[
https://issues.apache.org/jira/browse/CLOUDSTACK-8562?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15253997#comment-15253997
]
ASF GitHub Bot commented on CLOUDSTACK-8562:
--------------------------------------------
Github user jburwell commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/1489#discussion_r60744168
--- Diff: test/integration/smoke/test_dynamicroles.py ---
@@ -0,0 +1,474 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.cloudstackException import CloudstackAPIException
+from marvin.lib.base import Account, Role, RolePermission
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+import re
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "account": {
+ "email": "[email protected]",
+ "firstname": "Marvin",
+ "lastname": "TestUser",
+ "username": "roletest",
+ "password": "password",
+ },
+ "role": {
+ "name": "MarvinFake Role ",
+ "type": "User",
+ "description": "Fake Role created by Marvin test"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin
test"
+ },
+ "rolepermission": {
+ "roleid": 1,
+ "rule": "listVirtualMachines",
+ "permission": "allow",
+ "description": "Fake role permission created by Marvin
test"
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestDynamicRoles(cloudstackTestCase):
+ """Tests dynamic role and role permission management in CloudStack
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.dbclient = self.testClient.getDbConnection()
+ self.testdata = TestData().testdata
+
+ feature_enabled =
self.apiclient.listCapabilities(listCapabilities.listCapabilitiesCmd()).dynamicrolesenabled
+ if not feature_enabled:
+ self.skipTest("Dynamic Role-Based API checker not enabled,
skipping test")
+
+ self.testdata["role"]["name"] += self.getRandomString()
+ self.role = Role.create(
+ self.apiclient,
+ self.testdata["role"]
+ )
+
+ self.testdata["rolepermission"]["roleid"] = self.role.id
+ self.rolepermission = RolePermission.create(
+ self.apiclient,
+ self.testdata["rolepermission"]
+ )
+
+ self.account = Account.create(
+ self.apiclient,
+ self.testdata["account"],
+ roleid=self.role.id
+ )
+ self.cleanup = [
+ self.account,
+ self.rolepermission,
+ self.role
+ ]
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+
+ def translateRoleToAccountType(self, role_type):
+ if role_type == "User":
+ return 0
+ elif role_type == "Admin":
+ return 1
+ elif role_type == "DomainAdmin":
+ return 2
+ elif role_type == "ResourceAdmin":
+ return 3
+ return -1
+
+
+ def getUserApiClient(self, username, domain='ROOT', role_type='User'):
+ self.user_apiclient =
self.testClient.getUserApiClient(UserName=username, DomainName='ROOT',
type=self.translateRoleToAccountType(role_type))
+ return self.user_apiclient
+
+
+ def getRandomString(self):
--- End diff --
Would this function be valuable to other tests?
> User Definable Roles
> --------------------
>
> Key: CLOUDSTACK-8562
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8562
> Project: CloudStack
> Issue Type: New Feature
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Reporter: Paul Angus
> Assignee: Rohit Yadav
>
> Static command.properties moved to database and made user definable
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
