def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_role("usr-sys-admin")
except:
pass
usr_sys_admin_privs = [{
"code": aerospike.PRIV_USER_ADMIN
}, {
"code": aerospike.PRIV_SYS_ADMIN
}]
try:
self.client.admin_drop_role("usr-sys-admin-test")
except:
pass
self.client.admin_create_role("usr-sys-admin-test",
usr_sys_admin_privs)
self.delete_users = []
time.sleep(1)
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
self.delete_users = []
def setup_method(self, method):
"""
Setup method.
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {'hosts': hostlist}
TestDropUser.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("foo-test")
except:
pass
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_create_user( "testchangepassworduser", "aerospike", ["read"], {})
time.sleep(2)
except UserExistsError:
pass # we are good, no such role exists
self.delete_users = []
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = { "hosts": hostlist}
self.client = aerospike.client(config).connect( user, password )
try:
self.client.admin_drop_user("testcreaterole")
except:
pass # do nothing, EAFP
self.delete_users = []
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
TestSetPassword.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("testsetpassworduser")
except:
pass
self.client.admin_create_user( "testsetpassworduser", "aerospike", ["read"], {})
self.delete_users = []
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
TestQueryUser.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("example-test")
except:
pass
policy = {}
user = "******"
password = "******"
roles = ["read-write", "sys-admin", "read"]
status = self.client.admin_create_user(user, password, roles, policy)
self.delete_users = []
class TestDropRole(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
for user in self.delete_users:
self.client.admin_drop_user(user, policy)
self.client.close()
def test_drop_role_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
self.client.admin_drop_role()
assert "Required argument 'role' (pos 1) not found" in typeError.value
def test_drop_role_positive_with_policy(self):
"""
Drop role positive with policy
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
self.client.admin_create_role("usr-sys-admin-test",
[{
"code": aerospike.PRIV_READ,
"ns": "test",
"set": "demo"
}], {'timeout': 1000})
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{"code": 10, "ns": "test", "set": "demo"}]
try:
self.client.admin_query_user("testcreaterole")
# user exists, clear it out.
self.client.admin_drop_user("testcreaterole")
except AdminError:
pass # we are good, no such user exists
status = self.client.admin_create_user("testcreaterole", "createrole",
["usr-sys-admin-test"])
assert status == 0
time.sleep(1)
users = self.client.admin_query_user("testcreaterole")
assert users == ["usr-sys-admin-test"]
status = self.client.admin_drop_role("usr-sys-admin-test",
{'timeout': 1000})
assert status == 0
users = self.client.admin_query_user("testcreaterole")
assert users == []
self.client.admin_drop_user("testcreaterole")
def test_drop_role_positive(self):
"""
Drop role positive
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
status = self.client.admin_create_role(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_USER_ADMIN
}, {
"code": aerospike.PRIV_SYS_ADMIN
}])
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
"code": 0,
"ns": "",
"set": ""
}, {
"code": 1,
"ns": "",
"set": ""
}]
try:
self.client.admin_query_user("testcreaterole")
