OpenStack Compute (nova)

Merge lp:~justin-fathomdb/nova/test-openstack-login into lp:~hudson-openstack/nova/trunk

test-openstack-login
Merge into trunk

Proposed by justinsb on 2011-03-10

Status:

Superseded

Proposed branch:

lp:~justin-fathomdb/nova/test-openstack-login

Merge into:

lp:~hudson-openstack/nova/trunk

Prerequisite:

lp:~justin-fathomdb/nova/test-openstack-api

Diff against target:

1177 lines (+1107/-0) (has conflicts)

12 files modified

nova/api/openstack/accounts.py (+85/-0)
nova/api/openstack/users.py (+93/-0)
nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py (+51/-0)
nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py (+83/-0)
nova/tests/api/openstack/test_accounts.py (+125/-0)
nova/tests/api/openstack/test_users.py (+141/-0)
nova/tests/integrated/__init__.py (+20/-0)
nova/tests/integrated/api/__init__.py (+20/-0)
nova/tests/integrated/api/client.py (+213/-0)
nova/tests/integrated/integrated_helpers.py (+188/-0)
nova/tests/integrated/test_login.py (+79/-0)
nova/virt/cpuinfo.xml.template (+9/-0)

Conflict adding file nova/api/openstack/accounts.py.  Moved existing file to nova/api/openstack/accounts.py.moved.
Conflict adding file nova/api/openstack/users.py.  Moved existing file to nova/api/openstack/users.py.moved.
Conflict adding file nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py.  Moved existing file to nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py.moved.
Conflict adding file nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py.  Moved existing file to nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py.moved.
Conflict adding file nova/tests/api/openstack/test_accounts.py.  Moved existing file to nova/tests/api/openstack/test_accounts.py.moved.
Conflict adding file nova/tests/api/openstack/test_users.py.  Moved existing file to nova/tests/api/openstack/test_users.py.moved.
Conflict adding file nova/tests/integrated.  Moved existing file to nova/tests/integrated.moved.
Conflict adding file nova/virt/cpuinfo.xml.template.  Moved existing file to nova/virt/cpuinfo.xml.template.moved.

To merge this branch:

bzr merge lp:~justin-fathomdb/nova/test-openstack-login

High

Fix Released

Link a bug report

Related blueprints:

Improve unittest coverage (Low)

Achieve Stability in Cactus (Undefined)

Reviewer	Review Type	Date Requested	Status
Nova Core security contacts		2011-03-10	Pending
Review via email: mp+52933@code.launchpad.net

This proposal has been superseded by a proposal from 2011-03-15.

Description of the change

Test the login behavior of the OpenStack API. Uncovered bug732866

lp:~justin-fathomdb/nova/test-openstack-login updated on 2011-03-15

794. By justinsb on 2011-03-15: Merge branch 'test-openstack-login-messy' into test-openstack-login
795. By justinsb on 2011-03-15: Merge branch 'nova' into test-openstack-login

Unmerged revisions

795. By justinsb on 2011-03-15: Merge branch 'nova' into test-openstack-login
794. By justinsb on 2011-03-15: Merge branch 'test-openstack-login-messy' into test-openstack-login

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Adam Johnson

Anne Gentle

Anthony Young

Brian Waldon

Chuck Short

Dan Mihai Dumitriu

Dave Walker

David Pravec

Diego Parrilla

Edgar Magana

Endre Karlson

Ilya Alekseyev

Isaku Yamahata

JJ Asghar

Jay Pipes

Jonathan Bryce

Kapil Thangavelu

Keisuke Tagami

Koji Iida

Krisztian Eyssen

Lorin Hochstein

Mark McLoughlin

Masanori Itoh

Milind Barve

Nachi Ueno

Paul Guth

Pedro Perez

Rajesh Battala

Ram Durairaj

Robert Middleswarth

Salvatore Orlando

Sateesh

Soren Hansen

Tomoya Masuko

Vish Ishaya

Vladimir Popovski

Youcef Laribi

adil mukarram

jawaid ekram

justinsb

jxta

makki

med makki maalej

sreekanth

termie

to status/vote changes:

