def __init__(self, host=None, url=[], error=None, *a):
self.radauth = Auth.RadiusLDAPAuthenticator()
rend.Page.__init__(self, *a)
self.host = host
self.url = url
self.error = error
self.sysconf = confparse.Config()
def thive_adminpass(self, messageId, params, data):
db = (None, None, myLang, self)
avatar = Auth.UserAvatar('root', '', 0, 0, True,
[Settings.defaultDomain])
# Create a fake edit form
editInstance = Edit.editPage(avatar, db, 'administrator',
Settings.defaultDomain)
thisForm = editInstance.form_editForm([])
formData = thisForm.data
formData['userSettings.userPassword'] = params[0]
formData['userAccess.ftpGlobal'] = False
formData['userAccess.vpnEnabled'] = False
formData['userPermissions.copyto'] = ''
formData['mailSettings.vacation'] = ''
formData['mailSettings.vacen'] = ''
for i in range(10):
if not formData.get('mailSettings.mailForwardingAddress%s' % i):
formData['mailSettings.mailForwardingAddress%s' % i] = ''
if not formData.get('mailSettings.mailAlternateAddress%s' % i):
formData['mailSettings.mailAlternateAddress%s' % i] = ''
p = editInstance.submitForm(None, None, formData)
print params[0]
self.returnOk(messageId)
def setUp(self):
self.db = [dbFaker(), dbFaker(), lang.Text('en'), dbFaker()]
self.testSambaDomain = 'thusa.co.za'
self.testUser = '******'
self.avatarId = Auth.UserAvatar('test', 'test', 1, 1, True, [])
self.aContext = None
# Backup the profile
try:
os.system(
'cp /usr/local/tcs/tums/profiles/default.py /usr/local/tcs/tums/profiles/testbackup.py'
)
os.system('cp -a /etc/exim4 /root/')
except:
pass
def createPortal(db, root):
""" createPortal
Constructs our guarded realm and portal
@param db: C{AccessBroker} instance
"""
realm = Realm(db, root)
porta = portal.Portal(realm)
porta.registerChecker(checkers.AllowAnonymousAccess(),
credentials.IAnonymous)
checker = Auth.LDAPChecker(
Settings.LDAPServer, Settings.LDAPManager, Settings.LDAPPass,
Settings.LDAPBase) # construct our database cred checker
#checker = Auth.PlainChecker()
porta.registerChecker(checker)
return porta
def genSSHProtocol(args):
checker = Auth.LDAPChecker(Settings.LDAPServer, Settings.LDAPManager,
Settings.LDAPPass, Settings.LDAPBase)
f = protocol.ServerFactory()
f.protocol = lambda: TelnetTransport(
TelnetBootstrapProtocol, insults.ServerProtocol, args[
'protocolFactory'], *args.get('protocolArgs', ()),
**args.get('protocolKwArgs', {}))
#tsvc = internet.TCPServer(args['telnet'], f)
def chainProtocolFactory():
return insults.ServerProtocol(args['protocolFactory'],
*args.get('protocolArgs', ()),
**args.get('protocolKwArgs', {}))
rlm = TerminalRealm()
rlm.chainedProtocolFactory = chainProtocolFactory
ptl = portal.Portal(rlm, [checker])
f = ConchFactory(ptl)
return f
import Tree, Realm, Database, xmlrpc, bot, lang, Checks
from Core import Utils, Auth, WebUtils
from Pages import Index, Users
# THIVE
from ThebeProtocol import proto, thive
# General
import cPickle, os
if len(sys.argv) > 1:
if sys.argv[1] == "--radauth":
if len(sys.argv) > 3:
username = sys.argv[2]
password = sys.argv[3]
radauth = Auth.RadiusLDAPAuthenticator()
res = radauth.authenticateUser(username, password)
if res:
uids = []
lastIndex = 0
index = 0
try:
l = open('/tmp/radpool')
for i in l:
lastIndex += 1
j = i.strip('\n').strip()
if j:
if j == username:
index = lastIndex
uids.append(j)
l.close()
def thive_user(self, messageId, params, data):
""" User record updated/new.
if the user exists, initialise a call to Users.Edit.editPage otherwise
pass to Users.Add.addPage
Plain text password is passed from server down to client node.
