Example #1
0
func (s *modelManagerSuite) TestNewAPIAcceptsClient(c *gc.C) {
	anAuthoriser := s.authoriser
	anAuthoriser.Tag = names.NewUserTag("external@remote")
	endPoint, err := modelmanager.NewModelManagerAPI(s.State, s.resources, anAuthoriser)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(endPoint, gc.NotNil)
}
Example #2
0
func (s *modelManagerSuite) TestNewAPIRefusesNonClient(c *gc.C) {
	anAuthoriser := s.authoriser
	anAuthoriser.Tag = names.NewUnitTag("mysql/0")
	endPoint, err := modelmanager.NewModelManagerAPI(s.State, s.resources, anAuthoriser)
	c.Assert(endPoint, gc.IsNil)
	c.Assert(err, gc.ErrorMatches, "permission denied")
}
Example #3
0
func (s *modelInfoSuite) SetUpTest(c *gc.C) {
	s.BaseSuite.SetUpTest(c)
	s.authorizer = apiservertesting.FakeAuthorizer{
		Tag: names.NewUserTag("admin@local"),
	}
	s.st = &mockState{
		uuid: coretesting.ModelTag.Id(),
	}
	s.st.model = &mockModel{
		owner: names.NewUserTag("bob@local"),
		cfg:   coretesting.ModelConfig(c),
		life:  state.Dying,
		status: status.StatusInfo{
			Status: status.StatusDestroying,
			Since:  &time.Time{},
		},
		users: []*mockModelUser{{
			userName: "******",
			access:   state.ModelAdminAccess,
		}, {
			userName:    "******",
			displayName: "Bob",
			access:      state.ModelReadAccess,
		}, {
			userName:    "******",
			displayName: "Charlotte",
			access:      state.ModelReadAccess,
		}},
	}
	var err error
	s.modelmanager, err = modelmanager.NewModelManagerAPI(s.st, &s.authorizer)
	c.Assert(err, jc.ErrorIsNil)
}
Example #4
0
func (s *modelManagerStateSuite) TestDestroyOwnModel(c *gc.C) {
	// TODO(perrito666) this test is not valid until we have
	// proper controller permission since the only users that
	// can create models are controller admins.
	owner := names.NewUserTag("admin@local")
	s.setAPIUser(c, owner)
	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
	c.Assert(err, jc.ErrorIsNil)
	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
	c.Assert(err, jc.ErrorIsNil)
	defer st.Close()

	s.modelmanager, err = modelmanager.NewModelManagerAPI(
		common.NewModelManagerBackend(st), nil, s.authoriser,
	)
	c.Assert(err, jc.ErrorIsNil)

	results, err := s.modelmanager.DestroyModels(params.Entities{
		Entities: []params.Entity{{"model-" + m.UUID}},
	})
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(results.Results, gc.HasLen, 1)
	c.Assert(results.Results[0].Error, gc.IsNil)

	model, err := st.Model()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(model.Life(), gc.Not(gc.Equals), state.Alive)
}
Example #5
0
func (s *modelManagerStateSuite) TestAdminDestroysOtherModel(c *gc.C) {
	// TODO(perrito666) Both users are admins in this case, this tesst is of dubious
	// usefulness until proper controller permissions are in place.
	owner := names.NewUserTag("admin@local")
	s.setAPIUser(c, owner)
	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
	c.Assert(err, jc.ErrorIsNil)
	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
	c.Assert(err, jc.ErrorIsNil)
	defer st.Close()

	s.modelmanager, err = modelmanager.NewModelManagerAPI(
		common.NewModelManagerBackend(st), nil, s.authoriser,
	)
	c.Assert(err, jc.ErrorIsNil)

	other := s.AdminUserTag(c)
	s.setAPIUser(c, other)

	results, err := s.modelmanager.DestroyModels(params.Entities{
		Entities: []params.Entity{{"model-" + m.UUID}},
	})
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(results.Results, gc.HasLen, 1)
	c.Assert(results.Results[0].Error, gc.IsNil)