Chris Behrens

 === added file 'nova/api/openstack/accounts.py'
 --- nova/api/openstack/accounts.py	1970-01-01 00:00:00 +0000
 +++ nova/api/openstack/accounts.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,85 @@
++# Copyright 2011 OpenStack LLC.
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++import common
++
++from nova import exception
++from nova import flags
++from nova import log as logging
++from nova import wsgi
++
++from nova.auth import manager
++from nova.api.openstack import faults
++
++FLAGS = flags.FLAGS
++LOG = logging.getLogger('nova.api.openstack')
++
++
++def _translate_keys(account):
++    return dict(id=account.id,
++                name=account.name,
++                description=account.description,
++                manager=account.project_manager_id)
++
++
++class Controller(wsgi.Controller):
++
++    _serialization_metadata = {
++        'application/xml': {
++            "attributes": {
++                "account": ["id", "name", "description", "manager"]}}}
++
++    def __init__(self):
++        self.manager = manager.AuthManager()
++
++    def _check_admin(self, context):
++        """We cannot depend on the db layer to check for admin access
++           for the auth manager, so we do it here"""
++        if not context.is_admin:
++            raise exception.NotAuthorized(_("Not admin user."))
++
++    def index(self, req):
++        raise faults.Fault(exc.HTTPNotImplemented())
++
++    def detail(self, req):
++        raise faults.Fault(exc.HTTPNotImplemented())
++
++    def show(self, req, id):
++        """Return data about the given account id"""
++        account = self.manager.get_project(id)
++        return dict(account=_translate_keys(account))
++
++    def delete(self, req, id):
++        self._check_admin(req.environ['nova.context'])
++        self.manager.delete_project(id)
++        return {}
++
++    def create(self, req):
++        """We use update with create-or-update semantics
++           because the id comes from an external source"""
++        raise faults.Fault(exc.HTTPNotImplemented())
++
++    def update(self, req, id):
++        """This is really create or update."""
++        self._check_admin(req.environ['nova.context'])
++        env = self._deserialize(req.body, req.get_content_type())
++        description = env['account'].get('description')
++        manager = env['account'].get('manager')
++        try:
++            account = self.manager.get_project(id)
++            self.manager.modify_project(id, manager, description)
++        except exception.NotFound:
++            account = self.manager.create_project(id, manager, description)
++        return dict(account=_translate_keys(account))
 === renamed file 'nova/api/openstack/accounts.py' => 'nova/api/openstack/accounts.py.moved'
 === added file 'nova/api/openstack/users.py'
 --- nova/api/openstack/users.py	1970-01-01 00:00:00 +0000
 +++ nova/api/openstack/users.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,93 @@
++# Copyright 2011 OpenStack LLC.
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++import common
++
++from nova import exception
++from nova import flags
++from nova import log as logging
++from nova import wsgi
++
++from nova.auth import manager
++
++FLAGS = flags.FLAGS
++LOG = logging.getLogger('nova.api.openstack')
++
++
++def _translate_keys(user):
++    return dict(id=user.id,
++                name=user.name,
++                access=user.access,
++                secret=user.secret,
++                admin=user.admin)
++
++
++class Controller(wsgi.Controller):
++
++    _serialization_metadata = {
++        'application/xml': {
++            "attributes": {
++                "user": ["id", "name", "access", "secret", "admin"]}}}
++
++    def __init__(self):
++        self.manager = manager.AuthManager()
++
++    def _check_admin(self, context):
++        """We cannot depend on the db layer to check for admin access
++           for the auth manager, so we do it here"""
++        if not context.is_admin:
++            raise exception.NotAuthorized(_("Not admin user"))
++
++    def index(self, req):
++        """Return all users in brief"""
++        users = self.manager.get_users()
++        users = common.limited(users, req)
++        users = [_translate_keys(user) for user in users]
++        return dict(users=users)
++
++    def detail(self, req):
++        """Return all users in detail"""
++        return self.index(req)
++
++    def show(self, req, id):
++        """Return data about the given user id"""
++        user = self.manager.get_user(id)
++        return dict(user=_translate_keys(user))
++
++    def delete(self, req, id):
++        self._check_admin(req.environ['nova.context'])
++        self.manager.delete_user(id)
++        return {}
++
++    def create(self, req):
++        self._check_admin(req.environ['nova.context'])
++        env = self._deserialize(req.body, req.get_content_type())
++        is_admin = env['user'].get('admin') in ('T', 'True', True)
++        name = env['user'].get('name')
++        access = env['user'].get('access')
++        secret = env['user'].get('secret')
++        user = self.manager.create_user(name, access, secret, is_admin)
++        return dict(user=_translate_keys(user))
++
++    def update(self, req, id):
++        self._check_admin(req.environ['nova.context'])
++        env = self._deserialize(req.body, req.get_content_type())
++        is_admin = env['user'].get('admin')
++        if is_admin is not None:
++            is_admin = is_admin in ('T', 'True', True)
