You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2022/12/08 11:58:42 UTC
[GitHub] [cloudstack] GaOrtiga opened a new pull request, #6960: create parameter to determine whether roles are public or private
GaOrtiga opened a new pull request, #6960:
URL: https://github.com/apache/cloudstack/pull/6960
### Description
ACS does not allow the operator to define the visibility of roles, meaning all of them are visible to all users, with the exception of Root Admin roles.
In order to address this situation, a new parameter `public_role` has been created in the following APIs: `createRole`, `updateRole` and `importRole`. This parameter adds a new property to the role, allowing it to be hidden from the users; so, when updating, importing or creating a new role it is possible for the operator to inform if it is public (visible to all users) or private (only visible to Root Admins and the creator of the role). Also, the behavior of the API `listRoles` has been adjusted to return the roles according to this new property.
The following are examples of the listings using a Root Admin account and a Domain Admin account.
<details><summary>Listing with a Root Admin account</summary>
```
(localcloud) 🐱 > list roles
{
"count": 10,
"role": [
{
"description": "Default root admin role",
"id": "64b34ae1-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": false,
"name": "Root Admin",
"type": "Admin"
},
{
"description": "Default resource admin role",
"id": "64b38969-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Resource Admin",
"type": "ResourceAdmin"
},
{
"description": "Default domain admin role",
"id": "64b48e57-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Domain Admin",
"type": "DomainAdmin"
},
{
"description": "Default user role",
"id": "64b4ca77-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "User",
"type": "User"
},
{
"description": "Default read-only admin role",
"id": "68ea06f5-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": false,
"name": "Read-Only Admin - Default",
"type": "Admin"
},
{
"description": "Default read-only user role",
"id": "68ea3701-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Read-Only User - Default",
"type": "User"
},
{
"description": "Default support admin role",
"id": "68ea6ff9-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": false,
"name": "Support Admin - Default",
"type": "Admin"
},
{
"description": "Default support user role",
"id": "68eaab60-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": false,
"name": "Support User - Default",
"type": "User"
},
{
"id": "2281d1f7-ba24-484e-bc1f-8519870dfc16",
"isdefault": false,
"ispublic": false,
"name": "privaterole1",
"type": "User"
},
{
"id": "eebb8a56-6fce-4300-ade0-40a3e03a08a8",
"isdefault": false,
"ispublic": true,
"name": "publicrole1",
"type": "DomainAdmin"
}
]
}
```
</details>
<details><summary>Listing with a Domain Admin account</summary>
```
(localcloud) 🐱 > list roles
{
"count": 5,
"role": [
{
"description": "Default resource admin role",
"id": "64b38969-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Resource Admin",
"type": "ResourceAdmin"
},
{
"description": "Default domain admin role",
"id": "64b48e57-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Domain Admin",
"type": "DomainAdmin"
},
{
"description": "Default user role",
"id": "64b4ca77-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "User",
"type": "User"
},
{
"description": "Default read-only user role",
"id": "68ea3701-26de-11ec-8dcf-5254005dcdac",
"isdefault": true,
"ispublic": true,
"name": "Read-Only User - Default",
"type": "User"
},
{
"id": "eebb8a56-6fce-4300-ade0-40a3e03a08a8",
"isdefault": false,
"ispublic": true,
"name": "publicrole1",
"type": "DomainAdmin"
}
]
}
```
</details>
Example of the other APIs:
<details><summary>createRole</summary>
```
(localcloud) 🐱 > create role roleid=64b34ae1-26de-11ec-8dcf-5254005dcdac name=roleTeste ispublic=false description="role para teste"
{
"role": {
"description": "role para teste",
"id": "777e8dde-6670-42e2-8328-876d6445cc7c",
"ispublic": false,
"name": "roleTeste",
"type": "Admin"
}
}
```
</details>
<details><summary>updateRole</summary>
```
(localcloud) 🐱 > update role id=777e8dde-6670-42e2-8328-876d6445cc7c ispublic=true
{
"role": {
"description": "role para teste",
"id": "777e8dde-6670-42e2-8328-876d6445cc7c",
"ispublic": true,
"name": "roleTeste",
"type": "Admin"
}
}
```
</details>
<details><summary>importRole</summary>
```
(localcloud) 🐱 > import role name=importedRoleTeste ispublic=false rules[0].rule=* rules[0].permission=allow type=User
{
"role": {
"id": "54045972-0272-4ab8-93c2-c299331897db",
"ispublic": false,
"name": "importedRoleTeste",
"type": "User"
}
}
```
</details>
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [X] New feature (non-breaking change which adds functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [ ] Major
