func (s *unitUpgraderSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
s.resources = common.NewResources()
s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
// Create a machine and unit to work with
var err error
_, err = s.State.AddMachine("quantal", state.JobHostUnits)
c.Assert(err, gc.IsNil)
svc := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
s.rawUnit, err = svc.AddUnit()
c.Assert(err, gc.IsNil)
// Assign the unit to the machine.
s.rawMachine, err = s.rawUnit.AssignToCleanMachine()
c.Assert(err, gc.IsNil)
// The default auth is as the unit agent
s.authorizer = apiservertesting.FakeAuthorizer{
Tag: s.rawUnit.Tag(),
LoggedIn: true,
UnitAgent: true,
}
s.upgrader, err = upgrader.NewUnitUpgraderAPI(s.State, s.resources, s.authorizer)
c.Assert(err, gc.IsNil)
}
func (s *unitUpgraderSuite) TestUpgraderAPIRefusesNonUnitAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.MachineAgent = true
anAuthorizer.UnitAgent = false
anUpgrader, err := upgrader.NewUnitUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.NotNil)
c.Check(anUpgrader, gc.IsNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
}
func (s *unitUpgraderSuite) TestDesiredVersionRefusesWrongAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.Tag = "unit-wordpress-12354"
anUpgrader, err := upgrader.NewUnitUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.IsNil)
args := params.Entities{
Entities: []params.Entity{{Tag: s.rawUnit.Tag()}},
}
results, err := anUpgrader.DesiredVersion(args)
// It is not an error to make the request, but the specific item is rejected
c.Assert(err, gc.IsNil)
c.Check(results.Results, gc.HasLen, 1)
toolResult := results.Results[0]
c.Assert(toolResult.Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
func (s *unitUpgraderSuite) TestWatchAPIVersionRefusesWrongAgent(c *gc.C) {
// We are a unit agent, but not the one we are trying to track
anAuthorizer := s.authorizer
anAuthorizer.Tag = "unit-wordpress-12354"
anUpgrader, err := upgrader.NewUnitUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.IsNil)
args := params.Entities{
Entities: []params.Entity{{Tag: s.rawUnit.Tag()}},
}
results, err := anUpgrader.WatchAPIVersion(args)
// It is not an error to make the request, but the specific item is rejected
c.Assert(err, gc.IsNil)
c.Check(results.Results, gc.HasLen, 1)
c.Check(results.Results[0].NotifyWatcherId, gc.Equals, "")
c.Assert(results.Results[0].Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
func (s *unitUpgraderSuite) TestSetToolsRefusesWrongAgent(c *gc.C) {
anAuthorizer := s.authorizer
anAuthorizer.Tag = "unit-wordpress-12354"
anUpgrader, err := upgrader.NewUnitUpgraderAPI(s.State, s.resources, anAuthorizer)
c.Check(err, gc.IsNil)
args := params.EntitiesVersion{
AgentTools: []params.EntityVersion{{
Tag: s.rawUnit.Tag(),
Tools: ¶ms.Version{
Version: version.Current,
},
}},
}
results, err := anUpgrader.SetTools(args)
c.Assert(results.Results, gc.HasLen, 1)
c.Assert(results.Results[0].Error, gc.DeepEquals, apiservertesting.ErrUnauthorized)
}
// Upgrader returns an object that provides access to the Upgrader API facade.
// The id argument is reserved for future use and must be empty.
func (r *srvRoot) Upgrader(id string) (upgrader.Upgrader, error) {
if id != "" {
// TODO: There is no direct test for this
return nil, common.ErrBadId
}
// The type of upgrader we return depends on who is asking.
// Machines get an UpgraderAPI, units get a UnitUpgraderAPI.
// This is tested in the state/api/upgrader package since there
// are currently no direct srvRoot tests.
tag, err := names.ParseTag(r.GetAuthTag(), "")
if err != nil {
return nil, common.ErrPerm
}
switch tag.(type) {
case names.MachineTag:
return upgrader.NewUpgraderAPI(r.srv.state, r.resources, r)
case names.UnitTag:
return upgrader.NewUnitUpgraderAPI(r.srv.state, r.resources, r)
}
// Not a machine or unit.
return nil, common.ErrPerm
}