# user exists, clear it out.
self.client.admin_drop_user("testcreaterole")
except AdminError:
pass # we are good, no such user exists
status = self.client.admin_create_user("testcreaterole", "createrole",
["usr-sys-admin-test"])
assert status == 0
time.sleep(1)
users = self.client.admin_query_user("testcreaterole")
assert users == ["usr-sys-admin-test"]
status = self.client.admin_drop_role("usr-sys-admin-test")
assert status == 0
users = self.client.admin_query_user("testcreaterole")
assert users == []
self.client.admin_drop_user("testcreaterole")
def test_drop_non_existent_role(self):
"""
Drop non-existent role
"""
try:
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole as exception:
assert exception.code == 70
assert exception.msg == "AEROSPIKE_INVALID_ROLE"
def test_drop_role_rolename_None(self):
"""
Drop role with role name None
"""
try:
self.client.admin_drop_role(None)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Role name should be a string"
def test_drop_role_with_incorrect_policy(self):
"""
Drop role with incorrect policy
"""
status = self.client.admin_create_role(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_USER_ADMIN
}])
assert status == 0
try:
self.client.admin_drop_role("usr-sys-admin-test", {"timeout": 0.2})
except ParamError as exception:
assert exception.code == -2
assert exception.msg == 'timeout is invalid'
self.client.admin_drop_role("usr-sys-admin-test")
class TestSetPassword(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
TestSetPassword.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("testsetpassworduser")
except:
pass
self.client.admin_create_user( "testsetpassworduser", "aerospike", ["read"], {})
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
self.client.admin_drop_user( "testsetpassworduser" )
self.client.close()
def test_set_password_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
status = self.client.admin_set_password()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_set_password_with_proper_parameters(self):
policy = {'timeout': 50}
user = "******"
password = "******"
status = self.client.admin_set_password( user, password )
assert status == 0
def test_set_password_with_invalid_timeout_policy_value(self):
policy = {'timeout': 0.1}
user = "******"
password = "******"
try:
status = self.client.admin_set_password( user, password, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "timeout is invalid"
def test_set_password_with_proper_timeout_policy_value(self):
policy = {'timeout': 50}
user = "******"
password = "******"
status = self.client.admin_set_password( user, password, policy )
assert status == 0
def test_set_password_with_none_username(self):
policy = {}
user = None
password = "******"
try:
status = self.client.admin_set_password( user, password )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Username should be a string"
def test_set_password_with_none_password(self):
policy = {}
user = "******"
password = None
try:
status = self.client.admin_set_password( user, password )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Password should be a string"
def test_set_password_with_non_existent_user(self):
policy = {}
user = "******"
password = "******"
try:
status = self.client.admin_set_password( user, password, policy )
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_set_password_with_too_long_password(self):
policy = {}
user = "******"
password = "******" * 1000
status = self.client.admin_set_password( user, password, policy )
assert status == 0
class TestQueryRoles(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {
"hosts": hostlist
}
self.client = aerospike.client(config).connect( user, password )
try:
self.client.admin_drop_role("usr-sys-admin")
except:
pass
usr_sys_admin_privs = [
{"code": aerospike.PRIV_USER_ADMIN},
{"code": aerospike.PRIV_SYS_ADMIN}]
try:
self.client.admin_drop_role("usr-sys-admin-test")
except:
pass
self.client.admin_create_role("usr-sys-admin-test", usr_sys_admin_privs)
self.delete_users = []
time.sleep(1)
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
self.client.admin_drop_role("usr-sys-admin-test")
self.client.close()
def test_admin_query_roles_positive(self):
"""
Query roles positive
"""
roles = self.client.admin_query_roles()
flag = 0
assert roles['usr-sys-admin-test'] == [{'code': 0, 'ns': '', 'set': ''}, {'code': 1, 'ns': '', 'set': ''}]
def test_admin_query_roles_positive_with_policy(self):
"""
Query roles positive policy
"""
roles = self.client.admin_query_roles({'timeout': 1000})
flag = 0
assert roles['usr-sys-admin-test'] == [{'code': 0, 'ns': '', 'set': ''}, {'code': 1, 'ns': '', 'set': ''}]
def test_admin_query_roles_incorrect_policy(self):
"""
Query roles incorrect policy
"""
try:
roles = self.client.admin_query_roles({'timeout': 0.2})
except ParamError as exception:
assert exception.code == -2
assert exception.msg == 'timeout is invalid'
class TestGrantRoles(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
TestGrantRoles.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("example-test")
except:
pass
policy = {}
user = "******"
password = "******"
roles = ["read-write"]
status = self.client.admin_create_user( user, password, roles, policy )
