def test_get_user_list(self):
"""Test the shared get_user_list() method."""
user1 = UserData()
user1.name = "user1"
user1.uid = 123
user1.groups = ["foo", "bar"]
user1.gid = 321
user1.homedir = "user1_home"
user1.password = "******"
user1.is_crypted = False
user1.lock = False
user1.shell = "zsh"
user1.gecos = "some stuff"
user2 = UserData()
user2.name = "user2"
user2.uid = 456
user2.groups = ["baz", "bar"]
user2.gid = 654
user2.homedir = "user2_home"
user2.password = "******"
user2.is_crypted = True
user2.lock = False
user2.shell = "csh"
user2.gecos = "some other stuff"
users_module_mock = Mock()
users_module_mock.Users = UserData.to_structure_list([user1, user2])
user_data_list = get_user_list(users_module_mock)
assert len(user_data_list) == 2
assert isinstance(user_data_list[0], UserData)
assert isinstance(user_data_list[1], UserData)
assert compare_data(user_data_list[0], user1)
assert compare_data(user_data_list[1], user2)
user_data_list = get_user_list(users_module_mock, add_default=True)
assert len(user_data_list) == 2
assert isinstance(user_data_list[0], UserData)
assert isinstance(user_data_list[1], UserData)
assert compare_data(user_data_list[0], user1)
assert compare_data(user_data_list[1], user2)
user_data_list = get_user_list(users_module_mock,
add_default=True,
add_if_not_empty=True)
default_added_user_data = UserData()
default_added_user_data.set_admin_priviledges(True)
assert len(user_data_list) == 3
assert isinstance(user_data_list[0], UserData)
assert isinstance(user_data_list[1], UserData)
assert isinstance(user_data_list[2], UserData)
assert compare_data(user_data_list[0], default_added_user_data)
assert compare_data(user_data_list[1], user1)
assert compare_data(user_data_list[2], user2)
def get_user_list_test(self):
"""Test the shared get_user_list() method."""
user1 = UserData()
user1.name = "user1"
user1.uid = 123
user1.groups = ["foo", "bar"]
user1.gid = 321
user1.homedir = "user1_home"
user1.password = "******"
user1.is_crypted = False
user1.lock = False
user1.shell = "zsh"
user1.gecos = "some stuff"
user2 = UserData()
user2.name = "user2"
user2.uid = 456
user2.groups = ["baz", "bar"]
user2.gid = 654
user2.homedir = "user2_home"
user2.password = "******"
user2.is_crypted = True
user2.lock = False
user2.shell = "csh"
user2.gecos = "some other stuff"
users_module_mock = Mock()
users_module_mock.Users = UserData.to_structure_list([user1, user2])
user_data_list = get_user_list(users_module_mock)
self.assertEqual(len(user_data_list), 2)
self.assertIsInstance(user_data_list[0], UserData)
self.assertIsInstance(user_data_list[1], UserData)
self.assertTrue(compare_data(user_data_list[0], user1))
self.assertTrue(compare_data(user_data_list[1], user2))
user_data_list = get_user_list(users_module_mock, add_default=True)
self.assertEqual(len(user_data_list), 2)
self.assertIsInstance(user_data_list[0], UserData)
self.assertIsInstance(user_data_list[1], UserData)
self.assertTrue(compare_data(user_data_list[0], user1))
self.assertTrue(compare_data(user_data_list[1], user2))
user_data_list = get_user_list(users_module_mock,
add_default=True,
add_if_not_empty=True)
self.assertEqual(len(user_data_list), 3)
self.assertIsInstance(user_data_list[0], UserData)
self.assertIsInstance(user_data_list[1], UserData)
self.assertIsInstance(user_data_list[2], UserData)
self.assertTrue(compare_data(user_data_list[0], UserData()))
self.assertTrue(compare_data(user_data_list[1], user1))
self.assertTrue(compare_data(user_data_list[2], user2))
def _ksdata_to_user_data(self, user_ksdata):
"""Apply kickstart user command data to UserData instance.
