openstack/swift
Code Issues Proposed changes

Permit functional tests against Swift with Keystone

Browse Source 
While poking at such problems with authentication other than swauth
it was useful to allow stock functional tests running back-to-back
at two clusters, with tempauth and Keystone.

When running the legacy tests, this version packs account into user
the way it was down previously. This way we do not need to repack
them before every call to get_auth. The downside is additional work
to be done when setting ACLs.

Change-Id: Ieb1d9227cb88977ecd2c39825039bc4be8afae0b
This commit is contained in:
Pete Zaitcev 2013-03-10 18:52:10 -06:00
parent 5e427e5e3b
commit 35e07e2982
5 changed files with 84 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
test/functional/swift_test_client.py
View File

@ -26,6 +26,7 @@ import simplejson as json
from nose import SkipTest
from xml.dom import minidom
from swiftclient import get_auth
class AuthenticationFailed(Exception):
@ -94,6 +95,7 @@ class Connection(object):
self.auth_port = int(config['auth_port'])
self.auth_ssl = config['auth_ssl'] in ('on', 'true', 'yes', '1')
self.auth_prefix = config.get('auth_prefix', '/')
self.auth_version = str(config.get('auth_version', '1'))
self.account = config.get('account')
self.username = config['username']
@ -116,38 +118,25 @@ class Connection(object):
self.storage_token = clone_conn.storage_token
return
if self.account:
auth_user = '%s:%s' % (self.account, self.username)
if self.auth_version == "1":
auth_path = '%sv1.0' % (self.auth_prefix)
if self.account:
auth_user = '%s:%s' % (self.account, self.username)
else:
auth_user = self.username
else:
auth_user = self.username
headers = {
'x-auth-user': auth_user,
'x-auth-key': self.password,
}
auth_path = self.auth_prefix
auth_scheme = 'https://' if self.auth_ssl else 'http://'
auth_netloc = "%s:%d" % (self.auth_host, self.auth_port)
auth_url = auth_scheme + auth_netloc + auth_path
path = '%sv1.0' % (self.auth_prefix)
if self.auth_ssl:
connection = httplib.HTTPSConnection(self.auth_host,
port=self.auth_port)
else:
connection = httplib.HTTPConnection(self.auth_host,
port=self.auth_port)
#connection.set_debuglevel(3)
connection.request('GET', path, '', headers)
response = connection.getresponse()
connection.close()
if response.status == 401:
raise AuthenticationFailed()
if response.status not in (200, 204):
raise ResponseError(response)
for hdr in response.getheaders():
if hdr[0].lower() == "x-storage-url":
storage_url = hdr[1]
elif hdr[0].lower() == "x-auth-token":
storage_token = hdr[1]
(storage_url, storage_token) = get_auth(auth_url,
auth_user, self.password,
snet=False,
tenant_name=self.account,
auth_version=self.auth_version,
os_options={})
if not (storage_url and storage_token):
raise AuthenticationFailed()

62
test/functionalnosetests/swift_testing.py
View File

@ -33,8 +33,12 @@ normalized_urls = conf.get('normalized_urls', False)
swift_test_auth = os.environ.get('SWIFT_TEST_AUTH')
swift_test_user = [os.environ.get('SWIFT_TEST_USER'), None, None]
swift_test_key = [os.environ.get('SWIFT_TEST_KEY'), None, None]
swift_test_tenant = ['', '', '']
swift_test_perm = ['', '', '']
if conf:
swift_test_auth_version = str(conf.get('auth_version', '1'))
swift_test_auth = 'http'
if conf.get('auth_ssl', 'no').lower() in ('yes', 'true', 'on', '1'):
swift_test_auth = 'https'
@ -42,26 +46,48 @@ if conf:
conf['auth_prefix'] = '/'
try:
swift_test_auth += \
'://%(auth_host)s:%(auth_port)s%(auth_prefix)sv1.0' % conf
'://%(auth_host)s:%(auth_port)s%(auth_prefix)s' % conf
except KeyError:
pass # skip
if 'account' in conf:
swift_test_user[0] = '%(account)s:%(username)s' % conf
if swift_test_auth_version == "1":
swift_test_auth += 'v1.0'
if 'account' in conf:
swift_test_user[0] = '%(account)s:%(username)s' % conf
else:
swift_test_user[0] = '%(username)s' % conf
swift_test_key[0] = conf['password']
try:
swift_test_user[1] = '%s%s' % \
('%s:' % conf['account2'] if 'account2' in conf else '',
conf['username2'])
swift_test_key[1] = conf['password2']
except KeyError, err:
pass # old conf, no second account tests can be run
try:
swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account'
in conf else '', conf['username3'])
swift_test_key[2] = conf['password3']
except KeyError, err:
pass # old conf, no third account tests can be run
for _ in range(3):
swift_test_perm[_] = swift_test_user[_]
else:
swift_test_user[0] = '%(username)s' % conf
swift_test_key[0] = conf['password']
try:
swift_test_user[1] = '%s%s' % ('%s:' % conf['account2'] if 'account2'
in conf else '', conf['username2'])
swift_test_user[0] = conf['username']
swift_test_tenant[0] = conf['account']
swift_test_key[0] = conf['password']
swift_test_user[1] = conf['username2']
swift_test_tenant[1] = conf['account2']
swift_test_key[1] = conf['password2']
except KeyError, err:
pass # old conf, no second account tests can be run
try:
swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account'
in conf else '', conf['username3'])
swift_test_user[2] = conf['username3']
swift_test_tenant[2] = conf['account']
swift_test_key[2] = conf['password3']
except KeyError, err:
pass # old conf, no third account tests can be run
for _ in range(3):
swift_test_perm[_] = swift_test_tenant[_] + ':' + swift_test_user[_]
skip = not all([swift_test_auth, swift_test_user[0], swift_test_key[0]])
if skip:
@ -112,7 +138,11 @@ def retry(func, *args, **kwargs):
if not url[use_account] or not token[use_account]:
url[use_account], token[use_account] = \
get_auth(swift_test_auth, swift_test_user[use_account],
swift_test_key[use_account])
swift_test_key[use_account],
snet=False,
tenant_name=swift_test_tenant[use_account],
auth_version=swift_test_auth_version,
os_options={})
parsed[use_account] = conn[use_account] = None
if not parsed[use_account] or not conn[use_account]:
parsed[use_account], conn[use_account] = \

