def test_put_v2_config_success(self, mock_alert_source_get, mock_alert_source_update): req = fakes.HTTPRequest.blank('/storages/fake_id/snmp-config') fake_storage_id = 'abcd-1234-5678' return_v2_alert_source = fakes.fake_v2_alert_source() return_v2_alert_source['community_string'] = cryptor.encode( return_v2_alert_source['community_string']) mock_alert_source_update.return_value = return_v2_alert_source mock_alert_source_get.return_value = return_v2_alert_source expected_alert_source = {'storage_id': 'abcd-1234-5678', 'host': '127.0.0.1', 'community_string': 'public', 'version': 'snmpv2c', 'port': 161, "retry_num": 1, "expiration": 1, "created_at": '2020-06-15T09:50:31.698956', "updated_at": '2020-06-15T09:50:31.698956' } alert_controller_inst = self._get_alert_controller() body = fakes.fake_v2_alert_source_config() output_alert_source = alert_controller_inst.put(req, fake_storage_id, body=body) self.assertDictEqual(expected_alert_source, output_alert_source)
def login(self): """Login dell_emc unity storage array.""" try: with self.session_lock: data = {} if self.session is None: self.init_http_head() self.session.headers.update({"X-EMC-REST-CLIENT": "true"}) self.session.auth = requests.auth.HTTPBasicAuth( self.rest_username, cryptor.decode(self.rest_password)) res = self.call_with_token(RestHandler.REST_AUTH_URL, data, 'GET') if res.status_code == 200: self.session.headers[RestHandler.AUTH_KEY] = \ cryptor.encode(res.headers[RestHandler.AUTH_KEY]) else: LOG.error("Login error.URL: %s,Reason: %s.", RestHandler.REST_AUTH_URL, res.text) if 'Unauthorized' in res.text: raise exception.InvalidUsernameOrPassword() elif 'Forbidden' in res.text: raise exception.InvalidIpOrPort() else: raise exception.BadResponse(res.text) except Exception as e: LOG.error("Login error: %s", six.text_type(e)) raise e
def login(self): try: data = { 'request': { 'params': { "username": self.rest_username, "password": cryptor.decode(self.rest_password) } } } with self.session_lock: if self.session is None: self.init_http_head() res = self.call_with_token( RestHandler.REST_TOKEN_URL, data, 'POST') if res.status_code == 200: result = res.json() self.session.headers['X-Auth-Token'] = \ cryptor.encode(result.get('token').get('token')) else: LOG.error("Login error. URL: %(url)s,Reason: %(reason)s.", {"url": RestHandler.REST_TOKEN_URL, "reason": res.text}) if 'Authentication has failed' in res.text: raise exception.InvalidUsernameOrPassword() else: raise exception.StorageBackendException(res.text) except Exception as e: LOG.error("Login error: %s", six.text_type(e)) raise e finally: data = None
def get_token(self): try: succeed = False if self.san_address: url = '%s/%s/sessions' % \ (RestHandler.COMM_URL, self.storage_device_id) data = {} with self.session_lock: if self.session is None: self.init_http_head() self.session.auth = \ requests.auth.HTTPBasicAuth( self.rest_username, cryptor.decode(self.rest_password)) res = self.call_with_token(url, data, 'POST', 30) if res.status_code == 200: succeed = True result = res.json() self.session_id = cryptor.encode( result.get('sessionId')) access_session = 'Session %s' % result.get('token') self.session.headers[ RestHandler.AUTH_KEY] = cryptor.encode( access_session) else: LOG.error( "Login error. URL: %(url)s\n" "Reason: %(reason)s.", { "url": url, "reason": res.text }) if 'authentication failed' in res.text: raise exception.InvalidUsernameOrPassword() elif 'KART30005-E' in res.text: raise exception.StorageBackendException( six.text_type(res.text)) else: raise exception.BadResponse(res.text) else: LOG.error('Token Parameter error') return succeed except Exception as e: LOG.error("Get token error: %s", six.text_type(e)) raise e
def encrypt_password(context, access_info): for access in constants.ACCESS_TYPE: if access_info.get(access): access_info[access]['password'] = cryptor.encode( access_info[access]['password'])
