← Back to branch summary

~juju-qa/ubuntu/yakkety/juju/2.0-beta17

« back to all changes in this revision

Viewing changes to src/github.com/juju/juju/apiserver/cloud/cloud_test.go

  • Committer: Nicholas Skaggs
  • Date: 2016-08-26 19:28:00 UTC
  • mfrom: (1.5.1)
  • Revision ID: nicholas.skaggs@canonical.com-20160826192800-b2rgj3da7tgfdca4
* New upstream release 2.0-beta16
* Remove all quilt patches
* Ensure autopkgtests run on LXD upload (LP: #1614724)
* Update debian/copyrights

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/github.com/juju/juju/apiserver/cloud/cloud_test.go
27
27
func (s *cloudSuite) SetUpTest(c *gc.C) {
28
28
        s.IsolationSuite.SetUpTest(c)
29
29
        s.authorizer = apiservertesting.FakeAuthorizer{
30
 
                Tag: names.NewUserTag("bruce@local"),
 
30
                Tag: names.NewUserTag("admin@local"),
31
31
        }
32
32
        s.backend = mockBackend{
33
33
                cloud: cloud.Cloud{
35
35
                        AuthTypes: []cloud.AuthType{cloud.EmptyAuthType, cloud.UserPassAuthType},
36
36
                        Regions:   []cloud.Region{{Name: "nether", Endpoint: "endpoint"}},
37
37
                },
38
 
                creds: map[string]cloud.Credential{
39
 
                        "one": cloud.NewEmptyCredential(),
40
 
                        "two": cloud.NewCredential(cloud.UserPassAuthType, map[string]string{
 
38
                creds: map[names.CloudCredentialTag]cloud.Credential{
 
39
                        names.NewCloudCredentialTag("meep/bruce@local/one"): cloud.NewEmptyCredential(),
 
40
                        names.NewCloudCredentialTag("meep/bruce@local/two"): cloud.NewCredential(cloud.UserPassAuthType, map[string]string{
41
41
                                "username": "admin",
42
42
                                "password": "adm1n",
43
43
                        }),
68
68
        })
69
69
}
70
70
 