- [X] Minor
### How Has This Been Tested?
1. I created two new roles using the `createRole` API. One with the parameter `public_role` set to `false` and one with it set to `true`. I verified that both roles were successfully created with the specified parameters.
2. I repeated the same steps from the first test, but this time using the `importRole` API instead. I verified that the roles were successfully imported with the specified parameters.
3. I updated the `public_role` parameter from two different roles using the `updateRole` API, the first one had the parameter as `true` and I updated it to `false` and the second had it as `false` and I updated it to `true`. Both were successfully updated.
4. I used the API `listRoles` using a Root Admin account and verified that every role was visible.
5. I used the API `listRoles` using a Domain Admin account and verified that it could not see private roles.
6. I created an account of the type user using a private role and verified that it could log in.
7. With this same account I created a new network, and a new VM, and verified that both worked normally.
8. I repeated tests 6 and 7 but this time with an account of the type Root Admin, and verified that it worked aswell.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357367527
@DaanHoogland a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527337691
@DaanHoogland a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1347909758
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1355408228
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [4 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.3% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [4.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357831572
@DaanHoogland Oh, I see.
Okay, I will look into it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1384092853
@rohityadavcloud @weizhouapache Can you guys give this a look? tnx
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527221423
> @DaanHoogland Can we proceed with this PR or is there any other concern regarding it?
no concerns
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357647858
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.3% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [4.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357367044
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1370559111
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#discussion_r1158603970
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
Review Comment:
```suggestion
self.cleanup = []
self.role_admin = Role.create(
self.apiclient,
self.testdata["roleadmin"]
)
self.cleanup.append(self.role_admin)
self.role_domain_admin = Role.create(
self.apiclient,
self.testdata["roledomainadmin"]
)
self.cleanup.append(self.role_domain_admin)
self.private_role = Role.create(
self.apiclient,
self.testdata["roleuser"]
)
self.cleanup.append(self.private_role)
self.account_admin = Account.create(
self.apiclient,
self.testdata["accountadmin"],
roleid=self.role_admin.id
)
self.cleanup.append(self.account_admin)
self.account_domain_admin = Account.create(
self.apiclient,
self.testdata["accountdomainadmin"],
roleid=self.role_domain_admin.id
)
self.cleanup.append(self.account_domain_admin)
self.admin_apiclient = self.testClient.getUserApiClient(
UserName=self.account_admin.name,
DomainName='ROOT',
type=1
)
self.domain_admin_apiclient = self.testClient.getUserApiClient(
UserName=self.account_domain_admin.name,
DomainName='ROOT',
type=2
)
def tearDown(self):
super(, self).tearDown()
```
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+ def getRandomString(self):
+ return "".join(random.choice("abcdefghijklmnopqrstuvwxyz0123456789") for _ in range(10))
+
+
+ def asserts_visibility_of_private_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should not be able to list private roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list private roles"
+ )
+
+
+ def asserts_visibility_of_public_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should be able to list public roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list public roles"
+ )
+
+
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_create_role(self):
+ """
+ 1. Create a private role
+ 2. Create a public role
+ 3. Verify whether their visibility is as expected
+ """
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+ public_role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
Review Comment:
```suggestion
private_role = Role.create(
self.apiclient,
self.testdata["roleuser"]
)
self.cleanup.append(self.private_role)
public_role = Role.create(
self.apiclient,
self.testdata["publicrole"]
)
self.cleanup.append(self.public_role)
```
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+ def getRandomString(self):
+ return "".join(random.choice("abcdefghijklmnopqrstuvwxyz0123456789") for _ in range(10))
+
+
+ def asserts_visibility_of_private_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should not be able to list private roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list private roles"
+ )
+
+
+ def asserts_visibility_of_public_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should be able to list public roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list public roles"
+ )
+
+
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_create_role(self):
+ """
+ 1. Create a private role
+ 2. Create a public role
+ 3. Verify whether their visibility is as expected
+ """
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+ public_role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_private_role(private_role.id)
+ self.asserts_visibility_of_public_role(public_role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_update_role(self):
+ """
+ 1. Create a public role
+ 2. Check if its visibility is public
+ 3. Update it to make it private
+ 4. Verify if its visibility is private
+ """
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_public_role(role.id)
+ role.update(self.apiclient, id=role.id, ispublic=False)
+ self.asserts_visibility_of_private_role(role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_import_role(self):
+ """
+ 1. Import a public role
+ 2. Import a private role
+ 3. Verify their visibility
+ """
+ self.testdata["importrole"]["name"] += self.getRandomString()
+ imported_public_role = Role.importRole(
+ self.apiclient,
+ self.testdata["importrole"]
+ )
+ self.testdata["importrole"]["name"] += self.getRandomString()
+ self.testdata["importrole"]["ispublic"] = False
+ imported_private_role = Role.importRole(
+ self.apiclient,
+ self.testdata["importrole"]
+ )
Review Comment:
```suggestion
imported_private_role = Role.importRole(
self.apiclient,
self.testdata["importrole"]
)
self.cleanup.append(imported_private_role)
```
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+ def getRandomString(self):
+ return "".join(random.choice("abcdefghijklmnopqrstuvwxyz0123456789") for _ in range(10))
+
+
+ def asserts_visibility_of_private_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should not be able to list private roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list private roles"
+ )
+
+
+ def asserts_visibility_of_public_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should be able to list public roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list public roles"
+ )
+
+
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_create_role(self):
+ """
+ 1. Create a private role
+ 2. Create a public role
+ 3. Verify whether their visibility is as expected
+ """
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+ public_role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_private_role(private_role.id)
+ self.asserts_visibility_of_public_role(public_role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_update_role(self):
+ """
+ 1. Create a public role
+ 2. Check if its visibility is public
+ 3. Update it to make it private
+ 4. Verify if its visibility is private
+ """
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_public_role(role.id)
+ role.update(self.apiclient, id=role.id, ispublic=False)
+ self.asserts_visibility_of_private_role(role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_import_role(self):
+ """
+ 1. Import a public role
+ 2. Import a private role
+ 3. Verify their visibility
+ """
+ self.testdata["importrole"]["name"] += self.getRandomString()
+ imported_public_role = Role.importRole(
+ self.apiclient,
+ self.testdata["importrole"]
+ )
+ self.testdata["importrole"]["name"] += self.getRandomString()
+ self.testdata["importrole"]["ispublic"] = False
+ imported_private_role = Role.importRole(
+ self.apiclient,
+ self.testdata["importrole"]
+ )
+
+ self.asserts_visibility_of_public_role(imported_public_role.id)
