def setUp(self):
super(ApprovalByLabelE2ETest, self).setUp()
# Set up clients and labels before we turn on the FullACM. We need to create
# the client because to check labels the client needs to exist.
client_ids = self.SetupClients(3)
self.client_nolabel = rdf_client.ClientURN(client_ids[0])
self.client_nolabel_id = self.client_nolabel.Basename()
self.client_legal = rdf_client.ClientURN(client_ids[1])
self.client_legal_id = self.client_legal.Basename()
self.client_prod = rdf_client.ClientURN(client_ids[2])
self.client_prod_id = self.client_prod.Basename()
with aff4.FACTORY.Open(
self.client_legal,
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token) as client_obj:
client_obj.AddLabels("legal_approval")
with aff4.FACTORY.Open(
self.client_prod,
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token) as client_obj:
client_obj.AddLabels("legal_approval", "prod_admin_approval")
cls = (api_call_router_with_approval_checks.
ApiCallRouterWithApprovalChecksWithoutRobotAccess)
cls.ClearCache()
self.approver = test_lib.ConfigOverrider({
"API.DefaultRouter":
cls.__name__,
"ACL.approvers_config_file":
os.path.join(self.base_path, "approvers.yaml")
})
self.approver.Start()
# Get a fresh approval manager object and reload with test approvers.
self.approval_manager_stubber = utils.Stubber(
client_approval_auth, "CLIENT_APPROVAL_AUTH_MGR",
client_approval_auth.ClientApprovalAuthorizationManager())
self.approval_manager_stubber.Start()
# Force creation of new APIAuthorizationManager, so that configuration
# changes are picked up.
api_auth_manager.APIACLInit.InitApiAuthManager()
def setUp(self):
super(ClientApprovalByLabelTests, self).setUp()
# Set up clients and labels before we turn on the FullACM. We need to create
# the client because to check labels the client needs to exist.
client_ids = self.SetupClients(3)
self.client_nolabel = rdf_client.ClientURN(client_ids[0])
self.client_legal = rdf_client.ClientURN(client_ids[1])
self.client_prod = rdf_client.ClientURN(client_ids[2])
with aff4.FACTORY.Open(
self.client_legal,
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token) as client_obj:
client_obj.AddLabels("legal_approval")
with aff4.FACTORY.Open(
self.client_prod,
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token) as client_obj:
client_obj.AddLabels("legal_approval", "prod_admin_approval")
self.db_manager_stubber = utils.Stubber(
data_store.DB, "security_manager",
user_managers.FullAccessControlManager())
self.db_manager_stubber.Start()
self.approver = test_lib.ConfigOverrider({
"ACL.approvers_config_file":
os.path.join(self.base_path, "approvers.yaml")
})
self.approver.Start()
# Get a fresh approval manager object and reload with test approvers.
self.approval_manager_stubber = utils.Stubber(
client_approval_auth, "CLIENT_APPROVAL_AUTH_MGR",
client_approval_auth.ClientApprovalAuthorizationManager())
self.approval_manager_stubber.Start()
def setUp(self):
super(ClientApprovalAuthorizationManager, self).setUp()
self.mgr = client_approval_auth.ClientApprovalAuthorizationManager()
self.urn = rdf_client.ClientURN("C.0000000000000000")