def test_update_config():
"""Test we get the expected modifications for a haproxy configuration
file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/haproxy.cfg' % utils.get_data_path())
config = utils.get_config('%s/haproxy_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorHaproxy(
'%s/ip_data.cfg' % utils.get_data_path()
)
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError) as excinfo:
gen.update_config()
# Load the reference result data
ref_result_file = (
'%s/haproxy.cfg' % utils.get_reference_result_path()
)
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = (
'%s//haproxy.cfg' % utils.get_test_tmpdir()
)
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert 1 == 0, msg
def test_update_config_no_file():
"""Test the generation if the ACL config file if the file does not exist"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/nginx_setup.cfg' % utils.get_data_path())
config = utils.get_config('%s/nginx_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorNginx('%s/ip_data.cfg' % utils.get_data_path())
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError):
gen.update_config()
# Load the reference result data
ref_result_file = ('%s/nginx-access.cfg' %
utils.get_reference_result_path())
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = ('%s/nginx-access.cfg' % utils.get_test_tmpdir())
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert False, msg
def test_update_config():
"""Test we get the expected modifications for a haproxy configuration
file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/haproxy.cfg' % utils.get_data_path())
config = utils.get_config('%s/haproxy_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorHaproxy('%s/ip_data.cfg' %
utils.get_data_path())
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError):
gen.update_config()
# Load the reference result data
ref_result_file = ('%s/haproxy.cfg' % utils.get_reference_result_path())
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = ('%s//haproxy.cfg' % utils.get_test_tmpdir())
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert 1 == 0, msg
def test_update_config_v24(mock_glob, mock_osaccess, mock_ospath_apache,
mock_ospath_base):
"""Test we get the expected modifications in the config file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/apache-vhost.cfg' % utils.get_data_path())
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache('%s/ip_data.cfg' %
utils.get_data_path())
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError) as excinfo:
gen.update_config()
# Load the reference result data
ref_result_file = ('%s/apache-vhost-24.cfg' %
utils.get_reference_result_path())
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = ('%s/apache-vhost.cfg' % utils.get_test_tmpdir())
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert False, msg
def test_set_config_values_no_service_name():
"""Test configuration with missing 'serviceName' option service and
section name should be equal"""
config = utils.get_config('%s/base_no_service_name_config.cfg' %
utils.get_data_path())
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
result = gen.set_config_values(config, 'example')
assert gen.service_name == 'example'
assert result == 1
def test_get_apache_ip_directive_apachectl_call_24(mock_ospopen, mock_osaccess,
mock_ospath):
"""Test we get the expected directive value for Apache 2.4
when 'apachctl' is called"""
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache('%s/ip_data.cfg' %
utils.get_data_path())
gen.set_config_values(config)
ip_directive = gen._get_apache_ip_directive()
assert ip_directive == 'Require ip'
def test_set_config_values():
"""Test a properly configured setup"""
config = utils.get_config('%s/base_config.cfg' % utils.get_data_path())
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
result = gen.set_config_values(config, 'example')
assert gen.service_name == 'foo'
assert gen.service_config == '/tmp/serviceAccess/foo.cfg'
assert gen.request == 'http://example.com/service'
assert gen.interval == '-1'
assert result == 1
def test_get_apache_ip_directive_upgrade_file_22(mock_glob, mock_osaccess,
mock_ospath):
"""Test we get the expected directive value for Apache 2.2
when using the upgrade file filename"""
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache('%s/ip_data.cfg' %
utils.get_data_path())
gen.set_config_values(config)
ip_directive = gen._get_apache_ip_directive()
assert ip_directive == 'Allow from'
def test_set_config_values_no_interval(mock_logging):
"""Test configuration with missing 'updateInterval' option"""
config = utils.get_config('%s/base_no_interval_config.cfg' %
utils.get_data_path())
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
with pytest.raises(ServiceAccessGeneratorConfigError) as excinfo:
result = gen.set_config_values(config, 'example')
expected_msg = 'Configuration error. An update interval '
expected_msg += 'must be specified with the "updateInterval" option '
expected_msg += 'in the "example" section of the config file.'
assert mock_logging.error.called
assert expected_msg == str(excinfo.value)
def test_get_apache_ip_directive_apachectl_call_24(
mock_ospopen,
mock_osaccess,
mock_ospath):
"""Test we get the expected directive value for Apache 2.4
when 'apachctl' is called"""
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache(
'%s/ip_data.cfg' % utils.get_data_path()
)
gen.set_config_values(config)
ip_directive = gen._get_apache_ip_directive()
assert ip_directive == 'Require ip'
def test_get_apache_ip_directive_upgrade_file_24(
mock_glob,
mock_osaccess,
mock_ospath):
"""Test we get the expected directive value for Apache 2.4
when using the upgrade file filename"""
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache(
'%s/ip_data.cfg' % utils.get_data_path()
)
gen.set_config_values(config)
ip_directive = gen._get_apache_ip_directive()
assert ip_directive == 'Require ip'
def test_set_config_values_no_service_config(mock_logging):
"""Test configuration with missing 'serviceConfig' option"""
config = utils.get_config('%s/base_no_service_config.cfg' %
utils.get_data_path())
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
with pytest.raises(ServiceAccessGeneratorConfigError) as excinfo:
gen.set_config_values(config, 'example')
expected_msg = 'Configuration error. A configuration file to modify '
expected_msg += 'must be specified with the "serviceConfig" option in the '
expected_msg += '"example" section of the config file.'