:param user_ksdata: data for the kickstart user command
:return: UserData instance with kickstart data applied
"""
user_data = UserData()
user_data.name = user_ksdata.name
user_data.groups = user_ksdata.groups
user_data.set_uid(user_ksdata.uid)
user_data.set_gid(user_ksdata.gid)
user_data.homedir = user_ksdata.homedir
user_data.password = user_ksdata.password
user_data.is_crypted = user_ksdata.isCrypted
user_data.lock = user_ksdata.lock
# make sure the user account is locked by default unless a password
# is set in kickstart
if not user_ksdata.password:
log.debug(
"user (%s) specified in kickstart without password, locking account",
user_ksdata.name)
user_data.lock = True
user_data.shell = user_ksdata.shell
user_data.gecos = user_ksdata.gecos
return user_data
def _ksdata_to_user_data(self, user_ksdata):
"""Apply kickstart user command data to UserData instance.
:param user_ksdata: data for the kickstart user command
:return: UserData instance with kickstart data applied
"""
user_data = UserData()
user_data.name = user_ksdata.name
user_data.groups = user_ksdata.groups
# To denote that a value has not been set:
# - kickstart uses None
# - our DBus API uses -1
# -> as user data is -1 by default ve only set it if kickstart has something,
# that is not None
# We need to make sure we correctly convert between these two.
if user_ksdata.uid is not None:
user_data.uid = user_ksdata.uid
if user_ksdata.gid is not None:
user_data.gid = user_ksdata.gid
user_data.homedir = user_ksdata.homedir
user_data.password = user_ksdata.password
user_data.is_crypted = user_ksdata.isCrypted
user_data.lock = user_ksdata.lock
# make sure the user account is locked by default unless a password
# is set in kickstart
if not user_ksdata.password:
log.debug(
"user (%s) specified in kickstart without password, locking account",
user_ksdata.name)
user_data.lock = True
user_data.shell = user_ksdata.shell
user_data.gecos = user_ksdata.gecos
return user_data
def set_admin_priviledges_test(self):
"""Test setting user admin privileges works correctly."""
user_data = UserData()
self.assertFalse(user_data.has_admin_priviledges())
self.assertNotIn("wheel", user_data.groups)
# turn it on
user_data.set_admin_priviledges(True)
self.assertTrue(user_data.has_admin_priviledges())
self.assertIn("wheel", user_data.groups)
# turn it off
user_data.set_admin_priviledges(False)
self.assertFalse(user_data.has_admin_priviledges())
self.assertNotIn("wheel", user_data.groups)
# existing groups - turn in on
user_data = UserData()
user_data.groups = ["foo", "bar"]
user_data.set_admin_priviledges(True)
self.assertTrue(user_data.has_admin_priviledges())
self.assertIn("wheel", user_data.groups)
self.assertIn("foo", user_data.groups)
self.assertIn("bar", user_data.groups)
# existing groups - turn in off
user_data.set_admin_priviledges(False)
self.assertFalse(user_data.has_admin_priviledges())
self.assertNotIn("wheel", user_data.groups)
self.assertIn("foo", user_data.groups)
self.assertIn("bar", user_data.groups)
# group wheel added externally
user_data = UserData()
user_data.groups = ["foo", "bar", "wheel"]
self.assertTrue(user_data.has_admin_priviledges())
self.assertIn("wheel", user_data.groups)
self.assertIn("foo", user_data.groups)
self.assertIn("bar", user_data.groups)
# now remove the wheel group via API
user_data.set_admin_priviledges(False)
self.assertFalse(user_data.has_admin_priviledges())
self.assertNotIn("wheel", user_data.groups)
self.assertIn("foo", user_data.groups)
self.assertIn("bar", user_data.groups)
def test_admin_user_detection_5(self):
"""Test that admin user detection works correctly - 1 admin (case 4)."""