"""
locator = params[0] # A resource locator (userid@domain)
type = params[1]
newdata = {}
for kv in data.split('`'):
if kv:
k, v = kv.split(':', 1)
newdata[k] = v
tumsUser = []
squid = False
admin = False
for i in newdata['emp'].split('+'):
if 'squid' in i:
squid = True
if 'tumsAdmin' in i:
admin = True
if 'tumsUser' in i:
tumsUser = i.strip(']').split('[')[-1].split(
',') # list in brackets.
flags = {
'vpn': False,
'ftpE': False,
'ftpG': False,
'copyto': u"",
}
flagsi = newdata['flags'].split('+')
f = ['vpn', 'ftpE', 'ftpG']
for n, d in enumerate(flagsi[0]):
flags[f[n]] = d == "-"
if len(flagsi) > 1:
flags['copyto'] = flagsi[1]
submitData = {
'userPermissions.employeeType': squid,
'userPermissions.tumsUser': tumsUser,
'userPermissions.tumsAdmin': admin,
'userPermissions.accountStatus': newdata['active'] == "active",
'userSettings.uid': newdata['name'],
'userSettings.userPassword': newdata['password'],
'userSettings.sn': unicode(newdata['sn']),
'userSettings.givenName': unicode(newdata['giveName']),
'mailSettings.vacation': newdata['vacation'],
'mailSettings.vacen': newdata['vacEnable'] == "True",
'userPermissions.copyto': flags['copyto'],
'userAccess.vpnEnabled': flags['vpn'],
'userAccess.ftpEnabled': flags['ftpE'],
'userAccess.ftpGlobal': flags['ftpG'],
}
# Initialise all the psuedo-fields
for i in range(10):
submitData['mailSettings.mailAlternateAddress%s' % i] = u""
submitData['mailSettings.mailForwardingAddress%s' % i] = u""
# Teardown our real data
for n, d in enumerate(newdata['mailAlias'].split('+')):
submitData['mailSettings.mailAlternateAddress%s' % n] = unicode(d)
for n, d in enumerate(newdata['mailForward'].split('+')):
submitData['mailSettings.mailForwardingAddress%s' % n] = unicode(d)
# Dummy form
form = None
#print submitData
# decide which instance to create
if type == "new":
# Add new user (Not implemented on Thebe yet...
addInstance = Add.addPage()
p = addInstance.submitForm(None, None, submitData)
else:
#print "Edit ", locator
# Alteration of existing user.
try:
db = (None, None, myLang, self)
avatar = Auth.UserAvatar('root', '', 0, 0, True,
[Settings.defaultDomain])
editInstance = Edit.editPage(avatar, db,
locator.split('@')[0],
newdata['domain'])
p = editInstance.submitForm(None, None, submitData)
except Exception, e:
print e, "ERROR"
class TestTums(unittest.TestCase):
db = [dbFaker(), dbFaker()]
testSambaDomain = 'thusa.co.za'
testUser = '******'
avatarId = Auth.UserAvatar('test', 'test', 1, 1, True, [])
aContext = None
def flattenUrl(self, urlObj, page):
ctx = context.WebContext(tag=page)
ctx.remember(testutil.AccumulatingFakeRequest())
return ''.join(
[i for i in url.URLOverlaySerializer(urlObj, ctx).next()])
########################
# Users
########################
def test_Users(self):
page = Users.Page(self.avatarId, self.db)
page.addSlash = False
return testutil.renderPage(page)
def test_addUser(self):
page = Users.addPage(self.avatarId, self.db, self.testSambaDomain)
page.addSlash = False
testutil.renderPage(page)
submitData = {
'userSettings.uid': u'test01',
'userPermissions.employeeType': True,
'userPermissions.tumsUser': None,
'userSettings.userPassword': "******",
'mailSettings.vacation': None,
'mailSettings.mailAlternateAddress0': None,
'userPermissions.tumsAdmin': True,
'mailSettings.mailForwardingAddress0': None,
