22
22
"github.com/juju/juju/apiserver/facade/facadetest"
23
23
"github.com/juju/juju/apiserver/params"
24
24
apiservertesting "github.com/juju/juju/apiserver/testing"
25
"github.com/juju/juju/core/description"
25
"github.com/juju/juju/cloud"
26
"github.com/juju/juju/environs"
27
"github.com/juju/juju/environs/config"
26
28
"github.com/juju/juju/instance"
27
jujutesting "github.com/juju/juju/juju/testing"
29
"github.com/juju/juju/permission"
28
30
"github.com/juju/juju/state"
29
31
"github.com/juju/juju/state/multiwatcher"
32
statetesting "github.com/juju/juju/state/testing"
30
33
"github.com/juju/juju/testing"
31
34
"github.com/juju/juju/testing/factory"
34
37
type controllerSuite struct {
35
jujutesting.JujuConnSuite
38
statetesting.StateSuite
37
40
controller *controller.ControllerAPI
38
41
resources *common.Resources
42
45
var _ = gc.Suite(&controllerSuite{})
44
47
func (s *controllerSuite) SetUpTest(c *gc.C) {
45
s.JujuConnSuite.SetUpTest(c)
48
// Initial config needs to be set before the StateSuite SetUpTest.
49
s.InitialConfig = testing.CustomModelConfig(c, testing.Attrs{
53
s.StateSuite.SetUpTest(c)
46
54
s.resources = common.NewResources()
47
55
s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
49
57
s.authorizer = apiservertesting.FakeAuthorizer{
50
Tag: s.AdminUserTag(c),
53
62
controller, err := controller.NewControllerAPI(s.State, s.resources, s.authorizer)
105
114
c.Assert(obtained, jc.DeepEquals, expected)
117
func (s *controllerSuite) TestHostedModelConfigs_OnlyHostedModelsReturned(c *gc.C) {
118
owner := s.Factory.MakeUser(c, nil)
119
s.Factory.MakeModel(c, &factory.ModelParams{
120
Name: "first", Owner: owner.UserTag()}).Close()
121
remoteUserTag := names.NewUserTag("user@remote")
122
s.Factory.MakeModel(c, &factory.ModelParams{
123
Name: "second", Owner: remoteUserTag}).Close()
125
results, err := s.controller.HostedModelConfigs()
126
c.Assert(err, jc.ErrorIsNil)
127
c.Assert(len(results.Models), gc.Equals, 2)
129
one := results.Models[0]
130
two := results.Models[1]
132
c.Assert(one.Name, gc.Equals, "first")
133
c.Assert(one.OwnerTag, gc.Equals, owner.UserTag().String())
134
c.Assert(two.Name, gc.Equals, "second")
135
c.Assert(two.OwnerTag, gc.Equals, remoteUserTag.String())
138
func (s *controllerSuite) makeCloudSpec(c *gc.C, pSpec *params.CloudSpec) environs.CloudSpec {
139
c.Assert(pSpec, gc.NotNil)
140
var credential *cloud.Credential
141
if pSpec.Credential != nil {
142
credentialValue := cloud.NewCredential(
143
cloud.AuthType(pSpec.Credential.AuthType),
144
pSpec.Credential.Attributes,
146
credential = &credentialValue
148
spec := environs.CloudSpec{
151
Region: pSpec.Region,
152
Endpoint: pSpec.Endpoint,
153
IdentityEndpoint: pSpec.IdentityEndpoint,
154
StorageEndpoint: pSpec.StorageEndpoint,
155
Credential: credential,
157
c.Assert(spec.Validate(), jc.ErrorIsNil)
161
func (s *controllerSuite) TestHostedModelConfigs_CanOpenEnviron(c *gc.C) {
162
owner := s.Factory.MakeUser(c, nil)
163
s.Factory.MakeModel(c, &factory.ModelParams{
164
Name: "first", Owner: owner.UserTag()}).Close()
165
remoteUserTag := names.NewUserTag("user@remote")
166
s.Factory.MakeModel(c, &factory.ModelParams{
167
Name: "second", Owner: remoteUserTag}).Close()
169
results, err := s.controller.HostedModelConfigs()
170
c.Assert(err, jc.ErrorIsNil)
171
c.Assert(len(results.Models), gc.Equals, 2)
173
for _, model := range results.Models {
174
c.Assert(model.Error, gc.IsNil)
176