	s.setAPIUser(c, owner)
	model, err := st.Model()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(model.Life(), gc.Not(gc.Equals), state.Alive)
}
Example #6
0
func (s *modelManagerBaseSuite) setAPIUser(c *gc.C, user names.UserTag) {
	s.authoriser.Tag = user
	modelmanager, err := modelmanager.NewModelManagerAPI(
		modelmanager.NewStateBackend(s.State), s.authoriser,
	)
	c.Assert(err, jc.ErrorIsNil)
	s.modelmanager = modelmanager
}
Example #7
0
func (s *modelManagerStateSuite) TestNewAPIAcceptsClient(c *gc.C) {
	anAuthoriser := s.authoriser
	anAuthoriser.Tag = names.NewUserTag("external@remote")
	endPoint, err := modelmanager.NewModelManagerAPI(
		common.NewModelManagerBackend(s.State), nil, anAuthoriser,
	)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(endPoint, gc.NotNil)
}
Example #8
0
func (s *modelManagerStateSuite) setAPIUser(c *gc.C, user names.UserTag) {
	s.authoriser.Tag = user
	modelmanager, err := modelmanager.NewModelManagerAPI(
		common.NewModelManagerBackend(s.State),
		stateenvirons.EnvironConfigGetter{s.State},
		s.authoriser,
	)
	c.Assert(err, jc.ErrorIsNil)
	s.modelmanager = modelmanager
}
Example #9
0
func (s *modelManagerStateSuite) TestDestroyModelErrors(c *gc.C) {
	owner := names.NewUserTag("admin@local")
	s.setAPIUser(c, owner)
	m, err := s.modelmanager.CreateModel(s.createArgs(c, owner))
	c.Assert(err, jc.ErrorIsNil)
	st, err := s.State.ForModel(names.NewModelTag(m.UUID))
	c.Assert(err, jc.ErrorIsNil)
	defer st.Close()

	s.modelmanager, err = modelmanager.NewModelManagerAPI(
		common.NewModelManagerBackend(st), nil, s.authoriser,
	)
	c.Assert(err, jc.ErrorIsNil)

	user := names.NewUserTag("other@remote")
	s.setAPIUser(c, user)

	results, err := s.modelmanager.DestroyModels(params.Entities{
		Entities: []params.Entity{
			{"model-" + m.UUID},
			{"model-9f484882-2f18-4fd2-967d-db9663db7bea"},
			{"machine-42"},
		},
	})
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(results.Results, jc.DeepEquals, []params.ErrorResult{{
		// we don't have admin access to the model
		&params.Error{
			Message: "permission denied",
			Code:    params.CodeUnauthorized,
		},
	}, {
		&params.Error{
			Message: "model not found",
			Code:    params.CodeNotFound,
		},
	}, {
		&params.Error{
			Message: `"machine-42" is not a valid model tag`,
		},
	}})

	s.setAPIUser(c, owner)
	model, err := st.Model()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(model.Life(), gc.Equals, state.Alive)
}
Example #10
0
func (s *modelInfoSuite) setAPIUser(c *gc.C, user names.UserTag) {
	s.authorizer.Tag = user
	modelmanager, err := modelmanager.NewModelManagerAPI(s.st, s.authorizer)
	c.Assert(err, jc.ErrorIsNil)
	s.modelmanager = modelmanager
}
Example #11
0
func (s *modelInfoSuite) SetUpTest(c *gc.C) {
	s.BaseSuite.SetUpTest(c)
	s.authorizer = apiservertesting.FakeAuthorizer{
		Tag: names.NewUserTag("admin@local"),
	}
	s.st = &mockState{
		modelUUID:      coretesting.ModelTag.Id(),
		controllerUUID: coretesting.ControllerTag.Id(),
		cloud: cloud.Cloud{
			Type:      "dummy",
			AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
		},
		cfgDefaults: config.ModelDefaultAttributes{
			"attr": config.AttributeDefaultValues{
				Default:    "",
				Controller: "val",
				Regions: []config.RegionDefaultValue{{
					Name:  "dummy",
					Value: "val++"}}},
			"attr2": config.AttributeDefaultValues{
				Controller: "val3",
				Default:    "val2",
				Regions: []config.RegionDefaultValue{{
					Name:  "left",
					Value: "spam"}}},
		},
	}
	s.st.controllerModel = &mockModel{
		owner: names.NewUserTag("admin@local"),
		life:  state.Alive,
		cfg:   coretesting.ModelConfig(c),
		status: status.StatusInfo{
			Status: status.Available,
			Since:  &time.Time{},
		},
		users: []*mockModelUser{{
			userName: "******",
			access:   permission.AdminAccess,
		}, {
			userName: "******",
			access:   permission.AdminAccess,
		}},
	}

