[Kimchi-devel] [PATCH 5/9] Move host authorization tests from Kimchi to Ginger Base

Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- .../plugins/gingerbase/tests/test_authorization.py | 72 ++++++++++++++++++++++ src/wok/plugins/kimchi/tests/test_authorization.py | 14 ----- 2 files changed, 72 insertions(+), 14 deletions(-) create mode 100644 src/wok/plugins/gingerbase/tests/test_authorization.py diff --git a/src/wok/plugins/gingerbase/tests/test_authorization.py b/src/wok/plugins/gingerbase/tests/test_authorization.py new file mode 100644 index 0000000..7460679 --- /dev/null +++ b/src/wok/plugins/gingerbase/tests/test_authorization.py @@ -0,0 +1,72 @@ +# +# Project Ginger Base +# +# Copyright IBM, Corp. 2014-2015 +# +# Code derived from Project Kimchi +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +import os +import unittest +from functools import partial + +from wok.plugins.kimchi import mockmodel + +from utils import get_free_port, patch_auth, request, run_server + +test_server = None +model = None +host = None +port = None +ssl_port = None +fake_iso = '/tmp/fake.iso' + + +def setUpModule(): + global test_server, model, host, port, ssl_port + + patch_auth(sudo=False) + model = mockmodel.MockModel('/tmp/obj-store-test') + host = '127.0.0.1' + port = get_free_port('http') + ssl_port = get_free_port('https') + test_server = run_server(host, port, ssl_port, test_mode=True, model=model) + + +def tearDownModule(): + test_server.stop() + os.unlink('/tmp/obj-store-test') + + +class AuthorizationTests(unittest.TestCase): + def setUp(self): + self.request = partial(request, host, ssl_port) + model.reset() + + def test_nonroot_access(self): + # Non-root users can access static host information + resp = self.request('/plugins/gingerbase/host', '{}', 'GET') + self.assertEquals(403, resp.status) + + # Non-root users can access host stats + resp = self.request('/plugins/gingerbase/host/stats', '{}', 'GET') + self.assertEquals(403, resp.status) + + # Non-root users can not reboot/shutdown host system + resp = self.request('/plugins/gingerbase/host/reboot', '{}', 'POST') + self.assertEquals(403, resp.status) + resp = self.request('/plugins/gingerbase/host/shutdown', '{}', 'POST') + self.assertEquals(403, resp.status) diff --git a/src/wok/plugins/kimchi/tests/test_authorization.py b/src/wok/plugins/kimchi/tests/test_authorization.py index fda86a3..cfc1715 100644 --- a/src/wok/plugins/kimchi/tests/test_authorization.py +++ b/src/wok/plugins/kimchi/tests/test_authorization.py @@ -63,20 +63,6 @@ class AuthorizationTests(unittest.TestCase): model.reset() def test_nonroot_access(self): - # Non-root users can access static host information - resp = self.request('/plugins/kimchi/host', '{}', 'GET') - self.assertEquals(403, resp.status) - - # Non-root users can access host stats - resp = self.request('/plugins/kimchi/host/stats', '{}', 'GET') - self.assertEquals(403, resp.status) - - # Non-root users can not reboot/shutdown host system - resp = self.request('/plugins/kimchi/host/reboot', '{}', 'POST') - self.assertEquals(403, resp.status) - resp = self.request('/plugins/kimchi/host/shutdown', '{}', 'POST') - self.assertEquals(403, resp.status) - # Non-root users can not create or delete network (only get) resp = self.request('/plugins/kimchi/networks', '{}', 'GET') self.assertEquals(200, resp.status) -- 2.1.0