func (s *agentSuite) TestAgentSucceedsWithUnitAgent(c *gc.C) {
auth := s.authorizer
auth.MachineAgent = false
auth.UnitAgent = true
_, err := agent.NewAPI(s.State, auth)
c.Assert(err, gc.IsNil)
}
func (s *agentSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
var err error
s.machine0, err = s.State.AddMachine("quantal", state.JobManageEnviron)
c.Assert(err, gc.IsNil)
s.machine1, err = s.State.AddMachine("quantal", state.JobHostUnits)
c.Assert(err, gc.IsNil)
template := state.MachineTemplate{
Series: "quantal",
Jobs: []state.MachineJob{state.JobHostUnits},
}
s.container, err = s.State.AddMachineInsideMachine(template, s.machine1.Id(), instance.LXC)
c.Assert(err, gc.IsNil)
// Create a FakeAuthorizer so we can check permissions,
// set up assuming machine 1 has logged in.
s.authorizer = apiservertesting.FakeAuthorizer{
Tag: s.machine1.Tag(),
LoggedIn: true,
MachineAgent: true,
}
// Create a machiner API for machine 1.
s.agent, err = agent.NewAPI(s.State, s.authorizer)
c.Assert(err, gc.IsNil)
}
func (s *agentSuite) TestAgentFailsWithNonAgent(c *gc.C) {
auth := s.authorizer
auth.MachineAgent = false
auth.UnitAgent = false
api, err := agent.NewAPI(s.State, auth)
c.Assert(err, gc.NotNil)
c.Assert(api, gc.IsNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
}
func (s *agentSuite) TestGetEntities(c *gc.C) {
err := s.container.Destroy()
c.Assert(err, gc.IsNil)
args := params.Entities{
Entities: []params.Entity{
{Tag: "machine-1"},
{Tag: "machine-0"},
{Tag: "machine-1-lxc-0"},
{Tag: "machine-42"},
},
}
results := s.agent.GetEntities(args)
c.Assert(results, gc.DeepEquals, params.AgentGetEntitiesResults{
Entities: []params.AgentGetEntitiesResult{
{
Life: "alive",
Jobs: []params.MachineJob{params.JobHostUnits},
},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Now login as the machine agent of the container and try again.
auth := s.authorizer
auth.MachineAgent = true
auth.UnitAgent = false
auth.Tag = s.container.Tag()
containerAgent, err := agent.NewAPI(s.State, auth)
c.Assert(err, gc.IsNil)
results = containerAgent.GetEntities(args)
c.Assert(results, gc.DeepEquals, params.AgentGetEntitiesResults{
Entities: []params.AgentGetEntitiesResult{
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{
Life: "dying",
Jobs: []params.MachineJob{params.JobHostUnits},
ContainerType: instance.LXC,
},
{Error: apiservertesting.ErrUnauthorized},
},
})
}
// Agent returns an object that provides access to the
// agent API. The id argument is reserved for future use and must currently
// be empty.
func (r *srvRoot) Agent(id string) (*agent.API, error) {
if id != "" {
return nil, common.ErrBadId
}
return agent.NewAPI(r.srv.state, r)
}
