'])
+ self.assertEquals(resp['status'], '204')
+
+ def test_remove_user_role_by_unauthorized_user(self):
+ """Non admin user should not be authorized to remove a user's role"""
+ (user, tenant, role) = self._get_role_params()
+ resp, user_role = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.remove_user_role,
+ user['id'], role['id'])
+
+ def test_remove_user_role_request_without_token(self):
+ """Request to remove a user's role without a valid token"""
+ (user, tenant, role) = self._get_role_params()
+ resp, user_role = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized,
+ self.client.remove_user_role, user['id'], role['id'])
+ self.client.clear_auth()
+
+ @unittest.skip("Until Bug 999567 is fixed")
+ def test_remove_user_role_non_existant_user(self):
+ """Attempt to remove a role from a non existent user should fail"""
+ (user, tenant, role) = self._get_role_params()
+ resp, user_role = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ self.assertRaises(exceptions.NotFound, self.client.remove_user_role,
+ 'junk-user-id-123', role['id'])
+
+ @unittest.skip("Until Bug 999567 is fixed")
+ def test_remove_user_role_non_existant_role(self):
+ """Attempt to delete a non existent role from a user should fail"""
+ (user, tenant, role) = self._get_role_params()
+ resp, user_role = self.client.assign_user_role(user['id'], role['id'],
+ tenant['id'])
+ self.assertRaises(exceptions.NotFound, self.client.remove_user_role,
+ user['id'], 'junk-user-role-123')
+
+ def test_list_user_roles(self):
+ """List roles assigned to a user on tenant"""
+ (user, tenant, role) = self._get_role_params()
+ self.client.assign_user_role(user['id'], role['id'], tenant['id'])
+ resp, roles = self.client.list_user_roles(user['id'])
+ self.assertEquals(tenant['id'], roles[0]['tenantId'])
+
+ def test_list_user_roles_by_unauthorized_user(self):
+ """Non admin user should not be authorized to list a user's roles"""
+ (user, tenant, role) = self._get_role_params()
+ self.client.assign_user_role(user['id'], role['id'], tenant['id'])
+ self.assertRaises(exceptions.Unauthorized,
+ self.non_admin_client.list_user_roles, user['id'])
+
+ def test_list_user_roles_request_without_token(self):
+ """Request to list user's roles without a valid token should fail"""
+ (user, tenant, role) = self._get_role_params()
+ token = self.client.get_auth()
+ self.client.delete_token(token)
+ self.assertRaises(exceptions.Unauthorized,
+ self.client.list_user_roles, user['id'])
+ self.client.clear_auth()
+
+ @unittest.skip("Until Bug 999209 is fixed")
+ def test_list_user_roles_for_non_existent_user(self):
+ """Attempt to list roles of a non existent user should fail"""
+ self.assertRaises(exceptions.NotFound, self.client.list_user_roles,
+ 'junk-role-aabbcc11')
diff --git a/tempest/tests/network/__init__.py b/tempest/tests/network/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tempest/tests/network/__init__.py
diff --git a/tempest/tests/network/test_networks.py b/tempest/tests/network/test_networks.py
new file mode 100644
index 0000000..6adbb6b
--- /dev/null
+++ b/tempest/tests/network/test_networks.py
@@ -0,0 +1,66 @@
+from nose.plugins.attrib import attr
+from tempest import openstack
+from tempest.common.utils.data_utils import rand_name
+import unittest2 as unittest
+
+
+class NetworksTest(unittest.TestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ cls.os = openstack.Manager()
+ cls.client = cls.os.network_client
+ cls.config = cls.os.config
+ cls.name = rand_name('network')
+ resp, body = cls.client.create_network(cls.name)
+ cls.network = body['network']
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.client.delete_network(cls.network['id'])
+
+ @attr(type='positive')
+ def test_create_delete_network(self):
+ """Creates and deletes a network for a tenant"""
+ name = rand_name('network')
+ resp, body = self.client.create_network(name)
+ self.assertEqual('202', resp['status'])
+ network = body['network']
+ self.assertTrue(network['id'] is not None)
+ resp, body = self.client.delete_network(network['id'])
+ self.assertEqual('204', resp['status'])
+
+ @attr(type='positive')
+ def test_show_network(self):
+ """Verifies the details of a network"""
+ resp, body = self.client.get_network(self.network['id'])
+ self.assertEqual('200', resp['status'])
+ network = body['network']
+ self.assertEqual(self.network['id'], network['id'])
+ self.assertEqual(self.name, network['name'])
+
+ @attr(type='positive')
+ def test_show_network_details(self):
+ """Verifies the full details of a network"""
+ resp, body = self.client.get_network_details(self.network['id'])
+ self.assertEqual('200', resp['status'])
+ network = body['network']
+ self.assertEqual(self.network['id'], network['id'])
+ self.assertEqual(self.name, network['name'])
+ self.assertEqual(len(network['ports']), 0)
+
+ @attr(type='positive')
+ def test_list_networks(self):
+ """Verify the network exists in the list of all networks"""
+ resp, body = self.client.list_networks()
+ networks = body['networks']
+ found = any(n for n in networks if n['id'] == self.network['id'])
+ self.assertTrue(found)
+
+ @attr(type='positive')
+ def test_list_networks_with_detail(self):
+ """Verify the network exists in the detailed list of all networks"""
+ resp, body = self.client.list_networks_details()
+ networks = body['networks']
+ found = any(n for n in networks if n['id'] == self.network['id'])
+ self.assertTrue(found)