[#48] Tests for setting RHEL/OpenShift tag challenge flags. The tests…

… for PATCH…
cloudigrade · Sep 5, 2018 · f95662b · f95662b
1 parent 8aa1a5f
commit f95662b
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 3 deletions.
diff --git a/integrade/api.py b/integrade/api.py
@@ -188,6 +188,7 @@ def __init__(self, response_handler=None, url=None, authenticate=True,
         if authenticate:
             if not self.token:
                 self.token = cfg.get('superuser_token')
+                assert not self.token or ' ' not in self.token, self.token
             if not self.token:
                 raise exceptions.TokenNotFound(
                     'No token was found to authenticate with the server. Make '

diff --git a/integrade/tests/api/v1/test_images.py b/integrade/tests/api/v1/test_images.py
@@ -100,12 +100,12 @@ def images_data():
             else:
                 raise ValueError('Not a valid image type.')
 
-            inject_instance_data(
+            image['id'] = inject_instance_data(
                 account['id'],
                 image_type,
                 [random.randint(0, 20)],
                 ec2_ami_id=image['ec2_ami_id'],
-            )
+            )['image_id']
 
     return user1, user2, auth1, auth2, images1, images2
 
@@ -206,3 +206,69 @@ def test_list_specific_image(images_data):
         client.response_handler = old_handler
         assert response.status_code == 404
         assert response.json()['detail'] == 'Not found.'
+
+
+@pytest.mark.parametrize('superuser', [True, False], ids=['super', 'regular'])
+@pytest.mark.parametrize('method', ['put', 'patch'])
+def test_challenge_image(superuser, method):
+    """Test if a challenge flags for RHEL and OS can be changed.
+
+    :id: ec5fe0b6-9852-48db-a2ba-98d01aeaac28
+    :description: Try to change challenge flags on an image and ensure that
+        change is reflected afterwards.
+    :steps:
+        1. Create an image in a known account and make sure the challenge
+           flags are false by default.
+        2. Use both PUT and PATCH forms of the image endpoint to set a flag to
+           true
+    :expectedresults:
+        The image data now reflects this change.
+    """
+    cfg = config.get_config()
+    user = utils.create_user_account()
+    auth = utils.get_auth(user)
+
+    client = api.Client(authenticate=False)
+    account = inject_aws_cloud_account(
+            user['id'],
+            name=uuid4(),
+        )
+    image_type = ''
+    ec2_ami_id = str(random.randint(100000, 999999999999))
+
+    image_id = inject_instance_data(
+        account['id'],
+        image_type,
+        [random.randint(0, 20)],
+        ec2_ami_id=ec2_ami_id,
+    )['image_id']
+
+    if superuser:
+        auth = api.TokenAuth(cfg.get('superuser_token'))
+
+    image_url = urljoin(urls.IMAGE, str(image_id)) + '/'
+
+    # Ensure the image owner can fetch it
+    response = client.get(image_url, auth=auth).json()
+
+    assert response['rhel_challenged'] is False
+    assert response['openshift_challenged'] is False
+
+    for tag in ('rhel', 'openshift'):
+        if method == 'put':
+            response[f'{tag}_challenged'] = True
+            response = client.put(image_url, response, auth=auth).json()
+        elif method == 'patch':
+            data = {
+                'resourcetype': 'AwsMachineImage',
+                f'{tag}_challenged': True,
+            }
+            response = client.patch(image_url, data, auth=auth).json()
+        else:
+            pytest.fail(f'Unknown method "{method}"')
+        assert response[f'{tag}_challenged'] is True
+
+    # # Ensure any other user can't fetch it
+    response = client.get(image_url, auth=auth)
+    assert response.status_code == 200
+    assert response.json()[f'{tag}_challenged']
diff --git a/scripts/oc-auth.sh b/scripts/oc-auth.sh
@@ -24,7 +24,7 @@ else
 
     oc rsh -c "${CONTAINER_NAME}" "${POD}" scl enable rh-python36 -- python manage.py createsuperuser --no-input --username "${CLOUDIGRADE_USER}" --email="${CLOUDIGRADE_USER}@example.com"
 
-    export CLOUDIGRADE_TOKEN=$(oc rsh -c "${CONTAINER_NAME}" "${POD}" scl enable rh-python36 -- python manage.py drf_create_token "${CLOUDIGRADE_USER}" 2>/dev/null | sed -e ':a;N;$!ba;s/.*token \(.*\) for.*/\1/')
+    export CLOUDIGRADE_TOKEN=$(oc rsh -c "${CONTAINER_NAME}" "${POD}" scl enable rh-python36 -- python manage.py drf_create_token "${CLOUDIGRADE_USER}" 2>/dev/null | sed -e 's/.*token \(.*\) for.*/\1/')
 cat << EOF | oc rsh -c "${CONTAINER_NAME}" "${POD}" scl enable rh-python36 -- python manage.py shell
 from django.contrib.auth.models import User
 user = User.objects.get(email="$CLOUDIGRADE_USER@example.com")