cfg, err := config.New(config.NoDefaults, model.Config)
177
c.Assert(err, jc.ErrorIsNil)
178
spec := s.makeCloudSpec(c, model.CloudSpec)
179
_, err = environs.New(environs.OpenParams{
183
c.Assert(err, jc.ErrorIsNil)
108
187
func (s *controllerSuite) TestListBlockedModels(c *gc.C) {
109
188
st := s.Factory.MakeModel(c, &factory.ModelParams{
381
463
c.Assert(err, jc.ErrorIsNil)
382
464
c.Check(mig.Id(), gc.Equals, expectedId)
383
465
c.Check(mig.ModelUUID(), gc.Equals, st.ModelUUID())
384
c.Check(mig.InitiatedBy(), gc.Equals, s.AdminUserTag(c).Id())
466
c.Check(mig.InitiatedBy(), gc.Equals, s.Owner.Id())
385
467
c.Check(mig.ExternalControl(), gc.Equals, args.Specs[i].ExternalControl)
387
469
targetInfo, err := mig.TargetInfo()
504
586
active, err := st.IsMigrationActive()
505
587
c.Assert(err, jc.ErrorIsNil)
506
588
c.Check(active, jc.IsFalse)
591
func (s *controllerSuite) TestInitiateMigrationSkipPrechecks(c *gc.C) {
592
st := s.Factory.MakeModel(c, nil)
594
controller.SetPrecheckResult(s, errors.New("should not happen"))
596
args := params.InitiateMigrationArgs{
597
Specs: []params.MigrationSpec{
599
ModelTag: st.ModelTag().String(),
600
TargetInfo: params.MigrationTargetInfo{
601
ControllerTag: randomControllerTag(),
602
Addrs: []string{"1.1.1.1:1111", "2.2.2.2:2222"},
604
AuthTag: names.NewUserTag("admin").String(),
607
ExternalControl: true,
608
SkipInitialPrechecks: true,
612
out, err := s.controller.InitiateMigration(args)
613
c.Assert(err, jc.ErrorIsNil)
614
c.Assert(out.Results, gc.HasLen, 1)
615
c.Check(out.Results[0].ModelTag, gc.Equals, st.ModelTag().String())
616
c.Check(out.Results[0].Error, gc.IsNil)
619
func randomControllerTag() string {
620
uuid := utils.MustNewUUID().String()
621
return names.NewControllerTag(uuid).String()
510
624
func randomModelTag() string {
542
656
func (s *controllerSuite) TestRevokeSuperuserLeavesAddModelAccess(c *gc.C) {
543
657
user := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
545
err := s.controllerGrant(c, user.UserTag(), string(description.SuperuserAccess))
659
err := s.controllerGrant(c, user.UserTag(), string(permission.SuperuserAccess))
546
660
c.Assert(err, gc.IsNil)
547
661
ctag := names.NewControllerTag(s.State.ControllerUUID())
548
662
controllerUser, err := s.State.UserAccess(user.UserTag(), ctag)
549
663
c.Assert(err, jc.ErrorIsNil)
550
c.Assert(controllerUser.Access, gc.Equals, description.SuperuserAccess)
664
c.Assert(controllerUser.Access, gc.Equals, permission.SuperuserAccess)
552
err = s.controllerRevoke(c, user.UserTag(), string(description.SuperuserAccess))
666
err = s.controllerRevoke(c, user.UserTag(), string(permission.SuperuserAccess))
553
667
c.Assert(err, gc.IsNil)
555
669
controllerUser, err = s.State.UserAccess(user.UserTag(), controllerUser.Object)
556
670
c.Assert(err, jc.ErrorIsNil)
557
c.Assert(controllerUser.Access, gc.Equals, description.AddModelAccess)
671
c.Assert(controllerUser.Access, gc.Equals, permission.AddModelAccess)
560
674
func (s *controllerSuite) TestRevokeAddModelLeavesLoginAccess(c *gc.C) {
561
675
user := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
563
err := s.controllerGrant(c, user.UserTag(), string(description.AddModelAccess))
677
err := s.controllerGrant(c, user.UserTag(), string(permission.AddModelAccess))
564
678
c.Assert(err, gc.IsNil)
565
679
ctag := names.NewControllerTag(s.State.ControllerUUID())
566
680
controllerUser, err := s.State.UserAccess(user.UserTag(), ctag)
