Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B8DD317B12 for ; Wed, 22 Apr 2015 10:17:54 +0000 (UTC) Received: (qmail 94649 invoked by uid 500); 22 Apr 2015 10:17:46 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 94604 invoked by uid 500); 22 Apr 2015 10:17:46 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 94591 invoked by uid 99); 22 Apr 2015 10:17:46 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Apr 2015 10:17:46 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 451D0E01FB; Wed, 22 Apr 2015 10:17:46 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sanjeev@apache.org To: commits@cloudstack.apache.org Date: Wed, 22 Apr 2015 10:17:46 -0000 Message-Id: <344a6e48c22a472cabce44feb892d8eb@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [1/2] git commit: updated refs/heads/master to 52b630f Repository: cloudstack Updated Branches: refs/heads/master b5a74c34c -> 52b630fcb verifying template creation permission Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/cf3a8c0d Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/cf3a8c0d Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/cf3a8c0d Branch: refs/heads/master Commit: cf3a8c0d2bec9d4488b7531944444b4ebf833243 Parents: b5a74c3 Author: shweta agarwal Authored: Thu Apr 9 16:51:50 2015 +0530 Committer: sanjeev Committed: Wed Apr 22 15:40:41 2015 +0530 ---------------------------------------------------------------------- .../component/test_escalations_templates.py | 283 ++++++++++++++++++- tools/marvin/marvin/config/test_data.py | 2 + tools/marvin/marvin/lib/base.py | 4 + 3 files changed, 284 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cf3a8c0d/test/integration/component/test_escalations_templates.py ---------------------------------------------------------------------- diff --git a/test/integration/component/test_escalations_templates.py b/test/integration/component/test_escalations_templates.py index a7787c7..c7decfd 100644 --- a/test/integration/component/test_escalations_templates.py +++ b/test/integration/component/test_escalations_templates.py @@ -22,14 +22,22 @@ from marvin.lib.utils import (cleanup_resources, from marvin.lib.base import (Account, Zone, Template, - Hypervisor) + Hypervisor, + Domain, + Configurations, + VirtualMachine, + Snapshot, + ServiceOffering) from marvin.lib.common import (get_domain, get_zone, get_template, list_os_types, - get_builtin_template_info) + get_builtin_template_info, + list_volumes) +from marvin.cloudstackException import CloudstackAPIException from marvin.codes import PASS from nose.plugins.attrib import attr +from marvin.sshClient import SshClient import time @@ -55,23 +63,68 @@ class TestTemplates(cloudstackTestCase): cls.hypervisor = cls.testClient.getHypervisorInfo() cls.services['mode'] = cls.zone.networktype + cls.mgtSvrDetails = cls.config.__dict__["mgtSvr"][0].__dict__ + builtin_info = get_builtin_template_info(cls.api_client, cls.zone.id) cls.services["privatetemplate"]["url"] = builtin_info[0] cls.services["privatetemplate"]["hypervisor"] = builtin_info[1] cls.services["privatetemplate"]["format"] = builtin_info[2] + cls.services["templates"]["url"] = builtin_info[0] + cls.services["templates"]["hypervisor"] = builtin_info[1] + cls.services["templates"]["format"] = builtin_info[2] + if cls.zone.localstorageenabled: + cls.storagetype = 'local' + cls.services["service_offerings"][ + "tiny"]["storagetype"] = 'local' + cls.services["disk_offering"]["storagetype"] = 'local' + else: + cls.storagetype = 'shared' + cls.services["service_offerings"][ + "tiny"]["storagetype"] = 'shared' + cls.services["disk_offering"]["storagetype"] = 'shared' + cls.services["virtual_machine"]["hypervisor"] = cls.hypervisor + cls.services["virtual_machine"]["zoneid"] = cls.zone.id + cls.services["virtual_machine"]["template"] = cls.template.id + cls.services["custom_volume"]["zoneid"] = cls.zone.id + cls.service_offering = ServiceOffering.create( + cls.api_client, + cls.services["service_offerings"]["tiny"] + ) + cls._cleanup.append(cls.service_offering) except Exception as e: cls.tearDownClass() raise Exception("Warning: Exception in setup : %s" % e) return + @classmethod + def RestartServers(cls): + """ Restart