# 1 user, 1 unlocked admin user, locked root
user1 = UserData()
user1.name = "user1"
user1.groups = ["foo", "bar"]
user1.lock = False
user2 = UserData()
user2.name = "user2"
user2.groups = ["baz", "bar", "wheel"]
user2.lock = False
self.users_interface.Users = UserData.to_structure_list([user1, user2])
self.users_interface.SetCryptedRootPassword("abc")
self.users_interface.IsRootAccountLocked = True
assert self.users_interface.CheckAdminUserExists()
def test_admin_user_detection_2(self):
"""Test that admin user detection works correctly - 0 admins (case 1)."""
# 2 locked admin users, locked root
user1 = UserData()
user1.name = "user1"
user1.groups = ["foo", "wheel", "bar"]
user1.lock = True
user2 = UserData()
user2.name = "user2"
user2.groups = ["baz", "bar", "wheel"]
user2.lock = True
self.users_interface.SetUsers(UserData.to_structure_list([user1, user2]))
self.users_interface.SetCryptedRootPassword("abc")
self.users_interface.SetRootAccountLocked(True)
assert not self.users_interface.CheckAdminUserExists()
def test_admin_user_detection_6(self):
"""Test that admin user detection works correctly - 1 admin (case 5)."""
# 2 users, unlocked root
user1 = UserData()
user1.name = "user1"
user1.groups = ["foo", "bar"]
user1.lock = False
user2 = UserData()
user2.name = "user2"
user2.groups = ["baz", "bar"]
user2.lock = False
self.users_interface.SetUsers(UserData.to_structure_list([user1, user2]))
self.users_interface.SetCryptedRootPassword("abc")
self.users_interface.SetRootAccountLocked(False)
assert self.users_interface.CheckAdminUserExists()
def test_set_admin_priviledges(self):
"""Test setting user admin privileges works correctly."""
user_data = UserData()
assert not user_data.has_admin_priviledges()
assert "wheel" not in user_data.groups
# turn it on
user_data.set_admin_priviledges(True)
assert user_data.has_admin_priviledges()
assert "wheel" in user_data.groups
# turn it off
user_data.set_admin_priviledges(False)
assert not user_data.has_admin_priviledges()
assert "wheel" not in user_data.groups
# existing groups - turn in on
user_data = UserData()
user_data.groups = ["foo", "bar"]
user_data.set_admin_priviledges(True)
assert user_data.has_admin_priviledges()
assert "wheel" in user_data.groups
assert "foo" in user_data.groups
assert "bar" in user_data.groups
# existing groups - turn in off
user_data.set_admin_priviledges(False)
assert not user_data.has_admin_priviledges()
assert "wheel" not in user_data.groups
assert "foo" in user_data.groups
assert "bar" in user_data.groups
# group wheel added externally
user_data = UserData()
user_data.groups = ["foo", "bar", "wheel"]
assert user_data.has_admin_priviledges()
assert "wheel" in user_data.groups
assert "foo" in user_data.groups
assert "bar" in user_data.groups
# now remove the wheel group via API
user_data.set_admin_priviledges(False)
assert not user_data.has_admin_priviledges()
assert "wheel" not in user_data.groups
assert "foo" in user_data.groups
assert "bar" in user_data.groups
def test_get_default_user(self):
"""Test that default user is correctly added by get_user_list()."""
users_module_mock = Mock()
users_module_mock.Users = []
user_data_list = get_user_list(users_module_mock, add_default=True)
assert len(user_data_list) == 1
assert isinstance(user_data_list[0], UserData)
assert compare_data(user_data_list[0], UserData())
def get_default_user_test(self):
"""Test that default user is correctly added by get_user_list()."""
users_module_mock = Mock()
users_module_mock.Users = []
user_data_list = get_user_list(users_module_mock, add_default=True)
self.assertEqual(len(user_data_list), 1)
self.assertIsInstance(user_data_list[0], UserData)
self.assertTrue(compare_data(user_data_list[0], UserData()))
def test_eq(self):
"""Test that the __eq__() method works correctly for UserData instances."""
