← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/nova/oneiric-security

« back to all changes in this revision

Viewing changes to nova/tests/test_quota.py

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2012-05-03 15:47:00 UTC
  • Revision ID: package-import@ubuntu.com-20120503154700-udrih1iyf9z4dhlg
Tags: 2011.3-0ubuntu6.6
* SECURITY UPDATE: Place limit on number of security groups a user may
  create
  - debian/patches/CVE-2012-2101.patch: add quotas for security groups and
    security groups rules
  - CVE-2012-2101

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/tests/test_quota.py
43
43
                   quota_cores=4,
44
44
                   quota_volumes=2,
45
45
                   quota_gigabytes=20,
46
 
                   quota_floating_ips=1)
 
46
                   quota_floating_ips=1,
 
47
                   quota_security_groups=10,
 
48
                   quota_security_group_rules=20)
47
49
 
48
50
        self.network = self.network = self.start_service('network')
49
51
        self.user_id = 'admin'
185
187
        floating_ips = quota.allowed_floating_ips(self.context, 101)
186
188
        self.assertEqual(floating_ips, 101)
187
189
 
 
190
    def test_unlimited_security_groups(self):
 
191
        self.flags(quota_security_groups=10)
 
192
        security_groups = quota.allowed_security_groups(self.context, 100)
 
193
        self.assertEqual(security_groups, 10)
 
194
        db.quota_create(self.context, self.project_id, 'security_groups', None)
 
195
        security_groups = quota.allowed_security_groups(self.context, 100)
 
196
        self.assertEqual(security_groups, 100)
 
197
        security_groups = quota.allowed_security_groups(self.context, 101)
 
198
        self.assertEqual(security_groups, 101)
 
199
 
 
200
    def test_unlimited_security_group_rules(self):
 
201
 
 
202
        def fake_security_group_rule_count_by_group(context, sec_group_id):
 
203
            return 0
 
204
 
 
205
        self.stubs.Set(db, 'security_group_rule_count_by_group',
 
206
                       fake_security_group_rule_count_by_group)
 
207
 
 
208
        self.flags(quota_security_group_rules=20)
 
209
        rules = quota.allowed_security_group_rules(self.context, 1234, 100)
 
210
        self.assertEqual(rules, 20)
 
211
        db.quota_create(self.context, self.project_id, 'security_group_rules',
 
212
                        None)
 
213
        rules = quota.allowed_security_group_rules(self.context, 1234, 100)
 
214
        self.assertEqual(rules, 100)
 
215
        rules = quota.allowed_security_group_rules(self.context, 1234, 101)
 
216
        self.assertEqual(rules, 101)
 
217
 
188
218
    def test_unlimited_metadata_items(self):
189
219
        self.flags(quota_metadata_items=10)
190
220
        items = quota.allowed_metadata_items(self.context, 100)