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
self.client.admin_drop_user( "example-test", policy )
self.client.close()
def test_grant_roles_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
self.client.admin_grant_roles()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_grant_roles_with_proper_parameters(self):
policy = {'timeout': 1000}
user = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_grant_roles(user, roles, policy)
assert status == 0
time.sleep(2)
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
def test_grant_roles_with_proper_parameters_without_policy(self):
policy = {'timeout': 1000}
user = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_grant_roles(user, roles)
assert status == 0
time.sleep(2)
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
def test_grant_roles_with_invalid_timeout_policy_value(self):
policy = {"timeout": 0.1}
user = "******"
roles = ['sys-admin']
try:
status = self.client.admin_grant_roles( user, roles, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "timeout is invalid"
def test_grant_roles_with_proper_timeout_policy_value(self):
policy = {'timeout': 20}
user = "******"
roles = ["read-write", "sys-admin"]
status = self.client.admin_grant_roles( user, roles )
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user( user )
assert user_details == ['read-write', 'sys-admin']
def test_grant_roles_with_none_username(self):
policy = {'timeout': 20}
user = None
roles = ["sys-admin"]
try:
status = self.client.admin_grant_roles( user, roles, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Username should be a string"
def test_grant_roles_with_empty_username(self):
policy = {'timeout': 1000}
user = ""
roles = ["read-write"]
try:
status = self.client.admin_grant_roles( user, roles, policy )
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_grant_roles_with_special_characters_in_username(self):
policy = {'timeout': 1000}
user = "******"
password = "******"
roles = ["read-write"]
status = self.client.admin_create_user( user, password, roles, policy )
assert status == 0
roles = ["read"]
status = self.client.admin_grant_roles( user, roles , policy )
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user( user )
assert user_details == ['read', 'read-write']
status = self.client.admin_drop_user( "!#Q#AEQ@#$%&^*((^&*~~~````[" )
assert status == 0
def test_grant_roles_with_empty_roles_list(self):
policy = {'timeout': 1000}
user = "******"
roles = []
try:
status = self.client.admin_grant_roles( user, roles, policy )
except InvalidRole as exception:
assert exception.code == 70
assert exception.msg == "AEROSPIKE_INVALID_ROLE"
class TestChangePassword(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_create_user( "testchangepassworduser", "aerospike", ["read"], {})
time.sleep(2)
except UserExistsError:
pass # we are good, no such role exists
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
self.client.admin_drop_user( "testchangepassworduser" )
self.client.close()
def test_change_password_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
status = self.client.admin_change_password()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_change_password_with_proper_parameters(self):
user = "******"
config = {"hosts": TestChangePassword.hostlist}
self.clientreaduser = aerospike.client(config).connect(user,
"aerospike")
policy = {}
password = "******"
status = self.clientreaduser.admin_change_password( user, password )
assert status == 0
config = {
"hosts": TestChangePassword.hostlist
}
try:
self.clientreaduserwrong = aerospike.client(config).connect( user, "aerospike" )
except InvalidPassword as exception:
assert exception.code == 62
assert exception.msg == None
except ClientError as exception:
assert exception.code == -1
assert exception.msg == "Failed to seed cluster"
self.clientreaduserright = aerospike.client(config).connect(
user, "newpassword")
assert self.clientreaduserright != None
self.clientreaduserright.close()
self.clientreaduser.close()
def test_change_password_with_invalid_timeout_policy_value(self):
policy = {'timeout': 0.1}
user = "******"
password = "******"
try:
status = self.client.admin_change_password( user, password, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "timeout is invalid"
def test_change_password_with_proper_timeout_policy_value(self):
user = "******"
config = {"hosts": TestChangePassword.hostlist}
self.clientreaduser = aerospike.client(config).connect(user,
"aerospike")
policy = {'timeout': 100}
password = "******"
status = self.clientreaduser.admin_change_password( user, password, policy )
assert status == 0
config = {
"hosts": TestChangePassword.hostlist
}
try:
self.clientreaduserwrong = aerospike.client(config).connect( user, "aerospike" )
except InvalidPassword as exception:
assert exception.code == 62
assert exception.msg == None
except ClientError as exception:
assert exception.code == -1
assert exception.msg == "Failed to seed cluster"
self.clientreaduserright = aerospike.client(config).connect(
user, "newpassword")
assert self.clientreaduserright != None
self.clientreaduserright.close()
self.clientreaduser.close()
def test_change_password_with_none_username(self):
policy = {}
user = None
