Github user gauravaradhye commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/153#discussion_r31501000
--- Diff: test/integration/component/test_escalations_templates.py ---
@@ -915,3 +968,223 @@ def test_04_copy_template(self):
)
del self.services["privatetemplate"]["ostype"]
return
+
+ @attr(tags=["advanced", "basic"], required_hardware="true")
+ def test_05_template_permissions(self):
+ """
+ @Desc: Test to create Public Template by registering or by
snapshot and volume when
+ Global parameter 'allow.public.user.template' is set to False
+ @steps:
+ 1.Set Global parameter 'allow.public.user.template' as False.
Restart Management server
+ 2. Create a domain
+ 3. Create a domain admin and a domain user
+ 4. Create a vm as domain user
+ 5. take snapshot of root disk as user vm
+ 6. try to create public template from snapshot . It should fail
+ 7. stop the VM
+ 8. take the public template from volume. it should fail
+ 9. register a public template as a domain user . it should fail
+ 10. create a VM as domain admin
+ 11. create a snapshot of root disk as domain admin
+ 12 create a public template of the snapshot .it should fail
+ 13. Register a public template as domain admin. it should fail
+ 14 Stop the vm as domain admin
+ 15. Create a template from volume as domain admin . it should fail
+
+ """
+ self.updateConfigurAndRestart("allow.public.user.templates",
"false")
+
+ subdomain = Domain.create(
+ self.api_client,
+ self.services["domain"],
+ )
+
+ admin_account = Account.create(
+ self.api_client,
+ self.services["account"],
+ admin=True,
+ domainid=subdomain.id
+ )
+ user_account = Account.create(
+ self.api_client,
+ self.services["account2"],
+ admin=False,
+ domainid=subdomain.id
+ )
+ admin_user = admin_account.user[0]
+ self.admin_api_client = self.testClient.getUserApiClient(
+ admin_user.username,
+ subdomain.name)
+ user = user_account.user[0]
+ self.user_api_client = self.testClient.getUserApiClient(
+ user.username,
+ subdomain.name)
+
+ self.services["templates"]["ispublic"] = True
+ # Register new public template as domain user
+ # Exception should be raised for registering public template
+ try:
+ template = Template.register(
+ self.user_api_client,
+ self.services["templates"],
+ zoneid=self.zone.id,
+ account=user_account.name,
+ domainid=user_account.domainid,
+ hypervisor=self.hypervisor
+ )
+ self.updateConfigurAndRestart("allow.public.user.templates",
"true")
+ self.fail("Template creation passed for user")
+ except CloudstackAPIException as e:
+ self.assertRaises("Exception Raised : %s" % e)
+ # Register new public template as domain admin
+ # Exception should be raised for registering public template
+ try:
+ template = Template.register(
+ self.admin_api_client,
+ self.services["templates"],
+ zoneid=self.zone.id,
+ account=admin_account.name,
+ domainid=admin_account.domainid,
+ hypervisor=self.hypervisor
+ )
+ self.updateConfigurAndRestart("allow.public.user.templates",
"true")
+ self.fail("Template creation passed for domain admin")
+ except CloudstackAPIException as e:
+ self.assertRaises("Exception Raised : %s" % e)
+
+ if self.hypervisor.lower() in ['hyperv', 'lxc']:
--- End diff --
Reason of this operation?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
