Adds request_retirement start

ManageIQ · May 16, 2018 · ed311e9 · ed311e9
1 parent e30003a
commit ed311e9
Show file tree

Hide file tree

Showing 4 changed files with 210 additions and 85 deletions.
diff --git a/app/controllers/api/base_controller/generic.rb b/app/controllers/api/base_controller/generic.rb
@@ -61,6 +61,22 @@ def delete_resource(type, id = nil, _data = nil)
         delete_resource_action(klass, type, id)
       end
 
+      def request_retire_resource(type, id, _data = nil)
+        if api_user_role_allows?('miq_request_approval')
+          klass = collection_class(type)
+          if id
+            msg = "Retiring #{type} id #{id} immediately as a request."
+            resource = resource_search(id, type, klass)
+            api_log_info(msg)
+            klass.make_retire_request(resource.id)
+          else
+            raise BadRequestError, "Must specify an id for retiring a #{type} resource"
+          end
+        else
+          raise ForbiddenError, "User lacking correct permissions to approve a #{type} retire as a request."
+        end
+      end
+
       def retire_resource(type, id, data = nil)
         klass = collection_class(type)
         if id

diff --git a/config/api.yml b/config/api.yml
@@ -2811,6 +2811,8 @@
         :identifier: service_edit
       - :name: retire
         :identifier: service_retire
+      - :name: request_retire
+        :identifier: service_retire
       - :name: set_ownership
         :identifier: service_ownership
       - :name: delete
@@ -2844,6 +2846,8 @@
         :identifier: service_edit
       - :name: retire
         :identifier: service_retire
+      - :name: request_retire
+        :identifier: service_retire
       - :name: set_ownership
         :identifier: service_ownership
       - :name: reconfigure
@@ -3275,6 +3279,8 @@
         :identifier: vm_reset
       - :name: retire
         :identifier: vm_retire_now
+      - :name: request_retire
+        :identifier: vm_retire_now
       - :name: set_owner
         :identifier: vm_edit
       - :name: set_ownership
@@ -3324,6 +3330,8 @@
         :identifier: vm_reset
       - :name: retire
         :identifier: vm_retire_now
+      - :name: request_retire
+        :identifier: vm_retire_now
       - :name: delete
         :identifier: vm_delete
       - :name: set_owner

diff --git a/spec/requests/services_spec.rb b/spec/requests/services_spec.rb
@@ -318,72 +318,116 @@ def format_retirement_date(time)
       time.in_time_zone('UTC').strftime("%Y-%m-%dT%H:%M:%SZ")
     end
 
-    it "rejects requests without appropriate role" do
-      api_basic_authorize
+    context "retire_now" do
+      it "rejects requests without appropriate role" do
+        api_basic_authorize
 
-      post(api_service_url(nil, 100), :params => gen_request(:retire))
+        post(api_service_url(nil, 100), :params => gen_request(:retire))
 
-      expect(response).to have_http_status(:forbidden)
-    end
+        expect(response).to have_http_status(:forbidden)
+      end
 
-    it "rejects multiple requests without appropriate role" do
-      api_basic_authorize
+      it "rejects multiple requests without appropriate role" do
+        api_basic_authorize
 
-      post(api_services_url, :params => gen_request(:retire, [{"href" => api_service_url(nil, 1)}, {"href" => api_service_url(nil, 2)}]))
+        post(api_services_url, :params => gen_request(:retire, [{"href" => api_service_url(nil, 1)}, {"href" => api_service_url(nil, 2)}]))
 
-      expect(response).to have_http_status(:forbidden)
-    end
+        expect(response).to have_http_status(:forbidden)
+      end
 
-    it "supports single service retirement now" do
-      api_basic_authorize collection_action_identifier(:services, :retire)
+      it "supports single service retirement now" do
+        api_basic_authorize collection_action_identifier(:services, :retire)
 
-      expect(MiqEvent).to receive(:raise_evm_event).once
+        expect(MiqEvent).to receive(:raise_evm_event).once
 
-      post(api_service_url(nil, svc), :params => gen_request(:retire))
+        post(api_service_url(nil, svc), :params => gen_request(:retire))
 
-      expect_single_resource_query("id" => svc.id.to_s, "href" => api_service_url(nil, svc))
-    end
+        expect_single_resource_query("id" => svc.id.to_s, "href" => api_service_url(nil, svc))
+      end
 
