foreman/test/functional/api/v2/hosts_controller_test.rb @ acfbc458
0fda4cf6 | Joseph Mitchell Magen | require 'test_helper'
|
|
class Api::V2::HostsControllerTest < ActionController::TestCase
|
|||
dc38aad3 | Joseph Magen | ||
def valid_attrs
|
|||
{ :name => 'testhost11',
|
|||
:environment_id => environments(:production).id,
|
|||
:domain_id => domains(:mydomain).id,
|
|||
:ip => '10.0.0.20',
|
|||
:mac => '52:53:00:1e:85:93',
|
|||
:architecture_id => Architecture.find_by_name('x86_64').id,
|
|||
:operatingsystem_id => Operatingsystem.find_by_name('Redhat').id,
|
|||
:puppet_proxy_id => smart_proxies(:one).id,
|
|||
c4bfd47f | Stephen Benjamin | :compute_resource_id => compute_resources(:one).id,
|
|
:root_pass => "xybxa6JUkz63w"
|
|||
dc38aad3 | Joseph Magen | }
|
|
end
|
|||
test "should get index" do
|
|||
get :index, { }
|
|||
assert_response :success
|
|||
assert_not_nil assigns(:hosts)
|
|||
hosts = ActiveSupport::JSON.decode(@response.body)
|
|||
assert !hosts.empty?
|
|||
end
|
|||
test "should show individual record" do
|
|||
get :show, { :id => hosts(:one).to_param }
|
|||
assert_response :success
|
|||
show_response = ActiveSupport::JSON.decode(@response.body)
|
|||
assert !show_response.empty?
|
|||
end
|
|||
test "should create host" do
|
|||
disable_orchestration
|
|||
assert_difference('Host.count') do
|
|||
post :create, { :host => valid_attrs }
|
|||
end
|
|||
assert_response :success
|
|||
last_host = Host.order('id desc').last
|
|||
end
|
|||
test "should create host with managed is false if parameter is passed" do
|
|||
disable_orchestration
|
|||
post :create, { :host => valid_attrs.merge!(:managed => false) }
|
|||
assert_response :success
|
|||
last_host = Host.order('id desc').last
|
|||
assert_equal false, last_host.managed?
|
|||
end
|
|||
test "should update host" do
|
|||
put :update, { :id => hosts(:two).to_param, :host => { } }
|
|||
assert_response :success
|
|||
end
|
|||
test "should destroy hosts" do
|
|||
assert_difference('Host.count', -1) do
|
|||
delete :destroy, { :id => hosts(:one).to_param }
|
|||
end
|
|||
assert_response :success
|
|||
end
|
|||
test "should show status hosts" do
|
|||
get :status, { :id => hosts(:one).to_param }
|
|||
assert_response :success
|
|||
end
|
|||
test "should be able to create hosts even when restricted" do
|
|||
disable_orchestration
|
|||
assert_difference('Host.count') do
|
|||
post :create, { :host => valid_attrs }
|
|||
end
|
|||
assert_response :success
|
|||
end
|
|||
test "should allow access to restricted user who owns the host" do
|
|||
acfbc458 | Marek Hulan | setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
get :show, { :id => hosts(:owned_by_restricted).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :success
|
|
end
|
|||
test "should allow to update for restricted user who owns the host" do
|
|||
disable_orchestration
|
|||
acfbc458 | Marek Hulan | setup_user 'edit', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
put :update, { :id => hosts(:owned_by_restricted).to_param, :host => {} }
|
|||
dc38aad3 | Joseph Magen | assert_response :success
|
|
end
|
|||
test "should allow destroy for restricted user who owns the hosts" do
|
|||
assert_difference('Host.count', -1) do
|
|||
acfbc458 | Marek Hulan | setup_user 'destroy', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
delete :destroy, { :id => hosts(:owned_by_restricted).to_param }
|
|||
dc38aad3 | Joseph Magen | end
|
|
assert_response :success
|
|||
end
|
|||
test "should allow show status for restricted user who owns the hosts" do
|
|||
acfbc458 | Marek Hulan | setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
get :status, { :id => hosts(:owned_by_restricted).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :success
|
|
end
|
|||
test "should not allow access to a host out of users hosts scope" do
|
|||
acfbc458 | Marek Hulan | setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
get :show, { :id => hosts(:one).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :not_found
|
|
end
|
|||
test "should not list a host out of users hosts scope" do
|
|||
acfbc458 | Marek Hulan | setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
get :index, {}
|
|||
dc38aad3 | Joseph Magen | assert_response :success
|
|
hosts = ActiveSupport::JSON.decode(@response.body)
|
|||
cc739ab4 | Joseph Mitchell Magen | ids = hosts['results'].map { |hash| hash['id'] }
|
|
acfbc458 | Marek Hulan | refute_includes ids, hosts(:one).id
|
|
assert_includes ids, hosts(:owned_by_restricted).id
|
|||
dc38aad3 | Joseph Magen | end
|
|
test "should not update host out of users hosts scope" do
