def test_create_with_checksum(self):
# skip if server is older than 4.2
if self.server_version < (4, 2, 0):
self.skipTest('Expects iRODS 4.2 server-side configuration')
# server config
server_config_dir = '/etc/irods'
test_re_file = os.path.join(server_config_dir, 'test.re')
server_config_file = os.path.join(
server_config_dir, 'server_config.json')
try:
with helpers.file_backed_up(server_config_file):
# make pep rule
test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}"
# write pep rule into test_re
with open(test_re_file, 'w') as f:
f.write(test_rule)
# make new server configuration with additional re file
new_server_config = self.make_new_server_config_json(
server_config_file)
# repave the existing server_config.json to add test_re
with open(server_config_file, 'w') as f:
f.write(new_server_config)
# must make a new connection for the agent to pick up the
# updated configuration
self.sess.cleanup()
# test object
collection = self.coll_path
filename = 'checksum_test_file'
obj_path = "{collection}/{filename}".format(**locals())
contents = 'blah' * 100
checksum = base64.b64encode(
hashlib.sha256(contents).digest()).decode()
# make object in test collection
options = {kw.OPR_TYPE_KW: 1} # PUT_OPR
obj = helpers.make_object(self.sess, obj_path, content=contents, options=options)
# verify object's checksum
self.assertEqual(
obj.checksum, "sha2:{checksum}".format(**locals()))
# cleanup
os.unlink(test_re_file)
except IOError as e:
# a likely fail scenario
if e.errno == 13:
self.skipTest("No permission to modify server configuration")
raise
except:
raise
def test_create_with_checksum(self):
# skip if server is older than 4.2
if self.server_version < (4, 2, 0):
self.skipTest('Expects iRODS 4.2 server-side configuration')
# server config
server_config_dir = '/etc/irods'
test_re_file = os.path.join(server_config_dir, 'test.re')
server_config_file = os.path.join(server_config_dir,
'server_config.json')
try:
with helpers.file_backed_up(server_config_file):
# make pep rule
test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}"
# write pep rule into test_re
with open(test_re_file, 'w') as f:
f.write(test_rule)
# make new server configuration with additional re file
new_server_config = self.make_new_server_config_json(
server_config_file)
# repave the existing server_config.json to add test_re
with open(server_config_file, 'w') as f:
f.write(new_server_config)
# must make a new connection for the agent to pick up the
# updated configuration
self.sess.cleanup()
# test object
collection = self.coll_path
filename = 'checksum_test_file'
obj_path = "{collection}/{filename}".format(**locals())
contents = 'blah' * 100
checksum = base64.b64encode(
hashlib.sha256(contents).digest()).decode()
# make object in test collection
obj = helpers.make_object(self.sess, obj_path, contents)
# verify object's checksum
self.assertEqual(obj.checksum,
"sha2:{checksum}".format(**locals()))
# cleanup
os.unlink(test_re_file)
except IOError as e:
# a likely fail scenario
if e.errno == 13:
self.fail("No permission to modify server configuration")
raise
except:
raise
def test_ssl_with_server_verify_set_to_none_281(self):
env_file = os.path.expanduser('~/.irods/irods_environment.json')
with helpers.file_backed_up(env_file):
with open(env_file) as env_file_handle:
env = json.load(env_file_handle)
env.update({
"irods_client_server_negotiation":
"request_server_negotiation",
"irods_client_server_policy": "CS_NEG_REQUIRE",
"irods_ssl_ca_certificate_file":
"/path/to/some/file.crt", # does not need to exist
"irods_ssl_verify_server": "none",
"irods_encryption_key_size": 32,
"irods_encryption_salt_size": 8,
"irods_encryption_num_hash_rounds": 16,
"irods_encryption_algorithm": "AES-256-CBC"
})
with open(env_file, 'w') as f:
json.dump(env, f)
with helpers.make_session() as session:
session.collections.get(
'/{session.zone}/home/{session.username}'.format(
**locals()))
def test_put_file_trigger_pep(self):
# skip if server is remote
if self.sess.host not in ('localhost', socket.gethostname()):
self.skipTest('Requires access to server-side file(s)')
# skip if server is older than 4.2
if self.sess.server_version < (4, 2, 0):
self.skipTest('Expects iRODS 4.2 server-side configuration')
# server config
server_config_dir = '/etc/irods'
test_re_file = os.path.join(server_config_dir, 'test.re')
server_config_file = os.path.join(server_config_dir,
'server_config.json')
try:
with helpers.file_backed_up(server_config_file):
# make pep rule
test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}"
# write pep rule into test_re
with open(test_re_file, 'w') as f:
f.write(test_rule)
# make new server configuration with additional re file
new_server_config = self.make_new_server_config_json(
server_config_file)
# repave the existing server_config.json to add test_re
with open(server_config_file, 'w') as f:
f.write(new_server_config)
# must make a new connection for the agent to pick up the
# updated configuration
self.sess.cleanup()
# make pseudo-random test file
filename = 'test_put_file_trigger_pep.txt'
test_file = os.path.join('/tmp', filename)
contents = ''.join(
random.choice(string.printable) for _ in range(1024))
with open(test_file, 'wb') as f:
f.write(contents)
# compute test file's checksum
checksum = base64.b64encode(
hashlib.sha256(contents).digest()).decode()
# put object in test collection
collection = self.coll.path
self.sess.data_objects.put(test_file,
'{collection}/'.format(**locals()))
# get object to confirm checksum
obj = self.sess.data_objects.get(
'{collection}/{filename}'.format(**locals()))
# verify object's checksum
self.assertEqual(obj.checksum,
"sha2:{checksum}".format(**locals()))
# cleanup
os.unlink(test_re_file)
os.unlink(test_file)
except IOError as e:
# a likely fail scenario
if e.errno == 13:
self.skipTest("No permission to modify server configuration")
raise
except:
raise
def test_put_file_trigger_pep(self):
# skip if server is remote
if self.sess.host not in ('localhost', socket.gethostname()):
self.skipTest('Requires access to server-side file(s)')
# skip if server is older than 4.2
if self.sess.server_version < (4, 2, 0):
self.skipTest('Expects iRODS 4.2 server-side configuration')
# server config
server_config_dir = '/etc/irods'
test_re_file = os.path.join(server_config_dir, 'test.re')
server_config_file = os.path.join(
server_config_dir, 'server_config.json')
try:
with helpers.file_backed_up(server_config_file):
# make pep rule
test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}"
# write pep rule into test_re
with open(test_re_file, 'w') as f:
f.write(test_rule)
# make new server configuration with additional re file
new_server_config = self.make_new_server_config_json(
server_config_file)
# repave the existing server_config.json to add test_re
with open(server_config_file, 'w') as f:
f.write(new_server_config)
# must make a new connection for the agent to pick up the
# updated configuration
self.sess.cleanup()
# make pseudo-random test file
filename = 'test_put_file_trigger_pep.txt'
test_file = os.path.join('/tmp', filename)
contents = ''.join(random.choice(string.printable) for _ in range(1024))
with open(test_file, 'wb') as f:
f.write(contents)
# compute test file's checksum
checksum = base64.b64encode(hashlib.sha256(contents).digest()).decode()
# put object in test collection
collection = self.coll.path
self.sess.data_objects.put(test_file, '{collection}/'.format(**locals()))
# get object to confirm checksum
obj = self.sess.data_objects.get('{collection}/{filename}'.format(**locals()))
# verify object's checksum
self.assertEqual(obj.checksum, "sha2:{checksum}".format(**locals()))
# cleanup
os.unlink(test_re_file)
os.unlink(test_file)
except IOError as e:
# a likely fail scenario
if e.errno == 13:
self.skipTest("No permission to modify server configuration")
raise
except:
raise
def tst0(self, ssl_opt, auth_opt, env_opt):
auth_opt_explicit = 'native' if auth_opt == '' else auth_opt
verbosity = False
#verbosity='' # -- debug - sanity check by printing out options applied
out = {'': ''}
if env_opt:
with self.setenv('IRODS_ENVIRONMENT_FILE', json_env_fullpath(auth_opt_explicit)) as env_file,\
self.setenv('IRODS_AUTHENTICATION_FILE', secrets_fullpath(auth_opt_explicit)):
cli_env_extras = {} if not (
ssl_opt) else dict(CLIENT_OPTIONS_FOR_SSL)
if auth_opt:
cli_env_extras.update(irods_authentication_scheme=auth_opt)
remove = []
else:
remove = [regex('authentication_')]
with helpers.file_backed_up(env_file):
json_file_update(env_file,
keys_to_delete=remove,
**cli_env_extras)
session = iRODSSession(irods_env_file=env_file)
out = json.load(open(env_file))
self.validate_session(session,
verbose=verbosity,
ssl=ssl_opt)
session.cleanup()
out['ARGS'] = 'no'
else:
session_options = {}
if auth_opt:
session_options.update(authentication_scheme=auth_opt)
if ssl_opt:
SSL_cert = CLIENT_OPTIONS_FOR_SSL[
"irods_ssl_ca_certificate_file"]
session_options.update(ssl_context=ssl.create_default_context(
purpose=ssl.Purpose.SERVER_AUTH,
capath=None,
cadata=None,
cafile=SSL_cert),
**CLIENT_OPTIONS_FOR_SSL)
lookup = self.user_auth_envs[
'.irods.' + ('native' if not (auth_opt) else auth_opt)]
session = iRODSSession(host=gethostname(),
user=lookup['USER'],
zone='tempZone',
password=lookup['PASSWORD'],
port=1247,
**session_options)
out = session_options
self.validate_session(session, verbose=verbosity, ssl=ssl_opt)
session.cleanup()
out['ARGS'] = 'yes'
if verbosity == '':
print('--- ssl:', ssl_opt, '/ auth:', repr(auth_opt), '/ env:',
env_opt)
print(
'--- > ',
json.dumps(
{k: v
for k, v in out.items() if k != 'ssl_context'},
indent=4))
print('---')