management server and usage server """ + + sshClient = SshClient( + cls.mgtSvrDetails["mgtSvrIp"], + 22, + cls.mgtSvrDetails["user"], + cls.mgtSvrDetails["passwd"] + ) + command = "service cloudstack-management restart" + sshClient.execute(command) + return + @classmethod + def updateConfigurAndRestart(cls,name, value): + Configurations.update(cls.api_client, + name,value ) + cls.RestartServers() + time.sleep(cls.services["sleep"]) + + def setUp(self): self.apiClient = self.testClient.getApiClient() self.cleanup = [] self.account = Account.create( - self.apiClient, - self.services["account"], - domainid=self.domain.id + self.apiClient, + self.services["account"], + domainid=self.domain.id ) # Getting authentication for user in newly created Account self.user = self.account.user[0] @@ -915,3 +968,223 @@ class TestTemplates(cloudstackTestCase): ) del self.services["privatetemplate"]["ostype"] return + + @attr(tags=["advanced", "basic"], required_hardware="true") + def test_05_template_permissions(self): + """ + @Desc: Test to create Public Template by registering or by snapshot and volume when + Global parameter 'allow.public.user.template' is set to False + @steps: + 1.Set Global parameter 'allow.public.user.template' as False. Restart Management server + 2. Create a domain + 3. Create a domain admin and a domain user + 4. Create a vm as domain user + 5. take snapshot of root disk as user vm + 6. try to create public template from snapshot . It should fail + 7. stop the VM + 8. take the public template from volume. it should fail + 9. register a public template as a domain user . it should fail + 10. create a VM as domain admin + 11. create a snapshot of root disk as domain admin + 12 create a public template of the snapshot .it should fail + 13. Register a public template as domain admin. it should fail + 14 Stop the vm as domain admin + 15. Create a template from volume as domain admin . it should fail + + """ + self.updateConfigurAndRestart("allow.public.user.templates", "false") + + subdomain = Domain.create( + self.api_client, + self.services["domain"], + ) + + admin_account = Account.create( + self.api_client, + self.services["account"], + admin=True, + domainid=subdomain.id + ) + user_account = Account.create( + self.api_client, + self.services["account2"], + admin=False, + domainid=subdomain.id + ) + admin_user = admin_account.user[0] + self.admin_api_client = self.testClient.getUserApiClient( + admin_user.username, + subdomain.name) + user = user_account.user[0] + self.user_api_client = self.testClient.getUserApiClient( + user.username, + subdomain.name) + + self.services["templates"]["ispublic"] = True + # Register new public template as domain user + # Exception should be raised for registering public template + try: + template = Template.register( + self.user_api_client, + self.services["templates"], + zoneid=self.zone.id, + account=user_account.name, + domainid=user_account.domainid, + hypervisor=self.hypervisor + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed for user") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + # Register new public template as domain admin + # Exception should be raised for registering public template + try: + template = Template.register( + self.admin_api_client, + self.services["templates"], + zoneid=self.zone.id, + account=admin_account.name, + domainid=admin_account.domainid, + hypervisor=self.hypervisor + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed for domain admin") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + + if self.hypervisor.lower() in ['hyperv', 'lxc']: + self.updateConfigurAndRestart("allow.public.user.templates", "true") + return + else: + user_vm_created = VirtualMachine.create( + self.user_api_client, + self.services["virtual_machine"], + accountid=user_account.name, + domainid=user_account.domainid, + serviceofferingid=self.service_offering.id, + ) + self.assertIsNotNone(user_vm_created, + "VM creation failed" + ) + # Get the Root disk of VM + volume = list_volumes( + self.user_api_client, + virtualmachineid=user_vm_created.id, + type='ROOT', + listall=True + ) + snapshot_created = Snapshot.create( + self.user_api_client, + volume[0].id, + account=user_account.name, + domainid=user_account.domainid + ) + self.assertIsNotNone( + snapshot_created, + "Snapshot creation failed" + ) + self.debug("Creating a template from snapshot: %s" % snapshot_created.id) + # + # Generate public template from the snapshot + self.services["template"]["ispublic"] = True + try: + user_template = Template.create_from_snapshot( + self.user_api_client, + snapshot_created, + self.services["template"] + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed from snapshot for domain user") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + + VirtualMachine.stop(user_vm_created, self.user_api_client) + list_stopped_vms_after = VirtualMachine.list( + self.user_api_client, + listall=self.services["listall"], + domainid=user_account.domainid, + state="Stopped") + status = validateList(list_stopped_vms_after) + self.assertEquals( + PASS, + status[0], + "Stopped VM is not in Stopped state" + ) + try: + user_template = Template.create( + self.user_api_client, self.services["template"], + volume[0].id + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed from volume for domain user") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + + admin_vm_created = VirtualMachine.create( + self.admin_api_client, + self.services["virtual_machine"], + accountid=admin_account.name, + domainid=admin_account.domainid, + serviceofferingid=self.service_offering.id, + ) + self.assertIsNotNone( + admin_vm_created, + "VM creation failed" + ) + # Get the Root disk of VM + volume = list_volumes( + self.admin_api_client, + virtualmachineid=admin_vm_created.id, + type='ROOT', + listall=True + ) + snapshot_created = Snapshot.create( + self.admin_api_client, + volume[0].id, + account=admin_account.name, + domainid=admin_account.domainid + ) + self.assertIsNotNone( + snapshot_created, + "Snapshot creation failed" + ) + self.debug("Creating a template from snapshot: %s" % snapshot_created.id) + # + # Generate public template from the snapshot + try: + admin_template = Template.create_from_snapshot( + self.admin_api_client, + snapshot_created, + self.services["template"] + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed from snapshot for domain admin") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + + VirtualMachine.stop(admin_vm_created, self.admin_api_client) + list_stopped_vms_after = VirtualMachine.list( + self.admin_api_client, + listall=self.services["listall"], + domainid=admin_account.domainid, + state="Stopped") + status = validateList(list_stopped_vms_after) + self.assertEquals( + PASS, + status[0], + "Stopped VM is not in Stopped state" + ) + try: + admin_template = Template.create( + self.admin_api_client, self.services["template"], + volume[0].id + ) + self.updateConfigurAndRestart("allow.public.user.templates", "true") + self.fail("Template creation passed from volume for domain admin") + except CloudstackAPIException as e: + self.assertRaises("Exception Raised : %s" % e) + + self.updateConfigurAndRestart("allow.public.user.templates", "true") + return + + http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cf3a8c0d/tools/marvin/marvin/config/test_data.py ---------------------------------------------------------------------- diff --git a/tools/marvin/marvin/config/test_data.py b/tools/marvin/marvin/config/test_data.py index e7244ac..e081bbe 100644 --- a/tools/marvin/marvin/config/test_data.py +++ b/tools/marvin/marvin/config/test_data.py @@ -798,6 +798,8 @@ test_data = { "displaytext": "xs", "name": "xs", "passwordenabled": False, + "ostype": "CentOS 5.6 (64-bit)" + }, "template_2": { "displaytext": "Public Template", http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cf3a8c0d/tools/marvin/marvin/lib/base.py ---------------------------------------------------------------------- diff --git a/tools/marvin/marvin/lib/base.py b/tools/marvin/marvin/lib/base.py index 0835b60..356c779 100755 --- a/tools/marvin/marvin/lib/base.py +++ b/tools/marvin/marvin/lib/base.py @@ -876,6 +876,10 @@ class Volume: cmd.snapshotid = snapshot_id cmd.zoneid = services["zoneid"] cmd.size = services["size"] + if services["ispublic"]: + cmd.ispublic = services["ispublic"] + else: + cmd.ispublic = False if account: cmd.account = account else: