You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ti...@apache.org on 2015/12/18 21:02:04 UTC

[6/7] mesos git commit: Quota: Verified quota requests succeed when authn and authz are disabled.

Quota: Verified quota requests succeed when authn and authz are disabled.

Review: https://reviews.apache.org/r/41544/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/8e9469df
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/8e9469df
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/8e9469df

Branch: refs/heads/master
Commit: 8e9469df884ad148bdc7070f7347f4fcef4dcd10
Parents: 38a18c4
Author: Alexander Rukletsov <ru...@gmail.com>
Authored: Fri Dec 18 17:46:07 2015 +0100
Committer: Till Toenshoff <to...@me.com>
Committed: Fri Dec 18 20:52:30 2015 +0100

----------------------------------------------------------------------
 src/tests/master_quota_tests.cpp | 78 +++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/8e9469df/src/tests/master_quota_tests.cpp
----------------------------------------------------------------------
diff --git a/src/tests/master_quota_tests.cpp b/src/tests/master_quota_tests.cpp
index ce2ecee..d855a0e 100644
--- a/src/tests/master_quota_tests.cpp
+++ b/src/tests/master_quota_tests.cpp
@@ -980,6 +980,84 @@ TEST_F(MasterQuotaTest, AvailableResourcesAfterRescinding)
 
 // These tests verify the authentication and authorization of quota requests.
 
+// Checks that quota set and remove requests succeed if both authentication
+// and authorization are disabled.
+TEST_F(MasterQuotaTest, NoAuthenticationNoAuthorization)
+{
+  TestAllocator<> allocator;
+  EXPECT_CALL(allocator, initialize(_, _, _, _));
+
+  // Disable authentication and authorization by providing neither
+  // credentials nor ACLs.
+  // TODO(alexr): Setting master `--acls` flag to `ACLs()` or `None()` seems
+  // to be semantically equal, however, the test harness currently does not
+  // allow `None()`. Once MESOS-4196 is resolved, use `None()` for clarity.
+  master::Flags masterFlags = CreateMasterFlags();
+  masterFlags.credentials = None();
+  masterFlags.acls = ACLs();
+
+  Try<PID<Master>> master = StartMaster(&allocator, masterFlags);
+  ASSERT_SOME(master);
+
+  // Start an agent and wait until it registers.
+  Future<Resources> agentTotalResources;
+  EXPECT_CALL(allocator, addSlave(_, _, _, _, _))
+    .WillOnce(DoAll(InvokeAddSlave(&allocator),
+                    FutureArg<3>(&agentTotalResources)));
+
+  Try<PID<Slave>> agent = StartSlave();
+  ASSERT_SOME(agent);
+
+  AWAIT_READY(agentTotalResources);
+  EXPECT_EQ(defaultAgentResources, agentTotalResources.get());
+
+  // Check whether quota can be set.
+  {
+    // Request quota for a portion of the resources available on the agent.
+    Resources quotaResources = Resources::parse("cpus:1;mem:512", ROLE1).get();
+    EXPECT_TRUE(agentTotalResources.get().contains(quotaResources.flatten()));
+
+    Future<QuotaInfo> receivedSetRequest;
+    EXPECT_CALL(allocator, setQuota(Eq(ROLE1), _))
+      .WillOnce(DoAll(InvokeSetQuota(&allocator),
+                      FutureArg<1>(&receivedSetRequest)));
+
+    // Send a set quota request with absent credentials.
+    Future<Response> response = process::http::post(
+        master.get(),
+        "quota",
+        None(),
+        createRequestBody(quotaResources));
+
+    // Quota request succeeds and reaches the allocator.
+    AWAIT_READY(receivedSetRequest);
+    AWAIT_EXPECT_RESPONSE_STATUS_EQ(OK().status, response)
+      << response.get().body;
+  }
+
+  // Check whether quota can be removed.
+  {
+    Future<Nothing> receivedRemoveRequest;
+    EXPECT_CALL(allocator, removeQuota(Eq(ROLE1)))
+      .WillOnce(DoAll(InvokeRemoveQuota(&allocator),
+                      FutureSatisfy(&receivedRemoveRequest)));
+
+    // Send a remove quota request with absent credentials.
+    Future<Response> response = process::http::requestDelete(
+        master.get(),
+        "quota/" + ROLE1,
+        None());
+
+    // Quota request succeeds and reaches the allocator.
+    AWAIT_READY(receivedRemoveRequest);
+    AWAIT_EXPECT_RESPONSE_STATUS_EQ(OK().status, response)
+      << response.get().body;
+  }
+
+  Shutdown();
+}
+
+
 // Checks that a set quota request is rejected for unauthenticated principals.
 TEST_F(MasterQuotaTest, UnauthenticatedQuotaRequest)
 {