use of com.emc.storageos.model.tenant.TenantResponse in project coprhd-controller by CoprHD.
the class InternalApiTest method setup.
@Before
public void setup() throws Exception {
_requestHelper = new ClientRequestHelper(_coordinatorClient);
_client = _requestHelper.createClient();
_internalFileClient = new InternalFileServiceClient();
_internalFileClient.setCoordinatorClient(_coordinatorClient);
_internalFileClient.setServer(_server);
_internalNetworkClient = new InternalNetworkClient();
_internalNetworkClient.setCoordinatorClient(_coordinatorClient);
_internalNetworkClient.setServer(_server);
List<String> urls = new ArrayList<String>();
urls.add(_apiServer);
rSys = createHttpsClient(SYSADMIN, SYSADMIN_PASS_WORD, urls);
TenantResponse tenantResp = rSys.path("/tenant").get(TenantResponse.class);
_rootTenantId = tenantResp.getTenant();
_rootToken = (String) _savedTokens.get("root");
// find a CoS to use
Resources results = rSys.path("/file/vpools/search").queryParam("name", "cosisi").get(Resources.class);
Assert.assertTrue(results.resource.iterator().hasNext());
_cosId = results.resource.iterator().next().getId();
String cosAclUrl = "/file/vpools/" + _cosId.toString() + "/acl";
ACLAssignmentChanges changes = new ACLAssignmentChanges();
ACLEntry entry1 = new ACLEntry();
entry1.setTenant(_rootTenantId.toString());
entry1.getAces().add("USE");
changes.getAdd().add(entry1);
ClientResponse resp = rSys.path(cosAclUrl).put(ClientResponse.class, changes);
Assert.assertEquals(200, resp.getStatus());
// find a nh to use
results = rSys.path("/vdc/varrays/search").queryParam("name", "nh").get(Resources.class);
Assert.assertTrue(results.resource.iterator().hasNext());
_nhId = results.resource.iterator().next().getId();
String nhAclUrl = "/vdc/varrays/" + _nhId.toString() + "/acl";
resp = rSys.path(nhAclUrl).put(ClientResponse.class, changes);
Assert.assertEquals(200, resp.getStatus());
// find a network to use
results = rSys.path("/vdc/networks/search").queryParam("name", "iptz").get(Resources.class);
Assert.assertTrue(results.resource.iterator().hasNext());
_networkId = results.resource.iterator().next().getId();
}
use of com.emc.storageos.model.tenant.TenantResponse in project coprhd-controller by CoprHD.
the class InternalApiTest method testFSReleaseUsingInternalClient.
@Test
public void testFSReleaseUsingInternalClient() throws Exception {
// get tenant
TenantResponse tenant = rSys.path("/tenant").get(TenantResponse.class);
Assert.assertNotNull(tenant);
// create a project to host a normal file system
ProjectParam projectParam = new ProjectParam();
projectParam.setName("test-internalapi-" + System.currentTimeMillis());
ProjectElement projectResp = rSys.path("/tenants/" + tenant.getTenant().toString() + "/projects").post(ProjectElement.class, projectParam);
Assert.assertNotNull(projectResp);
// create a normal file system which we can then release
FileSystemParam fsparam = new FileSystemParam();
fsparam.setVpool(_cosId);
fsparam.setLabel("test-internalapi-" + System.currentTimeMillis());
fsparam.setVarray(_nhId);
fsparam.setSize("20971520");
TaskResourceRep taskResp = rSys.path("/file/filesystems").queryParam("project", projectResp.getId().toString()).post(TaskResourceRep.class, fsparam);
Assert.assertTrue(taskResp != null);
Assert.assertNotNull(taskResp.getOpId());
Assert.assertNotNull(taskResp.getResource());
URI fsId = taskResp.getResource().getId();
String opId = taskResp.getOpId();
// get the file system object we just created
ClientResponse response = rSys.path("/file/filesystems/" + fsId.toString()).get(ClientResponse.class);
Assert.assertTrue(response != null);
Assert.assertEquals(200, response.getStatus());
// wait for for the file system create to complete