assert mock_logging.error.called
assert expected_msg == str(excinfo.value)
def test_factory_haproxy():
"""Test that we get a genarator for Apache"""
config = utils.get_config('%s/haproxy_setup.cfg' % utils.get_data_path())
generators = get_access_rule_generators(config)
assert len(generators) == 1
assert generators[0].__class__.__name__ == 'ServiceAccessGeneratorHaproxy'
def test_update_config_v24_large_IP_set(
mock_glob,
mock_osaccess,
mock_ospath_apache,
mock_ospath_base):
"""Test we get the expected modifications in the config file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/apache-vhost.cfg' % utils.get_data_path())
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
ip_config = utils.get_config('%s/ip_data.cfg' % utils.get_data_path())
large_ip_set = '192.168.1.0/24,' * 400
large_ip_set += '192.168.1.0/24'
ip_config.set('region3', 'public-ips', large_ip_set)
large_ip_data = open('%s/large_ip_data.cfg' % utils.get_test_tmpdir(), 'w')
ip_config.write(large_ip_data)
large_ip_data.close()
gen = ServiceAccessGeneratorApache(
'%s/large_ip_data.cfg' % utils.get_test_tmpdir()
)
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError) as excinfo:
gen.update_config()
# Load the reference result data
ref_result_file = (
'%s/apache-vhost-24-large-ip-set.cfg'
% utils.get_reference_result_path()
)
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = (
'%s/apache-vhost.cfg' % utils.get_test_tmpdir()
)
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert False, msg
def test_update_config_v24_large_IP_set(
mock_glob,
mock_osaccess,
mock_ospath_apache,
mock_ospath_base):
"""Test we get the expected modifications in the config file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/apache-vhost_24.cfg' % utils.get_data_path())
config = utils.get_config('%s/apache_setup_24.cfg' % utils.get_data_path())
ip_config = utils.get_config('%s/ip_data.cfg' % utils.get_data_path())
large_ip_set = '192.168.1.0/24,' * 400
large_ip_set += '192.168.1.0/24'
ip_config.set('region3', 'public-ips', large_ip_set)
large_ip_data = open('%s/large_ip_data.cfg' % utils.get_test_tmpdir(), 'w')
ip_config.write(large_ip_data)
large_ip_data.close()
gen = ServiceAccessGeneratorApache(
'%s/large_ip_data.cfg' % utils.get_test_tmpdir()
)
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError) as excinfo:
gen.update_config()
# Load the reference result data
ref_result_file = (
'%s/apache-vhost-24-large-ip-set.cfg'
% utils.get_reference_result_path()
)
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = (
'%s/apache-vhost_24.cfg' % utils.get_test_tmpdir()
)
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert False, msg
def test_allowed_client_ip_addrs():
"""Test that we get the expected cidr blocks from a valid config
file."""
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
cidr_blocks = gen._get_allowed_client_ip_addrs()
expected = '8.0.0.0/24,132.168.2.0/8,154.12.0.0/16,18.168.1.1/32'
assert cidr_blocks == expected
def test_update_service_config(mock_logging):
"""Test that the base class logs an error when we reach the
_update_service_config() method. This method must be implemented
in the service specific plugin"""
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
gen._update_service_config()
assert mock_logging.error.called
def test_factory_multi_services():
"""Test that the factory produces generators for all configured
services"""
config = utils.get_config('%s/multi_service_setup.cfg' %
utils.get_data_path())
generators = get_access_rule_generators(config)
assert len(generators) == 2
def test_factory_missing_option(mock_logging):
"""Test that an incomplete configuration file, with the missing 'ipdata'
option in the 'accessservice' triggers and error"""
config = utils.get_config('%s/no_service_plugin.cfg' %
utils.get_data_path())
get_access_rule_generators(config)
assert mock_logging.error.called
def test_factory_multi_services():
"""Test that the factory produces generators for all configured
services"""
config = utils.get_config(
'%s/multi_service_setup.cfg' % utils.get_data_path()
)
generators = get_access_rule_generators(config)
assert len(generators) == 2
def test_generate_network_name():
"""Test the generation of a network name alias"""
gen = ServiceAccessGeneratorHaproxy('%s/ip_data.cfg' %
utils.get_data_path())
net_name = gen._generate_network_name('foo', 1)
expected = 'foo1'
assert net_name == expected
def test_allowed_client_ip_addrs_no_config(mock_logging):
"""Test that an error is generated when the config file has a syntax
error"""
gen = ServiceAccessGenerator('%s/foo.cfg' % utils.get_data_path())