+ self.asserts_visibility_of_private_role(imported_private_role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_login_private_role(self):
+ """
+ 1. Crate a User account with a private role
+ 2. Login with the created account
+ 3. Verify that the login was successful
+ """
+ account_private_role = Account.create(
+ self.apiclient,
+ self.testdata["accountroleuser"],
+ roleid=self.private_role.id
+ )
Review Comment:
```suggestion
account_private_role = Account.create(
self.apiclient,
self.testdata["accountroleuser"],
roleid=self.private_role.id
)
self.cleanup.append(account_private_role)
```
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+ def getRandomString(self):
+ return "".join(random.choice("abcdefghijklmnopqrstuvwxyz0123456789") for _ in range(10))
+
+
+ def asserts_visibility_of_private_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should not be able to list private roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list private roles"
+ )
+
+
+ def asserts_visibility_of_public_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should be able to list public roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list public roles"
+ )
+
+
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_create_role(self):
+ """
+ 1. Create a private role
+ 2. Create a public role
+ 3. Verify whether their visibility is as expected
+ """
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+ public_role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_private_role(private_role.id)
+ self.asserts_visibility_of_public_role(public_role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_update_role(self):
+ """
+ 1. Create a public role
+ 2. Check if its visibility is public
+ 3. Update it to make it private
+ 4. Verify if its visibility is private
+ """
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_public_role(role.id)
+ role.update(self.apiclient, id=role.id, ispublic=False)
+ self.asserts_visibility_of_private_role(role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_import_role(self):
+ """
+ 1. Import a public role
+ 2. Import a private role
+ 3. Verify their visibility
+ """
+ self.testdata["importrole"]["name"] += self.getRandomString()
+ imported_public_role = Role.importRole(
+ self.apiclient,
+ self.testdata["importrole"]
+ )
Review Comment:
```suggestion
imported_public_role = Role.importRole(
self.apiclient,
self.testdata["importrole"]
)
self.cleanup.append(imported_public_role)
```
##########
test/integration/smoke/test_private_roles.py:
##########
@@ -0,0 +1,288 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from marvin.cloudstackAPI import *
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import Account, Role, User
+from marvin.lib.utils import cleanup_resources
+from nose.plugins.attrib import attr
+
+import random
+
+
+class TestData(object):
+ """Test data object that is required to create resources
+ """
+ def __init__(self):
+ self.testdata = {
+ "accountadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestAdminAccount",
+ "username": "TestAdminAccount",
+ "password": "password"
+ },
+ "accountdomainadmin": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestDomainAdminAccount",
+ "username": "TestDomainAdminAccount",
+ "password": "password"
+ },
+ "accountroleuser": {
+ "email": "mtu@test.cloud",
+ "firstname": "Marvin",
+ "lastname": "TestUserAccount",
+ "username": "TestUserAccount",
+ "password": "password"
+ },
+ "roleadmin": {
+ "name": "MarvinFake Admin Role ",
+ "type": "Admin",
+ "description": "Fake Admin Role created by Marvin test"
+ },
+ "roleuser": {
+ "name": "MarvinFake User Role ",
+ "type": "User",
+ "description": "Fake User Role created by Marvin test",
+ "ispublic": False
+ },
+ "publicrole": {
+ "name": "MarvinFake Public Role ",
+ "type": "User",
+ "description": "Fake Public Role created by Marvin test"
+ },
+ "importrole": {
+ "name": "MarvinFake Import Role ",
+ "type": "User",
+ "description": "Fake Import User Role created by Marvin test",
+ "ispublic": True,
+ "rules": [{"rule":"list*", "permission":"allow","description":"Listing apis"},
+ {"rule":"get*", "permission":"allow","description":"Get apis"},
+ {"rule":"update*", "permission":"deny","description":"Update apis"}]
+ },
+ "roledomainadmin": {
+ "name": "MarvinFake DomainAdmin Role ",
+ "type": "DomainAdmin",
