diff options
author | Adam King <47704447+adk3798@users.noreply.github.com> | 2024-06-11 18:20:30 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-11 18:20:30 +0200 |
commit | 4098fa130a937ac48541ce6a4af6308c3457d4a9 (patch) | |
tree | 74fbcb2139b77adc42ef216ace4af014e33c264f /src/pybind/mgr/smb/tests | |
parent | Merge PR #57881 into main (diff) | |
parent | doc/mgr/smb: remove embedded join auth and users/groups source types (diff) | |
download | ceph-4098fa130a937ac48541ce6a4af6308c3457d4a9.tar.xz ceph-4098fa130a937ac48541ce6a4af6308c3457d4a9.zip |
Merge pull request #57180 from phlogistonjohn/jjm-smb-linked-res
mgr/smb: cluster linked join auth and users/groups resource types
Reviewed-by: Adam King <adking@redhat.com>
Diffstat (limited to 'src/pybind/mgr/smb/tests')
-rw-r--r-- | src/pybind/mgr/smb/tests/test_enums.py | 2 | ||||
-rw-r--r-- | src/pybind/mgr/smb/tests/test_handler.py | 231 | ||||
-rw-r--r-- | src/pybind/mgr/smb/tests/test_resources.py | 127 | ||||
-rw-r--r-- | src/pybind/mgr/smb/tests/test_smb.py | 63 |
4 files changed, 184 insertions, 239 deletions
diff --git a/src/pybind/mgr/smb/tests/test_enums.py b/src/pybind/mgr/smb/tests/test_enums.py index f3f0f4eeb8b..ef0edf87acb 100644 --- a/src/pybind/mgr/smb/tests/test_enums.py +++ b/src/pybind/mgr/smb/tests/test_enums.py @@ -18,8 +18,6 @@ import smb.enums (smb.enums.State.UPDATED, "updated"), (smb.enums.AuthMode.USER, "user"), (smb.enums.AuthMode.ACTIVE_DIRECTORY, "active-directory"), - (smb.enums.JoinSourceType.PASSWORD, "password"), - (smb.enums.UserGroupSourceType.INLINE, "inline"), ], ) def test_stringified(value, strval): diff --git a/src/pybind/mgr/smb/tests/test_handler.py b/src/pybind/mgr/smb/tests/test_handler.py index 270f3e72bf9..ceaf044744d 100644 --- a/src/pybind/mgr/smb/tests/test_handler.py +++ b/src/pybind/mgr/smb/tests/test_handler.py @@ -31,11 +31,7 @@ def test_internal_apply_cluster(thandler): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -50,11 +46,7 @@ def test_cluster_add(thandler): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -72,11 +64,7 @@ def test_internal_apply_cluster_and_share(thandler): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -109,8 +97,7 @@ def test_internal_apply_remove_cluster(thandler): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -141,8 +128,7 @@ def test_internal_apply_remove_shares(thandler): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], }, @@ -222,8 +208,7 @@ def test_internal_apply_add_joinauth(thandler): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -254,8 +239,7 @@ def test_internal_apply_add_usergroups(thandler): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -286,8 +270,7 @@ def test_generate_config_basic(thandler): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], }, @@ -338,15 +321,21 @@ def test_generate_config_ad(thandler): 'realm': 'dom1.example.com', 'join_sources': [ { - 'source_type': 'password', - 'auth': { - 'username': 'testadmin', - 'password': 'Passw0rd', - }, + 'source_type': 'resource', + 'ref': 'foo1', } ], }, }, + 'join_auths.foo1': { + 'resource_type': 'ceph.smb.join.auth', + 'auth_id': 'foo1', + 'intent': 'present', + 'auth': { + 'username': 'testadmin', + 'password': 'Passw0rd', + }, + }, 'shares.foo.s1': { 'resource_type': 'ceph.smb.share', 'cluster_id': 'foo', @@ -566,52 +555,6 @@ def test_apply_update_password(thandler): assert jdata == {'username': 'testadmin', 'password': 'Zm9vYmFyCg'} -def test_apply_update_cluster_inline_pw(thandler): - test_apply_full_cluster_create(thandler) - to_apply = [ - smb.resources.Cluster( - cluster_id='mycluster1', - auth_mode=smb.enums.AuthMode.ACTIVE_DIRECTORY, - domain_settings=smb.resources.DomainSettings( - realm='MYDOMAIN.EXAMPLE.ORG', - join_sources=[ - smb.resources.JoinSource( - source_type=smb.enums.JoinSourceType.RESOURCE, - ref='join1', - ), - smb.resources.JoinSource( - source_type=smb.enums.JoinSourceType.PASSWORD, - auth=smb.resources.JoinAuthValues( - username='Jimmy', - password='j4mb0ree!', - ), - ), - ], - ), - ), - ] - - results = thandler.apply(to_apply) - assert results.success, results.to_simplified() - assert len(list(results)) == 1 - - assert 'mycluster1' in thandler.public_store.namespaces() - ekeys = list(thandler.public_store.contents('mycluster1')) - assert len(ekeys) == 5 - assert 'cluster-info' in ekeys - assert 'config.smb' in ekeys - assert 'spec.smb' in ekeys - assert 'join.0.json' in ekeys - assert 'join.1.json' in ekeys - - # we changed the password value. the store should reflect that - jdata = thandler.public_store['mycluster1', 'join.0.json'].get() - assert jdata == {'username': 'testadmin', 'password': 'Passw0rd'} - # we changed the password value. the store should reflect that - jdata2 = thandler.public_store['mycluster1', 'join.1.json'].get() - assert jdata2 == {'username': 'Jimmy', 'password': 'j4mb0ree!'} - - def test_apply_add_second_cluster(thandler): test_apply_full_cluster_create(thandler) to_apply = [ @@ -622,15 +565,20 @@ def test_apply_add_second_cluster(thandler): realm='YOURDOMAIN.EXAMPLE.ORG', join_sources=[ smb.resources.JoinSource( - source_type=smb.enums.JoinSourceType.PASSWORD, - auth=smb.resources.JoinAuthValues( - username='Jimmy', - password='j4mb0ree!', - ), + source_type=smb.enums.JoinSourceType.RESOURCE, + ref='coolcluster', ), ], ), ), + smb.resources.JoinAuth( + auth_id='coolcluster', + auth=smb.resources.JoinAuthValues( + username='Jimmy', + password='j4mb0ree!', + ), + linked_to_cluster='coolcluster', + ), smb.resources.Share( cluster_id='coolcluster', share_id='images', @@ -643,7 +591,7 @@ def test_apply_add_second_cluster(thandler): results = thandler.apply(to_apply) assert results.success, results.to_simplified() - assert len(list(results)) == 2 + assert len(list(results)) == 3 assert 'mycluster1' in thandler.public_store.namespaces() ekeys = list(thandler.public_store.contents('mycluster1')) @@ -865,13 +813,14 @@ def test_apply_remove_all_clusters(thandler): def test_all_resources(thandler): test_apply_add_second_cluster(thandler) rall = thandler.all_resources() - assert len(rall) == 6 + assert len(rall) == 7 assert rall[0].resource_type == 'ceph.smb.cluster' assert rall[1].resource_type == 'ceph.smb.share' assert rall[2].resource_type == 'ceph.smb.share' assert rall[3].resource_type == 'ceph.smb.cluster' assert rall[4].resource_type == 'ceph.smb.share' assert rall[5].resource_type == 'ceph.smb.join.auth' + assert rall[6].resource_type == 'ceph.smb.join.auth' @pytest.mark.parametrize( @@ -962,6 +911,10 @@ def test_all_resources(thandler): 'resource_type': 'ceph.smb.join.auth', 'auth_id': 'join1', }, + { + 'resource_type': 'ceph.smb.join.auth', + 'auth_id': 'coolcluster', + }, ], ), # cluster with id @@ -1051,3 +1004,115 @@ def test_matching_resources(thandler, params): def test_invalid_resource_match_strs(thandler, txt): with pytest.raises(ValueError): thandler.matching_resources([txt]) + + +def test_apply_cluster_linked_auth(thandler): + to_apply = [ + smb.resources.JoinAuth( + auth_id='join1', + auth=smb.resources.JoinAuthValues( + username='testadmin', + password='Passw0rd', + ), + linked_to_cluster='mycluster1', + ), + smb.resources.Cluster( + cluster_id='mycluster1', + auth_mode=smb.enums.AuthMode.ACTIVE_DIRECTORY, + domain_settings=smb.resources.DomainSettings( + realm='MYDOMAIN.EXAMPLE.ORG', + join_sources=[ + smb.resources.JoinSource( + source_type=smb.enums.JoinSourceType.RESOURCE, + ref='join1', + ), + ], + ), + custom_dns=['192.168.76.204'], + ), + smb.resources.Share( + cluster_id='mycluster1', + share_id='homedirs', + name='Home Directries', + cephfs=smb.resources.CephFSStorage( + volume='cephfs', + subvolume='homedirs', + path='/', + ), + ), + ] + results = thandler.apply(to_apply) + assert results.success, results.to_simplified() + assert len(list(results)) == 3 + assert ('clusters', 'mycluster1') in thandler.internal_store.data + assert ('shares', 'mycluster1.homedirs') in thandler.internal_store.data + assert ('join_auths', 'join1') in thandler.internal_store.data + + to_apply = [ + smb.resources.RemovedCluster( + cluster_id='mycluster1', + ), + smb.resources.RemovedShare( + cluster_id='mycluster1', + share_id='homedirs', + ), + ] + results = thandler.apply(to_apply) + assert results.success, results.to_simplified() + assert len(list(results)) == 2 + assert ('clusters', 'mycluster1') not in thandler.internal_store.data + assert ( + 'shares', + 'mycluster1.homedirs', + ) not in thandler.internal_store.data + assert ('join_auths', 'join1') not in thandler.internal_store.data + + +def test_apply_cluster_bad_linked_auth(thandler): + to_apply = [ + smb.resources.JoinAuth( + auth_id='join1', + auth=smb.resources.JoinAuthValues( + username='testadmin', + password='Passw0rd', + ), + linked_to_cluster='mycluster2', + ), + smb.resources.Cluster( + cluster_id='mycluster1', + auth_mode=smb.enums.AuthMode.ACTIVE_DIRECTORY, + domain_settings=smb.resources.DomainSettings( + realm='MYDOMAIN.EXAMPLE.ORG', + join_sources=[ + smb.resources.JoinSource( + source_type=smb.enums.JoinSourceType.RESOURCE, + ref='join1', + ), + ], + ), + custom_dns=['192.168.76.204'], + ), + ] + results = thandler.apply(to_apply) + assert not results.success + rs = results.to_simplified() + assert len(rs['results']) == 2 + assert rs['results'][0]['msg'] == 'linked_to_cluster id not valid' + assert rs['results'][1]['msg'] == 'join auth linked to different cluster' + + +def test_rand_name(): + name = smb.handler.rand_name('bob') + assert name.startswith('bob') + assert len(name) == 11 + name = smb.handler.rand_name('carla') + assert name.startswith('carla') + assert len(name) == 13 + name = smb.handler.rand_name('dangeresque') + assert name.startswith('dangeresqu') + assert len(name) == 18 + name = smb.handler.rand_name('fhqwhgadsfhqwhgadsfhqwhgads') + assert name.startswith('fhqwhgadsf') + assert len(name) == 18 + name = smb.handler.rand_name('') + assert len(name) == 8 diff --git a/src/pybind/mgr/smb/tests/test_resources.py b/src/pybind/mgr/smb/tests/test_resources.py index 6fce09c2698..82446876a7c 100644 --- a/src/pybind/mgr/smb/tests/test_resources.py +++ b/src/pybind/mgr/smb/tests/test_resources.py @@ -117,10 +117,6 @@ domain_settings: join_sources: - source_type: resource ref: bob - - source_type: password - auth: - username: Administrator - password: fallb4kP4ssw0rd --- resource_type: ceph.smb.share cluster_id: chacha @@ -168,13 +164,10 @@ def test_load_yaml_resource_yaml1(): assert cluster.intent == enums.Intent.PRESENT assert cluster.auth_mode == enums.AuthMode.ACTIVE_DIRECTORY assert cluster.domain_settings.realm == 'CEPH.SINK.TEST' - assert len(cluster.domain_settings.join_sources) == 2 + assert len(cluster.domain_settings.join_sources) == 1 jsrc = cluster.domain_settings.join_sources assert jsrc[0].source_type == enums.JoinSourceType.RESOURCE assert jsrc[0].ref == 'bob' - assert jsrc[1].source_type == enums.JoinSourceType.PASSWORD - assert jsrc[1].auth.username == 'Administrator' - assert jsrc[1].auth.password == 'fallb4kP4ssw0rd' assert isinstance(loaded[1], smb.resources.Share) assert isinstance(loaded[2], smb.resources.Share) @@ -427,7 +420,7 @@ domain_settings: "exc_type": ValueError, "error": "not supported", }, - # u/g inline missing + # u/g empty with extra ref { "yaml": """ resource_type: ceph.smb.cluster @@ -435,89 +428,11 @@ cluster_id: randolph intent: present auth_mode: user user_group_settings: - - source_type: inline -""", - "exc_type": ValueError, - "error": "requires values", - }, - # u/g inline extra uri - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: inline - values: - users: [] - groups: [] - uri: http://foo.bar.example.com/baz.txt -""", - "exc_type": ValueError, - "error": "does not take", - }, - # u/g inline extra ref - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: inline - values: - users: [] - groups: [] + - source_type: empty ref: xyz """, "exc_type": ValueError, - "error": "does not take", - }, - # u/g uri missing - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: http_uri -""", - "exc_type": ValueError, - "error": "requires", - }, - # u/g uri extra values - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: http_uri - values: - users: [] - groups: [] - uri: http://foo.bar.example.com/baz.txt -""", - "exc_type": ValueError, - "error": "does not take", - }, - # u/g uri extra ref - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: http_uri - uri: http://boop.example.net - ref: xyz -""", - "exc_type": ValueError, - "error": "does not take", + "error": "ref may not be", }, # u/g resource missing { @@ -530,39 +445,7 @@ user_group_settings: - source_type: resource """, "exc_type": ValueError, - "error": "requires", - }, - # u/g resource extra values - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: resource - ref: xyz - uri: http://example.net/foo -""", - "exc_type": ValueError, - "error": "does not take", - }, - # u/g resource extra resource - { - "yaml": """ -resource_type: ceph.smb.cluster -cluster_id: randolph -intent: present -auth_mode: user -user_group_settings: - - source_type: resource - ref: xyz - values: - users: [] - groups: [] -""", - "exc_type": ValueError, - "error": "does not take", + "error": "reference value must be", }, ], ) diff --git a/src/pybind/mgr/smb/tests/test_smb.py b/src/pybind/mgr/smb/tests/test_smb.py index 03648750360..2e6ec2f96ff 100644 --- a/src/pybind/mgr/smb/tests/test_smb.py +++ b/src/pybind/mgr/smb/tests/test_smb.py @@ -39,11 +39,7 @@ def test_internal_apply_cluster(tmodule): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -58,11 +54,7 @@ def test_cluster_add_cluster_ls(tmodule): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -80,11 +72,7 @@ def test_internal_apply_cluster_and_share(tmodule): auth_mode=smb.enums.AuthMode.USER, user_group_settings=[ smb.resources.UserGroupSource( - source_type=smb.resources.UserGroupSourceType.INLINE, - values=smb.resources.UserGroupSettings( - users=[], - groups=[], - ), + source_type=smb.resources.UserGroupSourceType.EMPTY, ), ], ) @@ -117,8 +105,7 @@ def test_internal_apply_remove_cluster(tmodule): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -149,8 +136,7 @@ def test_internal_apply_remove_shares(tmodule): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], }, @@ -230,8 +216,7 @@ def test_internal_apply_add_joinauth(tmodule): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -262,8 +247,7 @@ def test_internal_apply_add_usergroups(tmodule): 'intent': 'present', 'user_group_settings': [ { - 'source_type': 'inline', - 'values': {'users': [], 'groups': []}, + 'source_type': 'empty', } ], } @@ -296,15 +280,21 @@ def _example_cfg_1(tmodule): 'realm': 'dom1.example.com', 'join_sources': [ { - 'source_type': 'password', - 'auth': { - 'username': 'testadmin', - 'password': 'Passw0rd', - }, + 'source_type': 'resource', + 'ref': 'foo', } ], }, }, + 'join_auths.foo': { + 'resource_type': 'ceph.smb.join.auth', + 'auth_id': 'foo', + 'intent': 'present', + 'auth': { + 'username': 'testadmin', + 'password': 'Passw0rd', + }, + }, 'shares.foo.s1': { 'resource_type': 'ceph.smb.share', 'cluster_id': 'foo', @@ -490,15 +480,24 @@ def test_cluster_create_ad1(tmodule): assert len(result.src.domain_settings.join_sources) == 1 assert ( result.src.domain_settings.join_sources[0].source_type - == smb.enums.JoinSourceType.PASSWORD + == smb.enums.JoinSourceType.RESOURCE ) + assert result.src.domain_settings.join_sources[0].ref.startswith('fizzle') + assert 'additional_results' in result.status + assert len(result.status['additional_results']) == 1 assert ( - result.src.domain_settings.join_sources[0].auth.username - == 'Administrator' + result.status['additional_results'][0]['resource']['resource_type'] + == 'ceph.smb.join.auth' ) assert ( - result.src.domain_settings.join_sources[0].auth.password == 'Passw0rd' + result.status['additional_results'][0]['resource'][ + 'linked_to_cluster' + ] + == 'fizzle' ) + assert result.status['additional_results'][0]['resource'][ + 'auth_id' + ].startswith('fizzle') def test_cluster_create_ad2(tmodule): |