++        access = env['user'].get('access')
++        secret = env['user'].get('secret')
++        self.manager.modify_user(id, access, secret, is_admin)
++        return dict(user=_translate_keys(self.manager.get_user(id)))
 === renamed file 'nova/api/openstack/users.py' => 'nova/api/openstack/users.py.moved'
 === added file 'nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py'
 --- nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py	1970-01-01 00:00:00 +0000
 +++ nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,51 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++# Copyright 2010 OpenStack LLC.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++from sqlalchemy import *
++from sqlalchemy.sql import text
++from migrate import *
++
++from nova import log as logging
++
++
++meta = MetaData()
++
++instances = Table('instances', meta,
++        Column('id', Integer(),  primary_key=True, nullable=False),
++        )
++
++instances_os_type = Column('os_type',
++                           String(length=255, convert_unicode=False,
++                                  assert_unicode=None, unicode_error=None,
++                                  _warn_on_bytestring=False),
++                           nullable=True)
++
++
++def upgrade(migrate_engine):
++    # Upgrade operations go here. Don't create your own engine;
++    # bind migrate_engine to your metadata
++    meta.bind = migrate_engine
++
++    instances.create_column(instances_os_type)
++    migrate_engine.execute(instances.update()\
++                           .where(instances.c.os_type == None)\
++                           .values(os_type='linux'))
++
++
++def downgrade(migrate_engine):
++    meta.bind = migrate_engine
++
++    instances.drop_column('os_type')
 === renamed file 'nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py' => 'nova/db/sqlalchemy/migrate_repo/versions/010_add_os_type_to_instances.py.moved'
 === added file 'nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py'
 --- nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py	1970-01-01 00:00:00 +0000
 +++ nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,83 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++# Copyright 2010 United States Government as represented by the
++# Administrator of the National Aeronautics and Space Administration.
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++from migrate import *
++from nova import log as logging
++from sqlalchemy import *
++
++
++meta = MetaData()
++
++instances = Table('instances', meta,
++        Column('id', Integer(),  primary_key=True, nullable=False),
++        )
++
++#
++# New Tables
++#
++
++compute_nodes = Table('compute_nodes', meta,
++        Column('created_at', DateTime(timezone=False)),
++        Column('updated_at', DateTime(timezone=False)),
++        Column('deleted_at', DateTime(timezone=False)),
++        Column('deleted', Boolean(create_constraint=True, name=None)),
++        Column('id', Integer(),  primary_key=True, nullable=False),
++        Column('service_id', Integer(), nullable=False),
++
++        Column('vcpus', Integer(), nullable=False),
++        Column('memory_mb', Integer(), nullable=False),
++        Column('local_gb', Integer(), nullable=False),
++        Column('vcpus_used', Integer(), nullable=False),
++        Column('memory_mb_used', Integer(), nullable=False),
++        Column('local_gb_used', Integer(), nullable=False),
++        Column('hypervisor_type',
++               Text(convert_unicode=False, assert_unicode=None,
++               unicode_error=None, _warn_on_bytestring=False),
++               nullable=False),
++        Column('hypervisor_version', Integer(), nullable=False),
++        Column('cpu_info',
++               Text(convert_unicode=False, assert_unicode=None,
++                    unicode_error=None, _warn_on_bytestring=False),
++               nullable=False),
++        )
++
++
++#
++# Tables to alter
++#
++instances_launched_on = Column(
++         'launched_on',
++         Text(convert_unicode=False, assert_unicode=None,
++              unicode_error=None, _warn_on_bytestring=False),
++              nullable=True)
++
++
++def upgrade(migrate_engine):
++    # Upgrade operations go here. Don't create your own engine;
++    # bind migrate_engine to your metadata
++    meta.bind = migrate_engine
++
++    try:
++        compute_nodes.create()
++    except Exception:
++        logging.info(repr(compute_nodes))
++        logging.exception('Exception while creating table')
++        meta.drop_all(tables=[compute_nodes])
++        raise
++
++    instances.create_column(instances_launched_on)
 === renamed file 'nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py' => 'nova/db/sqlalchemy/migrate_repo/versions/011_live_migration.py.moved'
 === added file 'nova/tests/api/openstack/test_accounts.py'
 --- nova/tests/api/openstack/test_accounts.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/api/openstack/test_accounts.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,125 @@
++# Copyright 2010 OpenStack LLC.
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++
++import json
++
++import stubout
++import webob
++
++import nova.api
++import nova.api.openstack.auth
++from nova import context
++from nova import flags
++from nova import test
++from nova.auth.manager import User
++from nova.tests.api.openstack import fakes
++
++
++FLAGS = flags.FLAGS
++FLAGS.verbose = True
++
++
++def fake_init(self):
++    self.manager = fakes.FakeAuthManager()
++
++
++def fake_admin_check(self, req):
