def test_set_password(self, api_client_mgmt, cli, clean_db):
user = {
"password": "******",
"new_password": "******",
"email": "*****@*****.**",
"tenant": TENANT_ONE,
}
users_db = {user["tenant"]: [user["email"]]}
with tenantadm.run_fake_create_user(user):
cli.create_user(user["email"],
user["password"],
tenant_id=user["tenant"])
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(user["email"], user["password"])
assert r.status_code == 200
cli.set_password(user["email"], user["new_password"],
user["tenant"])
status_code = 200
try:
_, r = api_client_mgmt.login(user["email"], user["password"])
except bravado.exception.HTTPError as e:
assert e.response.status_code == 401
status_code = 401
assert status_code == 401
_, r = api_client_mgmt.login(user["email"], user["new_password"])
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims["mender.tenant"] == user["tenant"]
def test_set_password(self, api_client_mgmt, cli, clean_db):
password = '******'
new_password = '******'
email = '*****@*****.**'
tenant = 'tenant1id'
users_db = {tenant: [email]}
cli.create_user(email, password, tenant_id=tenant)
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(email, password)
assert r.status_code == 200
cli.set_password(email, new_password, tenant)
status_code = 200
try:
_, r = api_client_mgmt.login(email, password)
except bravado.exception.HTTPError as e:
assert e.response.status_code == 401
status_code = 401
assert status_code == 401
_, r = api_client_mgmt.login(email, new_password)
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims['mender.tenant'] == tenant
def test_tokens_limit_for_single_user(self, tenant_id, api_client_mgmt,
init_users_mt):
users_db = {
tenant: [user.email for user in users]
for tenant, users in init_users_mt.items()
}
with tenantadm.run_fake_user_tenants(users_db):
self._test_pat_limit(api_client_mgmt, init_users_mt[tenant_id])
def test_tokens_naming_collisions_one_user(self, tenant_id,
api_client_mgmt, init_users_mt):
users_db = {
tenant: [user.email for user in users]
for tenant, users in init_users_mt.items()
}
with tenantadm.run_fake_user_tenants(users_db):
self._test_pat_name_collision_for_one_user(
api_client_mgmt, init_users_mt[tenant_id])
def test_ok(self, tenant_id, api_client_int, api_client_mgmt,
init_users_mt):
token_request = {
"name": "my_personal_access_token",
"expires_in": 3600
}
users_db = {
tenant: [user.email for user in users]
for tenant, users in init_users_mt.items()
}
with tenantadm.run_fake_user_tenants(users_db):
self._do_test_ok(api_client_int, api_client_mgmt,
init_users_mt[tenant_id], token_request)
def test_ok(self, api_client_mgmt, init_users_mt):
password = "******"
users_db = { tenant: [user.email for user in users] \
for tenant, users in init_users_mt.items() }
with tenantadm.run_fake_user_tenants(users_db):
for tenant, users in users_db.items():
for email in users:
_, r = api_client_mgmt.login(email, password)
assert r.status_code == 200
assert r.headers['Content-Type'] == "application/jwt"
_, claims, _ = explode_jwt(r.text)
assert claims['mender.tenant'] == tenant
def test_suspended_tenant(self, api_client_mgmt, init_users_mt):
password = "******"
users_db = { tenant: [user.email for user in users] \
for tenant, users in init_users_mt.items() }
with tenantadm.run_fake_user_tenants(users_db, status='suspended'):
for tenant, users in users_db.items():
try:
for email in users:
_, r = api_client_mgmt.login(email, password)
assert r.status_code == 401
except bravado.exception.HTTPError as herr:
assert herr.response.status_code == 401
assert herr.swagger_result.error == 'tenant account suspended'
def user_tokens_mt_f(init_users_mt_f, api_client_mgmt):
tokens = []
password = "******"
users_db = { tenant: [user.email for user in users] \
for tenant, users in init_users_mt_f.items() }
with tenantadm.run_fake_user_tenants(users_db):
for tenant, users in users_db.items():
for email in users:
_, r = api_client_mgmt.login(email, password)
assert r.status_code == 200
assert r.headers['Content-Type'] == "application/jwt"
tokens.append(r.text)
yield tokens
def test_create_user_login(self, api_client_mgmt, cli, clean_db):
email = '*****@*****.**'
password = '******'
tenant = 'tenant1id'
users_db = {tenant: [email]}
cli.create_user(email, password, tenant_id=tenant)
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(email, password)
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims['mender.tenant'] == tenant
def test_create_user_login(self, api_client_mgmt, cli, clean_db):
user = {"email": "*****@*****.**", "password": "******"}
users_db = {TENANT_ONE: [user["email"]]}
with tenantadm.run_fake_create_user(user):
cli.create_user(user["email"],
user["password"],
tenant_id=TENANT_ONE)
with tenantadm.run_fake_user_tenants(users_db):
_, r = api_client_mgmt.login(user["email"], user["password"])
assert r.status_code == 200
token = r.text
assert token
_, claims, _ = explode_jwt(token)
assert claims["mender.tenant"] == TENANT_ONE
def test_bad_user(self, api_client_mgmt, email, password):
with tenantadm.run_fake_user_tenants({}):
try:
_, r = api_client_mgmt.login(email, password)
except bravado.exception.HTTPError as herr:
assert herr.response.status_code == 401