'userPermissions.accountStatus': True,
'userPermissions.employeeType': True,
'userSettings.sn': u'test',
'userSettings.givenName': u'test01'
}
for i in range(10):
submitData['mailSettings.mailAlternateAddress%s' % i] = None
submitData['mailSettings.mailForwardingAddress%s' % i] = None
form = None
U = page.submitForm(self.aContext, form, submitData)
self.assertIn("/Users/Edit/thusa.co.za/test01",
self.flattenUrl(U, page))
return U
def test_editUser(self):
page = Users.editPage(self.avatarId, self.db, 'root',
self.testSambaDomain)
page.addSlash = False
testutil.renderPage(page)
submitData = {
'userSettings.uid': u'root',
'userPermissions.employeeType': True,
'userPermissions.tumsUser': None,
'userSettings.userPassword': None,
'mailSettings.vacation': None,
'mailSettings.mailAlternateAddress0': None,
'userPermissions.tumsAdmin': True,
'mailSettings.mailForwardingAddress0': None,
'userPermissions.accountStatus': True,
'userPermissions.employeeType': True,
'userSettings.sn': u'root',
'homeDirectory': ['/home/colin'],
'userSettings.givenName': u'rooter'
}
form = None
for i in range(10):
submitData['mailSettings.mailAlternateAddress%s' % i] = None
submitData['mailSettings.mailForwardingAddress%s' % i] = None
U = page.submitForm(self.aContext, form, submitData)
self.assertIn("/Users/Edit/thusa.co.za/root/Completed",
self.flattenUrl(U, page))
return U
def test_deleteUser(self):
page = Users.deletePage(self.avatarId, self.db)
page.addSlash = False
testutil.renderPage(page)
U = page.locateChild(None, ['thusa.co.za', 'test01'])
self.assertIn("/Users", self.flattenUrl(U[0], page))
return U
def test_addGroup(self):
page = Users.addGroups(self.avatarId, self.testSambaDomain,
self.testUser, self.db)
page.addSlash = False
testutil.renderPage(page)
submitData = {'groupName': 'test01'}
U = page.submitForm(self.aContext, None, submitData)
self.assertIn('/Users/Groups/thusa.co.za/test',
self.flattenUrl(U, page))
return U
def test_editGroupMembership(self):
page = Users.editGroups(self.avatarId, self.db, self.testUser,
self.testSambaDomain)
page.addSlash = False
return testutil.renderPage(page)
########################
# All page renderers
########################
def test_pageRenders(self):
pages = [
Log, Stats, Mail, MailQueue, Samba, Reports, Tools, VPN, Netdrive,
Network, Backup, Dhcp, Computers, Squid, Firewall,
PermissionDenied, GroupMatrix, Traffic, Exim, Overview,
NetworkStats, System, Graph, MySQL, Existat, About, Menu, Ppp
]
renderInstances = []
for pname in pages:
page = pname.Page(self.avatarId, self.db)
page.addSlash = False
renderInstances.append(testutil.renderPage(page))
return renderInstances
def test_dhcp(self):
page = Dhcp.Page(self.avatarId, self.db)
pass
def test_ppp(self):
page = Ppp.Page(self.avatarId, self.db)
pass
def test_backup(self):
page = Backup.Page(self.avatarId, self.db)
import datetime
U = page.submitForm(
self.aContext, None, {
'descrip': 'Test',
'backpath': '/home',
'destpath': 'foo',
'notify': '*****@*****.**',
'backupdrive': 'noDrive',
'sched': True,
'time': datetime.datetime.now(),
})
self.assertIn('/Backup', self.flattenUrl(U, page))
return U
def test_vpn(self):
page = VPN.Page(self.avatarId, self.db)
# Test the windows form
U = page.submitWinForm(
self.aContext, None, {
'windows': True,
'winip': u'172.31.0.2',
'winextip': u'196.211.202.165'
})