	s.st.model = &mockModel{
		owner: names.NewUserTag("bob@local"),
		cfg:   coretesting.ModelConfig(c),
		life:  state.Dying,
		status: status.StatusInfo{
			Status: status.Destroying,
			Since:  &time.Time{},
		},

		users: []*mockModelUser{{
			userName: "******",
			access:   permission.AdminAccess,
		}, {
			userName:    "******",
			displayName: "Bob",
			access:      permission.ReadAccess,
		}, {
			userName:    "******",
			displayName: "Charlotte",
			access:      permission.ReadAccess,
		}, {
			userName:    "******",
			displayName: "Mary",
			access:      permission.WriteAccess,
		}},
	}
	s.st.machines = []common.Machine{
		&mockMachine{
			id:            "1",
			containerType: "none",
			life:          state.Alive,
			hw:            &instance.HardwareCharacteristics{CpuCores: pUint64(1)},
		},
		&mockMachine{
			id:            "2",
			life:          state.Alive,
			containerType: "lxc",
		},
		&mockMachine{
			id:   "3",
			life: state.Dead,
		},
	}

	var err error
	s.modelmanager, err = modelmanager.NewModelManagerAPI(s.st, nil, &s.authorizer)
	c.Assert(err, jc.ErrorIsNil)
}
Example #12
0
func (s *modelManagerSuite) SetUpTest(c *gc.C) {
	s.IsolationSuite.SetUpTest(c)

	attrs := dummy.SampleConfig()
	attrs["agent-version"] = jujuversion.Current.String()
	cfg, err := config.New(config.UseDefaults, attrs)
	c.Assert(err, jc.ErrorIsNil)

	dummyCloud := cloud.Cloud{
		Type:      "dummy",
		AuthTypes: []cloud.AuthType{cloud.EmptyAuthType},
		Regions: []cloud.Region{
			{Name: "some-region"},
			{Name: "qux"},
		},
	}

	s.st = &mockState{
		modelUUID: coretesting.ModelTag.Id(),
		cloud:     dummyCloud,
		clouds: map[names.CloudTag]cloud.Cloud{
			names.NewCloudTag("some-cloud"): dummyCloud,
		},
		controllerModel: &mockModel{
			owner: names.NewUserTag("admin@local"),
			life:  state.Alive,
			cfg:   cfg,
			status: status.StatusInfo{
				Status: status.Available,
				Since:  &time.Time{},
			},
			users: []*mockModelUser{{
				userName: "******",
				access:   permission.AdminAccess,
			}, {
				userName: "******",
				access:   permission.WriteAccess,
			}},
		},
		model: &mockModel{
			owner: names.NewUserTag("admin@local"),
			life:  state.Alive,
			tag:   coretesting.ModelTag,
			cfg:   cfg,
			status: status.StatusInfo{
				Status: status.Available,
				Since:  &time.Time{},
			},
			users: []*mockModelUser{{
				userName: "******",
				access:   permission.AdminAccess,
			}, {
				userName: "******",
				access:   permission.WriteAccess,
			}},
		},
		cred: cloud.NewEmptyCredential(),
		cfgDefaults: config.ModelDefaultAttributes{
			"attr": config.AttributeDefaultValues{
				Default:    "",
				Controller: "val",
				Regions: []config.RegionDefaultValue{{
					Name:  "dummy",
					Value: "val++"}}},
			"attr2": config.AttributeDefaultValues{
				Controller: "val3",
				Default:    "val2",
				Regions: []config.RegionDefaultValue{{
					Name:  "left",
					Value: "spam"}}},
		},
	}
	s.authoriser = apiservertesting.FakeAuthorizer{
		Tag: names.NewUserTag("admin@local"),
	}
	api, err := modelmanager.NewModelManagerAPI(s.st, nil, s.authoriser)
	c.Assert(err, jc.ErrorIsNil)
	s.api = api
}
Example #13
0
func (s *modelManagerSuite) setAPIUser(c *gc.C, user names.UserTag) {
	s.authoriser.Tag = user
	mm, err := modelmanager.NewModelManagerAPI(s.st, nil, s.authoriser)
	c.Assert(err, jc.ErrorIsNil)
	s.api = mm
}