71
 
func (s *cloudSuite) TestCloudDefaults(c *gc.C) {
72
 
        results, err := s.api.CloudDefaults(params.Entities{[]params.Entity{
73
 
                {"machine-0"},
74
 
                {"user-admin"},
75
 
                {"user-bruce"},
76
 
        }})
77
 
        c.Assert(err, jc.ErrorIsNil)
78
 
        s.backend.CheckCallNames(c,
79
 
                "IsControllerAdministrator", // for auth-checking
80
 
                "ControllerModel",
81
 
                "IsControllerAdministrator", // to get default credential
82
 
        )
83
 
        c.Assert(results.Results, gc.HasLen, 3)
84
 
        c.Assert(results.Results[0].Error, jc.DeepEquals, &params.Error{
85
 
                Message: `"machine-0" is not a valid user tag`,
86
 
        })
87
 
        c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
88
 
                Message: "permission denied", Code: params.CodeUnauthorized,
89
 
        })
90
 
        c.Assert(results.Results[2].Error, gc.IsNil)
91
 
        c.Assert(results.Results[2].Result, jc.DeepEquals, &params.CloudDefaults{
92
 
                CloudTag:        "cloud-some-cloud",
93
 
                CloudRegion:     "some-region",
94
 
                CloudCredential: "",
95
 
        })
96
 
}
97
 
 
98
 
func (s *cloudSuite) TestCloudDefaultsAdminAccess(c *gc.C) {
99
 
        s.authorizer.Tag = names.NewUserTag("admin@local")
100
 
        results, err := s.api.CloudDefaults(params.Entities{[]params.Entity{
101
 
                {"user-admin"},
102
 
        }})
103
 
        c.Assert(err, jc.ErrorIsNil)
104
 
        s.backend.CheckCallNames(c,
105
 
                "IsControllerAdministrator", // for auth-checking
106
 
                "ControllerModel",
107
 
                "IsControllerAdministrator", // to get default credential
108
 
        )
109
 
        c.Assert(results.Results, gc.HasLen, 1)
110
 
        c.Assert(results.Results[0].Error, gc.IsNil)
111
 
        c.Assert(results.Results[0].Result, jc.DeepEquals, &params.CloudDefaults{
112
 
                CloudTag:        "cloud-some-cloud",
113
 
                CloudRegion:     "some-region",
114
 
                CloudCredential: "some-credential",
 
71
func (s *cloudSuite) TestDefaultCloud(c *gc.C) {
 
72
        result, err := s.api.DefaultCloud()
 
73
        c.Assert(err, jc.ErrorIsNil)
 
74
        s.backend.CheckCallNames(c, "ControllerModel")
 
75
        c.Assert(result, jc.DeepEquals, params.StringResult{
 
76
                Result: "cloud-some-cloud",
115
77
        })
116
78
}
117
79
 
118
80
func (s *cloudSuite) TestCredentials(c *gc.C) {
 
81
        s.authorizer.Tag = names.NewUserTag("bruce@local")
119
82
        results, err := s.api.Credentials(params.UserClouds{[]params.UserCloud{{
120
83
                UserTag:  "machine-0",
121
84
                CloudTag: "cloud-meep",
127
90
                CloudTag: "cloud-meep",
128
91
        }}})
129
92
        c.Assert(err, jc.ErrorIsNil)
130
 
        s.backend.CheckCallNames(c, "IsControllerAdministrator", "CloudCredentials")
 
93
        s.backend.CheckCallNames(c, "ControllerTag", "CloudCredentials")
131
94
        s.backend.CheckCall(c, 1, "CloudCredentials", names.NewUserTag("bruce"), "meep")
132
95
 
133
96
        c.Assert(results.Results, gc.HasLen, 3)
138
101
                Message: "permission denied", Code: params.CodeUnauthorized,
139
102
        })
140
103
        c.Assert(results.Results[2].Error, gc.IsNil)
141
 
        c.Assert(results.Results[2].Credentials, jc.DeepEquals, map[string]params.CloudCredential{
142
 
                "one": {
143
 
                        AuthType: "empty",
144
 
                },
145
 
                "two": {
146
 
                        AuthType: "userpass",
147
 
                        Attributes: map[string]string{
148
 
                                "username": "admin",
149
 
                                "password": "adm1n",
150
 
                        },
151
 
                },
 
104
        c.Assert(results.Results[2].Result, jc.SameContents, []string{
 
105
                "cloudcred-meep_bruce@local_one",
 
106
                "cloudcred-meep_bruce@local_two",
152
107
        })
153
108
}
154
109
 
159
114
                CloudTag: "cloud-meep",
160
115
        }}})
161
116
        c.Assert(err, jc.ErrorIsNil)
162
 
        s.backend.CheckCallNames(c, "IsControllerAdministrator", "CloudCredentials")
 
117
        s.backend.CheckCallNames(c, "ControllerTag", "CloudCredentials")
163
118
        c.Assert(results.Results, gc.HasLen, 1)
164
119
        // admin can access others' credentials
165
120
        c.Assert(results.Results[0].Error, gc.IsNil)
166
121
}
167
122
 
168
123
func (s *cloudSuite) TestUpdateCredentials(c *gc.C) {
169
 
        results, err := s.api.UpdateCredentials(params.UsersCloudCredentials{[]params.UserCloudCredentials{{
170
 
                UserTag:  "machine-0",
171
 
                CloudTag: "cloud-meep",
172
 
        }, {
173
 
                UserTag:  "user-admin",
174
 
                CloudTag: "cloud-meep",
175
 
        }, {
176
 
                UserTag:  "user-bruce",
177
 
                CloudTag: "cloud-meep",
178
 
                Credentials: map[string]params.CloudCredential{
179
 
                        "three": {
180
 
                                AuthType:   "oauth1",
181
 
                                Attributes: map[string]string{"token": "foo:bar:baz"},
182
 
                        },
183
 
                        "four": {
184
 
                                AuthType: "access-key",
185
 
                                Attributes: map[string]string{
186
 
                                        "access-key": "foo",
187
 
                                        "secret-key": "bar",
188
 
                                },
189
 
                        },
 
124
        s.authorizer.Tag = names.NewUserTag("bruce@local")
 