++    return True
++
++
++class AccountsTest(test.TestCase):
++    def setUp(self):
++        super(AccountsTest, self).setUp()
++        self.stubs = stubout.StubOutForTesting()
++        self.stubs.Set(nova.api.openstack.accounts.Controller, '__init__',
++                       fake_init)
++        self.stubs.Set(nova.api.openstack.accounts.Controller, '_check_admin',
++                       fake_admin_check)
++        fakes.FakeAuthManager.clear_fakes()
++        fakes.FakeAuthDatabase.data = {}
++        fakes.stub_out_networking(self.stubs)
++        fakes.stub_out_rate_limiting(self.stubs)
++        fakes.stub_out_auth(self.stubs)
++
++        self.allow_admin = FLAGS.allow_admin_api
++        FLAGS.allow_admin_api = True
++        fakemgr = fakes.FakeAuthManager()
++        joeuser = User('guy1', 'guy1', 'acc1', 'fortytwo!', False)
++        superuser = User('guy2', 'guy2', 'acc2', 'swordfish', True)
++        fakemgr.add_user(joeuser.access, joeuser)
++        fakemgr.add_user(superuser.access, superuser)
++        fakemgr.create_project('test1', joeuser)
++        fakemgr.create_project('test2', superuser)
++
++    def tearDown(self):
++        self.stubs.UnsetAll()
++        FLAGS.allow_admin_api = self.allow_admin
++        super(AccountsTest, self).tearDown()
++
++    def test_get_account(self):
++        req = webob.Request.blank('/v1.0/accounts/test1')
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res_dict['account']['id'], 'test1')
++        self.assertEqual(res_dict['account']['name'], 'test1')
++        self.assertEqual(res_dict['account']['manager'], 'guy1')
++        self.assertEqual(res.status_int, 200)
++
++    def test_account_delete(self):
++        req = webob.Request.blank('/v1.0/accounts/test1')
++        req.method = 'DELETE'
++        res = req.get_response(fakes.wsgi_app())
++        self.assertTrue('test1' not in fakes.FakeAuthManager.projects)
++        self.assertEqual(res.status_int, 200)
++
++    def test_account_create(self):
++        body = dict(account=dict(description='test account',
++                              manager='guy1'))
++        req = webob.Request.blank('/v1.0/accounts/newacct')
++        req.headers["Content-Type"] = "application/json"
++        req.method = 'PUT'
++        req.body = json.dumps(body)
++
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res.status_int, 200)
++        self.assertEqual(res_dict['account']['id'], 'newacct')
++        self.assertEqual(res_dict['account']['name'], 'newacct')
++        self.assertEqual(res_dict['account']['description'], 'test account')
++        self.assertEqual(res_dict['account']['manager'], 'guy1')
++        self.assertTrue('newacct' in
++                        fakes.FakeAuthManager.projects)
++        self.assertEqual(len(fakes.FakeAuthManager.projects.values()), 3)
++
++    def test_account_update(self):
++        body = dict(account=dict(description='test account',
++                              manager='guy2'))
++        req = webob.Request.blank('/v1.0/accounts/test1')
++        req.headers["Content-Type"] = "application/json"
++        req.method = 'PUT'
++        req.body = json.dumps(body)
++
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res.status_int, 200)
++        self.assertEqual(res_dict['account']['id'], 'test1')
++        self.assertEqual(res_dict['account']['name'], 'test1')
++        self.assertEqual(res_dict['account']['description'], 'test account')
++        self.assertEqual(res_dict['account']['manager'], 'guy2')
++        self.assertEqual(len(fakes.FakeAuthManager.projects.values()), 2)
 === renamed file 'nova/tests/api/openstack/test_accounts.py' => 'nova/tests/api/openstack/test_accounts.py.moved'
 === added file 'nova/tests/api/openstack/test_users.py'
 --- nova/tests/api/openstack/test_users.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/api/openstack/test_users.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,141 @@
++# Copyright 2010 OpenStack LLC.
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++import json
++
++import stubout
++import webob
++
++import nova.api
++import nova.api.openstack.auth
++from nova import context
++from nova import flags
++from nova import test
++from nova.auth.manager import User, Project
++from nova.tests.api.openstack import fakes
++
++
++FLAGS = flags.FLAGS
++FLAGS.verbose = True
++
++
++def fake_init(self):
++    self.manager = fakes.FakeAuthManager()
++
++
++def fake_admin_check(self, req):
++    return True
++
++
++class UsersTest(test.TestCase):
++    def setUp(self):
++        super(UsersTest, self).setUp()
++        self.stubs = stubout.StubOutForTesting()
++        self.stubs.Set(nova.api.openstack.users.Controller, '__init__',
++                       fake_init)
++        self.stubs.Set(nova.api.openstack.users.Controller, '_check_admin',
++                       fake_admin_check)
++        fakes.FakeAuthManager.auth_data = {}
++        fakes.FakeAuthManager.projects = dict(testacct=Project('testacct',
++                                                               'testacct',
++                                                               'guy1',
++                                                               'test',
++                                                               []))
++        fakes.FakeAuthDatabase.data = {}
++        fakes.stub_out_networking(self.stubs)
++        fakes.stub_out_rate_limiting(self.stubs)
++        fakes.stub_out_auth(self.stubs)
++
++        self.allow_admin = FLAGS.allow_admin_api
++        FLAGS.allow_admin_api = True
