← Back to branch summary

~ubuntu-branches/ubuntu/quantal/glance/quantal

~ubuntu-branches/ubuntu/quantal/glance/quantal

« back to all changes in this revision

Viewing changes to glance/tests/unit/test_policy.py

Committer: Package Import Robot
Author(s): Chuck Short, Chuck Short, Soren Hansen
Date: 2012-09-07 12:17:46 UTC
mfrom: (1.1.42)
Revision ID: package-import@ubuntu.com-20120907121746-a4i0aewhlzb7vw31

Tags: 2012.2~rc1~20120907.129.f0bd856-0ubuntu1

https://launchpad.net/bugs/820688

[ Chuck Short ]
* New upstream version.
* drop debian/patches/fix-docs-build.patch.
* debian/rules: Re-activate tests.
* debain/control: Add depends on python-swiftclient.
* debian/*.usptart: make glance start from runlevel 1 to runlevel
2. (LP: #820688)

[ Soren Hansen ]
* Update debian/watch to account for symbolically named tarballs and
use newer URL.
* New snapshot.
* Refresh disable-network-for-docs.patch
* Fix Launchpad URLs in debian/watch.

files added:
doc/source/db.rst

doc/source/glanceclient.rst

glance/tests/functional/test_bin_glance_control.py

glance/tests/unit/test_policy.py

glance/versioninfo

files removed:
.pc/fix-docs-build.patch

.pc/fix-docs-build.patch/glance

.pc/fix-docs-build.patch/glance/db

.pc/fix-docs-build.patch/glance/db/sqlalchemy

.pc/fix-docs-build.patch/glance/db/sqlalchemy/migrate_repo

.pc/fix-docs-build.patch/glance/db/sqlalchemy/migrate_repo/manage.py

debian/patches/fix-docs-build.patch

doc/source/architecture.rst

doc/source/client.rst

doc/source/glance.rst

glance/tests/functional/test_respawn.py

files modified:
.pc/applied-patches

.pc/disable-network-for-docs.patch/doc/source/conf.py

.pc/disable-swift-tests.patch/glance/tests/unit/test_clients.py

.pc/sql_conn.patch/etc/glance-api.conf

.pc/sql_conn.patch/etc/glance-registry.conf

AUTHORS

ChangeLog

MANIFEST.in

bin/glance-api

bin/glance-cache-manage

bin/glance-control

bin/glance-manage

bin/glance-registry

bin/glance-scrubber

debian/changelog

debian/control

debian/glance-api.glance-api.upstart

debian/glance-registry.glance-registry.upstart

debian/patches/disable-network-for-docs.patch *

debian/patches/series

debian/rules

debian/watch

doc/source/authentication.rst

doc/source/conf.py

doc/source/configuring.rst

doc/source/glanceapi.rst

doc/source/index.rst

doc/source/installing.rst

doc/source/policies.rst

etc/glance-api-paste.ini

etc/glance-api.conf

etc/glance-registry-paste.ini

etc/glance-registry.conf

etc/schema-image.json

glance.egg-info/SOURCES.txt

glance/api/__init__.py

glance/api/common.py

glance/api/middleware/context.py

glance/api/middleware/version_negotiation.py

glance/api/policy.py

glance/api/v1/images.py

glance/api/v1/router.py

glance/api/v2/__init__.py

glance/api/v2/image_data.py

glance/api/v2/images.py

glance/api/v2/router.py

glance/api/versions.py

glance/common/client.py

glance/common/config.py

glance/common/exception.py

glance/common/utils.py

glance/common/wsgi.py

glance/db/__init__.py

glance/db/simple/api.py

glance/db/sqlalchemy/api.py

glance/db/sqlalchemy/migrate_repo/manage.py

glance/db/sqlalchemy/migrate_repo/versions/014_add_image_tags_table.py

glance/db/sqlalchemy/migration.py

glance/image_cache/__init__.py

glance/image_cache/drivers/sqlite.py

glance/openstack/common/cfg.py

glance/openstack/common/importutils.py

glance/openstack/common/notifier/api.py

glance/openstack/common/policy.py

glance/openstack/common/timeutils.py

glance/openstack/common/version.py

glance/registry/__init__.py

glance/registry/api/v1/images.py

glance/registry/api/v1/members.py

glance/registry/client.py

glance/store/__init__.py

glance/store/filesystem.py

glance/store/swift.py

glance/tests/functional/__init__.py

glance/tests/functional/db/__init__.py

glance/tests/functional/test_api.py

glance/tests/functional/test_bin_glance.py

glance/tests/functional/test_cache_middleware.py

glance/tests/functional/test_client_exceptions.py

