github.com/axw/juju@v0.0.0-20161005053422-4bd6544d08d4/state/cloudcredentials_test.go (about) 1 // Copyright 2016 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package state_test 5 6 import ( 7 "github.com/juju/errors" 8 jc "github.com/juju/testing/checkers" 9 gc "gopkg.in/check.v1" 10 "gopkg.in/juju/names.v2" 11 12 "github.com/juju/juju/cloud" 13 "github.com/juju/juju/state" 14 statetesting "github.com/juju/juju/state/testing" 15 ) 16 17 type CloudCredentialsSuite struct { 18 ConnSuite 19 } 20 21 var _ = gc.Suite(&CloudCredentialsSuite{}) 22 23 func (s *CloudCredentialsSuite) TestUpdateCloudCredentialNew(c *gc.C) { 24 err := s.State.AddCloud("stratus", cloud.Cloud{ 25 Type: "low", 26 AuthTypes: cloud.AuthTypes{cloud.AccessKeyAuthType, cloud.UserPassAuthType}, 27 }) 28 c.Assert(err, jc.ErrorIsNil) 29 30 cred := cloud.NewCredential(cloud.AccessKeyAuthType, map[string]string{ 31 "foo": "foo val", 32 "bar": "bar val", 33 }) 34 tag := names.NewCloudCredentialTag("stratus/bob@local/foobar") 35 err = s.State.UpdateCloudCredential(tag, cred) 36 c.Assert(err, jc.ErrorIsNil) 37 38 // The retrieved credentials have labels although cloud.NewCredential 39 // doesn't have them, so add it to the expected value. 40 cred.Label = "foobar" 41 42 out, err := s.State.CloudCredential(tag) 43 c.Assert(err, jc.ErrorIsNil) 44 c.Assert(out, jc.DeepEquals, cred) 45 } 46 47 func (s *CloudCredentialsSuite) TestUpdateCloudCredentialsExisting(c *gc.C) { 48 err := s.State.AddCloud("stratus", cloud.Cloud{ 49 Type: "low", 50 AuthTypes: cloud.AuthTypes{cloud.AccessKeyAuthType, cloud.UserPassAuthType}, 51 }) 52 c.Assert(err, jc.ErrorIsNil) 53 54 cred := cloud.NewCredential(cloud.AccessKeyAuthType, map[string]string{ 55 "foo": "foo val", 56 "bar": "bar val", 57 }) 58 tag := names.NewCloudCredentialTag("stratus/bob@local/foobar") 59 err = s.State.UpdateCloudCredential(tag, cred) 60 c.Assert(err, jc.ErrorIsNil) 61 62 cred = cloud.NewCredential(cloud.UserPassAuthType, map[string]string{ 63 "user": "bob's nephew", 64 "password": "simple", 65 }) 66 cred.Revoked = true 67 err = s.State.UpdateCloudCredential(tag, cred) 68 c.Assert(err, jc.ErrorIsNil) 69 70 // The retrieved credentials have labels although cloud.NewCredential 71 // doesn't have them, so add it to the expected value. 72 cred.Label = "foobar" 73 74 out, err := s.State.CloudCredential(tag) 75 c.Assert(err, jc.ErrorIsNil) 76 c.Assert(out, jc.DeepEquals, cred) 77 } 78 79 func (s *CloudCredentialsSuite) TestUpdateCloudCredentialInvalidAuthType(c *gc.C) { 80 err := s.State.AddCloud("stratus", cloud.Cloud{ 81 Type: "low", 82 AuthTypes: cloud.AuthTypes{cloud.AccessKeyAuthType}, 83 }) 84 tag := names.NewCloudCredentialTag("stratus/bob@local/foobar") 85 cred := cloud.NewCredential(cloud.UserPassAuthType, nil) 86 err = s.State.UpdateCloudCredential(tag, cred) 87 c.Assert(err, gc.ErrorMatches, `updating cloud credentials: validating cloud credentials: credential "stratus/bob@local/foobar" with auth-type "userpass" is not supported \(expected one of \["access-key"\]\)`) 88 } 89 90 func (s *CloudCredentialsSuite) TestCloudCredentialsEmpty(c *gc.C) { 91 creds, err := s.State.CloudCredentials(names.NewUserTag("bob"), "dummy") 92 c.Assert(err, jc.ErrorIsNil) 93 c.Assert(creds, gc.HasLen, 0) 94 } 95 96 func (s *CloudCredentialsSuite) TestCloudCredentials(c *gc.C) { 97 err := s.State.AddCloud("stratus", cloud.Cloud{ 98 Type: "low", 99 AuthTypes: cloud.AuthTypes{cloud.AccessKeyAuthType, cloud.UserPassAuthType}, 100 }) 101 c.Assert(err, jc.ErrorIsNil) 102 otherUser := s.Factory.MakeUser(c, nil).UserTag() 103 104 tag1 := names.NewCloudCredentialTag("stratus/bob@local/bobcred1") 