++        fakemgr = fakes.FakeAuthManager()
++        fakemgr.add_user('acc1', User('guy1', 'guy1', 'acc1',
++                                      'fortytwo!', False))
++        fakemgr.add_user('acc2', User('guy2', 'guy2', 'acc2',
++                                      'swordfish', True))
++
++    def tearDown(self):
++        self.stubs.UnsetAll()
++        FLAGS.allow_admin_api = self.allow_admin
++        super(UsersTest, self).tearDown()
++
++    def test_get_user_list(self):
++        req = webob.Request.blank('/v1.0/users')
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res.status_int, 200)
++        self.assertEqual(len(res_dict['users']), 2)
++
++    def test_get_user_by_id(self):
++        req = webob.Request.blank('/v1.0/users/guy2')
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res_dict['user']['id'], 'guy2')
++        self.assertEqual(res_dict['user']['name'], 'guy2')
++        self.assertEqual(res_dict['user']['secret'], 'swordfish')
++        self.assertEqual(res_dict['user']['admin'], True)
++        self.assertEqual(res.status_int, 200)
++
++    def test_user_delete(self):
++        req = webob.Request.blank('/v1.0/users/guy1')
++        req.method = 'DELETE'
++        res = req.get_response(fakes.wsgi_app())
++        self.assertTrue('guy1' not in [u.id for u in
++                        fakes.FakeAuthManager.auth_data.values()])
++        self.assertEqual(res.status_int, 200)
++
++    def test_user_create(self):
++        body = dict(user=dict(name='test_guy',
++                              access='acc3',
++                              secret='invasionIsInNormandy',
++                              admin=True))
++        req = webob.Request.blank('/v1.0/users')
++        req.headers["Content-Type"] = "application/json"
++        req.method = 'POST'
++        req.body = json.dumps(body)
++
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res.status_int, 200)
++        self.assertEqual(res_dict['user']['id'], 'test_guy')
++        self.assertEqual(res_dict['user']['name'], 'test_guy')
++        self.assertEqual(res_dict['user']['access'], 'acc3')
++        self.assertEqual(res_dict['user']['secret'], 'invasionIsInNormandy')
++        self.assertEqual(res_dict['user']['admin'], True)
++        self.assertTrue('test_guy' in [u.id for u in
++                        fakes.FakeAuthManager.auth_data.values()])
++        self.assertEqual(len(fakes.FakeAuthManager.auth_data.values()), 3)
++
++    def test_user_update(self):
++        body = dict(user=dict(name='guy2',
++                              access='acc2',
++                              secret='invasionIsInNormandy'))
++        req = webob.Request.blank('/v1.0/users/guy2')
++        req.headers["Content-Type"] = "application/json"
++        req.method = 'PUT'
++        req.body = json.dumps(body)
++
++        res = req.get_response(fakes.wsgi_app())
++        res_dict = json.loads(res.body)
++
++        self.assertEqual(res.status_int, 200)
++        self.assertEqual(res_dict['user']['id'], 'guy2')
++        self.assertEqual(res_dict['user']['name'], 'guy2')
++        self.assertEqual(res_dict['user']['access'], 'acc2')
++        self.assertEqual(res_dict['user']['secret'], 'invasionIsInNormandy')
++        self.assertEqual(res_dict['user']['admin'], True)
 === renamed file 'nova/tests/api/openstack/test_users.py' => 'nova/tests/api/openstack/test_users.py.moved'
 === added directory 'nova/tests/integrated'
 === renamed directory 'nova/tests/integrated' => 'nova/tests/integrated.moved'
 === added file 'nova/tests/integrated/__init__.py'
 --- nova/tests/integrated/__init__.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/integrated/__init__.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,20 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++#    Copyright (c) 2011 Justin Santa Barbara
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++"""
++:mod:`integrated` -- Tests whole systems, using mock services where needed
++=================================
++"""
 === added directory 'nova/tests/integrated/api'
 === added file 'nova/tests/integrated/api/__init__.py'
 --- nova/tests/integrated/api/__init__.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/integrated/api/__init__.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,20 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++#    Copyright (c) 2011 Justin Santa Barbara
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++"""
++:mod:`api` -- OpenStack API client, for testing rather than production
++=================================
++"""
 === added file 'nova/tests/integrated/api/client.py'
 --- nova/tests/integrated/api/client.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/integrated/api/client.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,213 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++#    Copyright (c) 2011 Justin Santa Barbara
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++import json
++import httplib
++import urlparse
++
++from nova import log as logging
++
++
++LOG = logging.getLogger('nova.tests.api')
++
++
++class OpenStackApiException(Exception):
++    def __init__(self, message=None, response=None):
++        self.response = response
++        if not message:
++            message = 'Unspecified error'
++
++        if response:
++            _status = response.status
++            _body = response.read()
++
++            message = _('%(message)s\nStatus Code: %(_status)s\n'
++                        'Body: %(_body)s') % locals()
++
