Skip to content

修正endpoint resolver相关测试;测试能够自动创建RAM相关环境 #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
JacksonTian merged 9 commits into from
Jan 4, 2019
Merged

修正endpoint resolver相关测试;测试能够自动创建RAM相关环境 #160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
0c006a6
fix functional tests
Qingtang-SDK Jan 3, 2019
3c21e24
fix a line too long
Qingtang-SDK Jan 3, 2019
53a8501
using unittest2 instead
Qingtang-SDK Jan 3, 2019
527deab
make travis job concurrent
Qingtang-SDK Jan 3, 2019
f949c08
make test case available for other regions
Qingtang-SDK Jan 3, 2019
358b1a7
make a long timeout
Qingtang-SDK Jan 3, 2019
88024ad
reduce ram access
Qingtang-SDK Jan 4, 2019
8ba6f45
use unittest2 in python2.6; make Codacy happy
Qingtang-SDK Jan 4, 2019
665a287
use pytest instead of unittest to run functional test
Qingtang-SDK Jan 4, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion aliyun-python-sdk-core/aliyunsdkcore/auth/signers/ram_role_arn_signer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
from aliyunsdkcore.auth.credentials import RamRoleArnCredential
from aliyunsdkcore.auth.credentials import AccessKeyCredential
from aliyunsdkcore.request import CommonRequest
from aliyunsdkcore.compat import ensure_string


class RamRoleArnSigner(Signer):
Expand Down Expand Up @@ -84,7 +85,7 @@ def _refresh_session_ak_and_sk(self):
self._last_update_time = int(time.time())
else:
code = error_code.SDK_GET_SESSION_CREDENTIAL_FAILED
message = "refresh session token failed, server return: " + body
message = "refresh session token failed, server return: " + ensure_string(body)
http_status = status

raise exceptions.ServerException(code, message, http_status)
162 changes: 154 additions & 8 deletions python-sdk-functional-test/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,17 @@

import sys
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.vendored.six import iteritems
from aliyunsdkcore.acs_exception.exceptions import ServerException

from aliyunsdkram.request.v20150501.ListUsersRequest import ListUsersRequest
from aliyunsdkram.request.v20150501.CreateUserRequest import CreateUserRequest
from aliyunsdkram.request.v20150501.CreateAccessKeyRequest import CreateAccessKeyRequest
from aliyunsdkram.request.v20150501.DeleteAccessKeyRequest import DeleteAccessKeyRequest
from aliyunsdkram.request.v20150501.ListAccessKeysRequest import ListAccessKeysRequest
from aliyunsdkram.request.v20150501.ListRolesRequest import ListRolesRequest
from aliyunsdkram.request.v20150501.CreateRoleRequest import CreateRoleRequest
from aliyunsdkram.request.v20150501.AttachPolicyToUserRequest import AttachPolicyToUserRequest


# The unittest module got a significant overhaul
Expand All @@ -30,6 +41,36 @@
from unittest import TestCase


def request_helper(client, request, **params):
for key, value in iteritems(params):
set_name = 'set_' + key
if hasattr(request, set_name):
func = getattr(request, set_name)
func(value)
else:
raise Exception(
"{0} has no parameter named {1}.".format(request.__class__.__name__, key))
response = client.do_action_with_exception(request)
return json.loads(response.decode('utf-8'))


def _check_server_response(obj, key):
if key not in obj:
raise Exception("No '{0}' in server response.".format(key))


def find_in_response(response, key=None, keys=None):
if key:
_check_server_response(response, key)
return response[key]
if keys:
obj = response
for key in keys:
_check_server_response(obj, key)
obj = obj[key]
return obj


class SDKTestBase(TestCase):

