tests with user without privileges

devops-service/features/api_v2/flavor.feature

@@ -58,3 +58,7 @@ Feature: Flavors
   Scenario: Get flavors list of unknown provider without 'Accept' header
     When I send GET '/v2.0/flavors/foo' query without headers 'Accept'
     Then response should be '406'
+
+  Scenario: Get flavors list of unknown provider without privileges
+    When I send GET '/v2.0/flavors/foo' query with user without privileges
+    Then response should be '401'

devops-service/features/api_v2/group.feature

@@ -37,3 +37,7 @@ Feature: Groups
   Scenario: Get groups list of unknown provider without 'Accept' header
     When I send GET '/v2.0/groups/foo' query without headers 'Accept'
     Then response should be '406'
+
+  Scenario: Get groups list of unknown provider without privileges
+    When I send GET '/v2.0/groups/foo' query with user without privileges
+    Then response should be '401'

devops-service/features/api_v2/image.feature

@@ -1,3 +1,4 @@
+@image
 Feature: Manage images
 
   Scenario: Get list of all images
@@ -33,3 +34,15 @@ Feature: Manage images
         "id": "b79994de"
       }
     """
+
+  Scenario: Get images list without privileges
+    When I send GET '/v2.0/images' query with user without privileges
+    Then response should be '401'
+
+  Scenario: Get image without privileges
+    When I send GET '/v2.0/image/ami-83e4bcea' query with user without privileges
+    Then response should be '401'
+
+  Scenario: Get unknown image
+    When I send GET '/v2.0/image/foo' query
+    Then response should be '404'

devops-service/features/api_v2/network.feature

@@ -57,3 +57,7 @@ Feature: Networks
   Scenario: Get networks list of unknown provider without 'Accept' header
     When I send GET '/v2.0/networks/foo' query without headers 'Accept'
     Then response should be '406'
+
+  Scenario: Get networks list of unknown provider without privileges
+    When I send GET '/v2.0/networks/foo' query with user without privileges
+    Then response should be '401'

devops-service/features/api_v2/provider.feature

@@ -0,0 +1,18 @@
+@provider
+Feature: Providers
+
+  Scenario: Get list of providers
+    When I send GET '/v2.0/providers' query
+    Then response should be '200'
+    And the Content-Type header should include 'application/json'
+    And the JSON response should be an array
+    And the array elements should be strings
+
+  Scenario: Get providers list without 'Accept' header
+    When I send GET '/v2.0/providers' query without headers 'Accept'
+    Then response should be '406'
+
+  Scenario: Get providers list without privileges
+    When I send GET '/v2.0/providers' query with user without privileges
+    Then response should be '401'
+

devops-service/features/api_v2/templates.feature

@@ -0,0 +1,18 @@
+@templates
+Feature: Bootstrap templates
+
+  Scenario: Get list of bootstrap templates
+    When I send GET '/v2.0/templates' query
+    Then response should be '200'
+    And the Content-Type header should include 'application/json'
+    And the JSON response should be an array
+    And the array elements should be strings
+
+  Scenario: Get bootstrap templates list without 'Accept' header
+    When I send GET '/v2.0/templates' query without headers 'Accept'
+    Then response should be '406'
+
+  Scenario: Get bootstrap templates list without privileges
+    When I send GET '/v2.0/templates' query with user without privileges
+    Then response should be '401'
+

devops-service/features/step_definitions/http_queries_steps.rb

@@ -1,5 +1,4 @@
 DEFAULT_HEADERS = {
-  "REMOTE_USER" => "user_for_testing",
   'Content-Type' => 'application/json',
   'Accept' => 'application/json'
 }
@@ -7,6 +6,10 @@ When(/^I send GET '(.*)' query$/) do |path|
   get(path, {}, DEFAULT_HEADERS)
 end
 
+When(/^I send GET '(.*)' query with user without privileges$/) do |path|
+  get_without_privileges(path, {}, DEFAULT_HEADERS)
+end
+
 When(/^I send GET '(.*)' query without headers '(.*)'$/) do |path, hs|
   buf = hs.split(",").map{|e| e.strip}
   headers = {}

devops-service/features/support/config.yml

@@ -3,3 +3,5 @@ port: port
 username: "test"
 password: "test"
 path_prefix: ""
+username_without_privileges: "user_for_testing_"
+password_without_privileges: "test"

devops-service/features/support/env.rb

@@ -36,7 +36,11 @@ class RequestSender
     file = ENV["CONFIG"] || "./features/support/config.yml"
     abort("File does not exist: #{File.absolute_path(file)}") unless File.exists?(file)
     @config = config(file)
-    @default_headers = {
+  end
+
+  def default_headers
+    {
+      "REMOTE_USER" => @config["username"]
     }
   end
 
@@ -54,20 +58,30 @@ class RequestSender
 
   def get path, query, headers={}
     submit do |http|
-      http.get(create_url(path), query, @default_headers.merge(headers))
+      http.get(create_url(path), query, default_headers.merge(headers))
     end
   end
 
+  def get_without_privileges path, query={}, headers={}
+    buf_u = @config["username"]
+    buf_p = @config["password"]
+    @config["username"] = @config["username_without_privileges"]
+    @config["password"] = @config["password_without_privileges"]
+    get(path, query, headers)
+    @config["username"] = buf_u
+    @config["password"] = buf_p
+  end
+
   def post path, query, headers={}
     submit do |http|
       http.receive_timeout = 0 #!!! bring out to appropriate server step
-      http.post(create_url(path), JSON.pretty_generate(query), @default_headers.merge(headers))
+      http.post(create_url(path), JSON.pretty_generate(query), default_headers.merge(headers))
     end
   end
 
   def delete path, query, headers={}
     submit do |http|
-      http.delete(create_url(path), JSON.pretty_generate(query), @default_headers.merge(headers))
+      http.delete(create_url(path), JSON.pretty_generate(query), default_headers.merge(headers))
     end
   end