diff --git a/octavia/tests/functional/api/v2/test_amphora.py b/octavia/tests/functional/api/v2/test_amphora.py index fa2c022e6..35c4b7c79 100644 --- a/octavia/tests/functional/api/v2/test_amphora.py +++ b/octavia/tests/functional/api/v2/test_amphora.py @@ -183,27 +183,24 @@ def test_delete_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.AMPHORA_PATH.format(amphora_id=amp.id), - status=204) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.AMPHORA_PATH.format(amphora_id=amp.id), + status=204) # Reset api auth setting self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -227,9 +224,10 @@ def test_delete_not_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(self.AMPHORA_PATH.format(amphora_id=amp.id), status=403) # Reset api auth setting @@ -261,27 +259,24 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.AMPHORA_PATH.format( - amphora_id=self.amp_id)).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.AMPHORA_PATH.format( + amphora_id=self.amp_id)).json.get(self.root_tag) # Reset api auth setting self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -291,9 +286,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.AMPHORA_PATH.format( amphora_id=self.amp_id), status=403) # Reset api auth setting @@ -305,27 +301,24 @@ def test_failover_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.put(self.AMPHORA_FAILOVER_PATH.format( - amphora_id=self.amp_id), body={}, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.put(self.AMPHORA_FAILOVER_PATH.format( + amphora_id=self.amp_id), body={}, status=202) # Reset api auth setting self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -337,9 +330,10 @@ def test_failover_not_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.put(self.AMPHORA_FAILOVER_PATH.format( amphora_id=self.amp_id), body={}, status=403) # Reset api auth setting @@ -367,27 +361,24 @@ def test_get_all(self): def test_get_all_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - amps = self.get(self.AMPHORAE_PATH).json.get( - self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + amps = self.get(self.AMPHORAE_PATH).json.get( + self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertIsInstance(amps, list) @@ -397,9 +388,10 @@ def test_get_all_authorized(self): def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): amps = self.get(self.AMPHORAE_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -531,27 +523,24 @@ def test_get_stats_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.AMPHORA_STATS_PATH.format( - amphora_id=self.amp_id)).json.get(self.root_tag_stats) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.AMPHORA_STATS_PATH.format( + amphora_id=self.amp_id)).json.get(self.root_tag_stats) # Reset api auth setting self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.ref_amp_stats, response) @@ -560,9 +549,10 @@ def test_get_stats_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.AMPHORA_STATS_PATH.format( amphora_id=self.amp_id), status=403) # Reset api auth setting @@ -638,28 +628,25 @@ def test_config_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - - self.put(self.AMPHORA_CONFIG_PATH.format( - amphora_id=self.amp_id), body={}, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + + self.put(self.AMPHORA_CONFIG_PATH.format( + amphora_id=self.amp_id), body={}, status=202) # Reset api auth setting self.conf.config(group='api_settings', auth_strategy=auth_strategy) payload = {constants.AMPHORA_ID: self.amp_id} @@ -671,9 +658,10 @@ def test_config_not_authorized(self, mock_cast): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.put(self.AMPHORA_CONFIG_PATH.format( amphora_id=self.amp_id), body={}, status=403) # Reset api auth setting diff --git a/octavia/tests/functional/api/v2/test_availability_zone_profiles.py b/octavia/tests/functional/api/v2/test_availability_zone_profiles.py index 2641c0e9d..265a1bd46 100644 --- a/octavia/tests/functional/api/v2/test_availability_zone_profiles.py +++ b/octavia/tests/functional/api/v2/test_availability_zone_profiles.py @@ -20,7 +20,6 @@ from oslo_utils import uuidutils from octavia.common import constants -import octavia.common.context from octavia.tests.functional.api.v2 import base @@ -110,26 +109,23 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.AZPS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.AZPS_PATH, body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) api_azp = response.json.get(self.root_tag) self._assert_request_matches_response(az_json, api_azp) @@ -204,28 +200,25 @@ def test_get_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get( - self.AZP_PATH.format( - azp_id=azp.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get( + self.AZP_PATH.format( + azp_id=azp.get('id'))).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual('name', response.get('name')) self.assertEqual(azp.get('id'), response.get('id')) @@ -289,26 +282,23 @@ def test_get_all_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.AZPS_PATH) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.AZPS_PATH) self.conf.config(group='api_settings', auth_strategy=auth_strategy) api_list = response.json.get(self.root_tag_list) self.assertEqual(2, len(api_list)) @@ -407,27 +397,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(self.AZP_PATH.format(azp_id=azp.get('id')), - body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(self.AZP_PATH.format(azp_id=azp.get('id')), + body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get( self.AZP_PATH.format(azp_id=azp.get('id'))).json.get(self.root_tag) @@ -536,26 +523,23 @@ def test_delete_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.AZP_PATH.format(azp_id=azp.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.AZP_PATH.format(azp_id=azp.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(self.AZP_PATH.format( azp_id=azp.get('id')), status=404) diff --git a/octavia/tests/functional/api/v2/test_availability_zones.py b/octavia/tests/functional/api/v2/test_availability_zones.py index 854bb7c9a..f5e22c1fc 100644 --- a/octavia/tests/functional/api/v2/test_availability_zones.py +++ b/octavia/tests/functional/api/v2/test_availability_zones.py @@ -118,26 +118,23 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.AZS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.AZS_PATH, body) api_az = response.