Ejemplo n.º 1
0
    def Run(self):
        with test_lib.FakeTime(42):
            self.CreateUser("approver")

            client_id = self.SetupClients(1)[0]

            # Delete the certificate as it's being regenerated every time the
            # client is created.
            with aff4.FACTORY.Open(client_id, mode="rw",
                                   token=self.token) as grr_client:
                grr_client.DeleteAttribute(grr_client.Schema.CERT)

        def ReplaceApprovalId():
            approvals = list(
                aff4.FACTORY.ListChildren(
                    aff4.ROOT_URN.Add("ACL").Add(client_id.Basename()).Add(
                        self.token.username)))

            return {approvals[0].Basename(): "approval:112233"}

        with test_lib.FakeTime(126):
            self.Check("CreateClientApproval",
                       args=user_plugin.ApiCreateClientApprovalArgs(
                           client_id=client_id.Basename(),
                           approval=user_plugin.ApiClientApproval(
                               reason="really important reason!",
                               notified_users=["approver1", "approver2"],
                               email_cc_addresses=["*****@*****.**"])),
                       replace=ReplaceApprovalId)
Ejemplo n.º 2
0
    def RequestClientApproval(self,
                              client_id,
                              reason=None,
                              requestor=None,
                              email_cc_address=None,
                              approver="approver"):
        """Create an approval request to be sent to approver."""
        if hasattr(client_id, "Basename"):
            client_id = client_id.Basename()

        if not requestor:
            requestor = self.token.username

        if not reason:
            reason = self.token.reason

        self.CreateUser(requestor)
        self.CreateUser(approver)

        args = api_user.ApiCreateClientApprovalArgs(
            client_id=client_id,
            approval=api_user.ApiClientApproval(
                reason=reason,
                notified_users=[approver],
                email_cc_addresses=([email_cc_address]
                                    if email_cc_address else [])))
        handler = api_user.ApiCreateClientApprovalHandler()
        result = handler.Handle(
            args, token=access_control.ACLToken(username=requestor))

        return result.id