-    it "supports single service retirement in future" do
-      api_basic_authorize collection_action_identifier(:services, :retire)
+      it "supports single service retirement in future" do
+        api_basic_authorize collection_action_identifier(:services, :retire)
 
-      ret_date = format_retirement_date(Time.now + 5.days)
+        ret_date = format_retirement_date(Time.now + 5.days)
 
-      post(api_service_url(nil, svc), :params => gen_request(:retire, "date" => ret_date, "warn" => 2))
+        post(api_service_url(nil, svc), :params => gen_request(:retire, "date" => ret_date, "warn" => 2))
 
-      expect_single_resource_query("id" => svc.id.to_s, "retires_on" => ret_date, "retirement_warn" => 2)
-      expect(format_retirement_date(svc.reload.retires_on)).to eq(ret_date)
-      expect(svc.retirement_warn).to eq(2)
-    end
+        expect_single_resource_query("id" => svc.id.to_s, "retires_on" => ret_date, "retirement_warn" => 2)
+        expect(format_retirement_date(svc.reload.retires_on)).to eq(ret_date)
+        expect(svc.retirement_warn).to eq(2)
+      end
 
-    it "supports multiple service retirement now" do
-      api_basic_authorize collection_action_identifier(:services, :retire)
+      it "supports multiple service retirement now" do
+        api_basic_authorize collection_action_identifier(:services, :retire)
 
-      expect(MiqEvent).to receive(:raise_evm_event).twice
+        expect(MiqEvent).to receive(:raise_evm_event).twice
 
-      post(api_services_url, :params => gen_request(:retire,
-                                                    [{"href" => api_service_url(nil, svc1)},
-                                                     {"href" => api_service_url(nil, svc2)}]))
+        post(api_services_url, :params => gen_request(:retire,
+                                                      [{"href" => api_service_url(nil, svc1)},
+                                                       {"href" => api_service_url(nil, svc2)}]))
+
+        expect_results_to_match_hash("results", [{"id" => svc1.id.to_s}, {"id" => svc2.id.to_s}])
+      end
+
+      it "supports multiple service retirement in future" do
+        api_basic_authorize collection_action_identifier(:services, :retire)
+
+        ret_date = format_retirement_date(Time.now + 2.days)
 
-      expect_results_to_match_hash("results", [{"id" => svc1.id.to_s}, {"id" => svc2.id.to_s}])
+        post(api_services_url, :params => gen_request(:retire,
+                                                      [{"href" => api_service_url(nil, svc1), "date" => ret_date, "warn" => 3},
+                                                       {"href" => api_service_url(nil, svc2), "date" => ret_date, "warn" => 5}]))
+
+        expect_results_to_match_hash("results",
+                                     [{"id" => svc1.id.to_s, "retires_on" => ret_date, "retirement_warn" => 3},
+                                      {"id" => svc2.id.to_s, "retires_on" => ret_date, "retirement_warn" => 5}])
+        expect(format_retirement_date(svc1.reload.retires_on)).to eq(ret_date)
+        expect(svc1.retirement_warn).to eq(3)
+        expect(format_retirement_date(svc2.reload.retires_on)).to eq(ret_date)
+        expect(svc2.retirement_warn).to eq(5)
+      end
     end
 
-    it "supports multiple service retirement in future" do
-      api_basic_authorize collection_action_identifier(:services, :retire)
+    context "request_retire" do
+      it "rejects requests without appropriate role" do
+        api_basic_authorize
 
-      ret_date = format_retirement_date(Time.now + 2.days)
+        post(api_service_url(nil, 100), :params => gen_request(:request_retire))
 
-      post(api_services_url, :params => gen_request(:retire,
-                                                    [{"href" => api_service_url(nil, svc1), "date" => ret_date, "warn" => 3},
-                                                     {"href" => api_service_url(nil, svc2), "date" => ret_date, "warn" => 5}]))
+        expect(response).to have_http_status(:forbidden)
+      end
 