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self._assert_request_matches_response(az_json, api_az) @@ -205,9 +202,10 @@ def test_get_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): + test_context = octavia.common.context.RequestContext( + project_id=project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -290,26 +288,23 @@ def test_get_all_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - api_list = response.json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + api_list = response.json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(2, len(api_list)) @@ -415,27 +410,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.put(self.AZ_PATH.format(az_name=availability_zone_name), - body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.put(self.AZ_PATH.format(az_name=availability_zone_name), + body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) updated_az = self.get(self.AZ_PATH.format( @@ -515,27 +507,24 @@ def test_delete_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete( - self.AZ_PATH.format(az_name=az.get('name'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete( + self.AZ_PATH.format(az_name=az.get('name'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(self.AZ_PATH.format(az_name=az.get('name')), status=404) diff --git a/octavia/tests/functional/api/v2/test_flavor_profiles.py b/octavia/tests/functional/api/v2/test_flavor_profiles.py index 205e47961..e4edb4a0e 100644 --- a/octavia/tests/functional/api/v2/test_flavor_profiles.py +++ b/octavia/tests/functional/api/v2/test_flavor_profiles.py @@ -20,7 +20,6 @@ from oslo_utils import uuidutils from octavia.common import constants -import octavia.common.context from octavia.tests.functional.api.v2 import base @@ -109,26 +108,23 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.FPS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.FPS_PATH, body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) api_fp = response.json.get(self.root_tag) self._assert_request_matches_response(fp_json, api_fp) @@ -202,28 +198,25 @@ def test_get_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get( - self.FP_PATH.format( - fp_id=fp.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get( + self.FP_PATH.format( + fp_id=fp.get('id'))).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual('name', response.get('name')) self.assertEqual(fp.get('id'), response.get('id')) @@ -287,26 +280,23 @@ def test_get_all_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.FPS_PATH) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.FPS_PATH) self.conf.config(group='api_settings', auth_strategy=auth_strategy) api_list = response.json.get(self.root_tag_list) self.assertEqual(2, len(api_list)) @@ -404,27 +394,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(self.FP_PATH.format(fp_id=fp.get('id')), - body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(self.FP_PATH.format(fp_id=fp.get('id')), + body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get( self.FP_PATH.format(fp_id=fp.get('id'))).json.get(self.root_tag) @@ -528,26 +515,23 @@ def test_delete_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.FP_PATH.format(fp_id=fp.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.FP_PATH.format(fp_id=fp.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(self.FP_PATH.format( fp_id=fp.get('id')), status=404) diff --git a/octavia/tests/functional/api/v2/test_flavors.py b/octavia/tests/functional/api/v2/test_flavors.py index a73cf7c54..9eee27f71 100644 --- a/octavia/tests/functional/api/v2/test_flavors.py +++ b/octavia/tests/functional/api/v2/test_flavors.py @@ -117,26 +117,23 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.FLAVORS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.FLAVORS_PATH, body) api_flavor = response.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self._assert_request_matches_response(flavor_json, api_flavor) @@ -205,9 +202,10 @@ def test_get_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): + test_context = octavia.common.context.RequestContext( + project_id=project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -299,9 +297,10 @@ def test_get_all_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): + test_context = octavia.common.context.RequestContext( + project_id=project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -429,27 +428,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(self.FLAVOR_PATH.format( - flavor_id=flavor_id), body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(self.FLAVOR_PATH.format( + flavor_id=flavor_id), body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) updated_flavor = self.get(self.FLAVOR_PATH.format( @@ -533,27 +529,24 @@ def test_delete_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete( - self.FLAVOR_PATH.format(flavor_id=flavor.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete( + self.FLAVOR_PATH.format(flavor_id=flavor.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(self.FLAVOR_PATH.format( flavor_id=flavor.get('id')), status=404) diff --git a/octavia/tests/functional/api/v2/test_health_monitor.py b/octavia/tests/functional/api/v2/test_health_monitor.py index 932f84455..1cb5eddce 100644 --- a/octavia/tests/functional/api/v2/test_health_monitor.py +++ b/octavia/tests/functional/api/v2/test_health_monitor.py @@ -128,28 +128,25 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - response = self.get(self.HM_PATH.format( - healthmonitor_id=api_hm.get('id'))).json.get(self.root_tag) + response = self.get(self.HM_PATH.format( + healthmonitor_id=api_hm.get('id'))).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response.pop('updated_at') @@ -168,9 +165,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.HM_PATH.format( healthmonitor_id=api_hm.