password = "******"
try:
status = self.client.admin_change_password( user, password, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Username should be a string"
def test_change_password_with_none_password(self):
policy = {}
user = "******"
password = None
try:
status = self.client.admin_change_password( user, password, policy )
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Password should be a string"
def test_change_password_with_non_existent_user(self):
policy = {}
user = "******"
password = "******"
try:
status = self.client.admin_change_password( user, password, policy )
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_change_password_with_too_long_password(self):
user = "******"
config = {"hosts": TestChangePassword.hostlist}
self.clientreaduser = aerospike.client(config).connect(user,
"aerospike")
policy = {'timeout': 100}
password = "******" * 1000
status = self.clientreaduser.admin_change_password( user, password, policy )
assert status == 0
config = {
"hosts": TestChangePassword.hostlist
}
try:
self.clientreaduserwrong = aerospike.client(config).connect( user, "aerospike" )
except InvalidPassword as exception:
assert exception.code == 62
assert exception.msg == None
except ClientError as exception:
assert exception.code == -1
assert exception.msg == "Failed to seed cluster"
self.clientreaduserright = aerospike.client(config).connect(user,
password)
assert self.clientreaduserright != None
self.clientreaduserright.close()
self.clientreaduser.close()
class TestCreateUser(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
for user in self.delete_users:
self.client.admin_drop_user(user, policy)
self.client.close()
def test_create_user_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
self.client.admin_create_user()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_create_user_with_proper_parameters(self):
policy = {"timeout": 1000}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user(user, policy)
assert user_details == ['read', 'read-write', 'sys-admin']
self.delete_users.append('user1-test')
def test_create_user_with_proper_parameters_without_policy(self):
policy = {"timeout": 1000}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles)
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user(user, policy)
assert user_details == ['read', 'read-write', 'sys-admin']
self.delete_users.append('user1-test')
def test_create_user_with_invalid_timeout_policy_value(self):
policy = {"timeout": 0.1}
user = "******"
password = "******"
roles = ['sys-admin']
try:
self.client.admin_drop_user(user, policy)
except:
pass
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "timeout is invalid"
def test_create_user_with_proper_timeout_policy_value(self):
policy = {'timeout': 20}
user = "******"
password = "******"
roles = ["read-write", "sys-admin"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user(user)
assert user_details == ['read-write', 'sys-admin']
self.delete_users.append('user2-test')
def test_create_user_with_none_username(self):
policy = {'timeout': 20}
user = None
password = "******"
roles = ["sys-admin"]
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Username should be a string"
def test_create_user_with_empty_username(self):
policy = {}
user = ""
password = "******"
roles = ["read-write"]
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_create_user_with_special_characters_in_username(self):
policy = {}
user = "******"
password = "******"
roles = ["read-write"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
assert status == 0
self.delete_users.append(user)
def test_create_user_with_none_password(self):
policy = {}
user = "******"
password = None
roles = ["sys-admin"]
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Password should be a string"
def test_create_user_with_empty_string_as_password(self):
policy = {}
user = "******"
password = ""
roles = ["read-write"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
assert status == 0
time.sleep(2)
self.delete_users.append(user)
def test_create_user_with_special_characters_in_password(self):
policy = {}
user = "******"
password = "******"
roles = ["sys-admin"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
assert status == 0
self.delete_users.append(user)
def test_create_user_with_too_long_username(self):
policy = {}
user = "******" * 1000
password = "******"
roles = ["sys-admin"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_create_user_with_too_long_password(self):
policy = {'timeout': 1000}
user = "******"
password = "******" * 1000
roles = ["read-write"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
assert status == 0
time.sleep(1)
user_details = self.client.admin_query_user(user, policy)
assert user_details == ['read-write']
self.delete_users.append(user)
def test_create_user_with_empty_roles_list(self):
policy = {}
user = "******"
password = "******"
roles = []
try:
self.client.admin_drop_user(user, policy)
except:
pass
try:
status = self.client.admin_create_user(user, password, roles,
policy)
except InvalidRole as exception:
assert exception.code == 70
assert exception.msg == "AEROSPIKE_INVALID_ROLE"
def test_create_user_with_non_user_admin_user(self):
policy = {}