13
test/functionalnosetests/test_container.py
View File

@ -24,7 +24,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \
MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH
from swift_testing import check_response, retry, skip, skip2, skip3, \
swift_test_user, web_front_end
swift_test_perm, web_front_end
class TestContainer(unittest.TestCase):
@ -397,8 +397,8 @@ class TestContainer(unittest.TestCase):
# Make the container accessible by the second account
def post(url, token, parsed, conn):
conn.request('POST', parsed.path + '/' + self.name, '',
{'X-Auth-Token': token, 'X-Container-Read': swift_test_user[1],
'X-Container-Write': swift_test_user[1]})
{'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[1],
'X-Container-Write': swift_test_perm[1]})
return check_response(conn)
resp = retry(post)
resp.read()
@ -465,7 +465,8 @@ class TestContainer(unittest.TestCase):
# Now make the container also writeable by the second account
def post(url, token, parsed, conn):
conn.request('POST', parsed.path + '/' + self.name, '',
{'X-Auth-Token': token, 'X-Container-Write': swift_test_user[1]})
{'X-Auth-Token': token,
'X-Container-Write': swift_test_perm[1]})
return check_response(conn)
resp = retry(post)
resp.read()
@ -502,7 +503,7 @@ class TestContainer(unittest.TestCase):
# Make the container accessible by the third account
def post(url, token, parsed, conn):
conn.request('POST', parsed.path + '/' + self.name, '',
{'X-Auth-Token': token, 'X-Container-Read': swift_test_user[2]})
{'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[2]})
return check_response(conn)
resp = retry(post)
resp.read()
@ -523,7 +524,7 @@ class TestContainer(unittest.TestCase):
def post(url, token, parsed, conn):
conn.request('POST', parsed.path + '/' + self.name, '',
{'X-Auth-Token': token,
'X-Container-Write': swift_test_user[2]})
'X-Container-Write': swift_test_perm[2]})
return check_response(conn)
resp = retry(post)
resp.read()

14
test/functionalnosetests/test_object.py
View File

@ -23,7 +23,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \
MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH
from swift_testing import check_response, retry, skip, skip3, \
swift_test_user, web_front_end
swift_test_perm, web_front_end
from test import get_config
@ -220,8 +220,8 @@ class TestObject(unittest.TestCase):
conn.request('PUT', '%s/%s' % (parsed.path,
shared_container), '',
{'X-Auth-Token': token,
'X-Container-Read': swift_test_user[2],
'X-Container-Write': swift_test_user[2]})
'X-Container-Read': swift_test_perm[2],
'X-Container-Write': swift_test_perm[2]})
return check_response(conn)
resp = retry(put)
resp.read()
@ -419,8 +419,8 @@ class TestObject(unittest.TestCase):
# Grant access to the third account
def post(url, token, parsed, conn):
conn.request('POST', '%s/%s' % (parsed.path, self.container),
'', {'X-Auth-Token': token, 'X-Container-Read':
swift_test_user[2]})
'', {'X-Auth-Token': token,
'X-Container-Read': swift_test_perm[2]})
return check_response(conn)
resp = retry(post)
resp.read()
@ -494,8 +494,8 @@ class TestObject(unittest.TestCase):
# Grant access to the third account
def post(url, token, parsed, conn):
conn.request('POST', '%s/%s' % (parsed.path, acontainer),
'', {'X-Auth-Token': token, 'X-Container-Read':
swift_test_user[2]})
'', {'X-Auth-Token': token,
'X-Container-Read': swift_test_perm[2]})
return check_response(conn)
resp = retry(post)
resp.read()

6
test/sample.conf
View File

@ -4,6 +4,12 @@ auth_host = 127.0.0.1
auth_port = 8080
auth_ssl = no
auth_prefix = /auth/
## sample config for Swift with Keystone
#auth_version = 2
#auth_host = localhost
#auth_port = 5000
#auth_ssl = no
#auth_prefix = /v2.0/
# Primary functional test account (needs admin access to the account)
account = test