func (s *deployerSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
// The two known machines now contain the following units:
// machine 0 (not authorized): mysql/1 (principal1)
// machine 1 (authorized): mysql/0 (principal0), logging/0 (subordinate0)
var err error
s.machine0, err = s.State.AddMachine("quantal", state.JobManageEnviron, state.JobHostUnits)
c.Assert(err, gc.IsNil)
s.machine1, err = s.State.AddMachine("quantal", state.JobHostUnits)
c.Assert(err, gc.IsNil)
s.service0 = s.AddTestingService(c, "mysql", s.AddTestingCharm(c, "mysql"))
s.service1 = s.AddTestingService(c, "logging", s.AddTestingCharm(c, "logging"))
eps, err := s.State.InferEndpoints([]string{"mysql", "logging"})
c.Assert(err, gc.IsNil)
rel, err := s.State.AddRelation(eps...)
c.Assert(err, gc.IsNil)
s.principal0, err = s.service0.AddUnit()
c.Assert(err, gc.IsNil)
err = s.principal0.AssignToMachine(s.machine1)
c.Assert(err, gc.IsNil)
s.principal1, err = s.service0.AddUnit()
c.Assert(err, gc.IsNil)
err = s.principal1.AssignToMachine(s.machine0)
c.Assert(err, gc.IsNil)
relUnit0, err := rel.Unit(s.principal0)
c.Assert(err, gc.IsNil)
err = relUnit0.EnterScope(nil)
c.Assert(err, gc.IsNil)
s.subordinate0, err = s.service1.Unit("logging/0")
c.Assert(err, gc.IsNil)
// Create a FakeAuthorizer so we can check permissions,
// set up assuming machine 1 has logged in.
s.authorizer = apiservertesting.FakeAuthorizer{
Tag: names.NewMachineTag(s.machine1.Id()).String(),
LoggedIn: true,
MachineAgent: true,
}
// Create the resource registry separately to track invocations to
// Register.
s.resources = common.NewResources()
// Create a deployer API for machine 1.
deployer, err := deployer.NewDeployerAPI(
s.State,
s.resources,
s.authorizer,
)
c.Assert(err, gc.IsNil)
s.deployer = deployer
}
// Deployer returns an object that provides access to the Deployer API facade.
// The id argument is reserved for future use and must be empty.
func (r *srvRoot) Deployer(id string) (*deployer.DeployerAPI, error) {
if id != "" {
// TODO(dimitern): There is no direct test for this
return nil, common.ErrBadId
}
return deployer.NewDeployerAPI(r.srv.state, r.resources, r)
}
func (s *deployerSuite) TestDeployerFailsWithNonMachineAgentUser(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.MachineAgent = false
aDeployer, err := deployer.NewDeployerAPI(s.State, s.resources, anAuthorizer)
c.Assert(err, gc.NotNil)
c.Assert(aDeployer, gc.IsNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
}