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -209,9 +207,10 @@ def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): hms = self.get(self.HMS_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -284,9 +283,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - hm3['project_id']): + test_context = octavia.common.context.RequestContext( + project_id=hm3['project_id']) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -340,9 +340,10 @@ def test_get_all_unscoped_token(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): + test_context = octavia.common.context.RequestContext( + project_id=None) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -397,9 +398,10 @@ def test_get_all_non_admin_global_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - hm3['project_id']): + test_context = octavia.common.context.RequestContext( + project_id=hm3['project_id']) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -1249,29 +1251,26 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - api_hm = self.create_health_monitor( - self.pool_id, constants.HEALTH_MONITOR_HTTP, - 1, 1, 1, 1).get(self.root_tag) + api_hm = self.create_health_monitor( + self.pool_id, constants.HEALTH_MONITOR_HTTP, + 1, 1, 1, 1).get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( @@ -1298,9 +1297,10 @@ def test_create_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_hm = self.create_health_monitor( self.pool_id, constants.HEALTH_MONITOR_HTTP, 1, 1, 1, 1, status=403) @@ -1705,29 +1705,26 @@ def test_update_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - - self.put( - self.HM_PATH.format(healthmonitor_id=api_hm.get('id')), - self._build_body(new_hm)) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + + self.put( + self.HM_PATH.format(healthmonitor_id=api_hm.get('id')), + self._build_body(new_hm)) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( @@ -1747,9 +1744,10 @@ def test_update_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.put( self.HM_PATH.format(healthmonitor_id=api_hm.get('id')), self._build_body(new_hm), status=403) @@ -2055,27 +2053,24 @@ def test_delete_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete( - self.HM_PATH.format(healthmonitor_id=api_hm.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete( + self.HM_PATH.format(healthmonitor_id=api_hm.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( lb_id=self.lb_id, listener_id=self.listener_id, @@ -2101,9 +2096,10 @@ def test_delete_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete( self.HM_PATH.format(healthmonitor_id=api_hm.get('id')), status=403) diff --git a/octavia/tests/functional/api/v2/test_l7policy.py b/octavia/tests/functional/api/v2/test_l7policy.py index 3f485e076..5010983d3 100644 --- a/octavia/tests/functional/api/v2/test_l7policy.py +++ b/octavia/tests/functional/api/v2/test_l7policy.py @@ -67,28 +67,25 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.L7POLICY_PATH.format( - l7policy_id=api_l7policy.get('id'))) - response = response.json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.L7POLICY_PATH.format( + l7policy_id=api_l7policy.get('id'))) + response = response.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(api_l7policy, response) @@ -100,9 +97,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.L7POLICY_PATH.format( l7policy_id=api_l7policy.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -200,9 +198,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - api_l7p_c.get('project_id')): + test_context = octavia.common.context.RequestContext( + project_id=api_l7p_c.get('project_id')) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -258,9 +257,10 @@ def test_get_all_unscoped_token(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): + test_context = octavia.common.context.RequestContext( + project_id=None) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -311,9 +311,10 @@ def test_get_all_non_admin_global_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - api_l7p_c.get('project_id')): + test_context = octavia.common.context.RequestContext( + project_id=api_l7p_c.get('project_id')) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -351,9 +352,10 @@ def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): policies = self.get(self.L7POLICIES_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -676,28 +678,25 @@ def test_create_policy_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - api_l7policy = self.create_l7policy( - self.listener_id, - constants.L7POLICY_ACTION_REJECT).get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + api_l7policy = self.create_l7policy( + self.listener_id, + constants.L7POLICY_ACTION_REJECT).get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(constants.L7POLICY_ACTION_REJECT, @@ -719,9 +718,10 @@ def test_create_policy_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_l7policy = self.create_l7policy( self.listener_id, constants.L7POLICY_ACTION_REJECT, status=403) @@ -910,28 +910,25 @@ def test_update_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(self.L7POLICY_PATH.format( - l7policy_id=api_l7policy.get('id')), - self._build_body(new_l7policy)).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(self.L7POLICY_PATH.format( + l7policy_id=api_l7policy.get('id')), + self._build_body(new_l7policy)).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(constants.L7POLICY_ACTION_REDIRECT_TO_URL, @@ -955,9 +952,10 @@ def test_update_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.put(self.L7POLICY_PATH.format( l7policy_id=api_l7policy.get('id')), self._build_body(new_l7policy), status=403) @@ -1156,28 +1154,25 @@ def test_delete_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - self.delete(self.L7POLICY_PATH.format( - l7policy_id=api_l7policy.get('id'))) + self.delete(self.L7POLICY_PATH.format( + l7policy_id=api_l7policy.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( @@ -1205,9 +1200,10 @@ def test_delete_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(self.L7POLICY_PATH.format( l7policy_id=api_l7policy.get('id')), status=403) diff --git a/octavia/tests/functional/api/v2/test_l7rule.py b/octavia/tests/functional/api/v2/test_l7rule.py index 0c0237e3f..0c1fc8167 100644 --- a/octavia/tests/functional/api/v2/test_l7rule.py +++ b/octavia/tests/functional/api/v2/test_l7rule.py @@ -67,27 +67,24 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.l7rule_path.format( - l7rule_id=l7rule.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.l7rule_path.format( + l7rule_id=l7rule.get('id'))).