+ "description": "Fake Domain-Admin Role created by Marvin test",
+ "ispublic": False
+ },
+ "apiConfig": {
+ "listApis": "allow",
+ "listAccounts": "allow",
+ "listClusters": "deny",
+ "*VM*": "allow",
+ "*Host*": "deny"
+ }
+ }
+
+
+class TestPrivateRoles(cloudstackTestCase):
+ """Tests Visibility of private and public roles
+ """
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.testdata = TestData().testdata
+
+ self.testdata["roleadmin"]["name"] += self.getRandomString()
+ self.testdata["roledomainadmin"]["name"] += self.getRandomString()
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.role_admin = Role.create(
+ self.apiclient,
+ self.testdata["roleadmin"]
+ )
+
+ self.role_domain_admin = Role.create(
+ self.apiclient,
+ self.testdata["roledomainadmin"]
+ )
+
+ self.private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+
+ self.account_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountadmin"],
+ roleid=self.role_admin.id
+ )
+
+ self.account_domain_admin = Account.create(
+ self.apiclient,
+ self.testdata["accountdomainadmin"],
+ roleid=self.role_domain_admin.id
+ )
+
+ self.admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_admin.name,
+ DomainName='ROOT',
+ type=1
+ )
+
+ self.domain_admin_apiclient = self.testClient.getUserApiClient(
+ UserName=self.account_domain_admin.name,
+ DomainName='ROOT',
+ type=2
+ )
+
+ self.cleanup = [
+ self.testdata,
+ self.account_admin,
+ self.account_domain_admin,
+ self.role_admin,
+ self.role_domain_admin,
+ self.admin_apiclient,
+ self.private_role,
+ self.domain_admin_apiclient
+ ]
+
+
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.debug("Warning! Exception in tearDown: %s" % e)
+
+ def getRandomString(self):
+ return "".join(random.choice("abcdefghijklmnopqrstuvwxyz0123456789") for _ in range(10))
+
+
+ def asserts_visibility_of_private_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should not be able to list private roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list private roles"
+ )
+
+
+ def asserts_visibility_of_public_role(self, role_id):
+ list_roles_domain_admin = Role.list(self.domain_admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_domain_admin,
+ None,
+ "Domain Admins should be able to list public roles"
+ )
+
+ list_roles_admin = Role.list(self.admin_apiclient, id=role_id)
+ self.assertNotEqual(
+ list_roles_admin,
+ None,
+ "Admins should be able to list public roles"
+ )
+
+
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_create_role(self):
+ """
+ 1. Create a private role
+ 2. Create a public role
+ 3. Verify whether their visibility is as expected
+ """
+ self.testdata["roleuser"]["name"] += self.getRandomString()
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ private_role = Role.create(
+ self.apiclient,
+ self.testdata["roleuser"]
+ )
+ public_role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
+ self.asserts_visibility_of_private_role(private_role.id)
+ self.asserts_visibility_of_public_role(public_role.id)
+
+ @attr(tags=['simulator', 'basic'], required_hardware=False)
+ def test_update_role(self):
+ """
+ 1. Create a public role
+ 2. Check if its visibility is public
+ 3. Update it to make it private
+ 4. Verify if its visibility is private
+ """
+ self.testdata["publicrole"]["name"] += self.getRandomString()
+ role = Role.create(
+ self.apiclient,
+ self.testdata["publicrole"]
+ )
Review Comment:
```suggestion
role = Role.create(
self.apiclient,
self.testdata["publicrole"]
)
self.cleanup.append(role)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357504238
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357545862
> @GaOrtiga do you think regression/integration tests as sensible for this change?
Do you mean for the PR as a whole or for this last change submitted?
If it is for the whole PR, I have run some regression tests and all of them worked out properly, however if you have concerns about any specific functionality, I can run some more.
If it is for this last change I don´t think any other testing is necessary, since the arguments deleted were really not being used.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357695116
No, I meant for the functionality in this PR in general. And I mean in an automated fashion so they can serve as regression tests in the future. I.e. automate the scenario you described under "How Has This Been Tested?".