user = "******"
password = "******"
roles = ["read-write"]
try:
self.client.admin_drop_user(user, policy)
except:
pass
status = self.client.admin_create_user(user, password, roles, policy)
assert status == 0
config = {"hosts": TestCreateUser.hostlist}
non_admin_client = None
try:
non_admin_client = aerospike.client(config).connect(
"non_admin_test", "non_admin_test")
status = non_admin_client.admin_create_user(
"user78", password, roles, policy)
if non_admin_client:
non_admin_client.close()
except RoleViolation as exception:
assert exception.code == 81
self.delete_users.append("non_admin_test")
class TestQueryRole(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_role("usr-sys-admin")
except:
pass
usr_sys_admin_privs = [{
"code": aerospike.PRIV_USER_ADMIN
}, {
"code": aerospike.PRIV_SYS_ADMIN
}]
try:
self.client.admin_drop_role("usr-sys-admin-test")
except:
pass
self.client.admin_create_role("usr-sys-admin-test",
usr_sys_admin_privs)
self.delete_users = []
time.sleep(1)
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
self.client.admin_drop_role("usr-sys-admin-test")
self.client.close()
def test_admin_query_role_no_parameters(self):
"""
Query role with no parameters
"""
with pytest.raises(TypeError) as typeError:
self.client.admin_query_role()
assert "Required argument 'role' (pos 1) not found" in typeError.value
def test_admin_query_role_positive(self):
"""
Query role positive
"""
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}]
def test_admin_query_role_positive_with_policy(self):
"""
Query role positive policy
"""
roles = self.client.admin_query_role("usr-sys-admin-test",
{'timeout': 1000})
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}]
def test_admin_query_role_incorrect_role_name(self):
"""
Incorrect role name
"""
try:
self.client.admin_query_role("usr-sys-admin-test-non-existent",
{'timeout': 1000})
except InvalidRole as exception:
assert exception.code == 70
assert exception.msg == "AEROSPIKE_INVALID_ROLE"
def test_admin_query_role_incorrect_role_type(self):
"""
Incorrect role type
"""
try:
self.client.admin_query_role(None, {'timeout': 1000})
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Role name should be a string"
class TestCreateRole(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = { "hosts": hostlist}
self.client = aerospike.client(config).connect( user, password )
try:
self.client.admin_drop_user("testcreaterole")
except:
pass # do nothing, EAFP
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
for user in self.delete_users:
self.client.admin_drop_user( user, policy )
self.client.close()
def test_create_role_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
self.client.admin_create_role()
assert "Required argument 'role' (pos 1) not found" in typeError.value
def test_create_role_positive_with_policy(self):
"""
Create role positive
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
self.client.admin_create_role("usr-sys-admin-test",
[{"code": aerospike.PRIV_READ, "ns": "test", "set":"demo"}],
{'timeout': 1000})
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{'code': 10, 'ns': 'test', 'set': 'demo'}]
status = self.client.admin_create_user("testcreaterole", "createrole", ["usr-sys-admin-test"])
assert status == 0
time.sleep(1)
users = self.client.admin_query_user("testcreaterole")
assert users == ["usr-sys-admin-test"]
status = self.client.admin_drop_role("usr-sys-admin-test")
assert status == 0
users = self.client.admin_query_user("testcreaterole")
assert users == []
self.client.admin_drop_user("testcreaterole")
def test_create_role_positive(self):
"""
Create role positive
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
self.client.admin_create_role("usr-sys-admin-test", [{"code":
aerospike.PRIV_USER_ADMIN}, {"code": aerospike.PRIV_SYS_ADMIN}])
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{"code": 0, 'ns': '', 'set': ''}, {"code": 1, 'ns': '', 'set': ''}]
status = self.client.admin_create_user("testcreaterole", "createrole",
["usr-sys-admin-test"])
assert status == 0
time.sleep(1)
users = self.client.admin_query_user("testcreaterole")
assert users == ["usr-sys-admin-test"]
status = self.client.admin_drop_role("usr-sys-admin-test")
assert status == 0
users = self.client.admin_query_user("testcreaterole")
assert users == []
self.client.admin_drop_user("testcreaterole")
def test_create_role_incorrect_role_type(self):
"""
role name not string
"""
try:
self.client.admin_create_role(1, [{"code": aerospike.PRIV_USER_ADMIN}])
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Role name should be a string"
def test_create_role_unknown_privilege_type(self):
"""
privilege type unknown
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
try:
self.client.admin_create_role("usr-sys-admin-test", [{"code": 64}])
except InvalidPrivilege as exception:
assert exception.code == 72
def test_create_role_incorrect_privilege_type(self):
"""
privilege type incorrect
"""
try:
self.client.admin_create_role("usr-sys-admin-test", None)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Privileges should be a list"
def test_create_role_existing_role(self):
"""
create an already existing role
"""
try:
self.client.admin_query_role("usr-sys-admin-test")