|
|||
acfbc458 | Marek Hulan | setup_user 'edit', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
put :update, { :id => hosts(:one).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :not_found
|
|
end
|
|||
test "should not delete hosts out of users hosts scope" do
|
|||
acfbc458 | Marek Hulan | setup_user 'destroy', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
delete :destroy, { :id => hosts(:one).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :not_found
|
|
end
|
|||
test "should not show status of hosts out of users hosts scope" do
|
|||
acfbc458 | Marek Hulan | setup_user 'view', 'hosts', "owner_type = User and owner_id = #{users(:restricted).id}", :restricted
|
|
get :status, { :id => hosts(:one).to_param }
|
|||
dc38aad3 | Joseph Magen | assert_response :not_found
|
|
end
|
|||
def set_remote_user_to user
|
|||
@request.env['REMOTE_USER'] = user.login
|
|||
end
|
|||
test "when REMOTE_USER is provided and both authorize_login_delegation{,_api}
|
|||
are set, authentication should succeed w/o valid session cookies" do
|
|||
Setting[:authorize_login_delegation] = true
|
|||
Setting[:authorize_login_delegation_api] = true
|
|||
set_remote_user_to users(:admin)
|
|||
User.current = nil # User.current is admin at this point (from initialize_host)
|
|||
host = Host.first
|
|||
get :show, {:id => host.to_param, :format => 'json'}
|
|||
assert_response :success
|
|||
get :show, {:id => host.to_param}
|
|||
assert_response :success
|
|||
end
|
|||
01055e77 | Greg Sutcliffe | def fact_json
|
|
@json ||= JSON.parse(Pathname.new("#{Rails.root}/test/fixtures/brslc022.facts.json").read)
|
|||
end
|
|||
0fda4cf6 | Joseph Mitchell Magen | test "should run puppet for specific host" do
|
|
01055e77 | Greg Sutcliffe | User.current=nil
|
|
390e2281 | David Davis | ProxyAPI::Puppet.any_instance.stubs(:run).returns(true)
|
|
bc11c17b | Ewoud Kohl van Wijngaarden | put :puppetrun, { :id => hosts(:one).to_param }
|
|
0fda4cf6 | Joseph Mitchell Magen | assert_response :success
|
|
end
|
|||
01055e77 | Greg Sutcliffe | def test_create_valid_node_from_json_facts_object_without_certname
|
|
User.current=nil
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}, set_session_user
|
|||
assert_response :success
|
|||
end
|
|||
def test_create_valid_node_from_json_facts_object_with_certname
|
|||
User.current=nil
|
|||
hostname = fact_json['name']
|
|||
certname = fact_json['certname']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :certname => certname, :facts => facts}, set_session_user
|
|||
assert_response :success
|
|||
end
|
|||
def test_create_invalid
|
|||
User.current=nil
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts'].except('operatingsystem')
|
|||
post :facts, {:name => hostname, :facts => facts}, set_session_user
|
|||
assert_response :unprocessable_entity
|
|||
end
|
|||
test 'when ":restrict_registered_puppetmasters" is false, HTTP requests should be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = false
|
|
SETTINGS[:require_ssl] = false
|
|||
Resolv.any_instance.stubs(:getnames).returns(['else.where'])
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
5ab79857 | Ohad Levy | assert_nil @controller.detected_proxy
|
|
01055e77 | Greg Sutcliffe | assert_response :success
|
|
end
|
|||
test 'hosts with a registered smart proxy on should import facts successfully' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = false
|
|||
5ab79857 | Ohad Levy | proxy = smart_proxies(:puppetmaster)
|
|
host = URI.parse(proxy.url).host
|
|||
Resolv.any_instance.stubs(:getnames).returns([host])
|
|||
01055e77 | Greg Sutcliffe | hostname = fact_json['name']
|
|
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
5ab79857 | Ohad Levy | assert_equal proxy, @controller.detected_proxy
|
|
01055e77 | Greg Sutcliffe | assert_response :success
|
|
end
|
|||
test 'hosts without a registered smart proxy on should not be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = false
|
|||
Resolv.any_instance.stubs(:getnames).returns(['another.host'])
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :forbidden
|
|||
end
|
|||
test 'hosts with a registered smart proxy and SSL cert should import facts successfully' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = true
|
|||
@request.env['HTTPS'] = 'on'
|
|||
@request.env['SSL_CLIENT_S_DN'] = 'CN=else.where'
|
|||
@request.env['SSL_CLIENT_VERIFY'] = 'SUCCESS'
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :success
|
|||
end
|
|||
test 'hosts without a registered smart proxy but with an SSL cert should not be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = true
