github.com/axw/juju@v0.0.0-20161005053422-4bd6544d08d4/api/modelmanager/access_test.go (about) 1 // Copyright 2016 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package modelmanager_test 5 6 import ( 7 jc "github.com/juju/testing/checkers" 8 gc "gopkg.in/check.v1" 9 "gopkg.in/juju/names.v2" 10 11 basetesting "github.com/juju/juju/api/base/testing" 12 "github.com/juju/juju/api/modelmanager" 13 "github.com/juju/juju/apiserver/params" 14 "github.com/juju/juju/testing" 15 ) 16 17 type accessSuite struct { 18 testing.BaseSuite 19 } 20 21 type accessFunc func(string, string, ...string) error 22 23 var _ = gc.Suite(&accessSuite{}) 24 25 const ( 26 someModelUUID = "63f5e78f-2d21-4d0c-a5c1-73463f3443bf" 27 someModelTag = "model-" + someModelUUID 28 ) 29 30 func accessCall(client *modelmanager.Client, action params.ModelAction, user, access string, modelUUIDs ...string) error { 31 switch action { 32 case params.GrantModelAccess: 33 return client.GrantModel(user, access, modelUUIDs...) 34 case params.RevokeModelAccess: 35 return client.RevokeModel(user, access, modelUUIDs...) 36 default: 37 panic(action) 38 } 39 } 40 41 func (s *accessSuite) TestGrantModelReadOnlyUser(c *gc.C) { 42 s.readOnlyUser(c, params.GrantModelAccess) 43 } 44 45 func (s *accessSuite) TestRevokeModelReadOnlyUser(c *gc.C) { 46 s.readOnlyUser(c, params.RevokeModelAccess) 47 } 48 49 func checkCall(c *gc.C, objType string, id, request string) { 50 c.Check(objType, gc.Equals, "ModelManager") 51 c.Check(id, gc.Equals, "") 52 c.Check(request, gc.Equals, "ModifyModelAccess") 53 } 54 55 func assertRequest(c *gc.C, a interface{}) params.ModifyModelAccessRequest { 56 req, ok := a.(params.ModifyModelAccessRequest) 57 c.Assert(ok, jc.IsTrue, gc.Commentf("wrong request type")) 58 return req 59 } 60 61 func assertResponse(c *gc.C, result interface{}) *params.ErrorResults { 62 resp, ok := result.(*params.ErrorResults) 63 c.Assert(ok, jc.IsTrue, gc.Commentf("wrong response type")) 64 return resp 65 } 66 67 func (s *accessSuite) readOnlyUser(c *gc.C, action params.ModelAction) { 68 apiCaller := basetesting.APICallerFunc( 69 func(objType string, version int, id, request string, a, result interface{}) error { 70 checkCall(c, objType, id, request) 71 72 req := assertRequest(c, a) 73 c.Assert(req.Changes, gc.HasLen, 1) 74 c.Assert(string(req.Changes[0].Action), gc.Equals, string(action)) 75 c.Assert(string(req.Changes[0].Access), gc.Equals, string(params.ModelReadAccess)) 76 c.Assert(req.Changes[0].ModelTag, gc.Equals, someModelTag) 77 78 resp := assertResponse(c, result) 79 *resp = params.ErrorResults{Results: []params.ErrorResult{{Error: nil}}} 80 81 return nil 82 }) 83 client := modelmanager.NewClient(apiCaller) 84 err := accessCall(client, action, "bob", "read", someModelUUID) 85 c.Assert(err, jc.ErrorIsNil) 86 } 87 88 func (s *accessSuite) TestGrantModelAdminUser(c *gc.C) { 89 s.adminUser(c, params.GrantModelAccess) 90 } 91 92 func (s *accessSuite) TestRevokeModelAdminUser(c *gc.C) { 93 s.adminUser(c, params.RevokeModelAccess) 94 } 95 96 func (s *accessSuite) adminUser(c *gc.C, action params.ModelAction) { 97 apiCaller := basetesting.APICallerFunc( 98 func(objType string, version int, id, request string, a, result interface{}) error { 99 checkCall(c, objType, id, request) 100 101 req := assertRequest(c, a) 102 c.Assert(req.Changes, gc.HasLen, 1) 103 