567
681
c.Assert(err, jc.ErrorIsNil)
568
c.Assert(controllerUser.Access, gc.Equals, description.AddModelAccess)
682
c.Assert(controllerUser.Access, gc.Equals, permission.AddModelAccess)
570
err = s.controllerRevoke(c, user.UserTag(), string(description.AddModelAccess))
684
err = s.controllerRevoke(c, user.UserTag(), string(permission.AddModelAccess))
571
685
c.Assert(err, gc.IsNil)
573
687
controllerUser, err = s.State.UserAccess(user.UserTag(), controllerUser.Object)
574
688
c.Assert(err, jc.ErrorIsNil)
575
c.Assert(controllerUser.Access, gc.Equals, description.LoginAccess)
689
c.Assert(controllerUser.Access, gc.Equals, permission.LoginAccess)
578
692
func (s *controllerSuite) TestRevokeLoginRemovesControllerUser(c *gc.C) {
579
693
user := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
580
err := s.controllerRevoke(c, user.UserTag(), string(description.LoginAccess))
694
err := s.controllerRevoke(c, user.UserTag(), string(permission.LoginAccess))
581
695
c.Assert(err, gc.IsNil)
583
697
ctag := names.NewControllerTag(s.State.ControllerUUID())
596
710
func (s *controllerSuite) TestGrantOnlyGreaterAccess(c *gc.C) {
597
711
user := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
599
err := s.controllerGrant(c, user.UserTag(), string(description.AddModelAccess))
713
err := s.controllerGrant(c, user.UserTag(), string(permission.AddModelAccess))
600
714
c.Assert(err, gc.IsNil)
601
715
ctag := names.NewControllerTag(s.State.ControllerUUID())
602
716
controllerUser, err := s.State.UserAccess(user.UserTag(), ctag)
603
717
c.Assert(err, jc.ErrorIsNil)
604
c.Assert(controllerUser.Access, gc.Equals, description.AddModelAccess)
718
c.Assert(controllerUser.Access, gc.Equals, permission.AddModelAccess)
606
err = s.controllerGrant(c, user.UserTag(), string(description.AddModelAccess))
720
err = s.controllerGrant(c, user.UserTag(), string(permission.AddModelAccess))
607
721
expectedErr := `could not grant controller access: user already has "addmodel" access or greater`
608
722
c.Assert(err, gc.ErrorMatches, expectedErr)
611
725
func (s *controllerSuite) TestGrantControllerAddRemoteUser(c *gc.C) {
612
726
userTag := names.NewUserTag("foobar@ubuntuone")
614
err := s.controllerGrant(c, userTag, string(description.AddModelAccess))
728
err := s.controllerGrant(c, userTag, string(permission.AddModelAccess))
615
729
c.Assert(err, jc.ErrorIsNil)
617
731
ctag := names.NewControllerTag(s.State.ControllerUUID())
618
732
controllerUser, err := s.State.UserAccess(userTag, ctag)
619
733
c.Assert(err, jc.ErrorIsNil)
621
c.Assert(controllerUser.Access, gc.Equals, description.AddModelAccess)
735
c.Assert(controllerUser.Access, gc.Equals, permission.AddModelAccess)
624
738
func (s *controllerSuite) TestGrantControllerInvalidUserTag(c *gc.C) {
715
829
user := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
716
830
user2 := s.Factory.MakeUser(c, &factory.UserParams{NoModelUser: true})
718
err := s.controllerGrant(c, user.UserTag(), string(description.SuperuserAccess))
832
err := s.controllerGrant(c, user.UserTag(), string(permission.SuperuserAccess))
719
833
c.Assert(err, gc.IsNil)
720
err = s.controllerGrant(c, user2.UserTag(), string(description.AddModelAccess))
834
err = s.controllerGrant(c, user2.UserTag(), string(permission.AddModelAccess))
721
835
c.Assert(err, gc.IsNil)
722
836
req := params.Entities{
723
837
Entities: []params.Entity{{Tag: user.Tag().String()}, {Tag: user2.Tag().String()}},