with pytest.raises(ServiceAccessGeneratorConfigError) as excinfo:
gen._get_allowed_client_ip_addrs()
assert mock_logging.error.called
assert 'tests/data/foo.cfg' in str(excinfo.value)
def test_factory_missing_plugin(mock_logging):
"""Test that a configured service with no equivalent plugin produces
an error message"""
config = utils.get_config('%s/missing_ipdata_opt.cfg' %
utils.get_data_path())
with pytest.raises(ServiceAccessGeneratorConfigError):
get_access_rule_generators(config)
assert mock_logging.error.called
def test_factory_haproxy():
"""Test that we get a genarator for Apache"""
config = utils.get_config(
'%s/haproxy_setup.cfg' % utils.get_data_path()
)
generators = get_access_rule_generators(config)
assert len(generators) == 1
assert generators[0].__class__.__name__ == 'ServiceAccessGeneratorHaproxy'
def test_factory_missing_option(mock_logging):
"""Test that an incomplete configuration file, with the missing 'ipdata'
option in the 'accessservice' triggers and error"""
config = utils.get_config(
'%s/no_service_plugin.cfg' % utils.get_data_path()
)
generators = get_access_rule_generators(config)
assert mock_logging.error.called
def test_factory_missing_plugin(mock_logging):
"""Test that a configured service with no equivalent plugin produces
an error message"""
config = utils.get_config(
'%s/missing_ipdata_opt.cfg' % utils.get_data_path()
)
with pytest.raises(ServiceAccessGeneratorConfigError) as excinfo:
generators = get_access_rule_generators(config)
assert mock_logging.error.called
def test_generate_network_name():
"""Test the generation of a network name alias"""
gen = ServiceAccessGeneratorHaproxy(
'%s/ip_data.cfg' % utils.get_data_path()
)
net_name = gen._generate_network_name('foo', 1)
expected = 'foo1'
assert net_name == expected
def test_allowed_client_ip_addrs_error_config(mock_logging):
"""Test that an error is generated when the config file does not
exist, i.e. cannot be read"""
gen = ServiceAccessGenerator('%s/ip_data_syntax_error.cfg' %
utils.get_data_path())
with pytest.raises(ServiceAccessGeneratorConfigError) as excinfo:
gen._get_allowed_client_ip_addrs()
assert mock_logging.error.called
assert 'tests/data/ip_data_syntax_error.cfg' in str(excinfo.value)
def test_generate_acl_entry():
"""Test the generation of an acl entry"""
gen = ServiceAccessGeneratorHaproxy('%s/ip_data.cfg' %
utils.get_data_path())
cidr_blocks = ['8.0.0.0/24', '132.168.2.0/8', '154.12.0.0/16']
acl_entry = gen._generate_acl_entry('network', 10, cidr_blocks)
expected = ' acl network10 src 8.0.0.0/24 132.168.2.0/8 '
expected += '154.12.0.0/16\n'
assert acl_entry == expected
def test_restart_service_systemd(mock_logging, mock_os, mock_ossystem,
mock_ospath):
"""Test that the proper systemd command is issued to start a service"""
gen = ServiceAccessGenerator('%s/ip_data.cfg' % utils.get_data_path())
gen.service_name = 'foo'
with pytest.raises(ServiceAccessGeneratorServiceRestartError):
gen._restart_service()
assert mock_logging.error.called
mock_logging.error.assert_called_with('foo restart failed')
mock_os.system.assert_called_with('systemctl restart foo.service')
def test_generate_acl_entry():
"""Test the generation of an acl entry"""
gen = ServiceAccessGeneratorHaproxy(
'%s/ip_data.cfg' % utils.get_data_path()
)
cidr_blocks = ['8.0.0.0/24', '132.168.2.0/8', '154.12.0.0/16']
acl_entry = gen._generate_acl_entry('network', 10, cidr_blocks)
expected = ' acl network10 src 8.0.0.0/24 132.168.2.0/8 '
expected += '154.12.0.0/16\n'
assert acl_entry == expected
def test_update_config_v24(
mock_glob,
mock_osaccess,
mock_ospath_apache,
mock_ospath_base):
"""Test we get the expected modifications in the config file"""
utils.create_test_tmpdir()
utils.copy_to_testdir('%s/apache-vhost.cfg' % utils.get_data_path())
config = utils.get_config('%s/apache_setup.cfg' % utils.get_data_path())
gen = ServiceAccessGeneratorApache(
'%s/ip_data.cfg' % utils.get_data_path()
)
gen.set_config_values(config)
with pytest.raises(ServiceAccessGeneratorServiceRestartError) as excinfo:
gen.update_config()
# Load the reference result data
ref_result_file = (
'%s/apache-vhost-24.cfg' % utils.get_reference_result_path()
)
ref_result = open(ref_result_file).read()
# Load the generated result
gen_result_file = (
'%s/apache-vhost.cfg' % utils.get_test_tmpdir()
)
gen_result = open(gen_result_file).read()
if ref_result == gen_result:
# success
utils.remove_test_tmpdir()
else:
msg = 'Test failed, not removing test directory '
msg += '"%s" to aid debugging ' % utils.get_test_tmpdir()
assert False, msg
