Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / d15705bed5c4826312db1ed1f6e0debd6c046d57 / . / tempest / tests / identity / admin / test_users.py
blob: e2938bdb7fa773961958dea4aa400f700853ed89 [file] [log] [blame]
Jay Pipesf38eaac2012-06-21 13:37:35 -0400[diff] [blame]1# vim: tabstop=4 shiftwidth=4 softtabstop=4
2
3# Copyright 2012 OpenStack, LLC
4# All Rights Reserved.
5#
6# Licensed under the Apache License, Version 2.0 (the "License"); you may
7# not use this file except in compliance with the License. You may obtain
8# a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15# License for the specific language governing permissions and limitations
16# under the License.
17
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]18from nose.plugins.attrib import attr
Jay Pipesf38eaac2012-06-21 13:37:35 -0400[diff] [blame]19import unittest2 as unittest
20
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]21from tempest.common.utils.data_utils import rand_name
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]22from tempest import exceptions
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]23from tempest.tests.identity import base
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]24
25
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]26class UsersTestBase(object):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]27
28 alt_user = rand_name('test_user_')
29 alt_password = rand_name('pass_')
30 alt_email = alt_user + '@testmail.tm'
31 alt_tenant = rand_name('test_tenant_')
32 alt_description = rand_name('desc_')
33
34 @attr(type='smoke')
35 def test_create_user(self):
36 """Create a user"""
37 self.data.setup_test_tenant()
38 resp, user = self.client.create_user(self.alt_user, self.alt_password,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]39 self.data.tenant['id'],
40 self.alt_email)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]41 self.data.users.append(user)
42 self.assertEqual('200', resp['status'])
43 self.assertEqual(self.alt_user, user['name'])
44
45 @attr(type='negative')
46 def test_create_user_by_unauthorized_user(self):
47 """Non-admin should not be authorized to create a user"""
48 self.data.setup_test_tenant()
49 self.assertRaises(exceptions.Unauthorized,
50 self.non_admin_client.create_user, self.alt_user,
51 self.alt_password, self.data.tenant['id'],
52 self.alt_email)
53
54 @attr(type='negative')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]55 def test_create_user_with_empty_name(self):
56 """User with an empty name should not be created"""
57 self.data.setup_test_tenant()
58 self.assertRaises(exceptions.BadRequest, self.client.create_user, '',
59 self.alt_password, self.data.tenant['id'],
60 self.alt_email)
61
62 @attr(type='negative')
David Kranz28e35c52012-07-10 10:14:38 -0400[diff] [blame]63 @unittest.skip("Until Bug 966251 is fixed")
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]64 def test_create_user_with_name_length_over_64(self):
65 """Length of user name filed should be restricted to 64 characters"""
66 self.data.setup_test_tenant()
67 self.assertRaises(exceptions.BadRequest, self.client.create_user,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]68 'a' * 65, self.alt_password,
69 self.data.tenant['id'], self.alt_email)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]70
71 @attr(type='negative')
72 def test_create_user_with_duplicate_name(self):
73 """Duplicate user should not be created"""
74 self.data.setup_test_user()
75 self.assertRaises(exceptions.Duplicate, self.client.create_user,
76 self.data.test_user, self.data.test_password,
77 self.data.tenant['id'], self.data.test_email)
78
79 @attr(type='negative')
80 @unittest.skip("Until Bug 999084 is fixed")
81 def test_create_user_with_empty_password(self):
82 """User with an empty password should not be created"""
83 self.data.setup_test_tenant()
84 self.assertRaises(exceptions.BadRequest, self.client.create_user,
85 self.alt_user, '', self.data.tenant['id'],
86 self.alt_email)
87
88 @attr(type='nagative')
89 @unittest.skip("Until Bug 999084 is fixed")
90 def test_create_user_with_long_password(self):
91 """User having password exceeding max length should not be created"""
92 self.data.setup_test_tenant()
93 self.assertRaises(exceptions.BadRequest, self.client.create_user,
David Kranz28e35c52012-07-10 10:14:38 -0400[diff] [blame]94 self.alt_user, 'a' * 65, self.data.tenant['id'],
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]95 self.alt_email)
96
97 @attr(type='negative')
98 @unittest.skip("Until Bug 999084 is fixed")
99 def test_create_user_with_invalid_email_format(self):
100 """Email format should be validated while creating a user"""
101 self.data.setup_test_tenant()
102 self.assertRaises(exceptions.BadRequest, self.client.create_user,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]103 self.alt_user, '', self.data.tenant['id'], '12345')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]104
105 @attr(type='negative')
106 def test_create_user_for_non_existant_tenant(self):
107 """Attempt to create a user in a non-existent tenant should fail"""
108 self.assertRaises(exceptions.NotFound, self.client.create_user,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]109 self.alt_user, self.alt_password, '49ffgg99999',
110 self.alt_email)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]111