++        super(OpenStackApiException, self).__init__(message)
++
++
++class OpenStackApiAuthenticationException(OpenStackApiException):
++    def __init__(self, response=None, message=None):
++        if not message:
++            message = _("Authentication error")
++        super(OpenStackApiAuthenticationException, self).__init__(message,
++                                                                  response)
++
++
++class OpenStackApiNotFoundException(OpenStackApiException):
++    def __init__(self, response=None, message=None):
++        if not message:
++            message = _("Item not found")
++        super(OpenStackApiNotFoundException, self).__init__(message, response)
++
++
++class TestOpenStackClient(object):
++    """ A really basic OpenStack API client that is under our control,
++    so we can make changes / insert hooks for testing"""
++
++    def __init__(self, auth_user, auth_key, auth_uri):
++        super(TestOpenStackClient, self).__init__()
++        self.auth_result = None
++        self.auth_user = auth_user
++        self.auth_key = auth_key
++        self.auth_uri = auth_uri
++
++    def request(self, url, method='GET', body=None, headers=None):
++        if headers is None:
++            headers = {}
++
++        parsed_url = urlparse.urlparse(url)
++        port = parsed_url.port
++        hostname = parsed_url.hostname
++        scheme = parsed_url.scheme
++
++        if scheme == 'http':
++            conn = httplib.HTTPConnection(hostname,
++                                          port=port)
++        elif scheme == 'https':
++            conn = httplib.HTTPSConnection(hostname,
++                                           port=port)
++        else:
++            raise OpenStackApiException("Unknown scheme: %s" % url)
++
++        relative_url = parsed_url.path
++        if parsed_url.query:
++            relative_url = relative_url + parsed_url.query
++        LOG.info(_("Doing %(method)s on %(relative_url)s") % locals())
++        if body:
++            LOG.info(_("Body: %s") % body)
++
++        conn.request(method, relative_url, body, headers)
++        response = conn.getresponse()
++        return response
++
++    def _authenticate(self):
++        if self.auth_result:
++            return self.auth_result
++
++        auth_uri = self.auth_uri
++        headers = {'X-Auth-User': self.auth_user,
++                   'X-Auth-Key': self.auth_key}
++        response = self.request(auth_uri,
++                                headers=headers)
++
++        http_status = response.status
++        LOG.debug(_("%(auth_uri)s => code %(http_status)s") % locals())
++
++        # Until bug732866 is fixed, we can't check this properly...
++        # bug732866
++        #if http_status == 401:
++        if http_status != 204:
++            raise OpenStackApiAuthenticationException(response=response)
++
++        auth_headers = {}
++        for k, v in response.getheaders():
++            auth_headers[k] = v
++
++        self.auth_result = auth_headers
++        return self.auth_result
++
++    def api_request(self, relative_uri, check_response_status=None, **kwargs):
++        auth_result = self._authenticate()
++
++        #NOTE(justinsb): httplib 'helpfully' converts headers to lower case
++        base_uri = auth_result['x-server-management-url']
++        full_uri = base_uri + relative_uri
++
++        headers = kwargs.setdefault('headers', {})
++        headers['X-Auth-Token'] = auth_result['x-auth-token']
++
++        response = self.request(full_uri, **kwargs)
++
++        http_status = response.status
++        LOG.debug(_("%(relative_uri)s => code %(http_status)s") % locals())
++
++        if check_response_status:
++            if not http_status in check_response_status:
++                if http_status == 404:
++                    raise OpenStackApiNotFoundException(response=response)
++                else:
++                    raise OpenStackApiException(
++                                        message=_("Unexpected status code"),
++                                        response=response)
++
++        return response
++
++    def _decode_json(self, response):
++        body = response.read()
++        LOG.debug(_("Decoding JSON: %s") % (body))
++        return json.loads(body)
++
++    def api_get(self, relative_uri, **kwargs):
++        kwargs.setdefault('check_response_status', [200])
++        response = self.api_request(relative_uri, **kwargs)
++        return self._decode_json(response)
++
++    def api_post(self, relative_uri, body, **kwargs):
++        kwargs['method'] = 'POST'
++        if body:
++            headers = kwargs.setdefault('headers', {})
++            headers['Content-Type'] = 'application/json'
++            kwargs['body'] = json.dumps(body)
++
++        kwargs.setdefault('check_response_status', [200])
++        response = self.api_request(relative_uri, **kwargs)
++        return self._decode_json(response)
++
++    def api_delete(self, relative_uri, **kwargs):
++        kwargs['method'] = 'DELETE'
++        kwargs.setdefault('check_response_status', [200, 202])
++        return self.api_request(relative_uri, **kwargs)
++
++    def get_server(self, server_id):
++        return self.api_get('/servers/%s' % server_id)['server']
++
++    def get_servers(self, detail=True):
++        rel_url = '/servers/detail' if detail else '/servers'
++        return self.api_get(rel_url)['servers']
++
++    def post_server(self, server):
++        return self.api_post('/servers', server)['server']
++