105 cred1 := cloud.NewCredential(cloud.AccessKeyAuthType, map[string]string{ 106 "foo": "foo val", 107 "bar": "bar val", 108 }) 109 err = s.State.UpdateCloudCredential(tag1, cred1) 110 c.Assert(err, jc.ErrorIsNil) 111 112 tag2 := names.NewCloudCredentialTag("stratus/" + otherUser.Canonical() + "/foobar") 113 tag3 := names.NewCloudCredentialTag("stratus/bob@local/bobcred2") 114 cred2 := cloud.NewCredential(cloud.AccessKeyAuthType, map[string]string{ 115 "baz": "baz val", 116 "qux": "qux val", 117 }) 118 err = s.State.UpdateCloudCredential(tag2, cred2) 119 c.Assert(err, jc.ErrorIsNil) 120 err = s.State.UpdateCloudCredential(tag3, cred2) 121 c.Assert(err, jc.ErrorIsNil) 122 123 cred1.Label = "bobcred1" 124 cred2.Label = "bobcred2" 125 126 for _, userName := range []string{"bob", "bob@local"} { 127 creds, err := s.State.CloudCredentials(names.NewUserTag(userName), "stratus") 128 c.Assert(err, jc.ErrorIsNil) 129 c.Assert(creds, jc.DeepEquals, map[string]cloud.Credential{ 130 tag1.Canonical(): cred1, 131 tag3.Canonical(): cred2, 132 }) 133 } 134 } 135 136 func (s *CloudCredentialsSuite) TestRemoveCredentials(c *gc.C) { 137 // Create it. 138 err := s.State.AddCloud("stratus", cloud.Cloud{ 139 Type: "low", 140 AuthTypes: cloud.AuthTypes{cloud.AccessKeyAuthType, cloud.UserPassAuthType}, 141 }) 142 c.Assert(err, jc.ErrorIsNil) 143 144 tag := names.NewCloudCredentialTag("stratus/bob@local/bobcred1") 145 cred := cloud.NewCredential(cloud.AccessKeyAuthType, map[string]string{ 146 "foo": "foo val", 147 "bar": "bar val", 148 }) 149 err = s.State.UpdateCloudCredential(tag, cred) 150 c.Assert(err, jc.ErrorIsNil) 151 _, err = s.State.CloudCredential(tag) 152 c.Assert(err, jc.ErrorIsNil) 153 154 // Remove it. 155 err = s.State.RemoveCloudCredential(tag) 156 c.Assert(err, jc.ErrorIsNil) 157 158 // Check it. 159 _, err = s.State.CloudCredential(tag) 160 c.Assert(err, jc.Satisfies, errors.IsNotFound) 161 } 162 163 func (s *CloudCredentialsSuite) createCredentialWatcher(c *gc.C, st *state.State, cred names.CloudCredentialTag) ( 164 state.NotifyWatcher, statetesting.NotifyWatcherC, 165 ) { 166 w := st.WatchCredential(cred) 167 s.AddCleanup(func(c *gc.C) { statetesting.AssertStop(c, w) }) 168 return w, statetesting.NewNotifyWatcherC(c, st, w) 169 } 170 171 func (s *CloudCredentialsSuite) TestWatchCredential(c *gc.C) { 172 cred := names.NewCloudCredentialTag("dummy/fred/default") 173 w, wc := s.createCredentialWatcher(c, s.State, cred) 174 wc.AssertOneChange() // Initial event. 175 176 // Create 177 dummyCred := cloud.NewCredential(cloud.EmptyAuthType, nil) 178 err := s.State.UpdateCloudCredential(cred, dummyCred) 179 c.Assert(err, jc.ErrorIsNil) 180 wc.AssertOneChange() 181 182 // Revoke 183 dummyCred.Revoked = true 184 err = s.State.UpdateCloudCredential(cred, dummyCred) 185 c.Assert(err, jc.ErrorIsNil) 186 wc.AssertOneChange() 187 188 // Remove. 189 err = s.State.RemoveCloudCredential(cred) 190 c.Assert(err, jc.ErrorIsNil) 191 wc.AssertOneChange() 192 193 statetesting.AssertStop(c, w) 194 wc.AssertClosed() 195 } 196 197 func (s *CloudCredentialsSuite) TestWatchCredentialIgnoresOther(c *gc.C) { 198 cred := names.NewCloudCredentialTag("dummy/fred/default") 199 w, wc := s.createCredentialWatcher(c, s.State, cred) 200 wc.AssertOneChange() // Initial event. 201 202 anotherCred := names.NewCloudCredentialTag("dummy/mary/default") 203 dummyCred := cloud.NewCredential(cloud.EmptyAuthType, nil) 204 err := s.State.UpdateCloudCredential(anotherCred, dummyCred) 205 c.Assert(err, jc.ErrorIsNil) 206 wc.AssertNoChange() 207 208 statetesting.AssertStop(c, w) 209 wc.AssertClosed() 210 }