112 @attr(type='negative')
113 def test_create_user_request_without_a_token(self):
114 """Request to create a user without a valid token should fail"""
115 self.data.setup_test_tenant()
116 # Get the token of the current client
117 token = self.client.get_auth()
118 # Delete the token from database
119 self.client.delete_token(token)
120 self.assertRaises(exceptions.Unauthorized, self.client.create_user,
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]121 self.alt_user, self.alt_password,
122 self.data.tenant['id'], self.alt_email)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]123
124 # Unset the token to allow further tests to generate a new token
125 self.client.clear_auth()
126
127 @attr(type='smoke')
128 def test_delete_user(self):
129 """Delete a user"""
130 self.data.setup_test_tenant()
131 resp, user = self.client.create_user('user_1234', self.alt_password,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]132 self.data.tenant['id'],
133 self.alt_email)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]134 resp, body = self.client.delete_user(user['id'])
135 self.assertEquals('204', resp['status'])
136
137 @attr(type='negative')
138 def test_delete_users_by_unauthorized_user(self):
139 """Non admin user should not be authorized to delete a user"""
140 self.data.setup_test_user()
141 self.assertRaises(exceptions.Unauthorized,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]142 self.non_admin_client.delete_user,
143 self.data.user['id'])
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]144
145 @attr(type='negative')
146 def test_delete_non_existant_user(self):
147 """Attempt to delete a non-existent user should fail"""
148 self.assertRaises(exceptions.NotFound, self.client.delete_user,
149 'junk12345123')
150
151 @attr(type='smoke')
152 def test_user_authentication(self):
153 """Valid user's token is authenticated"""
154 self.data.setup_test_user()
155 # Get a token
156 self.token_client.auth(self.data.test_user, self.data.test_password,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]157 self.data.test_tenant)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]158 # Re-auth
159 resp, body = self.token_client.auth(self.data.test_user,
160 self.data.test_password,
161 self.data.test_tenant)
162 self.assertEqual('200', resp['status'])
163
164 @attr(type='negative')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]165 def test_authentication_for_disabled_user(self):
166 """Disabled user's token should not get authenticated"""
167 self.data.setup_test_user()
168 self.disable_user(self.data.test_user)
169 self.assertRaises(exceptions.Unauthorized, self.token_client.auth,
170 self.data.test_user,
171 self.data.test_password,
172 self.data.test_tenant)
173
174 @attr(type='negative')
175 @unittest.skip('Until Bug 988920 is fixed')
176 def test_authentication_when_tenant_is_disabled(self):
177 """User's token for a disabled tenant should not be authenticated"""
178 self.data.setup_test_user()
179 self.disable_tenant(self.data.test_tenant)
180 self.assertRaises(exceptions.Unauthorized, self.token_client.auth,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]181 self.data.test_user,
182 self.data.test_password,
183 self.data.test_tenant)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]184
185 @attr(type='negative')
186 @unittest.skip('Until Bug 988920 is fixed')
187 def test_authentication_with_invalid_tenant(self):
188 """User's token for an invalid tenant should not be authenticated"""
189 self.data.setup_one_user()
190 self.assertRaises(exceptions.Unauthorized, self.token_client.auth,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]191 self.data.test_user,
192 self.data.test_password,
193 'junktenant1234')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]194
195 @attr(type='negative')
196 def test_authentication_with_invalid_username(self):
197 """Non-existent user's token should not get authenticated"""
198 self.assertRaises(exceptions.Unauthorized, self.token_client.auth,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]199 'junkuser123', self.data.test_password,
200 self.data.test_tenant)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]201
202 @attr(type='negative')
203 def test_authentication_with_invalid_password(self):
204 """User's token with invalid password should not be authenticated"""
205 self.data.setup_test_user()
206 self.assertRaises(exceptions.Unauthorized, self.token_client.auth,
207 self.data.test_user, 'junkpass1234',
208 self.data.test_tenant)
209
210 @attr(type='positive')
211 def test_authentication_request_without_token(self):
212 """Request for token authentication with a valid token in header"""
213 self.data.setup_test_user()
214 self.token_client.auth(self.data.test_user, self.data.test_password,
215 self.data.test_tenant)
216 # Get the token of the current client
217 token = self.client.get_auth()
218 # Delete the token from database
219 self.client.delete_token(token)
220 # Re-auth
221 resp, body = self.token_client.auth(self.data.test_user,
222 self.data.test_password,
223 self.data.test_tenant)
224 self.assertEqual('200', resp['status'])
225 self.client.clear_auth()
226
227 @attr(type='smoke')
228 def test_get_users(self):
229 """Get a list of users and find the test user"""
230 self.data.setup_test_user()
231 resp, users = self.client.get_users()