125
        results, err := s.api.UpdateCredentials(params.UpdateCloudCredentials{[]params.UpdateCloudCredential{{
 
126
                Tag: "machine-0",
 
127
        }, {
 
128
                Tag: "cloudcred-meep_admin_whatever",
 
129
        }, {
 
130
                Tag: "cloudcred-meep_bruce_three",
 
131
                Credential: params.CloudCredential{
 
132
                        AuthType:   "oauth1",
 
133
                        Attributes: map[string]string{"token": "foo:bar:baz"},
190
134
                },
191
135
        }}})
192
136
        c.Assert(err, jc.ErrorIsNil)
193
 
        s.backend.CheckCallNames(c, "IsControllerAdministrator", "UpdateCloudCredentials")
 
137
        s.backend.CheckCallNames(c, "ControllerTag", "UpdateCloudCredential")
194
138
        c.Assert(results.Results, gc.HasLen, 3)
195
139
        c.Assert(results.Results[0].Error, jc.DeepEquals, &params.Error{
196
 
                Message: `"machine-0" is not a valid user tag`,
 
140
                Message: `"machine-0" is not a valid cloudcred tag`,
197
141
        })
198
142
        c.Assert(results.Results[1].Error, jc.DeepEquals, &params.Error{
199
143
                Message: "permission denied", Code: params.CodeUnauthorized,
201
145
        c.Assert(results.Results[2].Error, gc.IsNil)
202
146
 
203
147
        s.backend.CheckCall(
204
 
                c, 1, "UpdateCloudCredentials",
205
 
                names.NewUserTag("bruce"),
206
 
                "meep",
207
 
                map[string]cloud.Credential{
208
 
                        "three": cloud.NewCredential(
209
 
                                cloud.OAuth1AuthType,
210
 
                                map[string]string{"token": "foo:bar:baz"},
211
 
                        ),
212
 
                        "four": cloud.NewCredential(
213
 
                                cloud.AccessKeyAuthType,
214
 
                                map[string]string{"access-key": "foo", "secret-key": "bar"},
215
 
                        ),
216
 
                },
 
148
                c, 1, "UpdateCloudCredential",
 
149
                names.NewCloudCredentialTag("meep/bruce/three"),
 
150
                cloud.NewCredential(
 
151
                        cloud.OAuth1AuthType,
 
152
                        map[string]string{"token": "foo:bar:baz"},
 
153
                ),
217
154
        )
218
155
}
219
156
 
220
157
func (s *cloudSuite) TestUpdateCredentialsAdminAccess(c *gc.C) {
221
158
        s.authorizer.Tag = names.NewUserTag("admin@local")
222
 
        results, err := s.api.UpdateCredentials(params.UsersCloudCredentials{[]params.UserCloudCredentials{{
223
 
                UserTag:  "user-julia",
224
 
                CloudTag: "cloud-meep",
225
 
                Credentials: map[string]params.CloudCredential{
226
 
                        "three": {
227
 
                                AuthType:   "oauth1",
228
 
                                Attributes: map[string]string{"token": "foo:bar:baz"},
229
 
                        },
 
159
        results, err := s.api.UpdateCredentials(params.UpdateCloudCredentials{[]params.UpdateCloudCredential{{
 
160
                Tag: "cloudcred-meep_julia_three",
 
161
                Credential: params.CloudCredential{
 
162
                        AuthType:   "oauth1",
 
163
                        Attributes: map[string]string{"token": "foo:bar:baz"},
230
164
                },
231
165
        }}})
232
166
        c.Assert(err, jc.ErrorIsNil)
233
 
        s.backend.CheckCallNames(c, "IsControllerAdministrator", "UpdateCloudCredentials")
 