-      expect_results_to_match_hash("results",
-                                   [{"id" => svc1.id.to_s, "retires_on" => ret_date, "retirement_warn" => 3},
-                                    {"id" => svc2.id.to_s, "retires_on" => ret_date, "retirement_warn" => 5}])
-      expect(format_retirement_date(svc1.reload.retires_on)).to eq(ret_date)
-      expect(svc1.retirement_warn).to eq(3)
-      expect(format_retirement_date(svc2.reload.retires_on)).to eq(ret_date)
-      expect(svc2.retirement_warn).to eq(5)
+      it "rejects multiple requests without appropriate role" do
+        api_basic_authorize
+
+        post(api_services_url, :params => gen_request(:request_retire, [{"href" => api_service_url(nil, 1)}, {"href" => api_service_url(nil, 2)}]))
+
+        expect(response).to have_http_status(:forbidden)
+      end
+
+      it "supports single service retirement now" do
+        api_basic_authorize(action_identifier(:services, :request_retire), :miq_request_approval)
+
+        post(api_service_url(nil, svc), :params => gen_request(:request_retire))
+
+        expected = {
+          "href"    => a_string_matching(/\/api\/requests\//),
+          "message" => a_string_matching(/Service Retire - Request Created/),
+          "options" => a_hash_including("src_ids" => a_collection_containing_exactly(svc.id))
+        }
+        expect(response).to have_http_status(:ok)
+        expect(response.parsed_body).to include(expected)
+      end
+
+      it "supports multiple service retirement now" do
+        api_basic_authorize collection_action_identifier(:services, :request_retire)
+
+        post(api_services_url, :params => gen_request(:retire,
+                                                      [{"href" => api_service_url(nil, svc1)},
+                                                       {"href" => api_service_url(nil, svc2)}]))
+
+        expect_results_to_match_hash("results", [{"id" => svc1.id.to_s}, {"id" => svc2.id.to_s}])
+      end
     end
   end
 
@@ -411,7 +455,7 @@ def format_retirement_date(time)
       get api_service_url(nil, svc1)
 
       expect(response).to have_http_status(:ok)
-      expect(response.parsed_body).to declare_actions("retire")
+      expect(response.parsed_body).to declare_actions("retire", "request_retire")
     end
 
     it "returns reconfigure action for reconfigurable services" do
@@ -426,7 +470,7 @@ def format_retirement_date(time)
       get api_service_url(nil, svc1)
 
       expect(response).to have_http_status(:ok)
-      expect(response.parsed_body).to declare_actions("retire", "reconfigure")
+      expect(response.parsed_body).to declare_actions("retire", "request_retire", "reconfigure")
     end
 
     it "accepts action when service is reconfigurable" do

diff --git a/spec/requests/vms_spec.rb b/spec/requests/vms_spec.rb
@@ -1037,59 +1037,116 @@ def update_raw_power_state(state, *vms)
   end
 
   context "Vm retire action" do
-    it "to an invalid vm" do
-      api_basic_authorize action_identifier(:vms, :retire)
+    context "retire_now" do
+      it "to an invalid vm" do
+        api_basic_authorize action_identifier(:vms, :retire)
 
-      post(invalid_vm_url, :params => gen_request(:retire))
+        post(invalid_vm_url, :params => gen_request(:retire))
 
-      expect(response).to have_http_status(:not_found)
-    end
+        expect(response).to have_http_status(:not_found)
+      end
 
-    it "to an invalid vm without appropriate role" do
-      api_basic_authorize
+      it "to an invalid vm without appropriate role" do
+        api_basic_authorize
 
-      post(invalid_vm_url, :params => gen_request(:retire))
+        post(invalid_vm_url, :params => gen_request(:retire))
 
-      expect(response).to have_http_status(:forbidden)
-    end
+        expect(response).to have_http_status(:forbidden)
+      end
 
-    it "to a single Vm" do
-      api_basic_authorize action_identifier(:vms, :retire)
+      it "to a single Vm" do
+        api_basic_authorize action_identifier(:vms, :retire)
 
-      post(vm_url, :params => gen_request(:retire))
+        post(vm_url, :params => gen_request(:retire))
 
-      expect_single_action_result(:success => true, :message => /#{vm.id}.* retiring/i, :href => api_vm_url(nil, vm))
-    end
+        expect_single_action_result(:success => true, :message => /#{vm.id}.* retiring/i, :href => api_vm_url(nil, vm))
+      end
 