int checkCount = 1200;
String status;
do {
// wait upto ~2 minute for fs creation
Thread.sleep(100);
taskResp = rSys.path("/file/filesystems/" + fsId + "/tasks/" + opId).get(TaskResourceRep.class);
status = taskResp.getState();
} while (status.equals("pending") && checkCount-- > 0);
if (!status.equals("ready")) {
Assert.assertTrue("Fileshare create timed out", false);
}
// a normal file system should be present in the bulk results
BulkIdParam bulkIds = rSys.path("/file/filesystems/bulk").get(BulkIdParam.class);
Assert.assertNotNull("bulk ids should not be null", bulkIds);
FileShareBulkRep bulkFileShares = rSys.path("/file/filesystems/bulk").post(FileShareBulkRep.class, bulkIds);
Assert.assertNotNull("bulk response should not be null", bulkFileShares);
boolean found = false;
for (FileShareRestRep fs : bulkFileShares.getFileShares()) {
if (fs.getId().equals(fsId)) {
found = true;
}
}
Assert.assertTrue("unable to find public FileShare in the bulk results", found);
// only token is used in release file system operation and hence
// setting dummy strings for username and tenant ID do not matter
StorageOSUser user = new StorageOSUser("dummyUserName", "dummyTeneatId");
user.setToken(_rootToken);
FileShareRestRep fileShareResponse = _internalFileClient.releaseFileSystem(fsId, user);
Assert.assertNotNull(fileShareResponse);
// after release, the file system should no longer be present in the bulk results
bulkFileShares = rSys.path("/file/filesystems/bulk").post(FileShareBulkRep.class, bulkIds);
Assert.assertNotNull("bulk response should not be null", bulkFileShares);
found = false;
for (FileShareRestRep fs : bulkFileShares.getFileShares()) {
if (fs.getId().equals(fsId)) {
found = true;
}
}
Assert.assertFalse("found internal FileShare in the bulk results", found);
// undo the release of the file system
fileShareResponse = _internalFileClient.undoReleaseFileSystem(fsId);
Assert.assertNotNull(fileShareResponse);
// release it again
fileShareResponse = _internalFileClient.releaseFileSystem(fsId, user);
Assert.assertNotNull(fileShareResponse);
// delete the file system via the internal api
FileSystemDeleteParam deleteParam = new FileSystemDeleteParam();
deleteParam.setForceDelete(false);
taskResp = _internalFileClient.deactivateFileSystem(fsId, _rootToken, deleteParam);
Assert.assertNotNull(taskResp);
}
use of com.emc.storageos.model.tenant.TenantResponse in project coprhd-controller by CoprHD.
the class ApiTestBase method updateRootTenantAttrs.
/**
* Update tenant attributes for the root tenant
*/
protected void updateRootTenantAttrs() {
TenantResponse tenantResp = rSys.path("/tenant").get(TenantResponse.class);
rootTenantId = tenantResp.getTenant();
/*
* PUT the ou=sanity attribute mapping into the root tenant attributes
*/
TenantUpdateParam tenantUpdate = new TenantUpdateParam();
tenantUpdate.setUserMappingChanges(new UserMappingChanges());
tenantUpdate.getUserMappingChanges().setAdd(new ArrayList<UserMappingParam>());
UserMappingParam rootMapping = new UserMappingParam();
rootMapping.setDomain("SANITY.local");
UserMappingAttributeParam rootAttr = new UserMappingAttributeParam();
rootAttr.setKey("ou");
rootAttr.setValues(Collections.singletonList(ROOTTENANT_ATTR));
rootMapping.setAttributes(Collections.singletonList(rootAttr));
tenantUpdate.getUserMappingChanges().getAdd().add(rootMapping);
// TODO: FIX: not sure why name is required for update
tenantUpdate.setLabel(ROOTTENANT_NAME);
ClientResponse resp = rSys.path("/tenants/" + rootTenantId.toString()).put(ClientResponse.class, tenantUpdate);
Assert.assertEquals(200, resp.getStatus());
}
use of com.emc.storageos.model.tenant.TenantResponse in project coprhd-controller by CoprHD.
the class ComputeSystemServiceApiTest method setup.