def _input_check(self, alert_source): version = alert_source.get('version') if version.lower() == 'snmpv3': user_name = alert_source.get('username') security_level = alert_source.get('security_level') engine_id = alert_source.get('engine_id') # Validate engine_id, check octet string can be formed from it if engine_id: try: OctetString.fromHexString(engine_id) except (TypeError, ValueError): msg = "engine_id should be a set of octets in " \ "hexadecimal format." raise exception.InvalidInput(msg) if not user_name or not security_level: msg = "If snmp version is SNMPv3, then username, " \ "security_level are required." raise exception.InvalidInput(msg) if security_level == constants.SecurityLevel.AUTHNOPRIV\ or security_level == constants.SecurityLevel.AUTHPRIV: auth_protocol = alert_source.get('auth_protocol') auth_key = alert_source.get('auth_key') if not auth_protocol or not auth_key: msg = "If snmp version is SNMPv3 and security_level is " \ "authPriv or authNoPriv, auth_protocol and " \ "auth_key are required." raise exception.InvalidInput(msg) alert_source['auth_key'] = cryptor.encode( alert_source['auth_key']) if security_level == constants.SecurityLevel.AUTHPRIV: privacy_protocol = alert_source.get('privacy_protocol') privacy_key = alert_source.get('privacy_key') if not privacy_protocol or not privacy_key: msg = "If snmp version is SNMPv3 and security_level" \ " is authPriv, privacy_protocol and " \ "privacy_key are required." raise exception.InvalidInput(msg) alert_source['privacy_key'] = cryptor.encode( alert_source['privacy_key']) else: alert_source['privacy_key'] = None alert_source['privacy_protocol'] = None else: alert_source['auth_key'] = None alert_source['auth_protocol'] = None alert_source['privacy_key'] = None alert_source['privacy_protocol'] = None # Clear keys for other versions. alert_source['community_string'] = None else: community_string = alert_source.get('community_string') if not community_string: msg = "If snmp version is SNMPv1 or SNMPv2c, " \ "community_string is required." raise exception.InvalidInput(msg) alert_source['community_string'] = cryptor.encode( alert_source['community_string']) # Clear keys for SNMPv3 for k in SNMPv3_keys: alert_source[k] = None return alert_source
def _input_check(self, alert_source): version = alert_source.get('version') plain_auth_key = None plain_priv_key = None if version.lower() == 'snmpv3': user_name = alert_source.get('username') security_level = alert_source.get('security_level') engine_id = alert_source.get('engine_id') # Validate engine_id snmp_validator.validate_engine_id(engine_id) if not user_name or not security_level or not engine_id: msg = "If snmp version is SNMPv3, then username, " \ "security_level and engine_id are required." raise exception.InvalidInput(msg) if security_level == "AuthNoPriv" or security_level == "AuthPriv": auth_protocol = alert_source.get('auth_protocol') auth_key = alert_source.get('auth_key') if not auth_protocol or not auth_key: msg = "If snmp version is SNMPv3 and security_level is " \ "AuthPriv or AuthNoPriv, auth_protocol and " \ "auth_key are required." raise exception.InvalidInput(msg) plain_auth_key = alert_source['auth_key'] alert_source['auth_key'] = cryptor.encode( alert_source['auth_key']) if security_level == "AuthPriv": privacy_protocol = alert_source.get('privacy_protocol') privacy_key = alert_source.get('privacy_key') if not privacy_protocol or not privacy_key: msg = "If snmp version is SNMPv3 and security_level" \ " is AuthPriv, privacy_protocol and " \ "privacy_key are required." raise exception.InvalidInput(msg) plain_priv_key = alert_source['privacy_key'] alert_source['privacy_key'] = cryptor.encode( alert_source['privacy_key']) else: alert_source['privacy_key'] = None alert_source['privacy_protocol'] = None else: alert_source['auth_key'] = None alert_source['auth_protocol'] = None alert_source['privacy_key'] = None alert_source['privacy_protocol'] = None # Clear keys for other versions. alert_source['community_string'] = None else: community_string = alert_source.get('community_string', None) if not community_string: msg = "If snmp version is SNMPv1 or SNMPv2c, " \ "community_string is required." raise exception.InvalidInput(msg) # Clear keys for SNMPv3 for k in SNMPv3_keys: alert_source[k] = None # Validate configuration with alert source using snmp connectivity and # update if valid alert_source = snmp_validator.validate_connectivity( alert_source, plain_auth_key, plain_priv_key) return alert_source