diff options
author | Umar Farooq <umar.farooq@neclab.eu> | 2017-05-29 18:42:43 +0000 |
---|---|---|
committer | Umar Farooq <umar.farooq@neclab.eu> | 2017-07-03 10:40:11 +0000 |
commit | 76dadb96e17e4d066facf0a185a1032e40b980f7 (patch) | |
tree | 19e0805e32fa948a412af6daa1f3949b4d544757 /tests | |
parent | f77107087079caa9b1602be6308d98107c9639b8 (diff) |
Create policy.json file in Ocata for non-admin user
Non-admin user is not allowed to view host_status flag.
To get the host status, policy.json file needs to be
created as it is not available in Ocata by default.
This is created for local and fuel installer types
in this commit.
JIRA: DOCTOR-110
Change-Id: Ie626217a515f821c47b1cb6ed0e3d504d8e01b3a
Signed-off-by: Umar Farooq <umar.farooq@neclab.eu>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/lib/installers/fuel | 29 | ||||
-rw-r--r-- | tests/lib/installers/local | 55 |
2 files changed, 72 insertions, 12 deletions
diff --git a/tests/lib/installers/fuel b/tests/lib/installers/fuel index 0c56963c..85865720 100644 --- a/tests/lib/installers/fuel +++ b/tests/lib/installers/fuel @@ -96,8 +96,15 @@ function installer_apply_patches { service nova-api restart fi else - # TODO(tojuvone) policy.json might not exists in Ocata. - echo "$np_conf does not exist!!!" + # policy.json does not exist in Ocata. + echo "$np_conf does not exist. Creating new one." + echo -e "{\n \"context_is_admin\": \"role:admin\"," > $np_conf + echo -e " \"owner\" : \"user_id:%(user_id)s\"," >> $np_conf + echo -e " \"admin_or_owner\": \"rule:context_is_admin or rule:owner\"," >> $np_conf + echo -e " \"os_compute_api:servers:show:host_status\": \"rule:admin_or_owner\" \n}" >> $np_conf + np_rm="${np_conf}-doctor-rm" + cp $np_conf $np_rm + service nova-api restart fi ' > installer_apply_patches_$node.log 2>&1 done @@ -167,14 +174,16 @@ function installer_revert_patches { fi np_conf=/etc/nova/policy.json - entry="os_compute_api:servers:show:host_status" - if [ -e $np_conf ]; then - np_backup="${np_conf}-doctor-saved" - if [ -e $np_backup ]; then - cp -f $np_backup $np_conf - rm $np_backup - service nova-api restart - fi + np_backup="${np_conf}-doctor-saved" + np_rm="${np_conf}-doctor-rm" + if [ -e $np_backup ]; then + cp -f $np_backup $np_conf + rm $np_backup + service nova-api restart + elif [ -e $np_rm ]; then + rm $np_conf + rm $np_rm + service nova-api restart fi ' >> installer_apply_patches_$node.log 2>&1 done diff --git a/tests/lib/installers/local b/tests/lib/installers/local index 50c3686f..d628867a 100644 --- a/tests/lib/installers/local +++ b/tests/lib/installers/local @@ -9,7 +9,42 @@ function installer_get_ssh_keys { } function installer_apply_patches { - # Noop + set -x + date + echo "### apply patches (installer=local)" + np_conf=/etc/nova/policy.json + if [ -e $np_conf ]; then + entry="os_compute_api:servers:show:host_status" + new="rule:admin_or_owner" + np_backup="${np_conf}-doctor-saved" + if grep -q "${entry}.*${new}" $np_conf; then + echo "Not modifying nova policy" + elif grep -q "${entry}" $np_conf; then + echo "modify nova policy" + cp $np_conf $np_backup + oldline=$(grep "$entry" $np_conf) + newline=$(echo "$oldline" | sed "s/rule.*\"/$new\"/") + sed -i "s/$oldline/$newline/" $np_conf + # TODO(umar): Update to systemd when screen is no more used for devstack + screen -S stack -p n-api -X stuff "^C^M^[[A^M" # restart n-api service + else + echo "add nova policy" + cp $np_conf $np_backup + sed -i "/{/a \ \"${entry}\": \"$new\"" $np_conf + screen -S stack -p n-api -X stuff "^C^M^[[A^M" + fi + else + # policy.json does not exist in Ocata. + echo "$np_conf does not exist. Creating a new one" + echo -e '{\n "context_is_admin": "role:admin",' > $np_conf + echo -e ' "owner" : "user_id:%(user_id)s",' >> $np_conf + echo -e ' "admin_or_owner": "rule:context_is_admin or rule:owner",' >> $np_conf + echo -e ' "os_compute_api:servers:show:host_status": "rule:admin_or_owner"\n}' >> $np_conf + np_rm="${np_conf}-doctor-rm" + cp $np_conf $np_rm + screen -S stack -p n-api -X stuff "^C^M^[[A^M" + fi + return } @@ -31,6 +66,22 @@ function get_compute_ip_from_hostname { } function cleanup_installer { - # Noop + set -x + echo "### revert patches (installer=local)" + date + + np_conf=/etc/nova/policy.json + np_backup="${np_conf}-doctor-saved" + np_rm="${np_conf}-doctor-rm" + if [ -e $np_backup ]; then + cp -f $np_backup $np_conf + rm $np_backup + screen -S stack -p n-api -X stuff "^C^M^[[A^M" + elif [ -e $np_rm ]; then + rm $np_conf + rm $np_rm + screen -S stack -p n-api -X stuff "^C^M^[[A^M" + fi + return } |