def __init__(self, *args, **kwargs):
Expand All @@ -46,9 +87,20 @@ def _init_env(self):
self._sdk_config = self._init_sdk_config()
self.access_key_id = self._read_key_from_env_or_config("ACCESS_KEY_ID")
self.access_key_secret = self._read_key_from_env_or_config("ACCESS_KEY_SECRET")
self.sub_access_key_id = self._read_key_from_env_or_config("SUB_ACCESS_KEY_ID")
self.sub_access_key_secret = self._read_key_from_env_or_config("SUB_ACCESS_KEY_SECRET")
self.region_id = self._read_key_from_env_or_config("REGION_ID")
self.user_id = self._read_key_from_env_or_config("USER_ID")
if 'TRAVIS_JOB_NUMBER' in os.environ:
self.travis_concurrent = os.environ.get('TRAVIS_JOB_NUMBER').split(".")[-1]
else:
self.travis_concurrent = "0"
self.default_ram_user_name = "RamUserForSDKCredentialsTest" + self.travis_concurrent
self.default_ram_role_name = "RamROleForSDKTest" + self.travis_concurrent
self.default_role_session_name = "RoleSession" + self.travis_concurrent
self.ram_user_id = None
self.ram_policy_attched = False
self.ram_user_access_key_id = None
self.ram_user_access_key_secret = None
self.ram_role_arn = None

def _init_sdk_config(self):
sdk_config_path = os.path.join(os.path.expanduser("~"), "aliyun_sdk_config.json")
Expand All @@ -65,25 +117,119 @@ def _read_key_from_env_or_config(self, key_name):
raise Exception("Failed to find sdk config: " + key_name)

def setUp(self):
TestCase.setUp(self)
self.client = self.init_client()

def tearDown(self):
pass

def init_client(self, region_id=None):
if not region_id:
region_id = self.region_id
return AcsClient(self.access_key_id, self.access_key_secret, region_id)

def init_sub_client(self):
return AcsClient(self.sub_access_key_id, self.sub_access_key_secret, self.region_id)
return AcsClient(self.access_key_id, self.access_key_secret, region_id, timeout=120)

@staticmethod
def get_dict_response(string):
return json.loads(string.decode('utf-8'), encoding="utf-8")

def _create_default_ram_user(self):
if self.ram_user_id:
return
response = request_helper(self.client, ListUsersRequest())
user_list = find_in_response(response, keys=['Users', 'User'])
for user in user_list:
if user['UserName'] == self.default_ram_user_name:
self.ram_user_id = user["UserId"]
return

response = request_helper(self.client, CreateUserRequest(),
UserName=self.default_ram_user_name)
self.ram_user_id = find_in_response(response, keys=['User', 'UserId'])

def _attach_default_policy(self):
if self.ram_policy_attched:
return

try:
request_helper(self.client, AttachPolicyToUserRequest(),
PolicyType='System', PolicyName='AliyunSTSAssumeRoleAccess',
UserName=self.default_ram_user_name)
except ServerException as e:
if e.get_error_code() == 'EntityAlreadyExists.User.Policy':
pass
else:
raise e

self.ram_policy_attched = True

def _create_access_key(self):
if self.ram_user_access_key_id and self.ram_user_access_key_secret:
return

response = request_helper(self.client, ListAccessKeysRequest(),
UserName=self.default_ram_user_name)
for access_key in find_in_response(response, keys=['AccessKeys', 'AccessKey']):
access_key_id = access_key['AccessKeyId']
request_helper(self.client, DeleteAccessKeyRequest(),
UserAccessKeyId=access_key_id,
UserName=self.default_ram_user_name)

response = request_helper(self.client, CreateAccessKeyRequest(),
UserName=self.default_ram_user_name)
self.ram_user_access_key_id = find_in_response(response, keys=['AccessKey', 'AccessKeyId'])
self.ram_user_access_key_secret = find_in_response(
response,
keys=['AccessKey', 'AccessKeySecret'])

def _delete_access_key(self):
request_helper(self.client, DeleteAccessKeyRequest(),
UserName=self.default_ram_user_name,
UserAccessKeyId=self.ram_user_access_key_id)

def init_sub_client(self):
self._create_default_ram_user()
self._attach_default_policy()
self._create_access_key()
return AcsClient(self.ram_user_access_key_id,
self.ram_user_access_key_secret,
self.region_id, timeout=120)