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(l7rule, response) @@ -99,9 +96,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.l7rule_path.format( l7rule_id=l7rule.get('id')), status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -166,27 +164,24 @@ def test_get_all_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - rules = self.get( - self.l7rules_path).json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + rules = self.get( + self.l7rules_path).json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertIsInstance(rules, list) @@ -211,26 +206,23 @@ def test_get_all_unscoped_token(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': None} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - result = self.get(self.l7rules_path, status=403).json + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': None} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + result = self.get(self.l7rules_path, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, result) @@ -248,9 +240,10 @@ def test_get_all_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): rules = self.get(self.l7rules_path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -533,29 +526,26 @@ def test_create_rule_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - api_l7rule = self.create_l7rule( - self.l7policy_id, constants.L7RULE_TYPE_HOST_NAME, - constants.L7RULE_COMPARE_TYPE_EQUAL_TO, - 'www.example.com').get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + api_l7rule = self.create_l7rule( + self.l7policy_id, constants.L7RULE_TYPE_HOST_NAME, + constants.L7RULE_COMPARE_TYPE_EQUAL_TO, + 'www.example.com').get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(constants.L7RULE_TYPE_HOST_NAME, api_l7rule.get('type')) @@ -578,9 +568,10 @@ def test_create_rule_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_l7rule = self.create_l7rule( self.l7policy_id, constants.L7RULE_TYPE_HOST_NAME, constants.L7RULE_COMPARE_TYPE_EQUAL_TO, @@ -912,28 +903,25 @@ def test_update_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(self.l7rule_path.format( - l7rule_id=api_l7rule.get('id')), - self._build_body(new_l7rule)).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(self.l7rule_path.format( + l7rule_id=api_l7rule.get('id')), + self._build_body(new_l7rule)).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual('/images', response.get('value')) self.assert_correct_status( @@ -955,9 +943,10 @@ def test_update_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.put(self.l7rule_path.format( l7rule_id=api_l7rule.get('id')), self._build_body(new_l7rule), status=403) @@ -1116,28 +1105,25 @@ def test_delete_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - - self.delete( - self.l7rule_path.format(l7rule_id=api_l7rule.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + + self.delete( + self.l7rule_path.format(l7rule_id=api_l7rule.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( lb_id=self.lb_id, listener_id=self.listener_id, @@ -1167,9 +1153,10 @@ def test_delete_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete( self.l7rule_path.format(l7rule_id=api_l7rule.get('id')), status=403) diff --git a/octavia/tests/functional/api/v2/test_listener.py b/octavia/tests/functional/api/v2/test_listener.py index 35f9915d5..29e783653 100644 --- a/octavia/tests/functional/api/v2/test_listener.py +++ b/octavia/tests/functional/api/v2/test_listener.py @@ -103,9 +103,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - listener3['project_id']): + test_context = octavia.common.context.RequestContext( + project_id=listener3['project_id']) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -151,9 +152,10 @@ def test_get_all_unscoped_token(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): + test_context = octavia.common.context.RequestContext( + project_id=None) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -193,9 +195,10 @@ def test_get_all_non_admin_global_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -245,9 +248,10 @@ def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): listeners = self.get(self.LISTENERS_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, listeners) @@ -549,28 +553,25 @@ def test_get_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - response = self.get(self.listener_path.format( - listener_id=listener['id'])) + response = self.get(self.listener_path.format( + listener_id=listener['id'])) api_listener = response.json.get(self.root_tag) self.assertEqual(listener, api_listener) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -583,9 +584,10 @@ def test_get_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.listener_path.format( listener_id=listener['id']), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -967,26 +969,23 @@ def test_create_authorized(self, **optionals): self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.LISTENERS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.LISTENERS_PATH, body) self.conf.config(group='api_settings', auth_strategy=auth_strategy) listener_api = response.json['listener'] @@ -1023,9 +1022,10 @@ def test_create_not_authorized(self, **optionals): self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.post(self.LISTENERS_PATH, body, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -2097,27 +2097,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - api_listener = self.put(listener_path, body) - api_listener = api_listener.json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + api_listener = self.put(listener_path, body) + api_listener = api_listener.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) update_expect = {'name': 'listener2', 'admin_state_up': True, @@ -2150,9 +2147,10 @@ def test_update_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_listener = self.put(listener_path, body, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, api_listener.json) @@ -2258,27 +2256,24 @@ def test_delete_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - - self.delete(listener_path) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + + self.delete(listener_path) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(listener_path) @@ -2308,9 +2303,10 @@ def test_delete_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(listener_path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_lb_status(self.lb_id, constants.ONLINE, @@ -2917,26 +2913,23 @@ def test_statistics_authorized(self): self.conf.config(group='api_settings', auth_strategy=constants.TESTING) self.session.commit() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self._getStats(li['id']) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self._getStats(li['id']) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(ls['bytes_in'], response['bytes_in']) @@ -2965,9 +2958,10 @@ def