# the comparison is name based
user_data_1 = UserData()
user_data_1.name = "foo"
user_data_2 = UserData()
user_data_2.name = "bar"
user_data_3 = UserData()
user_data_3.name = "foo"
assert user_data_1 == user_data_3
assert not (user_data_1 == user_data_2)
assert not (user_data_2 == user_data_1)
assert not (user_data_2 == user_data_3)
# now try changing the name on existing instance
user_data_1.name = "bar"
user_data_2.name = "foo"
user_data_3.name = "foo"
assert not (user_data_1 == user_data_2)
assert not (user_data_1 == user_data_3)
assert user_data_2 == user_data_3
assert user_data_3 == user_data_2
# only name is used, other attributes should not influence the comparison
user_data_a = UserData()
user_data_a.name = "foo"
user_data_a.uid = 1
user_data_a.gid = 1
user_data_a.homedir = "/foo"
user_data_b = UserData()
user_data_b.name = "foo"
user_data_b.uid = 2
user_data_b.gid = 2
user_data_b.homedir = "/bar"
assert user_data_a == user_data_b
def test_set_user_list(self):
"""Test the shared set_user_list() method."""
user1 = UserData()
user1.name = "user1"
user1.uid = 123
user1.groups = ["foo", "bar"]
user1.gid = 321
user1.homedir = "user1_home"
user1.password = "******"
user1.is_crypted = False
user1.lock = False
user1.shell = "zsh"
user1.gecos = "some stuff"
user2 = UserData()
user2.name = "user2"
user2.uid = 456
user2.groups = ["baz", "bar"]
user2.gid = 654
user2.homedir = "user2_home"
user2.password = "******"
user2.is_crypted = True
user2.lock = False
user2.shell = "csh"
user2.gecos = "some other stuff"
users_module_mock = Mock()
set_user_list(users_module_mock, [user1, user2])
user_data_list = users_module_mock.SetUsers.call_args[0][0]
assert len(user_data_list) == 2
assert user_data_list[0] == UserData.to_structure(user1)
assert user_data_list[1] == UserData.to_structure(user2)
user1.name = ""
set_user_list(users_module_mock, [user1, user2], remove_unset=True)
user_data_list = users_module_mock.SetUsers.call_args[0][0]
assert len(user_data_list) == 1
assert user_data_list[0] == UserData.to_structure(user2)
def test_has_admin_priviledges(self):
"""Test the has_admin_priviledges() method works correctly."""
user_data = UserData()
user_data.groups = ["wheel"]
assert user_data.has_admin_priviledges()
user_data = UserData()
user_data.groups = ["foo"]
assert not user_data.has_admin_priviledges()
user_data = UserData()
user_data.groups = ["foo", "wheel", "bar"]
assert user_data.has_admin_priviledges()
# multiple wheels
user_data = UserData()
user_data.groups = ["foo", "wheel", "bar", "wheel", "baz"]
assert user_data.has_admin_priviledges()
# group name is case sensitive
user_data = UserData()
user_data.groups = ["WHEEL", "Wheel"]
assert not user_data.has_admin_priviledges()
def has_admin_priviledges_test(self):
"""Test the has_admin_priviledges() method works correctly."""
user_data = UserData()
user_data.groups = ["wheel"]
self.assertTrue(user_data.has_admin_priviledges())
user_data = UserData()
user_data.groups = ["foo"]
self.assertFalse(user_data.has_admin_priviledges())
user_data = UserData()
user_data.groups = ["foo", "wheel", "bar"]
self.assertTrue(user_data.has_admin_priviledges())
# multiple wheels
user_data = UserData()
user_data.groups = ["foo", "wheel", "bar", "wheel", "baz"]
self.assertTrue(user_data.has_admin_priviledges())
# group name is case sensitive
user_data = UserData()
user_data.groups = ["WHEEL", "Wheel"]
self.assertFalse(user_data.has_admin_priviledges())
def test_getter_setter(self):
"""Test getters and setters for the User UID and GID values."""