# role exists, clear it out.
self.client.admin_drop_role("usr-sys-admin-test")
except InvalidRole:
pass # we are good, no such role exists
self.client.admin_create_role("usr-sys-admin-test", [{"code":
aerospike.PRIV_USER_ADMIN}, {"code": aerospike.PRIV_SYS_ADMIN}])
try:
self.client.admin_create_role("usr-sys-admin-test", [{"code":
aerospike.PRIV_USER_ADMIN}, {"code": aerospike.PRIV_SYS_ADMIN}])
except RoleExistsError as exception:
assert exception.code == 71
assert exception.msg == "AEROSPIKE_ROLE_ALREADY_EXISTS"
time.sleep(1)
status = self.client.admin_drop_role("usr-sys-admin-test")
assert status == 0
def test_create_role_positive_with_special_characters(self):
"""
Create role positive with special characters in role name
"""
role_name = "!#Q#AEQ@#$%&^*((^&*~~~````"
try:
self.client.admin_drop_role(role_name) # clear out if it exists
except:
pass # EAFP
status = self.client.admin_create_role(role_name, [{"code": aerospike.PRIV_READ, "ns": "test", "set":"demo"}], {'timeout': 1000})
assert status == 0
time.sleep(1)
roles = self.client.admin_query_role(role_name)
assert roles == [{"code": aerospike.PRIV_READ, "ns": "test", "set": "demo"}]
status = self.client.admin_create_user("testcreaterole", "createrole", [role_name])
assert status == 0
time.sleep(1)
users = self.client.admin_query_user("testcreaterole")
assert users == [role_name]
status = self.client.admin_drop_role(role_name)
assert status == 0
users = self.client.admin_query_user("testcreaterole")
assert users == []
self.client.admin_drop_user("testcreaterole")
def test_create_role_positive_with_too_long_role_name(self):
"""
Create role positive with too long role name
"""
role_name = "role$"*1000
try:
self.client.admin_create_role(role_name, [{"code":
aerospike.PRIV_READ, "ns": "test", "set":"demo"}], {'timeout': 1000})
except InvalidRole as exception:
assert exception.code == 70
assert exception.msg == "AEROSPIKE_INVALID_ROLE"
class TestQueryUser(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
TestQueryUser.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("example-test")
except:
pass
policy = {}
user = "******"
password = "******"
roles = ["read-write", "sys-admin", "read"]
status = self.client.admin_create_user(user, password, roles, policy)
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
self.client.admin_drop_user("example-test", policy)
self.client.close()
def test_query_user_without_any_parameters(self):
with pytest.raises(TypeError) as typeError:
self.client.admin_query_user()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_query_user_with_proper_parameters(self):
policy = {}
user = "******"
time.sleep(2)
user_details = self.client.admin_query_user(user)
assert user_details == ['read', 'read-write', 'sys-admin']
def test_query_user_with_invalid_timeout_policy_value(self):
policy = {"timeout": 0.1}
user = "******"
try:
status = self.client.admin_query_user(user, policy)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "timeout is invalid"
def test_query_user_with_proper_timeout_policy_value(self):
policy = {'timeout': 30}
user = "******"
time.sleep(2)
user_details = self.client.admin_query_user(user, policy)
assert user_details == ['read', 'read-write', 'sys-admin']
def test_query_user_with_none_username(self):
policy = {'timeout': 30}
user = None
try:
user_details = self.client.admin_query_user(user, policy)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Username should be a string"
def test_query_user_with_empty_username(self):
policy = {}
user = ""
try:
status = self.client.admin_query_user(user, policy)
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_query_user_with_nonexistent_username(self):
policy = {}
user = "******"
try:
status = self.client.admin_query_user(user, policy)
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_query_user_with_no_roles(self):
policy = {}
user = "******"
roles = ["sys-admin", "read", "read-write"]
status = self.client.admin_revoke_roles(user, roles, policy)
assert status == 0
time.sleep(2)
user_details = self.client.admin_query_user(user)
assert user_details == []
def test_query_user_with_extra_argument(self):
"""
Invoke query_user() with extra argument.