def _create_default_ram_role(self):
if self.ram_role_arn:
return
response = request_helper(self.client, ListRolesRequest())
for role in find_in_response(response, keys=['Roles', 'Role']):
role_name = role['RoleName']
role_arn = role['Arn']
if role_name == self.default_ram_role_name:
self.ram_role_arn = role_arn
return

policy_doc = """
{
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"RAM": [
"acs:ram::%s:root"
]
}
}
],
"Version": "1"
}
""" % self.user_id

response = request_helper(self.client, CreateRoleRequest(),
RoleName=self.default_ram_role_name,
AssumeRolePolicyDocument=policy_doc)
self.ram_role_arn = find_in_response(response, keys=['Role', 'Arn'])


def disabled(func):
def _decorator(func):
pass
return _decorator



2 changes: 1 addition & 1 deletion python-sdk-functional-test/bugs_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def test_bug_with_18034796(self):
request.set_content(json.dumps({"tasks": [task1], "scenes": ["porn"]}))
response = self.client.do_action_with_exception(request)
response = self.get_dict_response(response)
self.assertTrue(response.get("code") == 200)
self.assertEqual(200, response.get("code"))

def test_bug_with_17661113(self):
request = CommonRequest()
Expand Down
12 changes: 6 additions & 6 deletions python-sdk-functional-test/core_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,13 @@ def test_roa_with_common_request(self):
self.assertTrue(ret.get("ResourceTypes"))

def test_rpc_common_request_with_sts_token(self):
# create AssumeRole request ,Acquire a temporary ak
request = AssumeRoleRequest()
# the role must exist
# FIXME : the RoleArn must according to user's setting
request.set_RoleArn("acs:ram::1988236124481530:role/testrole")
request.set_RoleSessionName("alice_test")
sub_client = self.init_sub_client()
self._create_default_ram_role()
self._attach_default_policy()

request = AssumeRoleRequest()
request.set_RoleArn(self.ram_role_arn)
request.set_RoleSessionName(self.default_role_session_name)
response = sub_client.do_action_with_exception(request)
response = self.get_dict_response(response)
credentials = response.get("Credentials")
Expand Down
24 changes: 13 additions & 11 deletions python-sdk-functional-test/credentials_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
from aliyunsdksts.request.v20150401.AssumeRoleRequest import AssumeRoleRequest


from base import SDKTestBase
from base import disabled

Expand All @@ -26,13 +25,12 @@ def get_http_request(self, client, request, specific_signer=None):
return url

def test_call_rpc_request_with_sts_token(self):
# create AssumeRole request ,Acquire a temporary ak
request = AssumeRoleRequest()
# the role must exist
# FIXME : the RoleArn must according to user's setting
request.set_RoleArn("acs:ram::1988236124481530:role/testrole")
request.set_RoleSessionName("alice_test")
client = self.init_sub_client()
self._create_default_ram_role()

request = AssumeRoleRequest()
request.set_RoleArn(self.ram_role_arn)
request.set_RoleSessionName(self.default_role_session_name)
response = client.do_action_with_exception(request)
response = self.get_dict_response(response)
credentials = response.get("Credentials")
Expand All @@ -56,11 +54,15 @@ def test_call_rpc_request_with_sts_token(self):

def test_call_roa_request_with_sts_token(self):
from aliyunsdkcore.auth.credentials import RamRoleArnCredential
# FIXME : the RoleArn must according to user's setting
self._create_default_ram_user()
self._attach_default_policy()
self._create_access_key()
self._create_default_ram_role()

ram_role_arn_credential = RamRoleArnCredential(
self.sub_access_key_id,
self.sub_access_key_secret,
"acs:ram::1988236124481530:role/testrole",
self.ram_user_access_key_id,
self.ram_user_access_key_secret,
self.ram_role_arn,
"alice_test")
acs_client = AcsClient(
region_id="cn-hangzhou",
Expand Down
Loading