c.Assert(string(req.Changes[0].Action), gc.Equals, string(action)) 104 c.Assert(string(req.Changes[0].Access), gc.Equals, string(params.ModelWriteAccess)) 105 c.Assert(req.Changes[0].ModelTag, gc.Equals, someModelTag) 106 107 resp := assertResponse(c, result) 108 *resp = params.ErrorResults{Results: []params.ErrorResult{{Error: nil}}} 109 110 return nil 111 }) 112 client := modelmanager.NewClient(apiCaller) 113 err := accessCall(client, action, "bob", "write", someModelUUID) 114 c.Assert(err, jc.ErrorIsNil) 115 } 116 117 func (s *accessSuite) TestGrantThreeModels(c *gc.C) { 118 s.threeModels(c, params.GrantModelAccess) 119 } 120 121 func (s *accessSuite) TestRevokeThreeModels(c *gc.C) { 122 s.threeModels(c, params.RevokeModelAccess) 123 } 124 125 func (s *accessSuite) threeModels(c *gc.C, action params.ModelAction) { 126 apiCaller := basetesting.APICallerFunc( 127 func(objType string, version int, id, request string, a, result interface{}) error { 128 checkCall(c, objType, id, request) 129 130 req := assertRequest(c, a) 131 c.Assert(req.Changes, gc.HasLen, 3) 132 for i := range req.Changes { 133 c.Assert(string(req.Changes[i].Action), gc.Equals, string(action)) 134 c.Assert(string(req.Changes[i].Access), gc.Equals, string(params.ModelReadAccess)) 135 c.Assert(req.Changes[i].ModelTag, gc.Equals, someModelTag) 136 } 137 138 resp := assertResponse(c, result) 139 *resp = params.ErrorResults{Results: []params.ErrorResult{{Error: nil}, {Error: nil}, {Error: nil}}} 140 141 return nil 142 }) 143 client := modelmanager.NewClient(apiCaller) 144 err := accessCall(client, action, "carol", "read", someModelUUID, someModelUUID, someModelUUID) 145 c.Assert(err, jc.ErrorIsNil) 146 } 147 148 func (s *accessSuite) TestGrantErrorResult(c *gc.C) { 149 s.errorResult(c, params.GrantModelAccess) 150 } 151 152 func (s *accessSuite) TestRevokeErrorResult(c *gc.C) { 153 s.errorResult(c, params.RevokeModelAccess) 154 } 155 156 func (s *accessSuite) errorResult(c *gc.C, action params.ModelAction) { 157 apiCaller := basetesting.APICallerFunc( 158 func(objType string, version int, id, request string, a, result interface{}) error { 159 checkCall(c, objType, id, request) 160 161 req := assertRequest(c, a) 162 c.Assert(req.Changes, gc.HasLen, 1) 163 c.Assert(string(req.Changes[0].Action), gc.Equals, string(action)) 164 c.Assert(req.Changes[0].UserTag, gc.Equals, names.NewUserTag("aaa").String()) 165 c.Assert(req.Changes[0].ModelTag, gc.Equals, someModelTag) 166 167 resp := assertResponse(c, result) 168 err := ¶ms.Error{Message: "unfortunate mishap"} 169 *resp = params.ErrorResults{Results: []params.ErrorResult{{Error: err}}} 170 171 return nil 172 }) 173 client := modelmanager.NewClient(apiCaller) 174 err := accessCall(client, action, "aaa", "write", someModelUUID) 175 c.Assert(err, gc.ErrorMatches, "unfortunate mishap") 176 } 177 178 func (s *accessSuite) TestInvalidResultCount(c *gc.C) { 179 apiCaller := basetesting.APICallerFunc( 180 func(objType string, version int, id, request string, a, result interface{}) error { 181 checkCall(c, objType, id, request) 182 assertRequest(c, a) 183 184 resp := assertResponse(c, result) 185 *resp = params.ErrorResults{Results: nil} 186 187 return nil 188 }) 189 client := modelmanager.NewClient(apiCaller) 190 err := client.GrantModel("bob", "write", someModelUUID, someModelUUID) 191 c.Assert(err, gc.ErrorMatches, "expected 2 results, got 0") 192 }