def ensure_admin():
"""
This function ensures that there is at least one super user for the system.
If no super users are found, the default admin user (from the pulp config)
is looked up or created and added to the super users role.
"""
super_users = authorization._get_users_belonging_to_role(
authorization._get_role(authorization.super_user_role))
if super_users:
return
default_login = config.config.get('server', 'default_login')
user_manager = UserManager()
admin = user_manager.find_by_login(default_login)
if admin is None:
default_password = config.config.get('server', 'default_password')
admin = user_manager.create_user(login=default_login, password=default_password)
authorization.add_user_to_role(authorization.super_user_role, default_login)
def test_get(self):
# Setup
user_manager = UserManager()
user = user_manager.find_by_login(login='******')
# Test
status, body = self.post('/v2/actions/login/')
# Verify
self.assertEqual(200, status)
certificate = Certificate(content=str(body))
cn = certificate.subject()['CN']
username, id = cert_generator.decode_admin_user(cn)
self.assertEqual(username, user['login'])
self.assertEqual(id, user['id'])
class UserManagerTests(base.PulpServerTests):
def setUp(self):
super(UserManagerTests, self).setUp()
# Hardcoded to /var/lib/pulp, so change here to avoid permissions issues
self.default_sn_path = SerialNumber.PATH
SerialNumber.PATH = '/tmp/sn.dat'
sn = SerialNumber()
sn.reset()
self.manager = UserManager()
def tearDown(self):
super(UserManagerTests, self).tearDown()
SerialNumber.PATH = self.default_sn_path
def clean(self):
base.PulpServerTests.clean(self)
User.get_collection().remove()
def test_generate_user_certificate(self):
# Setup
user_manager = UserManager()
# TODO: Fix this when UserManager can create users
admin_user = user_manager.create_user('test-admin')
principal.set_principal(admin_user) # pretend the user is logged in
# Test
cert = self.manager.generate_user_certificate()
# Verify
self.assertTrue(cert is not None)
certificate = Certificate(content=cert)
cn = certificate.subject()['CN']
username, id = cert_generator.decode_admin_user(cn)
self.assertEqual(username, admin_user['login'])
self.assertEqual(id, admin_user['id'])
def test_create(self):
# Setup
login = '******'
clear_txt_pass = '******'
# Test
user = self.manager.create_user(login, clear_txt_pass,
name = "King of the World",
roles = ['test-role'])
# Verify
self.assertTrue(user is not None)
user = self.manager.find_by_login(login)
self.assertTrue(user is not None)
self.assertNotEqual(clear_txt_pass, user['password'])
def test_duplicate(self):
# Setup
login = '******'
clear_txt_pass = '******'
user = self.manager.create_user(login, clear_txt_pass)
# Test and verify
try:
user = self.manager.create_user(login, clear_txt_pass)
self.fail('User with an existing login did not raise an exception')
except exceptions.DuplicateResource, e:
self.assertTrue(login in e)
print(e) # for coverage