++    def delete_server(self, server_id):
++        return self.api_delete('/servers/%s' % server_id)
++
++    def get_image(self, image_id):
++        return self.api_get('/images/%s' % image_id)['image']
++
++    def get_images(self, detail=True):
++        rel_url = '/images/detail' if detail else '/images'
++        return self.api_get(rel_url)['images']
++
++    def post_image(self, image):
++        return self.api_post('/images', image)['image']
++
++    def delete_image(self, image_id):
++        return self.api_delete('/images/%s' % image_id)
++
++    def get_flavor(self, flavor_id):
++        return self.api_get('/flavors/%s' % flavor_id)['flavor']
++
++    def get_flavors(self, detail=True):
++        rel_url = '/flavors/detail' if detail else '/flavors'
++        return self.api_get(rel_url)['flavors']
++
++    def post_flavor(self, flavor):
++        return self.api_post('/flavors', flavor)['flavor']
++
++    def delete_flavor(self, flavor_id):
++        return self.api_delete('/flavors/%s' % flavor_id)
 === added file 'nova/tests/integrated/integrated_helpers.py'
 --- nova/tests/integrated/integrated_helpers.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/integrated/integrated_helpers.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,188 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++# Copyright 2011 Justin Santa Barbara
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++"""
++Provides common functionality for integrated unit tests
++"""
++
++import random
++import string
++
++from nova import exception
++from nova import flags
++from nova import service
++from nova import test  # For the flags
++from nova.auth import manager
++from nova.exception import Error
++from nova.log import logging
++from nova.tests.integrated.api import client
++
++
++FLAGS = flags.FLAGS
++
++LOG = logging.getLogger('nova.tests.integrated')
++
++
++def generate_random_alphanumeric(length):
++    """Creates a random alphanumeric string of specified length"""
++    return ''.join(random.choice(string.ascii_uppercase + string.digits)
++                   for _x in range(length))
++
++
++def generate_random_numeric(length):
++    """Creates a random numeric string of specified length"""
++    return ''.join(random.choice(string.digits)
++                   for _x in range(length))
++
++
++def generate_new_element(items, prefix, numeric=False):
++    """Creates a random string with prefix, that is not in 'items' list"""
++    while True:
++        if numeric:
++            candidate = prefix + generate_random_numeric(8)
++        else:
++            candidate = prefix + generate_random_alphanumeric(8)
++        if not candidate in items:
++            return candidate
++        print "Random collision on %s" % candidate
++
++
++class TestUser(object):
++    def __init__(self, name, secret, auth_url):
++        self.name = name
++        self.secret = secret
++        self.auth_url = auth_url
++
++        if not auth_url:
++            raise exception.Error("auth_url is required")
++        self.openstack_api = client.TestOpenStackClient(self.name,
++                                                        self.secret,
++                                                        self.auth_url)
++
++
++class IntegratedUnitTestContext(object):
++    __INSTANCE = None
++
++    def __init__(self):
++        self.auth_manager = manager.AuthManager()
++
++        self.wsgi_server = None
++        self.wsgi_apps = []
++        self.api_service = None
++
++        self.services = []
++        self.auth_url = None
++        self.project_name = None
++
++        self.setup()
++
++    def setup(self):
++        self._start_services()
++
++        self._create_test_user()
++
++    def _create_test_user(self):
++        self.test_user = self._create_unittest_user()
++
++        # No way to currently pass this through the OpenStack API
++        self.project_name = 'openstack'
++        self._configure_project(self.project_name, self.test_user)
++
++    def _start_services(self):
++        # WSGI shutdown broken :-(
++        # bug731668
++        if not self.api_service:
++            self._start_api_service()
++
++    def cleanup(self):
++        for service in self.services:
++            service.kill()
++        self.services = []
++        # TODO(justinsb): Shutdown WSGI & anything else we startup
++        # bug731668
++        # WSGI shutdown broken :-(
++        # self.wsgi_server.terminate()
++        # self.wsgi_server = None
++        self.test_user = None
++
++    def _create_unittest_user(self):
++        users = self.auth_manager.get_users()
++        user_names = [user.name for user in users]
++        auth_name = generate_new_element(user_names, 'unittest_user_')
++        auth_key = generate_random_alphanumeric(16)
++
++        # Right now there's a bug where auth_name and auth_key are reversed
++        # bug732907
++        auth_key = auth_name
++
++        self.auth_manager.create_user(auth_name, auth_name, auth_key, False)
++        return TestUser(auth_name, auth_key, self.auth_url)
++
++    def _configure_project(self, project_name, user):
++        projects = self.auth_manager.get_projects()
++        project_names = [project.name for project in projects]
++        if not project_name in project_names:
++            project = self.auth_manager.create_project(project_name,
++                                                       user.name,
++                                                       description=None,
++                                                       member_users=None)