test_statistics_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): res = self.get(self.LISTENER_PATH.format( listener_id=li['id'] + "/stats"), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) diff --git a/octavia/tests/functional/api/v2/test_load_balancer.py b/octavia/tests/functional/api/v2/test_load_balancer.py index 6edcbb990..05cc99391 100644 --- a/octavia/tests/functional/api/v2/test_load_balancer.py +++ b/octavia/tests/functional/api/v2/test_load_balancer.py @@ -969,9 +969,10 @@ def test_create_context_project_id(self, **optionals): } lb_json.update(optionals) body = self._build_body(lb_json) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.post(self.LBS_PATH, body) api_lb = response.json.get(self.root_tag) self._assert_request_matches_response(lb_json, api_lb) @@ -986,26 +987,23 @@ def test_create_authorized(self, **optionals): } lb_json.update(optionals) body = self._build_body(lb_json) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.post(self.LBS_PATH, body) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.post(self.LBS_PATH, body) api_lb = response.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self._assert_request_matches_response(lb_json, api_lb) @@ -1019,9 +1017,10 @@ def test_create_not_authorized(self, **optionals): } lb_json.update(optionals) body = self._build_body(lb_json) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.post(self.LBS_PATH, body, status=403) api_lb = response.json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -1297,9 +1296,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -1337,9 +1337,10 @@ def test_get_all_unscoped_token(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): + test_context = octavia.common.context.RequestContext( + project_id=None) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -1375,9 +1376,10 @@ def test_get_all_non_admin_global_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -1415,9 +1417,10 @@ def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) LB_PROJECT_PATH = f'{self.LBS_PATH}?project_id={project_id}' - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(LB_PROJECT_PATH, status=403) api_lb = response.json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -1883,27 +1886,24 @@ def test_get_authorized(self): lb_dict = lb.get(self.root_tag) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.LB_PATH.format( - lb_id=lb_dict.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.LB_PATH.format( + lb_id=lb_dict.get('id'))).json.get(self.root_tag) self.assertEqual('lb1', response.get('name')) self.assertEqual(project_id, response.get('project_id')) self.assertEqual('desc1', response.get('description')) @@ -1944,9 +1944,10 @@ def test_get_not_authorized(self): lb_dict = lb.get(self.root_tag) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.LB_PATH.format(lb_id=lb_dict.get('id')), status=403) api_lb = response.json @@ -2114,27 +2115,24 @@ def test_update_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put( - self.LB_PATH.format(lb_id=lb_dict.get('id')), lb_json) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put( + self.LB_PATH.format(lb_id=lb_dict.get('id')), lb_json) api_lb = response.json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertIsNotNone(api_lb.get('vip_subnet_id')) @@ -2160,9 +2158,10 @@ def test_update_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.put(self.LB_PATH.format(lb_id=lb_dict.get('id')), lb_json, status=403) api_lb = response.json @@ -2298,26 +2297,23 @@ def test_delete_authorized(self): lb = self.set_lb_status(lb_dict.get('id')) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.LB_PATH.format(lb_id=lb_dict.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.LB_PATH.format(lb_id=lb_dict.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(self.LB_PATH.format(lb_id=lb_dict.get('id'))) api_lb = response.json.get(self.root_tag) @@ -2341,9 +2337,10 @@ def test_delete_not_authorized(self): self.set_lb_status(lb_dict.get('id')) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(self.LB_PATH.format(lb_id=lb_dict.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -2466,9 +2463,10 @@ def test_failover_not_authorized(self): lb_id=lb_dict.get('id')) + "/failover") auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.app.put(path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -2487,26 +2485,23 @@ def test_failover_not_authorized_no_role(self): lb_id=lb_dict.get('id')) + "/failover") auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': [], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.app.put(path, status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': [], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.app.put(path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -2525,26 +2520,23 @@ def test_failover_authorized_lb_admin(self): lb_id=lb_dict.get('id')) + "/failover") auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id_2): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id_2} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.app.put(path, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id_2} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.app.put(path, status=202) self.conf.config(group='api_settings', auth_strategy=auth_strategy) def test_failover_authorized_no_auth(self): @@ -2562,26 +2554,23 @@ def test_failover_authorized_no_auth(self): lb_id=lb_dict.get('id')) + "/failover") auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.NOAUTH) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id_2): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id_2} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.app.put(path, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id_2} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.app.put(path, status=202) self.conf.config(group='api_settings', auth_strategy=auth_strategy) def test_failover_deleted(self): @@ -4145,26 +4134,23 @@ def test_statuses_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self._getStatus(lb['id']) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self._getStatus(lb['id']) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(lb['name'], response['name']) @@ -4179,10 +4165,10 @@ def test_statuses_not_authorized(self): uuidutils.generate_uuid()).get('loadbalancer') auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): - + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): res = self.get(self.LB_PATH.format(lb_id=lb['id'] + "/status"), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -4248,26 +4234,23 @@ def test_statistics_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self._getStats(lb['id']) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self._getStats(lb['id']) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(ls['bytes_in'], response['bytes_in']) @@ -4294,9 +4277,10 @@ def test_statistics_not_authorized(self): total_connections=random.randint(1, 9)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): res = self.get(self.LB_PATH.format(lb_id=lb['id'] + "/stats"), status=403) diff --git a/octavia/tests/functional/api/v2/test_member.py b/octavia/tests/functional/api/v2/test_member.py index db902f658..f4ee37d97 100644 --- a/octavia/tests/functional/api/v2/test_member.py +++ b/octavia/tests/functional/api/v2/test_member.py @@ -81,27 +81,24 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.member_path.format( - member_id=api_member.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.member_path.format( + member_id=api_member.get('id'))).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(api_member, response) self.assertEqual(api_member.get('name'), '') @@ -112,9 +109,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.member_path.format( member_id=api_member.get('id')), status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -186,27 +184,24 @@ def _test_get_all_authorized(self, roles, project_id): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': roles, - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.members_path) - response = response.json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': roles, + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.members_path) + response = response.json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertIsInstance(response, list) @@ -242,26 +237,23 @@ def test_get_all_unscoped_token(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': None} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - result = self.get(self.members_path, status=403).json + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': None} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + result = self.get(self.members_path, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, result) @@ -282,9 +274,10 @@ def test_get_all_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.members_path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -530,29 +523,26 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - - api_member = self.create_member( - self.pool_id, '192.0.2.1', 80, - tags=['test_tag']).get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + + api_member = self.create_member( + self.pool_id, '192.0.2.1', 80, + tags=['test_tag']).get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual('192.0.2.1', api_member['address']) @@ -579,9 +569,10 @@ def test_create_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_member = self.create_member( self.pool_id, '192.0.2.1', 80, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -1228,30 +1219,27 @@ def test_update_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - member_path = self.member_path_listener.format( - member_id=api_member.get('id')) - response = self.put( - member_path, - self._build_body(new_member)).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + member_path = self.member_path_listener.format( + member_id=api_member.get('id')) + response = self.put( + member_path, + self._build_body(new_member)).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -1282,9 +1270,10 @@ def test_update_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): member_path = self.member_path_listener.format( member_id=api_member.get('id')) response = self.put( @@ -1410,27 +1399,24 @@ def test_delete_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.member_path_listener.format( - member_id=api_member.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.member_path_listener.format( + member_id=api_member.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( @@ -1460,9 +1446,10 @@ def test_delete_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(self.member_path_listener.format( member_id=api_member.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) diff --git a/octavia/tests/functional/api/v2/test_pool.py b/octavia/tests/functional/api/v2/test_pool.py index 649f3fd27..75524a969 100644 --- a/octavia/tests/functional/api/v2/test_pool.py +++ b/octavia/tests/functional/api/v2/test_pool.py @@ -96,27 +96,24 @@ def test_get_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.POOL_PATH.format( - pool_id=api_pool.get('id'))).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.POOL_PATH.format( + pool_id=api_pool.get('id'))).json.get(self.root_tag) response.pop('updated_at') self.assertEqual(api_pool, response) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -136,9 +133,10 @@ def test_get_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): response = self.get(self.POOL_PATH.format( pool_id=api_pool.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -238,9 +236,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - pool3['project_id']): + test_context = octavia.common.context.RequestContext( + project_id=self.project_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -287,26 +286,23 @@ def test_get_all_unscoped_token(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - None): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': None} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - result = self.get(self.POOLS_PATH, status=403).json + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': None} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + result = self.get(self.POOLS_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, result) @@ -331,26 +327,23 @@ def test_get_all_non_admin_global_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - pools = self.get(self.POOLS_PATH).json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + pools = self.get(self.POOLS_PATH).json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(3, len(pools)) @@ -383,9 +376,10 @@ def test_get_all_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): pools = self.get(self.POOLS_PATH, status=403).json