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] shwstppr commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "shwstppr (via GitHub)" <gi...@apache.org>.
shwstppr commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1571854726
@DaanHoogland this has been merged in `main` branch but the schema changes are in 4.18.0 to 4.18.1 upgrade path
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1346240634
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1354381724
Sorry @GaOrtiga , conflicts again. This happens a lot as we get close to release :(
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357504759
@GaOrtiga do you think regression/integration tests as sensible for this change?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527335806
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1509917642
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1514847930
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1415942299
ok @GaOrtiga , it seems we have two items (2fa and tungsten) that are posponing the release anyway, but I'll keep it in mind.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1528185343
<b>Trillian test result (tid-6488)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 44847 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6960-t6488-kvm-centos7.zip
Smoke tests completed. 110 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527316597
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5996
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527223699
@DaanHoogland a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1527221810
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1496003281
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1398106590
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on code in PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#discussion_r1051992683
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/acl/ListRolesCmd.java:
##########
@@ -110,7 +111,7 @@ private void setupResponse(final Pair<List<Role>, Integer> roles) {
public void execute() {
Pair<List<Role>, Integer> roles;
if (getId() != null && getId() > 0L) {
- roles = new Pair<List<Role>, Integer>(Collections.singletonList(roleService.findRole(getId())), 1);
+ roles = new Pair<List<Role>, Integer>(Collections.singletonList(roleService.findRole(getId(), true)), 1);
Review Comment:
no -1 by any means btw!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1346059266
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on code in PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#discussion_r1051989828
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/acl/ListRolesCmd.java:
##########
@@ -110,7 +111,7 @@ private void setupResponse(final Pair<List<Role>, Integer> roles) {
public void execute() {
Pair<List<Role>, Integer> roles;
if (getId() != null && getId() > 0L) {
- roles = new Pair<List<Role>, Integer>(Collections.singletonList(roleService.findRole(getId())), 1);
+ roles = new Pair<List<Role>, Integer>(Collections.singletonList(roleService.findRole(getId(), true)), 1);
Review Comment:
```suggestion
roles = new Pair<>(Collections.singletonList(roleService.findRole(getId(), true)), 1);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1358721823
<b>Trillian test result (tid-5576)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 41973 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6960-t5576-kvm-centos7.zip
Smoke tests completed. 103 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_create_pvlan_network | `Error` | 0.05 | test_pvlan.py
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 577.10 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1357494865
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5023
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1413375780
@GaOrtiga , i plan to cut the RC this weekend, will you be ready by today? (we need a day to run the tests as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland merged pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland merged PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1384054214
test_affinity_groups_projects failing, see #7098
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1398251714
> @GaOrtiga new conflicts. as we are closing in on release this will happen more often :(
Okay, I will look into it.
I am currently working on the integration tests, took me way longer than expected, but hopefully will have them out by next week.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "GaOrtiga (via GitHub)" <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1415930233
@DaanHoogland I think its better if we push it to a future release.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1346732324
> @GaOrtiga , can you look at the conflicts?
Done.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "GaOrtiga (via GitHub)" <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1522258896
@DaanHoogland Can we proceed with this PR or is there any other concern regarding it?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1571890521
Note how the smoke tests passed and didn't warn me about my error. An upgrade test would have caught this :|
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1499204294
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] codecov[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
codecov[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1342682414
# [Codecov](https://codecov.io/gh/apache/cloudstack/pull/6960?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#6960](https://codecov.io/gh/apache/cloudstack/pull/6960?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (e415da7) into [main](https://codecov.io/gh/apache/cloudstack/commit/a63b2aba7aa3948f78d280a356c550c6638a137b?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (a63b2ab) will **increase** coverage by `0.02%`.
> The diff coverage is `16.00%`.