|
|||
@request.env['HTTPS'] = 'on'
|
|||
@request.env['SSL_CLIENT_S_DN'] = 'CN=another.host'
|
|||
@request.env['SSL_CLIENT_VERIFY'] = 'SUCCESS'
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :forbidden
|
|||
end
|
|||
test 'hosts with an unverified SSL cert should not be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = true
|
|||
@request.env['HTTPS'] = 'on'
|
|||
@request.env['SSL_CLIENT_S_DN'] = 'CN=secure.host'
|
|||
@request.env['SSL_CLIENT_VERIFY'] = 'FAILED'
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :forbidden
|
|||
end
|
|||
test 'when "require_ssl_puppetmasters" and "require_ssl" are true, HTTP requests should not be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | Setting[:restrict_registered_puppetmasters] = true
|
|
Setting[:require_ssl_puppetmasters] = true
|
|||
SETTINGS[:require_ssl] = true
|
|||
Resolv.any_instance.stubs(:getnames).returns(['else.where'])
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :forbidden
|
|||
end
|
|||
test 'when "require_ssl_puppetmasters" is true and "require_ssl" is false, HTTP requests should be able to import facts' do
|
|||
8588f9ac | Daniel Lobato | User.current = users(:one) #use an unprivileged user, not apiadmin
|
|
01055e77 | Greg Sutcliffe | # since require_ssl_puppetmasters is only applicable to HTTPS connections, both should be set
|
|
Setting[:restrict_registered_puppetmasters] = true
|
|||
Setting[:require_ssl_puppetmasters] = true
|
|||
SETTINGS[:require_ssl] = false
|
|||
Resolv.any_instance.stubs(:getnames).returns(['else.where'])
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}
|
|||
assert_response :success
|
|||
end
|
|||
test "when a bad :type is requested, :unprocessable_entity is returned" do
|
|||
User.current=nil
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts, :type => "Host::Invalid"}, set_session_user
|
|||
assert_response :unprocessable_entity
|
|||
assert_equal JSON.parse(response.body)['message'], 'ERF51-2640: A problem occurred when detecting host type: uninitialized constant Host::Invalid'
|
|||
end
|
|||
test "when the imported host failed to save, :unprocessable_entity is returned" do
|
|||
Host::Managed.any_instance.stubs(:save).returns(false)
|
|||
errors = ActiveModel::Errors.new(Host::Managed.new)
|
|||
errors.add :foo, 'A stub failure'
|
|||
Host::Managed.any_instance.stubs(:errors).returns(errors)
|
|||
User.current=nil
|
|||
hostname = fact_json['name']
|
|||
facts = fact_json['facts']
|
|||
post :facts, {:name => hostname, :facts => facts}, set_session_user
|
|||
assert_response :unprocessable_entity
|
|||
0f7d219a | Daniel Lobato | assert_equal 'A stub failure', JSON.parse(response.body)['error']['errors']['foo'].first
|
|
01055e77 | Greg Sutcliffe | end
|
|
8588f9ac | Daniel Lobato | context 'BMC proxy operations' do
|
|
setup :initialize_proxy_ops
|
|||
def initialize_proxy_ops
|
|||
User.current = users(:apiadmin)
|
|||
nics(:bmc).update_attribute(:host_id, hosts(:one).id)
|
|||
end
|
|||
test "power call to interface" do
|
|||
ProxyAPI::BMC.any_instance.stubs(:power).with(:action => 'status').returns("on")
|
|||
put :power, { :id => hosts(:one).to_param, :power_action => 'status' }
|
|||
assert_response :success
|
|||
assert @response.body =~ /on/
|
|||
end
|
|||
test "wrong power call fails gracefully" do
|
|||
put :power, { :id => hosts(:one).to_param, :power_action => 'wrongmethod' }
|
|||
assert_response 422
|
|||
assert @response.body =~ /Available methods are/
|
|||
end
|
|||
test "boot call to interface" do
|
|||
ProxyAPI::BMC.any_instance.stubs(:boot).with(:function => 'bootdevice', :device => 'bios').
|
|||
returns( { "action" => "bios", "result" => true } .to_json)
|
|||
put :boot, { :id => hosts(:one).to_param, :device => 'bios' }
|
|||
assert_response :success
|
|||
assert @response.body =~ /true/
|
|||
end
|
|||
test "wrong boot call to interface fails gracefully" do
|
|||
put :boot, { :id => hosts(:one).to_param, :device => 'wrongbootdevice' }
|
|||
assert_response 422
|
|||
assert @response.body =~ /Available devices are/
|
|||
end
|
|||
6f943886 | Joseph Magen | test "should return correct total and subtotal metadata if search param is passed" do
|
|
get :index, {:search => 'my5name.mydomain.net' }
|
|||
assert_response :success
|
|||
response = ActiveSupport::JSON.decode(@response.body)
|
|||
1e0fd283 | Dominic Cleal | assert_equal 16, response['total']
|
|
6f943886 | Joseph Magen | assert_equal 1, response['subtotal']
|
|
assert_equal 'my5name.mydomain.net', response['search']
|
|||
end
|
|||
8588f9ac | Daniel Lobato | end
|
|
0fda4cf6 | Joseph Mitchell Magen | end
|