user_data = UserData()
user_data.name = "user"
# everything should be unset by default
assert user_data.uid == 0
assert user_data.uid_mode == ID_MODE_USE_DEFAULT
assert user_data.get_uid() is None
assert user_data.gid == 0
assert user_data.gid_mode == ID_MODE_USE_DEFAULT
assert user_data.get_gid() is None
user_data.set_uid(123)
user_data.set_gid(456)
# now everything is set
assert user_data.uid == 123
assert user_data.uid_mode == ID_MODE_USE_VALUE
assert user_data.get_uid() == 123
assert user_data.gid == 456
assert user_data.gid_mode == ID_MODE_USE_VALUE
assert user_data.get_gid() == 456
user_data.uid_mode = ID_MODE_USE_DEFAULT
user_data.gid_mode = ID_MODE_USE_DEFAULT
# mode should decide whether numbers are used, regardless of being stored
assert user_data.uid_mode == ID_MODE_USE_DEFAULT
assert user_data.uid == 123
assert user_data.get_uid() is None
assert user_data.gid_mode == ID_MODE_USE_DEFAULT
assert user_data.gid == 456
assert user_data.get_gid() is None
user_data.set_uid(None)
user_data.set_gid(None)
# setting None resets everything
assert user_data.uid == 0
assert user_data.uid_mode == ID_MODE_USE_DEFAULT
assert user_data.get_uid() is None
assert user_data.gid == 0
assert user_data.gid_mode == ID_MODE_USE_DEFAULT
assert user_data.get_gid() is None
def getter_setter_test(self):
"""Test getters and setters for the User UID and GID values."""
user_data = UserData()
user_data.name = "user"
# everything should be unset by default
self.assertEqual(user_data.uid, 0)
self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.get_uid(), None)
self.assertEqual(user_data.gid, 0)
self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.get_gid(), None)
user_data.set_uid(123)
user_data.set_gid(456)
# now everything is set
self.assertEqual(user_data.uid, 123)
self.assertEqual(user_data.uid_mode, ID_MODE_USE_VALUE)
self.assertEqual(user_data.get_uid(), 123)
self.assertEqual(user_data.gid, 456)
self.assertEqual(user_data.gid_mode, ID_MODE_USE_VALUE)
self.assertEqual(user_data.get_gid(), 456)
user_data.uid_mode = ID_MODE_USE_DEFAULT
user_data.gid_mode = ID_MODE_USE_DEFAULT
# mode should decide whether numbers are used, regardless of being stored
self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.uid, 123)
self.assertEqual(user_data.get_uid(), None)
self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.gid, 456)
self.assertEqual(user_data.get_gid(), None)
user_data.set_uid(None)
user_data.set_gid(None)
# setting None resets everything
self.assertEqual(user_data.uid, 0)
self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.get_uid(), None)
self.assertEqual(user_data.gid, 0)
self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT)
self.assertEqual(user_data.get_gid(), None)
def get_user_list(users_module, add_default=False, add_if_not_empty=False):
"""Get list of users from the Users DBus module.
If add_default is True we will add an empty UserData instance as the first element
of the list, so that the UIs don't have to handle that themselves.
:param users_module: Users DBus module proxy
:param bool add_default: if True add default user as first list element
:returns: list of users from the Users DBus module
:rtype: list
"""
user_data_list = UserData.from_structure_list(users_module.Users)
if add_default:
# we only add default user to an empty list, to add default user to
# a populated list the add_if_not_empty option needs to be used
if not user_data_list or add_if_not_empty:
user_data_list.insert(0, UserData())
return user_data_list