167
        s.backend.CheckCallNames(c, "ControllerTag", "UpdateCloudCredential")
234
168
        c.Assert(results.Results, gc.HasLen, 1)
235
169
        // admin can update others' credentials
236
170
        c.Assert(results.Results[0].Error, gc.IsNil)
239
173
type mockBackend struct {
240
174
        gitjujutesting.Stub
241
175
        cloud cloud.Cloud
242
 
        creds map[string]cloud.Credential
 
176
        creds map[names.CloudCredentialTag]cloud.Credential
243
177
}
244
178
 
245
 
func (st *mockBackend) IsControllerAdministrator(user names.UserTag) (bool, error) {
246
 
        st.MethodCall(st, "IsControllerAdministrator", user)
 
179
func (st *mockBackend) IsControllerAdmin(user names.UserTag) (bool, error) {
 
180
        st.MethodCall(st, "IsControllerAdmin", user)
247
181
        return user.Canonical() == "admin@local", st.NextErr()
248
182
}
249
183
 
250
184
func (st *mockBackend) ControllerModel() (cloudfacade.Model, error) {
251
185
        st.MethodCall(st, "ControllerModel")
252
 
        return &mockModel{"some-cloud", "some-region", "some-credential"}, st.NextErr()
 
186
        credentialTag := names.NewCloudCredentialTag("some-cloud/admin@local/some-credential")
 
187
        return &mockModel{"some-cloud", "some-region", credentialTag}, st.NextErr()
 
188
}
 
189
 
 
190
func (st *mockBackend) ControllerTag() names.ControllerTag {
 
191
        st.MethodCall(st, "ControllerTag")
 
192
        return names.NewControllerTag("deadbeef-0bad-400d-8000-4b1d0d06f00d")
 
193
}
 
194
 
 
195
func (st *mockBackend) ModelTag() names.ModelTag {
 
196
        st.MethodCall(st, "ModelTag")
 
197
        return names.NewModelTag("deadbeef-0bad-400d-8000-4b1d0d06f00d")
253
198
}
254
199
 
255
200
func (st *mockBackend) Cloud(name string) (cloud.Cloud, error) {
257
202
        return st.cloud, st.NextErr()
258
203
}
259
204
 
260
 
func (st *mockBackend) CloudCredentials(user names.UserTag, cloudName string) (map[string]cloud.Credential, error) {
 
205
func (st *mockBackend) CloudCredentials(user names.UserTag, cloudName string) (map[names.CloudCredentialTag]cloud.Credential, error) {
261
206
        st.MethodCall(st, "CloudCredentials", user, cloudName)
262
207
        return st.creds, st.NextErr()
263
208
}
264
209
 
265
 
func (st *mockBackend) UpdateCloudCredentials(user names.UserTag, cloudName string, creds map[string]cloud.Credential) error {
266
 
        st.MethodCall(st, "UpdateCloudCredentials", user, cloudName, creds)
 
210
func (st *mockBackend) UpdateCloudCredential(tag names.CloudCredentialTag, cred cloud.Credential) error {
 
211
        st.MethodCall(st, "UpdateCloudCredential", tag, cred)
267
212
        return st.NextErr()
268
213
}
269
214
 
273
218
}
274
219
 
275
220
type mockModel struct {
276
 
        cloud           string
277
 
        cloudRegion     string
278
 
        cloudCredential string
 
221
        cloud              string
 
222
        cloudRegion        string
 
223
        cloudCredentialTag names.CloudCredentialTag
279
224
}
280
225
 
281
226
func (m *mockModel) Cloud() string {
286
231
        return m.cloudRegion
287
232
}
288
233
 
289
 
func (m *mockModel) CloudCredential() string {
290
 
        return m.cloudCredential
 
234
func (m *mockModel) CloudCredential() (names.CloudCredentialTag, bool) {
 
235
        return m.cloudCredentialTag, true
291
236
}