// Uniter returns an object that provides access to the Uniter API // facade. The id argument is reserved for future use and currently // needs to be empty. func (r *srvRoot) Uniter(id string) (*uniter.UniterAPI, error) { if id != "" { // Safeguard id for possible future use. return nil, common.ErrBadId } return uniter.NewUniterAPI(r.srv.state, r.resources, r) }
func (s *uniterSuite) TestUniterFailsWithNonUnitAgentUser(c *gc.C) { anAuthorizer := s.authorizer anAuthorizer.UnitAgent = false anUniter, err := uniter.NewUniterAPI(s.State, s.resources, anAuthorizer) c.Assert(err, gc.NotNil) c.Assert(anUniter, gc.IsNil) c.Assert(err, gc.ErrorMatches, "permission denied") }
func (s *uniterSuite) SetUpTest(c *gc.C) { s.JujuConnSuite.SetUpTest(c) s.wpCharm = s.AddTestingCharm(c, "wordpress") // Create two machines, two services and add a unit to each service. var err error s.machine0, err = s.State.AddMachine("quantal", state.JobHostUnits, state.JobManageEnviron) c.Assert(err, gc.IsNil) s.machine1, err = s.State.AddMachine("quantal", state.JobHostUnits) c.Assert(err, gc.IsNil) s.wordpress = s.AddTestingService(c, "wordpress", s.wpCharm) s.mysql = s.AddTestingService(c, "mysql", s.AddTestingCharm(c, "mysql")) s.wordpressUnit, err = s.wordpress.AddUnit() c.Assert(err, gc.IsNil) s.mysqlUnit, err = s.mysql.AddUnit() c.Assert(err, gc.IsNil) // Assign each unit to each machine. err = s.wordpressUnit.AssignToMachine(s.machine0) c.Assert(err, gc.IsNil) err = s.mysqlUnit.AssignToMachine(s.machine1) c.Assert(err, gc.IsNil) // Create a FakeAuthorizer so we can check permissions, // set up assuming unit 0 has logged in. s.authorizer = apiservertesting.FakeAuthorizer{ Tag: s.wordpressUnit.Tag(), LoggedIn: true, UnitAgent: true, Entity: s.wordpressUnit, } // Create the resource registry separately to track invocations to // Register. s.resources = common.NewResources() // Create a uniter API for unit 0. s.uniter, err = uniter.NewUniterAPI( s.State, s.resources, s.authorizer, ) c.Assert(err, gc.IsNil) s.EnvironWatcherTest = commontesting.NewEnvironWatcherTest(s.uniter, s.State, s.resources, commontesting.NoSecrets) }
func (s *uniterSuite) TestGetPrincipal(c *gc.C) { // Add a subordinate to wordpressUnit. _, _, subordinate := s.addRelatedService(c, "wordpress", "logging", s.wordpressUnit) principal, ok := subordinate.PrincipalName() c.Assert(principal, gc.Equals, s.wordpressUnit.Name()) c.Assert(ok, jc.IsTrue) // First try it as wordpressUnit's agent. args := params.Entities{Entities: []params.Entity{ {Tag: "unit-mysql-0"}, {Tag: "unit-wordpress-0"}, {Tag: subordinate.Tag()}, {Tag: "unit-foo-42"}, }} result, err := s.uniter.GetPrincipal(args) c.Assert(err, gc.IsNil) c.Assert(result, gc.DeepEquals, params.StringBoolResults{ Results: []params.StringBoolResult{ {Error: apiservertesting.ErrUnauthorized}, {Result: "", Ok: false, Error: nil}, {Error: apiservertesting.ErrUnauthorized}, {Error: apiservertesting.ErrUnauthorized}, }, }) // Now try as subordinate's agent. subAuthorizer := s.authorizer subAuthorizer.Tag = subordinate.Tag() subUniter, err := uniter.NewUniterAPI(s.State, s.resources, subAuthorizer) c.Assert(err, gc.IsNil) result, err = subUniter.GetPrincipal(args) c.Assert(err, gc.IsNil) c.Assert(result, gc.DeepEquals, params.StringBoolResults{ Results: []params.StringBoolResult{ {Error: apiservertesting.ErrUnauthorized}, {Error: apiservertesting.ErrUnauthorized}, {Result: "unit-wordpress-0", Ok: true, Error: nil}, {Error: apiservertesting.ErrUnauthorized}, }, }) }