def check_bot_code_access(self, bot_id, generate_token): """Raises AuthorizationError if caller is not authorized to access bot code. Four variants here: 1. A valid bootstrap token is passed as '?tok=...' parameter. 2. An user, allowed to do a bootstrap, is using their credentials. 3. An IP whitelisted machine is making this call. 4. A bot (with given bot_id) is using it's own machine credentials. In later three cases we optionally generate and return a new bootstrap token, that can be used to authorize /bot_code calls. """ existing_token = self.request.get('tok') if existing_token: payload = bot_code.validate_bootstrap_token(existing_token) if payload is None: raise auth.AuthorizationError('Invalid bootstrap token') logging.debug('Using bootstrap token %r', payload) return existing_token machine_type = None if bot_id: bot_info = bot_management.get_info_key(bot_id).get() if bot_info: machine_type = bot_info.machine_type # TODO(vadimsh): Remove is_ip_whitelisted_machine check once all bots are # using auth for bootstrap and updating. if (not acl.can_create_bot() and not acl.is_ip_whitelisted_machine() and not (bot_id and bot_auth.is_authenticated_bot( bot_id, machine_type))): raise auth.AuthorizationError('Not allowed to access the bot code') return bot_code.generate_bootstrap_token() if generate_token else None
def permissions(self, _request): """Returns the caller's permissions.""" return swarming_rpcs.ClientPermissions( delete_bot=acl.can_delete_bot(), terminate_bot=acl.can_edit_bot(), get_configs=acl.can_view_config(), put_configs=acl.can_edit_config(), cancel_task=acl._is_user() or acl.is_ip_whitelisted_machine(), cancel_tasks=acl.can_edit_all_tasks(), get_bootstrap_token=acl.can_create_bot())
def test_ip_whitelisted(self): self.mock(auth, 'is_in_ip_whitelist', lambda _name, _ip, _warn: True) self.assertTrue(acl.is_ip_whitelisted_machine()) self.assertTrue(acl.can_access()) self.assertFalse(acl.can_view_config()) self.assertFalse(acl.can_edit_config()) self.assertFalse(acl.can_create_bot()) self.assertTrue(acl.can_edit_bot()) self.assertTrue(acl.can_delete_bot()) self.assertTrue(acl.can_view_bot()) self.assertTrue(acl.can_create_task()) self.assertFalse(acl.can_schedule_high_priority_tasks()) self.assertTrue(acl.can_edit_task(self._task_owned)) self.assertTrue(acl.can_edit_task(self._task_other)) self.assertFalse(acl.can_edit_all_tasks()) self.assertTrue(acl.can_view_task(self._task_owned)) self.assertTrue(acl.can_view_task(self._task_other)) self.assertFalse(acl.can_view_all_tasks())
def test_instance_admin(self): auth_testing.mock_is_admin(self, True) self.assertFalse(acl.is_ip_whitelisted_machine()) self.assertTrue(acl.can_access()) self.assertTrue(acl.can_view_config()) self.assertTrue(acl.can_edit_config()) self.assertTrue(acl.can_create_bot()) self.assertTrue(acl.can_edit_bot()) self.assertTrue(acl.can_delete_bot()) self.assertTrue(acl.can_view_bot()) self.assertTrue(acl.can_create_task()) self.assertTrue(acl.can_schedule_high_priority_tasks()) self.assertTrue(acl.can_edit_task(self._task_owned)) self.assertTrue(acl.can_edit_task(self._task_other)) self.assertTrue(acl.can_edit_all_tasks()) self.assertTrue(acl.can_view_task(self._task_owned)) self.assertTrue(acl.can_view_task(self._task_other)) self.assertTrue(acl.can_view_all_tasks())
def test_nobody(self): auth_testing.mock_get_current_identity(self, auth.Anonymous) self.assertFalse(acl.is_ip_whitelisted_machine()) self.assertFalse(acl.can_access()) self.assertFalse(acl.can_view_config()) self.assertFalse(acl.can_edit_config()) self.assertFalse(acl.can_create_bot()) self.assertFalse(acl.can_edit_bot()) self.assertFalse(acl.can_delete_bot()) self.assertFalse(acl.can_view_bot()) self.assertFalse(acl.can_create_task()) self.assertFalse(acl.can_schedule_high_priority_tasks()) self.assertFalse(acl.can_edit_task(self._task_owned)) self.assertFalse(acl.can_edit_task(self._task_other)) self.assertFalse(acl.can_edit_all_tasks()) self.assertFalse(acl.can_view_task(self._task_owned)) self.assertFalse(acl.can_view_task(self._task_other)) self.assertFalse(acl.can_view_all_tasks())
def test_view_all_tasks(self): self._add_to_group('view_all_tasks') self.assertFalse(acl.is_ip_whitelisted_machine()) self.assertTrue(acl.can_access()) self.assertFalse(acl.can_view_config()) self.assertFalse(acl.can_edit_config()) self.assertFalse(acl.can_create_bot()) self.assertFalse(acl.can_edit_bot()) self.assertFalse(acl.can_delete_bot()) self.assertFalse(acl.can_view_bot()) self.assertFalse(acl.can_create_task()) self.assertFalse(acl.can_schedule_high_priority_tasks()) self.assertTrue(acl.can_edit_task(self._task_owned)) self.assertFalse(acl.can_edit_task(self._task_other)) self.assertFalse(acl.can_edit_all_tasks()) self.assertTrue(acl.can_view_task(self._task_owned)) self.assertTrue(acl.can_view_task(self._task_other)) self.assertTrue(acl.can_view_all_tasks())
def test_nobody(self): self.mock(auth, 'get_current_identity', lambda: auth.IDENTITY_ANONYMOUS) self.assertFalse(acl.is_ip_whitelisted_machine()) self.assertFalse(acl.can_access()) self.assertFalse(acl.can_view_config()) self.assertFalse(acl.can_edit_config()) self.assertFalse(acl.can_create_bot()) self.assertFalse(acl.can_edit_bot()) self.assertFalse(acl.can_delete_bot()) self.assertFalse(acl.can_view_bot()) self.assertFalse(acl.can_create_task()) self.assertFalse(acl.can_schedule_high_priority_tasks()) self.assertFalse(acl.can_edit_task(self._task_owned)) self.assertFalse(acl.can_edit_task(self._task_other)) self.assertFalse(acl.can_edit_all_tasks()) self.assertFalse(acl.can_view_task(self._task_owned)) self.assertFalse(acl.can_view_task(self._task_other)) self.assertFalse(acl.can_view_all_tasks())