-    it "to multiple Vms" do
-      api_basic_authorize collection_action_identifier(:vms, :retire)
+      it "to multiple Vms" do
+        api_basic_authorize collection_action_identifier(:vms, :retire)
+
+        post(api_vms_url, :params => gen_request(:retire, [{"href" => vm1_url}, {"href" => vm2_url}]))
+
+        expected = {
+          "results" => a_collection_containing_exactly(
+            {
+              "message" => a_string_matching(/#{vm1.id}.* retiring/i),
+              "success" => true,
+              "href"    => api_vm_url(nil, vm1)
+            },
+            {
+              "message" => a_string_matching(/#{vm2.id}.* retiring/ii),
+              "success" => true,
+              "href"    => api_vm_url(nil, vm2)
+            }
+          )
+        }
+        expect(response.parsed_body).to include(expected)
+        expect(response).to have_http_status(:ok)
+      end
 
-      post(api_vms_url, :params => gen_request(:retire, [{"href" => vm1_url}, {"href" => vm2_url}]))
+      it "in the future" do
+        api_basic_authorize action_identifier(:vms, :retire)
+        date = 2.weeks.from_now
+        post(vm_url, :params => gen_request(:retire, :date => date.iso8601))
 
-      expected = {
-        "results" => a_collection_containing_exactly(
-          {
-            "message" => a_string_matching(/#{vm1.id}.* retiring/i),
-            "success" => true,
-            "href"    => api_vm_url(nil, vm1)
-          },
-          {
-            "message" => a_string_matching(/#{vm2.id}.* retiring/ii),
-            "success" => true,
-            "href"    => api_vm_url(nil, vm2)
-          }
-        )
-      }
-      expect(response.parsed_body).to include(expected)
-      expect(response).to have_http_status(:ok)
+        expect_single_action_result(:success => true, :message => /#{vm.id}.* retiring/i, :href => api_vm_url(nil, vm))
+      end
     end
 
-    it "in the future" do
-      api_basic_authorize action_identifier(:vms, :retire)
-      date = 2.weeks.from_now
-      post(vm_url, :params => gen_request(:retire, :date => date.iso8601))
+    context "request_retire" do
+      it "to an invalid vm" do
+        api_basic_authorize(action_identifier(:vms, :request_retire), :miq_request_approval)
+
+        post(invalid_vm_url, :params => gen_request(:request_retire))
+
+        expect(response).to have_http_status(:not_found)
+      end
+
+      it "to an invalid vm without appropriate role" do
+        api_basic_authorize
+
+        post(invalid_vm_url, :params => gen_request(:request_retire))
+
+        expect(response).to have_http_status(:forbidden)
+      end
+
+      it "to a single Vm" do
+        api_basic_authorize(action_identifier(:vms, :request_retire), :miq_request_approval)
 
-      expect_single_action_result(:success => true, :message => /#{vm.id}.* retiring/i, :href => api_vm_url(nil, vm))
+        post(vm_url, :params => gen_request(:request_retire))
+
+        expected = {
+          "href"    => a_string_matching(/\/api\/requests\//),
+          "message" => a_string_matching(/VM Retire - Request Created/),
+          "options" => a_hash_including("src_ids" => a_collection_containing_exactly(vm.id))
+        }
+        expect(response).to have_http_status(:ok)
+        expect(response.parsed_body).to include(expected)
+      end
+
+      it "to multiple Vms" do
+        api_basic_authorize(collection_action_identifier(:vms, :request_retire), :miq_request_approval)
+
+        post(api_vms_url, :params => gen_request(:request_retire, [{"href" => vm1_url}, {"href" => vm2_url}]))
+
+        expected = {
+          "results" => a_collection_containing_exactly(
+            a_hash_including(
+              "message" => a_string_matching(/VM Retire - Request Created/),
+              "href"    => a_string_matching(/\/api\/requests\//),
+              "options" => a_hash_including("src_ids" => a_collection_containing_exactly(vm1.id))
+            ),
+            a_hash_including(
+              "message" => a_string_matching(/VM Retire - Request Created/),
+              "href"    => a_string_matching(/\/api\/requests\//),
+              "options" => a_hash_including("src_ids" => a_collection_containing_exactly(vm2.id))
+            )
+          )
+        }
+        expect(response).to have_http_status(:ok)
+        expect(response.parsed_body).to include(expected)
+      end
     end
   end