"""
policy = {'timeout': 1000}
with pytest.raises(TypeError) as typeError:
self.client.admin_query_user("foo", policy, "")
assert "admin_query_user() takes at most 2 arguments (3 given)" in typeError.value
def test_query_user_with_policy_as_string(self):
"""
Invoke query_user() with policy as string
"""
policy = ""
try:
self.client.admin_query_user("foo", policy)
except AerospikeError as exception:
assert exception.code == -2L
assert exception.msg == "policy must be a dict"
class TestRevokePrivilege(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {"hosts": hostlist}
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_role("usr-sys-admin-test")
except:
pass
self.client.admin_create_role("usr-sys-admin-test",
[{
"code": aerospike.PRIV_USER_ADMIN
}, {
"code": aerospike.PRIV_SYS_ADMIN
}])
self.delete_users = []
def teardown_method(self, method):
"""
Teardown method
"""
policy = {}
self.client.admin_drop_role("usr-sys-admin-test")
self.client.close()
def test_admin_revoke_privileges_no_parameters(self):
"""
Revoke privileges with no parameters
"""
with pytest.raises(TypeError) as typeError:
self.client.admin_revoke_privileges()
assert "Required argument 'role' (pos 1) not found" in typeError.value
def test_admin_revoke_privileges_positive(self):
"""
revoke privileges positive
"""
status = self.client.admin_grant_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ
}])
assert status == 0
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}, {
'code': 10,
'ns': '',
'set': ''
}]
status = self.client.admin_revoke_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ
}])
assert status == 0
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}]
def test_admin_revoke_privileges_positive_with_policy(self):
"""
Revoke privileges positive with policy
"""
status = self.client.admin_grant_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ
}], {'timeout': 1000})
assert status == 0
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}, {
'code': 10,
'ns': '',
'set': ''
}]
status = self.client.admin_revoke_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ
}], {'timeout': 1000})
time.sleep(1)
assert status == 0
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}]
def test_admin_revoke_privileges_positive_with_ns_set(self):
"""
Revoke privileges positive with ns and set
"""
status = self.client.admin_grant_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ,
"ns": "test",
"set": "demo"
}])
assert status == 0
time.sleep(1)
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}, {
'code': 10,
'ns': 'test',
'set': 'demo'
}]
status = self.client.admin_revoke_privileges(
"usr-sys-admin-test", [{
"code": aerospike.PRIV_READ,
"ns": "test",
"set": "demo"
}])
time.sleep(1)
assert status == 0
roles = self.client.admin_query_role("usr-sys-admin-test")
assert roles == [{
'code': 0,
'ns': '',
'set': ''
}, {
'code': 1,
'ns': '',
'set': ''
}]
def test_revoke_privileges_incorrect_role_type(self):
"""
role name not string
"""
try:
self.client.admin_revoke_privileges(
1, [{
"code": aerospike.PRIV_USER_ADMIN
}])
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Role name should be a string"
def test_revoke_privileges_unknown_privilege_type(self):
"""
privilege type unknown
"""
try:
self.client.admin_revoke_privileges("usr-sys-admin-test",
[{
"code": 64
}])
except InvalidPrivilege as exception:
assert exception.code == 72
def test_revoke_privileges_incorrect_privilege_type(self):
"""
privilege type incorrect
"""
try:
self.client.admin_revoke_privileges("usr-sys-admin-test", None)
except ParamError as exception:
assert exception.code == -2
assert exception.msg == "Privileges should be a list"
def test_revoke_privileges_empty_list_privileges(self):
"""
privilege type is an empty list
"""
try:
self.client.admin_revoke_privileges("usr-sys-admin-test", [])
except InvalidPrivilege as exception:
assert exception.code == 72
assert exception.msg == 'AEROSPIKE_INVALID_PRIVILEGE'
class TestDropUser(TestBaseClass):
pytestmark = pytest.mark.skipif(
TestBaseClass().get_hosts()[1] == None,
reason="No user specified, may be not secured cluster.")
def setup_method(self, method):
"""
Setup method.
"""
hostlist, user, password = TestBaseClass().get_hosts()
config = {'hosts': hostlist}
TestDropUser.Me = self
self.client = aerospike.client(config).connect(user, password)
try:
self.client.admin_drop_user("foo-test")
except:
pass
def teardown_method(self, method):
"""
Teardoen method.