glance/tests/functional/test_client_redirects.py

glance/tests/functional/test_glance_manage.py

glance/tests/functional/v1/test_api.py

glance/tests/functional/v1/test_copy_to_file.py

glance/tests/functional/v1/test_swift.py

glance/tests/functional/v2/test_images.py

glance/tests/functional/v2/test_schemas.py

glance/tests/stubs.py

glance/tests/unit/base.py

glance/tests/unit/test_clients.py

glance/tests/unit/test_config.py

glance/tests/unit/test_http_store.py

glance/tests/unit/test_image_cache.py

glance/tests/unit/test_migrations.py

glance/tests/unit/test_misc.py

glance/tests/unit/test_utils.py

glance/tests/unit/test_wsgi.py

glance/tests/unit/utils.py

glance/tests/unit/v1/test_api.py

glance/tests/unit/v2/test_image_data_resource.py

glance/tests/unit/v2/test_images_resource.py

glance/tests/utils.py

tools/test-requires

Show diffs side-by-side

added added

removed removed

glance/tests/unit/test_policy.py

1

# Copyright 2012 OpenStack, LLC

2

# All Rights Reserved.

3

#

4

# Licensed under the Apache License, Version 2.0 (the 'License'); you may

5

# not use this file except in compliance with the License. You may obtain

6

# a copy of the License at

7

#

8

# http://www.apache.org/licenses/LICENSE-2.0

9

#

10

# Unless required by applicable law or agreed to in writing, software

11

# distributed under the License is distributed on an 'AS IS' BASIS, WITHOUT

12

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

13

# License for the specific language governing permissions and limitations

14

# under the License.

15

16

import os.path

17

18

import glance.api.policy

19

from glance.common import exception

20

import glance.context

21

from glance.tests import utils as test_utils

22

from glance.tests.unit import base

23

24

25

class TestPolicyEnforcer(base.IsolatedUnitTest):

26

def test_policy_file_default_rules_default_location(self):

27

enforcer = glance.api.policy.Enforcer()

28

29

context = glance.context.RequestContext(roles=[])

30

enforcer.enforce(context, 'get_image', {})

31

32

def test_policy_file_custom_rules_default_location(self):

33

rules = {"get_image": [["false:false"]]}

34

self.set_policy_rules(rules)

35

36

enforcer = glance.api.policy.Enforcer()

37

38

context = glance.context.RequestContext(roles=[])

39

self.assertRaises(exception.Forbidden,

40

enforcer.enforce, context, 'get_image', {})

41

42

def test_policy_file_custom_location(self):

43

self.config(policy_file=os.path.join(self.test_dir, 'gobble.gobble'))

44

45

rules = {"get_image": [["false:false"]]}

46

self.set_policy_rules(rules)

47

48

enforcer = glance.api.policy.Enforcer()

49

50

context = glance.context.RequestContext(roles=[])

51

self.assertRaises(exception.Forbidden,

52

enforcer.enforce, context, 'get_image', {})

53

54

55

class TestPolicyEnforcerNoFile(test_utils.BaseTestCase):

56

def test_policy_file_specified_but_not_found(self):

57

"""Missing defined policy file should result in a default ruleset"""

58

self.config(policy_file='gobble.gobble')

59

enforcer = glance.api.policy.Enforcer()

60

61

context = glance.context.RequestContext(roles=[])

62

enforcer.enforce(context, 'get_image', {})

63

self.assertRaises(exception.Forbidden,

64

enforcer.enforce, context, 'manage_image_cache', {})

65

66

admin_context = glance.context.RequestContext(roles=['admin'])

67

enforcer.enforce(admin_context, 'manage_image_cache', {})

68

69

def test_policy_file_default_not_found(self):

70

"""Missing default policy file should result in a default ruleset"""

71

enforcer = glance.api.policy.Enforcer()

72

73

context = glance.context.RequestContext(roles=[])

74

enforcer.enforce(context, 'get_image', {})

75

self.assertRaises(exception.Forbidden,

76

enforcer.enforce, context, 'manage_image_cache', {})

77

78

admin_context = glance.context.RequestContext(roles=['admin'])

79

enforcer.enforce(admin_context, 'manage_image_cache', {})

Older »