232 self.assertIn(self.data.test_user, [u['name'] for u in users],
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]233 "Could not find %s" % self.data.test_user)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]234
235 @attr(type='negative')
236 def test_get_users_by_unauthorized_user(self):
237 """Non admin user should not be authorized to get user list"""
238 self.data.setup_test_user()
239 self.assertRaises(exceptions.Unauthorized,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]240 self.non_admin_client.get_users)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]241
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]242 @attr(type='negative')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]243 def test_get_users_request_without_token(self):
244 """Request to get list of users without a valid token should fail"""
245 token = self.client.get_auth()
246 self.client.delete_token(token)
247 self.assertRaises(exceptions.Unauthorized, self.client.get_users)
248 self.client.clear_auth()
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]249
250 @attr(type='positive')
251 def test_list_users_for_tenant(self):
252 """Return a list of all users for a tenant"""
253 self.data.setup_test_tenant()
254 user_ids = list()
255 fetched_user_ids = list()
256 resp, user1 = self.client.create_user('tenant_user1', 'password1',
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]257 self.data.tenant['id'],
258 'user1@123')
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]259 user_ids.append(user1['id'])
260 self.data.users.append(user1)
261 resp, user2 = self.client.create_user('tenant_user2', 'password2',
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]262 self.data.tenant['id'],
263 'user2@123')
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]264 user_ids.append(user2['id'])
265 self.data.users.append(user2)
266 #List of users for the respective tenant ID
267 resp, body = self.client.list_users_for_tenant(self.data.tenant['id'])
268 self.assertTrue(resp['status'].startswith('2'))
269 for i in body:
270 fetched_user_ids.append(i['id'])
271 #verifying the user Id in the list
272 missing_users =\
273 [user for user in user_ids if user not in fetched_user_ids]
274 self.assertEqual(0, len(missing_users),
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]275 "Failed to find user %s in fetched list" %
276 ', '.join(m_user for m_user in missing_users))
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]277
278 @attr(type='positive')
279 def test_list_users_with_roles_for_tenant(self):
280 """Return list of users on tenant when roles are assigned to users"""
281 self.data.setup_test_user()
282 self.data.setup_test_role()
283 user = self.get_user_by_name(self.data.test_user)
284 tenant = self.get_tenant_by_name(self.data.test_tenant)
285 role = self.get_role_by_name(self.data.test_role)
286 #Assigning roles to two users
287 user_ids = list()
288 fetched_user_ids = list()
289 user_ids.append(user['id'])
290 self.client.assign_user_role(tenant['id'], user['id'], role['id'])
291 resp, second_user = self.client.create_user('second_user', 'password1',
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]292 self.data.tenant['id'],
293 'user1@123')
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]294 user_ids.append(second_user['id'])
295 self.data.users.append(second_user)
296 self.client.assign_user_role(tenant['id'], second_user['id'],
297 role['id'])
298 #List of users with roles for the respective tenant ID
299 resp, body = self.client.list_users_for_tenant(self.data.tenant['id'])
300 self.assertTrue(resp['status'].startswith('2'))
301 for i in body:
302 fetched_user_ids.append(i['id'])
303 #verifying the user Id in the list
304 missing_users =\
305 [user for user in user_ids if user not in fetched_user_ids]
306 self.assertEqual(0, len(missing_users),
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]307 "Failed to find user %s in fetched list" %
308 ', '.join(m_user for m_user in missing_users))
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]309
310 @attr(type='negative')
311 def test_list_users_with_invalid_tenant(self):
312 """
313 Should not be able to return a list of all
314 users for a nonexistant tenant
315 """
316 #Assign invalid tenant ids
317 invalid_id = list()
318 invalid_id.append(rand_name('999'))
319 invalid_id.append('alpha')
320 invalid_id.append(rand_name("dddd@#%%^$"))
321 invalid_id.append('!@#()$%^&*?<>{}[]')
322 #List the users with invalid tenant id
323 fail = list()
324 for invalid in invalid_id:
325 try:
326 resp, body = self.client.list_users_for_tenant(invalid)
327 except exceptions.NotFound:
328 pass
329 else:
330 fail.append(invalid)
331 if len(fail) != 0:
332 self.fail('Should raise Not Found when list users with invalid'
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]333 'tenant ids %s' % fail)
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]334
335
336class UsersTestJSON(base.BaseIdentityAdminTestJSON,
337 UsersTestBase):
338 @classmethod
339 def setUpClass(cls):
340 super(UsersTestJSON, cls).setUpClass()
341
342
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]343class UsersTestXML(base.BaseIdentityAdminTestXML, UsersTestBase):
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]344 @classmethod
345 def setUpClass(cls):
346 super(UsersTestXML, cls).setUpClass()