File: root.py

package info (click to toggle)
openstack-trove 2014.1.3-8
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 10,752 kB
  • ctags: 6,663
  • sloc: python: 37,317; xml: 1,485; sh: 281; makefile: 49
file content (173 lines) | stat: -rw-r--r-- 7,040 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
 
#    Copyright 2011 OpenStack Foundation
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.


from troveclient.compat import exceptions

from nose.plugins.skip import SkipTest
from proboscis import before_class
from proboscis import test
from proboscis.asserts import assert_equal
from proboscis.asserts import assert_false
from proboscis.asserts import assert_not_equal
from proboscis.asserts import assert_raises
from proboscis.asserts import assert_true

from trove import tests
from trove.tests.api.users import TestUsers
from trove.tests.api.instances import instance_info
from trove.tests import util
from trove.tests.util import test_config
from trove.tests.api.databases import TestMysqlAccess


GROUP = "dbaas.api.root"


@test(depends_on_classes=[TestMysqlAccess],
      runs_after=[TestUsers],
      groups=[tests.DBAAS_API, GROUP, tests.INSTANCES])
class TestRoot(object):
    """
    Test the root operations
    """

    root_enabled_timestamp = 'Never'
    system_users = ['root', 'debian_sys_maint']

    @before_class
    def setUp(self):
        self.dbaas = util.create_dbaas_client(instance_info.user)
        self.dbaas_admin = util.create_dbaas_client(instance_info.admin_user)

    def _verify_root_timestamp(self, id):
        reh = self.dbaas_admin.management.root_enabled_history(id)
        timestamp = reh.enabled
        assert_equal(self.root_enabled_timestamp, timestamp)
        assert_equal(id, reh.id)

    def _root(self):
        global root_password
        self.dbaas.root.create(instance_info.id)
        assert_equal(200, self.dbaas.last_http_code)
        reh = self.dbaas_admin.management.root_enabled_history
        self.root_enabled_timestamp = reh(instance_info.id).enabled

    @test
    def test_root_initially_disabled(self):
        """Test that root is disabled"""
        enabled = self.dbaas.root.is_root_enabled(instance_info.id)
        assert_equal(200, self.dbaas.last_http_code)

        is_enabled = enabled
        if hasattr(enabled, 'rootEnabled'):
            is_enabled = enabled.rootEnabled
        assert_false(is_enabled, "Root SHOULD NOT be enabled.")

    @test
    def test_create_user_os_admin_failure(self):
        users = [{"name": "os_admin", "password": "12345"}]
        assert_raises(exceptions.BadRequest, self.dbaas.users.create,
                      instance_info.id, users)

    @test
    def test_delete_user_os_admin_failure(self):
        assert_raises(exceptions.BadRequest, self.dbaas.users.delete,
                      instance_info.id, "os_admin")

    @test(depends_on=[test_root_initially_disabled],
          enabled=not test_config.values['root_removed_from_instance_api'])
    def test_root_initially_disabled_details(self):
        """Use instance details to test that root is disabled."""
        instance = self.dbaas.instances.get(instance_info.id)
        assert_true(hasattr(instance, 'rootEnabled'),
                    "Instance has no rootEnabled property.")
        assert_false(instance.rootEnabled, "Root SHOULD NOT be enabled.")
        assert_equal(self.root_enabled_timestamp, 'Never')

    @test(depends_on=[test_root_initially_disabled_details])
    def test_root_disabled_in_mgmt_api(self):
        """Verifies in the management api that the timestamp exists"""
        self._verify_root_timestamp(instance_info.id)

    @test(depends_on=[test_root_initially_disabled_details])
    def test_enable_root(self):
        self._root()

    @test(depends_on=[test_enable_root])
    def test_enabled_timestamp(self):
        assert_not_equal(self.root_enabled_timestamp, 'Never')

    @test(depends_on=[test_enable_root])
    def test_root_not_in_users_list(self):
        """
        Tests that despite having enabled root, user root doesn't appear
        in the users list for the instance.
        """
        users = self.dbaas.users.list(instance_info.id)
        usernames = [user.name for user in users]
        assert_true('root' not in usernames)

    @test(depends_on=[test_enable_root])
    def test_root_now_enabled(self):
        """Test that root is now enabled."""
        enabled = self.dbaas.root.is_root_enabled(instance_info.id)
        assert_equal(200, self.dbaas.last_http_code)
        assert_true(enabled, "Root SHOULD be enabled.")

    @test(depends_on=[test_root_now_enabled],
          enabled=not test_config.values['root_removed_from_instance_api'])
    def test_root_now_enabled_details(self):
        """Use instance details to test that root is now enabled."""
        instance = self.dbaas.instances.get(instance_info.id)
        assert_true(hasattr(instance, 'rootEnabled'),
                    "Instance has no rootEnabled property.")
        assert_true(instance.rootEnabled, "Root SHOULD be enabled.")
        assert_not_equal(self.root_enabled_timestamp, 'Never')
        self._verify_root_timestamp(instance_info.id)

    @test(depends_on=[test_root_now_enabled_details])
    def test_reset_root(self):
        if test_config.values['root_timestamp_disabled']:
            raise SkipTest("Enabled timestamp not enabled yet")
        old_ts = self.root_enabled_timestamp
        self._root()
        assert_not_equal(self.root_enabled_timestamp, 'Never')
        assert_equal(self.root_enabled_timestamp, old_ts)

    @test(depends_on=[test_reset_root])
    def test_root_still_enabled(self):
        """Test that after root was reset it's still enabled."""
        enabled = self.dbaas.root.is_root_enabled(instance_info.id)
        assert_equal(200, self.dbaas.last_http_code)
        assert_true(enabled, "Root SHOULD still be enabled.")

    @test(depends_on=[test_root_still_enabled],
          enabled=not test_config.values['root_removed_from_instance_api'])
    def test_root_still_enabled_details(self):
        """Use instance details to test that after root was reset,
            it's still enabled.
        """
        instance = self.dbaas.instances.get(instance_info.id)
        assert_true(hasattr(instance, 'rootEnabled'),
                    "Instance has no rootEnabled property.")
        assert_true(instance.rootEnabled, "Root SHOULD still be enabled.")
        assert_not_equal(self.root_enabled_timestamp, 'Never')
        self._verify_root_timestamp(instance_info.id)

    @test(depends_on=[test_enable_root])
    def test_root_cannot_be_deleted(self):
        """Even if root was enabled, the user root cannot be deleted."""
        assert_raises(exceptions.BadRequest, self.dbaas.users.delete,
                      instance_info.id, "root")