```diff
@@ Coverage Diff @@
## main #6960 +/- ##
============================================
+ Coverage 11.48% 11.50% +0.02%
- Complexity 7513 7534 +21
============================================
Files 2491 2491
Lines 246730 246786 +56
Branches 38552 38559 +7
============================================
+ Hits 28332 28389 +57
+ Misses 214816 214799 -17
- Partials 3582 3598 +16
```
| [Impacted Files](https://codecov.io/gh/apache/cloudstack/pull/6960?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...ava/org/apache/cloudstack/acl/dao/RoleDaoImpl.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZW5naW5lL3NjaGVtYS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9hY2wvZGFvL1JvbGVEYW9JbXBsLmphdmE=) | `0.00% <0.00%> (ø)` | |
| [...rc/main/java/org/apache/cloudstack/acl/RoleVO.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZW5naW5lL3NjaGVtYS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9hY2wvUm9sZVZPLmphdmE=) | `50.00% <25.00%> (-3.58%)` | :arrow_down: |
| [...ava/org/apache/cloudstack/acl/RoleManagerImpl.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c2VydmVyL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9jbG91ZHN0YWNrL2FjbC9Sb2xlTWFuYWdlckltcGwuamF2YQ==) | `20.09% <25.00%> (-1.74%)` | :arrow_down: |
| [...rg/apache/cloudstack/quota/QuotaStatementImpl.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZnJhbWV3b3JrL3F1b3RhL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9jbG91ZHN0YWNrL3F1b3RhL1F1b3RhU3RhdGVtZW50SW1wbC5qYXZh) | `36.28% <0.00%> (-3.99%)` | :arrow_down: |
| [...apache/cloudstack/syslog/AlertsSyslogAppender.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy9hbGVydC1oYW5kbGVycy9zeXNsb2ctYWxlcnRzL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9jbG91ZHN0YWNrL3N5c2xvZy9BbGVydHNTeXNsb2dBcHBlbmRlci5qYXZh) | `56.49% <0.00%> (-2.26%)` | :arrow_down: |
| [...che/cloudstack/affinity/HostAffinityProcessor.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy9hZmZpbml0eS1ncm91cC1wcm9jZXNzb3JzL2hvc3QtYWZmaW5pdHkvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2Nsb3Vkc3RhY2svYWZmaW5pdHkvSG9zdEFmZmluaXR5UHJvY2Vzc29yLmphdmE=) | `69.23% <0.00%> (-1.83%)` | :arrow_down: |
| [...main/java/com/cloud/storage/dao/VolumeDaoImpl.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZW5naW5lL3NjaGVtYS9zcmMvbWFpbi9qYXZhL2NvbS9jbG91ZC9zdG9yYWdlL2Rhby9Wb2x1bWVEYW9JbXBsLmphdmE=) | `23.62% <0.00%> (-0.23%)` | :arrow_down: |
| [...ain/java/com/cloud/storage/StorageManagerImpl.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c2VydmVyL3NyYy9tYWluL2phdmEvY29tL2Nsb3VkL3N0b3JhZ2UvU3RvcmFnZU1hbmFnZXJJbXBsLmphdmE=) | `0.89% <0.00%> (-0.01%)` | :arrow_down: |
| [...rver/src/main/java/com/cloud/vm/UserVmManager.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c2VydmVyL3NyYy9tYWluL2phdmEvY29tL2Nsb3VkL3ZtL1VzZXJWbU1hbmFnZXIuamF2YQ==) | `100.00% <0.00%> (ø)` | |
| [...java/org/apache/cloudstack/utils/qemu/QemuImg.java](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy9oeXBlcnZpc29ycy9rdm0vc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2Nsb3Vkc3RhY2svdXRpbHMvcWVtdS9RZW11SW1nLmphdmE=) | `2.19% <0.00%> (+0.01%)` | :arrow_up: |
| ... and [7 more](https://codecov.io/gh/apache/cloudstack/pull/6960/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GaOrtiga commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
GaOrtiga commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1355296274
> Sorry @GaOrtiga , conflicts again. This happens a lot as we get close to release :(
Yes, I resolved them, thanks!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1346537797
@GaOrtiga , can you look at the conflicts?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1384056320
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6960)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6960&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6960&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list) [33.3% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6960&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1398160750
@GaOrtiga new conflicts. as we are closing in on release this will happen more often :(
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6960: create parameter to determine whether roles are public or private
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6960:
URL: https://github.com/apache/cloudstack/pull/6960#issuecomment-1571886669
> @DaanHoogland this has been merged in `main` branch but the schema changes are in 4.18.0 to 4.18.1 upgrade path
thanks @shwstppr , I missed that. I can revert, but I see you added a commit on top of this. What do you propose we do?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org