++        else:
++            self.auth_manager.add_to_project(user.name, project_name)
++
++    def _start_api_service(self):
++        api_service = service.ApiService.create()
++        api_service.start()
++
++        if not api_service:
++            raise Exception("API Service was None")
++
++        # WSGI shutdown broken :-(
++        #self.services.append(volume_service)
++        self.api_service = api_service
++
++        self.auth_url = 'http://localhost:8774/v1.0'
++
++        return api_service
++
++    # WSGI shutdown broken :-(
++    # bug731668
++    #@staticmethod
++    #def get():
++    #    if not IntegratedUnitTestContext.__INSTANCE:
++    #        IntegratedUnitTestContext.startup()
++    #        #raise Error("Must call IntegratedUnitTestContext::startup")
++    #    return IntegratedUnitTestContext.__INSTANCE
++
++    @staticmethod
++    def startup():
++        # Because WSGI shutdown is broken at the moment, we have to recycle
++        # bug731668
++        if IntegratedUnitTestContext.__INSTANCE:
++            #raise Error("Multiple calls to IntegratedUnitTestContext.startup")
++            IntegratedUnitTestContext.__INSTANCE.setup()
++        else:
++            IntegratedUnitTestContext.__INSTANCE = IntegratedUnitTestContext()
++        return IntegratedUnitTestContext.__INSTANCE
++
++    @staticmethod
++    def shutdown():
++        if not IntegratedUnitTestContext.__INSTANCE:
++            raise Error("Must call IntegratedUnitTestContext::startup")
++        IntegratedUnitTestContext.__INSTANCE.cleanup()
++        # WSGI shutdown broken :-(
++        # bug731668
++        #IntegratedUnitTestContext.__INSTANCE = None
 === added file 'nova/tests/integrated/test_login.py'
 --- nova/tests/integrated/test_login.py	1970-01-01 00:00:00 +0000
 +++ nova/tests/integrated/test_login.py	2011-03-15 05:15:51 +0000
@@ -0,0 +1,79 @@
++# vim: tabstop=4 shiftwidth=4 softtabstop=4
++
++# Copyright 2011 Justin Santa Barbara
++# All Rights Reserved.
++#
++#    Licensed under the Apache License, Version 2.0 (the "License"); you may
++#    not use this file except in compliance with the License. You may obtain
++#    a copy of the License at
++#
++#         http://www.apache.org/licenses/LICENSE-2.0
++#
++#    Unless required by applicable law or agreed to in writing, software
++#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
++#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
++#    License for the specific language governing permissions and limitations
++#    under the License.
++
++import unittest
++
++from nova import flags
++from nova import test
++from nova.log import logging
++from nova.tests.integrated import integrated_helpers
++from nova.tests.integrated.api import client
++
++
++LOG = logging.getLogger('nova.tests.integrated')
++
++FLAGS = flags.FLAGS
++FLAGS.verbose = True
++
++
++class LoginTest(test.TestCase):
++    def setUp(self):
++        super(LoginTest, self).setUp()
++        context = integrated_helpers.IntegratedUnitTestContext.startup()
++        self.user = context.test_user
++        self.api = self.user.openstack_api
++
++    def tearDown(self):
++        integrated_helpers.IntegratedUnitTestContext.shutdown()
++        super(LoginTest, self).tearDown()
++
++    def test_login(self):
++        """Simple check - we list flavors - so we know we're logged in"""
++        flavors = self.api.get_flavors()
++        for flavor in flavors:
++            LOG.debug(_("flavor: %s") % flavor)
++
++    def test_bad_login_password(self):
++        """Test that I get a 401 with a bad username"""
++        bad_credentials_api = client.TestOpenStackClient(self.user.name,
++                                                         "notso_password",
++                                                         self.user.auth_url)
++
++        self.assertRaises(client.OpenstackApiAuthenticationException,
++                          bad_credentials_api.get_flavors)
++
++    def test_bad_login_username(self):
++        """Test that I get a 401 with a bad password"""
++        bad_credentials_api = client.TestOpenStackClient("notso_username",
++                                                         self.user.secret,
++                                                         self.user.auth_url)
++
++        self.assertRaises(client.OpenstackApiAuthenticationException,
++                          bad_credentials_api.get_flavors)
++
++    def test_bad_login_both_bad(self):
++        """Test that I get a 401 with both bad username and bad password"""
++        bad_credentials_api = client.TestOpenStackClient("notso_username",
++                                                         "notso_password",
++                                                         self.user.auth_url)
++
++        self.assertRaises(client.OpenstackApiAuthenticationException,
++                          bad_credentials_api.get_flavors)
++
++
++if __name__ == "__main__":
++    unittest.main()
 === added file 'nova/virt/cpuinfo.xml.template'
 --- nova/virt/cpuinfo.xml.template	1970-01-01 00:00:00 +0000
 +++ nova/virt/cpuinfo.xml.template	2011-03-15 05:15:51 +0000
@@ -0,0 +1,9 @@
++<cpu>
++    <arch>$arch</arch>
++    <model>$model</model>
++    <vendor>$vendor</vendor>
++    <topology sockets="$topology.sockets" cores="$topology.cores" threads="$topology.threads"/>
++#for $var in $features
++    <features name="$var" />
++#end for
++</cpu>
 === renamed file 'nova/virt/cpuinfo.xml.template' => 'nova/virt/cpuinfo.xml.template.moved'