# Turn it off...
U = page.submitWinForm(self.aContext, None, {
'windows': False,
'winip': u'',
'winextip': u''
})
# Setup a TCS VPN
U = page.submitForm(
self.aContext, None, {
'openvpn': True,
'iprange1': '172.31.4.30',
'iprange2': '172.31.4.50',
'mtu': '1300',
'WINS': '172.31.0.1',
'DNS': '172.31.0.2',
'DOMAIN': 'thusa.co.za',
'routes': []
})
# Add a user.
U = page.newCert(
self.aContext, None, {
'name': 'colin alston',
'mail': '*****@*****.**',
'ip': '172.31.4.35',
'mailKey': True
})
# Revoke the test cert
page.locateChild(self.aContext, ['Revoke', 'colinalston'])
return U
def test_firewall(self):
page = Firewall.Page(self.avatarId, self.db)
# Try creating a zone
U = page.submitZone(
self.aContext, None, {
'zone': 'test',
'policy': 'ACCEPT',
'log': '',
'interfaces': 'eth1, eth0'
})
# Try allowing a range in our test zone
U = page.submitAllowRange(self.aContext, None, {
'sourceip': '172.31.0.1',
'zone': 'test'
})
# Allow a port in our zone
U = page.submitAllowPort(
self.aContext, None, {
'destport': '1994',
'destip': '192.157.123.2',
'proto': 'udp',
'zone': 'test'
})
# Forward a port.
U = page.submitForwardPort(
self.aContext, None, {
'port': '24',
'destip': '172.31.0.2',
'dstport': '24',
'sourceip': '',
'proto': 'tcp'
})
# create a transparent proxy
U = page.submitTransProxy(
self.aContext, None, {
'sourceip': '172.31.0.0',
'destip': '172.31.0.212',
'srcport': '8080',
'dstport': '3123',
'proto': 'tcp'
})
return U
def test_samba(self):
page = Samba.Page(self.avatarId, self.db)
U = page.submitForm(
self.aContext, None, {
'share': 'testshare',
'path': '/foo/bar',
'comment': 'Test Share',
'public': True,
'writable': True,
'group': 'Domain Users'
})
page.locateChild(self.aContext, ['Delete', 'testshare'])
return U
def test_exim(self):
page = Exim.Page(self.avatarId, self.db)
U = page.submitForm(
self.aContext, None, {
'maxsize': '100M',
'blockedFiles': '.mp3',
'blockMovies': True,
'blockHarm': True,
'smtprelay': '172.31.0.1',
'hubbedHosts': 'foo.com 172.31.0.2',
'localDomains': 'foo.net',
'relayDomains': 'foo.org'
})
self.assertIn('/Mailserver', self.flattenUrl(U, page))
return U
def test_netDrive(self):
page = Netdrive.Page(self.avatarId, self.db)
U = page.submitForm(
self.aContext, None, {
'sharepath': '\\\\foo\\bar',
'loginGroup': 'Domain Users',
'driveletter': 'X'
})
self.assertIn('/Netdrive', self.flattenUrl(U, page))
# Delete the thing we added
Ul = page.locateChild(self.aContext, ['Delete', 'X'])
self.assertIn('/Netdrive', self.flattenUrl(Ul[0], page))
return U
def test_squid(self):
page = Squid.Page(self.avatarId, self.db)
# Change auth details..
U = page.submitAuth(self.aContext, None, {
'ldapauth': True,
'adauth': False,
'adserv': u'',
'addom': u'',
})
self.assertIn('/Squid', self.flattenUrl(U, page))
# Add a domain
U = page.submitDomain(self.aContext, None, {'domain': 'test.com'})
self.assertIn('/Squid', self.flattenUrl(U, page))
# Add an IP
U = page.submitHost(self.aContext, None, {'ip': '192.168.153.2'})
self.assertIn('/Squid', self.flattenUrl(U, page))
U = page.submitDest(self.aContext, None, {'ip': '192.168.153.2'})
self.assertIn('/Squid', self.flattenUrl(U, page))
# Deletions
page.locateChild(self.aContext, ['Delete', 'Domain', '-1'])
page.locateChild(self.aContext, ['Delete', 'Destination', '-1'])
page.locateChild(self.aContext, ['Delete', 'Host', '-1'])
return U