self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -733,31 +727,28 @@ def test_create_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - api_pool = self.create_pool( - self.lb_id, - constants.PROTOCOL_HTTP, - constants.LB_ALGORITHM_ROUND_ROBIN, - listener_id=self.listener_id).get(self.root_tag) + api_pool = self.create_pool( + self.lb_id, + constants.PROTOCOL_HTTP, + constants.LB_ALGORITHM_ROUND_ROBIN, + listener_id=self.listener_id).get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -783,9 +774,10 @@ def test_create_not_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_pool = self.create_pool( self.lb_id, constants.PROTOCOL_HTTP, @@ -1265,28 +1257,25 @@ def test_update_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): - self.put(self.POOL_PATH.format(pool_id=api_pool.get('id')), - self._build_body(new_pool)) + self.put(self.POOL_PATH.format(pool_id=api_pool.get('id')), + self._build_body(new_pool)) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -1318,9 +1307,10 @@ def test_update_not_authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): api_pool = self.put( self.POOL_PATH.format(pool_id=api_pool.get('id')), self._build_body(new_pool), status=403) @@ -2093,26 +2083,23 @@ def test_delete_authorize(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(self.POOL_PATH.format(pool_id=api_pool.get('id'))) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(self.POOL_PATH.format(pool_id=api_pool.get('id'))) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assert_correct_status( @@ -2142,9 +2129,10 @@ def test_delete_not_authorize(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + test_context = octavia.common.context.RequestContext( + project_id=uuidutils.generate_uuid()) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): self.delete(self.POOL_PATH.format(pool_id=api_pool.get('id')), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) diff --git a/octavia/tests/functional/api/v2/test_provider.py b/octavia/tests/functional/api/v2/test_provider.py index 50c69f0ce..1970e7d9f 100644 --- a/octavia/tests/functional/api/v2/test_provider.py +++ b/octavia/tests/functional/api/v2/test_provider.py @@ -21,7 +21,6 @@ from oslo_utils import uuidutils from octavia.common import constants -import octavia.common.context from octavia.tests.functional.api.v2 import base @@ -102,27 +101,24 @@ def test_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - result = self.get(self.FLAVOR_CAPABILITIES_PATH.format( - provider='noop_driver')) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + result = self.get(self.FLAVOR_CAPABILITIES_PATH.format( + provider='noop_driver')) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(ref_capabilities, result.json.get(self.root_tag)) @@ -237,28 +233,25 @@ def test_authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) project_id = uuidutils.generate_uuid() - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': True, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - result = self.get( - self.AVAILABILITY_ZONE_CAPABILITIES_PATH.format( - provider='noop_driver')) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': True, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + result = self.get( + self.AVAILABILITY_ZONE_CAPABILITIES_PATH.format( + provider='noop_driver')) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(ref_capabilities, result.json.get(self.root_tag)) diff --git a/octavia/tests/functional/api/v2/test_quotas.py b/octavia/tests/functional/api/v2/test_quotas.py index 2819978fe..84af2295c 100644 --- a/octavia/tests/functional/api/v2/test_quotas.py +++ b/octavia/tests/functional/api/v2/test_quotas.py @@ -168,9 +168,22 @@ def test_get_all_not_Authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer:bogus'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': uuidutils.generate_uuid()} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): response = self.get(self.QUOTAS_PATH, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -186,26 +199,23 @@ def test_get_all_not_Authorized_no_role(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project_id1): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': [], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.QUOTAS_PATH, status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': [], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.QUOTAS_PATH, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -227,26 +237,23 @@ def test_get_all_not_Authorized_bogus_role(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_bogus'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.QUOTAS_PATH, status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_bogus'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.QUOTAS_PATH, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -289,27 +296,24 @@ def test_get_all_non_admin_global_observer(self): ).get(self.root_tag) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - quotas = self.get(self.QUOTAS_PATH) - quotas = quotas.json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + quotas = self.get(self.QUOTAS_PATH) + quotas = quotas.json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(3, len(quotas)) quota_lb_member_quotas = [(lb.get('load_balancer'), lb.get('member')) @@ -336,27 +340,24 @@ def test_get_all_quota_admin(self): ).get(self.root_tag) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - quotas = self.get(self.QUOTAS_PATH) - quotas = quotas.json.get(self.root_tag_list) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + quotas = self.get(self.QUOTAS_PATH) + quotas = quotas.json.get(self.root_tag_list) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(3, len(quotas)) quota_lb_member_quotas = [(lb.get('load_balancer'), lb.get('member')) @@ -385,9 +386,10 @@ def test_get_all_non_admin(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project3_id): + test_context = octavia.common.context.RequestContext( + project_id=project3_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -431,9 +433,10 @@ def test_get_all_non_admin_observer(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.KEYSTONE) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project3_id): + test_context = octavia.common.context.RequestContext( + project_id=project3_id) + with mock.patch('oslo_context.context.RequestContext.from_environ', + return_value=test_context): override_credentials = { 'service_user_id': None, 'user_domain_id': None, @@ -497,28 +500,25 @@ def _test_get_Authorized(self, roles): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project1_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': roles, - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project1_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - quotas = self.get( - self.QUOTA_PATH.format(project_id=project1_id) - ).json.get(self.root_tag) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': roles, + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project1_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + quotas = self.get( + self.QUOTA_PATH.format(project_id=project1_id) + ).json.get(self.root_tag) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self._assert_quotas_equal(quotas, quota1) @@ -531,9 +531,22 @@ def test_get_not_Authorized(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer:bogus'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': uuidutils.generate_uuid()} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): quotas = self.get(self.QUOTA_PATH.format(project_id=project1_id), status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -548,28 +561,25 @@ def test_get_not_Authorized_bogus_role(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project1_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer:bogus'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project1_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - quotas = self.get( - self.QUOTA_PATH.format(project_id=project1_id), - status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer:bogus'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project1_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + quotas = self.get( + self.QUOTA_PATH.format(project_id=project1_id), + status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, quotas.json) @@ -582,28 +592,25 @@ def test_get_not_Authorized_no_role(self): auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - project1_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': [], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': project1_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - quotas = self.get( - self.QUOTA_PATH.format(project_id=project1_id), - status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': [], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': project1_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + quotas = self.get( + self.QUOTA_PATH.format(project_id=project1_id), + status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, quotas.json) @@ -692,27 +699,24 @@ def test_get_default_quotas_Authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member', 'member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.get(self.QUOTA_DEFAULT_PATH.format( - project_id=self.project_id)) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member', 'member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.get(self.QUOTA_DEFAULT_PATH.format( + project_id=self.project_id)) quota_dict = response.json self._assert_quotas_equal(quota_dict['quota']) self.conf.config(group='api_settings', auth_strategy=auth_strategy) @@ -721,9 +725,22 @@ def test_get_default_quotas_not_Authorized(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - uuidutils.generate_uuid()): + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer:bogus'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': uuidutils.generate_uuid()} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): response = self.get(self.QUOTA_DEFAULT_PATH.format( project_id=self.project_id), status=403) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -747,26 +764,23 @@ def test_custom_quotas_quota_admin(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.put(quota_path, body, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.put(quota_path, body, status=202) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(quota_path) quota_dict = response.json @@ -780,26 +794,23 @@ def test_custom_quotas_not_Authorized_member(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - response = self.put(quota_path, body, status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + response = self.put(quota_path, body, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) self.assertEqual(self.NOT_AUTHORIZED_BODY, response.json) @@ -859,26 +870,23 @@ def test_delete_custom_quotas_admin(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['admin'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(quota_path, status=202) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['admin'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(quota_path, status=202) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(quota_path) quota_dict = response.json @@ -896,26 +904,23 @@ def test_delete_quotas_not_Authorized_member(self): self.conf = self.useFixture(oslo_fixture.Config(cfg.CONF)) auth_strategy = self.conf.conf.api_settings.get('auth_strategy') self.conf.config(group='api_settings', auth_strategy=constants.TESTING) - with mock.patch.object(octavia.common.context.RequestContext, - 'project_id', - self.project_id): - override_credentials = { - 'service_user_id': None, - 'user_domain_id': None, - 'is_admin_project': True, - 'service_project_domain_id': None, - 'service_project_id': None, - 'roles': ['load-balancer_member'], - 'user_id': None, - 'is_admin': False, - 'service_user_domain_id': None, - 'project_domain_id': None, - 'service_roles': [], - 'project_id': self.project_id} - with mock.patch( - "oslo_context.context.RequestContext.to_policy_values", - return_value=override_credentials): - self.delete(quota_path, status=403) + override_credentials = { + 'service_user_id': None, + 'user_domain_id': None, + 'is_admin_project': True, + 'service_project_domain_id': None, + 'service_project_id': None, + 'roles': ['load-balancer_member'], + 'user_id': None, + 'is_admin': False, + 'service_user_domain_id': None, + 'project_domain_id': None, + 'service_roles': [], + 'project_id': self.project_id} + with mock.patch( + "oslo_context.context.RequestContext.to_policy_values", + return_value=override_credentials): + self.delete(quota_path, status=403) self.conf.config(group='api_settings', auth_strategy=auth_strategy) response = self.get(quota_path) quota_dict = response.json