func (s *upgraderSuite) TestUpgraderAPIRefusesNonMachineAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.Tag = names.NewUnitTag("ubuntu/1")
anUpgrader, err := upgrader.NewUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.NotNil)
c.Check(anUpgrader, gc.IsNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
}
func (s *upgraderSuite) TestDesiredVersionRefusesWrongAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.Tag = names.NewMachineTag("12354")
anUpgrader, err := upgrader.NewUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, jc.ErrorIsNil)
args := params.Entities{
Entities: []params.Entity{{Tag: s.rawMachine.Tag().String()}},
}
results, err := anUpgrader.DesiredVersion(args)
// It is not an error to make the request, but the specific item is rejected
c.Assert(err, jc.ErrorIsNil)
c.Check(results.Results, gc.HasLen, 1)
toolResult := results.Results[0]
c.Assert(toolResult.Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
func (s *upgraderSuite) TestWatchAPIVersionRefusesWrongAgent(c *gc.C) {
// We are a machine agent, but not the one we are trying to track
anAuthorizer := s.authorizer
anAuthorizer.Tag = names.NewMachineTag("12354")
anUpgrader, err := upgrader.NewUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, jc.ErrorIsNil)
args := params.Entities{
Entities: []params.Entity{{Tag: s.rawMachine.Tag().String()}},
}
results, err := anUpgrader.WatchAPIVersion(args)
// It is not an error to make the request, but the specific item is rejected
c.Assert(err, jc.ErrorIsNil)
c.Check(results.Results, gc.HasLen, 1)
c.Check(results.Results[0].NotifyWatcherId, gc.Equals, "")
c.Assert(results.Results[0].Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
func (s *upgraderSuite) TestDesiredVersionUnrestrictedForAPIAgents(c *gc.C) {
newVersion := s.bumpDesiredAgentVersion(c)
// Grab a different Upgrader for the apiMachine
authorizer := apiservertesting.FakeAuthorizer{
Tag: s.apiMachine.Tag(),
}
upgraderAPI, err := upgrader.NewUpgraderAPI(s.State, s.resources, authorizer)
c.Assert(err, jc.ErrorIsNil)
args := params.Entities{Entities: []params.Entity{{Tag: s.apiMachine.Tag().String()}}}
results, err := upgraderAPI.DesiredVersion(args)
c.Assert(err, jc.ErrorIsNil)
c.Check(results.Results, gc.HasLen, 1)
c.Assert(results.Results[0].Error, gc.IsNil)
agentVersion := results.Results[0].Version
c.Assert(agentVersion, gc.NotNil)
c.Check(*agentVersion, gc.DeepEquals, newVersion)
}
func (s *upgraderSuite) TestSetToolsRefusesWrongAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.Tag = names.NewMachineTag("12354")
anUpgrader, err := upgrader.NewUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.IsNil)
args := params.EntitiesVersion{
AgentTools: []params.EntityVersion{{
Tag: s.rawMachine.Tag().String(),
Tools: ¶ms.Version{
Version: version.Current,
},
}},
}
results, err := anUpgrader.SetTools(args)
c.Assert(results.Results, gc.HasLen, 1)
c.Assert(results.Results[0].Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
func (s *upgraderSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
s.resources = common.NewResources()
s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
// Create a machine to work with
var err error
// The first machine created is the only one allowed to
// JobManageModel
s.apiMachine, err = s.State.AddMachine("quantal", state.JobHostUnits,
state.JobManageModel)
c.Assert(err, jc.ErrorIsNil)
s.rawMachine, err = s.State.AddMachine("quantal", state.JobHostUnits)
c.Assert(err, jc.ErrorIsNil)
// The default auth is as the machine agent
s.authorizer = apiservertesting.FakeAuthorizer{
Tag: s.rawMachine.Tag(),
}
s.upgrader, err = upgrader.NewUpgraderAPI(s.State, s.resources, s.authorizer)
c.Assert(err, jc.ErrorIsNil)
}