"""
self.client.close()
def test_drop_user_with_no_parameters(self):
"""
Invoke drop_user() without any mandatory parameters.
"""
with pytest.raises(TypeError) as typeError:
self.client.admin_drop_user()
assert "Required argument 'user' (pos 1) not found" in typeError.value
def test_drop_user_with_policy_none(self):
"""
Invoke drop_user() with policy none
"""
policy = None
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_create_user( user, password, roles, policy )
time.sleep(2)
assert status == 0
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
status = self.client.admin_drop_user( user, policy )
assert status == 0
try:
user_details = self.client.admin_query_user( user )
except InvalidUser as exception:
assert exception.code == 60L
assert exception.msg == 'AEROSPIKE_INVALID_USER'
def test_drop_user_with_user_none(self):
"""
Invoke drop_user() with policy none
"""
policy = {'timeout': 1000}
try:
self.client.admin_drop_user( None, policy )
except ParamError as exception:
assert exception.code == -2L
assert exception.msg == 'Username should be a string'
def test_drop_user_positive(self):
"""
Invoke drop_user() with correct arguments.
"""
policy = {'timeout': 1000}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_create_user( user, password, roles, policy )
time.sleep(1)
assert status == 0
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
status = self.client.admin_drop_user( user, policy )
assert status == 0
time.sleep(1)
try:
user_details = self.client.admin_query_user( user, policy )
except InvalidUser as exception:
assert exception.code == 60L
assert exception.msg == 'AEROSPIKE_INVALID_USER'
def test_drop_user_positive_without_policy(self):
"""
Invoke drop_user() with correct arguments.
"""
policy = {
'timeout': 1000
}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_create_user( user, password, roles, policy )
time.sleep(1)
assert status == 0
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
status = self.client.admin_drop_user( user )
assert status == 0
time.sleep(1)
try:
user_details = self.client.admin_query_user( user, policy )
except InvalidUser as exception:
assert exception.code == 60L
assert exception.msg == 'AEROSPIKE_INVALID_USER'
def test_drop_user_negative(self):
"""
Invoke drop_user() with non-existent user.
"""
policy = {}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
try:
user_details = self.client.admin_query_user( user, policy )
except InvalidUser as exception:
assert exception.code == 60L
assert exception.msg == 'AEROSPIKE_INVALID_USER'
try:
status = self.client.admin_drop_user( user )
except InvalidUser as exception:
assert exception.code == 60L
assert exception.msg == 'AEROSPIKE_INVALID_USER'
def test_drop_user_policy_incorrect(self):
"""
Invoke drop_user() with policy incorrect
"""
policy = {'timeout': 1000}
user = "******"
password = "******"
roles = ["read", "read-write", "sys-admin"]
status = self.client.admin_create_user( user, password, roles, policy )
time.sleep(1)
assert status == 0
user_details = self.client.admin_query_user( user, policy )
assert user_details == ['read', 'read-write', 'sys-admin']
policy = {
'timeout': 0.2
}
try:
status = self.client.admin_drop_user( user, policy )
except ParamError as exception:
assert exception.code == -2L
assert exception.msg == 'timeout is invalid'
status = self.client.admin_drop_user( user )
def test_drop_user_with_extra_argument(self):
"""
Invoke drop_user() with extra argument.
"""
policy = {'timeout': 1000}
with pytest.raises(TypeError) as typeError:
self.client.admin_drop_user( "foo-test", policy, "" )
assert "admin_drop_user() takes at most 2 arguments (3 given)" in typeError.value
def test_drop_user_with_too_long_username(self):
policy = {}
user = "******" * 1000
password = "******"
roles = ["sys-admin"]
try:
status = self.client.admin_create_user( user, password, roles, policy )
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
try:
status = self.client.admin_drop_user( user, policy )
except InvalidUser as exception:
assert exception.code == 60
assert exception.msg == "AEROSPIKE_INVALID_USER"
def test_drop_user_with_special_characters_in_username(self):
policy = {}
user = "******"
password = "******"
roles = ["read-write"]
try:
status = self.client.admin_create_user( user, password, roles, policy )
assert status == 0
except:
pass
status = self.client.admin_drop_user( user )
assert status == 0