@BeforeClass(alwaysRun = true)
public void setup() throws Exception {
List<String> urls = new ArrayList<String>();
urls.add(_apiServer);
rSys = createHttpsClient(SYSADMIN, SYSADMIN_PASS_WORD, urls);
TenantResponse tenantResp = rSys.path("/tenant").get(TenantResponse.class);
_rootTenantId = tenantResp.getTenant();
_rootToken = (String) _savedTokens.get("root");
}
use of com.emc.storageos.model.tenant.TenantResponse in project coprhd-controller by CoprHD.
the class ApiTest method proxyTokenTests.
private void proxyTokenTests() {
// Login as root
TenantResponse tenantResp = rSys.path("/tenant").get(TenantResponse.class);
rootTenantId = tenantResp.getTenant();
// Get a proxy token for root
ClientResponse resp = rSys.path("/proxytoken").get(ClientResponse.class);
Assert.assertEquals(200, resp.getStatus());
String proxyToken = (String) _savedProxyTokens.get("root");
Assert.assertNotNull(proxyToken);
// try to access tenant/id as proxy user. Does not work because proxy token was not passed in.
// Proxy user by itself doesn't have TENANT_ADMIN.
resp = rProxyUser.path("/tenants/" + rootTenantId.toString()).get(ClientResponse.class);
Assert.assertEquals(403, resp.getStatus());
// try to access tenant/id as proxy user with proxy token this time.
resp = rProxyUser.path("/tenants/" + rootTenantId.toString()).header(ApiTestBase.AUTH_PROXY_TOKEN_HEADER, proxyToken).get(ClientResponse.class);
Assert.assertEquals(200, resp.getStatus());
// negative tests
// proxy token, but a user without PROXY_USER role
resp = rZAdmin.path("/tenants/" + rootTenantId.toString()).header(ApiTestBase.AUTH_PROXY_TOKEN_HEADER, proxyToken).get(ClientResponse.class);
Assert.assertEquals(403, resp.getStatus());
// check that the root when proxied does not have SECURITY_ADMIN in it.
UserInfo info = rProxyUser.path("/user/whoami").header(ApiTestBase.AUTH_PROXY_TOKEN_HEADER, proxyToken).get(UserInfo.class);
Assert.assertEquals("root", info.getCommonName());
Assert.assertTrue(!info.getVdcRoles().contains(Role.SECURITY_ADMIN.toString()));
// zone admin, when proxied, can not do role assignments
resp = rZAdmin.path("/proxytoken").get(ClientResponse.class);
Assert.assertEquals(200, resp.getStatus());
String zAdminProxyToken = (String) _savedProxyTokens.get(ZONEADMIN);
Assert.assertNotNull(zAdminProxyToken);
resp = rProxyUser.path("/vdc/role-assignments").header(ApiTestBase.AUTH_PROXY_TOKEN_HEADER, zAdminProxyToken).put(ClientResponse.class, new RoleAssignmentChanges());
Assert.assertEquals(403, resp.getStatus());
// logout issuer of the proxy token with the force option. This should wipe out
// all tokens including proxy tokens. Consequently, proxyuser should no longer be able
// to access the tenants/id call with that proxy token anymore.
// ( added .xml and used mixed cases to test that the logout filter forwards the request
// appropriately)
// resp = rSys.path("/loGout.XmL").queryParam("force", "true").get(ClientResponse.class);
resp = rSys.path("/logout.xml").queryParam("force", "true").queryParam("proxytokens", "true").get(ClientResponse.class);
Assert.assertEquals(200, resp.getStatus());
resp = rProxyUser.path("/tenants/" + rootTenantId.toString()).header(ApiTestBase.AUTH_PROXY_TOKEN_HEADER, proxyToken).get(ClientResponse.class);
Assert.assertEquals(401, resp.getStatus());
}
Aggregations