def test_role_create():
response = session.get(base_url + '/role/create')
assert response.json() == ErrorCodes.user['unspecifiedError']['result']
role = {
'name': 'TestRole',
'version': '1.0',
'applicationIds': ['firefox'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': []
}
response = session.get(base_url + '/role/create',
params={
'role': json.dumps(role),
'unitySize': '8GB'
})
print(response.json())
assert set(response.json().keys()) == set(['id', 'name'])
role_id = response.json()['id']
time.sleep(1)
role = inst.get_obj('cid',
role_id,
objectClass='OpenLDAProle',
throw_error=True)
assert role != ()
ldap_tools.parse_ldap(role)
# TODO: Make sure loops like these don't continue forever.
while (role['state'] == 'CREATING'):
time.sleep(5)
role = inst.get_obj('cid', role_id, objectClass='OpenLDAProle')
ldap_tools.parse_ldap(role)
assert role['state'] == 'CREATED'
# TODO: Verify that the assembler has been run
assert os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(role['id']))
inst.del_obj('cid',
role['id'],
objectClass='OpenLDAPvirtue',
throw_error=True)
result = query_elasticsearch_with_timeout([('user', settings['user']),
('real_func_name',
'admin_role_create')])
assert 'hits' in result and 'total' in result[
'hits'] and result['hits']['total'] > 0
subprocess.check_call([
'sudo', 'rm', ('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(role['id'])
])
def teardown_module():
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
user['authorizedRoleIds'].remove('usertestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
inst.del_obj('cid',
'usertestrole0',
objectClass='OpenLDAProle',
throw_error=True)
inst.del_obj('cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
def setup_module():
global inst
global ep
inst = LDAP('', '')
dn = 'cn=admin,dc=canvas,dc=virtue,dc=com'
inst.get_ldap_connection()
inst.conn.simple_bind_s(dn, 'Test123!')
ep = EndPoint('slapd', 'Test123!')
ep.inst = inst
role = {
'id': 'usertestrole0',
'name': 'UserTestRole',
'version': '1.0',
'applicationIds': ['firefox'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': []
}
virtue = {
'id': 'usertestvirtue0',
'username': '******',
'roleId': 'usertestrole0',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_role = ldap_tools.to_ldap(role, 'OpenLDAProle')
inst.add_obj(ldap_role, 'roles', 'cid', throw_error=True)
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
if ('usertestrole0' not in user['authorizedRoleIds']):
user['authorizedRoleIds'].append('usertestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
def test_virtue_create():
subprocess.check_call([
'sudo', 'rsync', '/mnt/efs/images/unities/8GB.img',
('/mnt/efs/images/non_provisioned_virtues/'
'admintestrole0.img')
])
assert json.dumps(ErrorCodes.admin['invalidUsername']) == ep.virtue_create(
'DoesNotExist', 'admintestrole0')
assert json.dumps(ErrorCodes.admin['invalidRoleId']) == ep.virtue_create(
'slapd', 'DoesNotExist')
assert json.dumps(
ErrorCodes.admin['userNotAlreadyAuthorized']) == ep.virtue_create(
'slapd', 'emptyrole')
result = json.loads(ep.virtue_create('slapd', 'admintestrole0'))
assert set(result.keys()) == set(['id', 'ipAddress'])
global test_virtue_id
test_virtue_id = result['id']
time.sleep(1)
ldap_virtue = inst.get_obj('cid',
result['id'],
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(ldap_virtue)
assert ldap_virtue['username'] == 'slapd'
assert ldap_virtue['state'] == 'CREATING'
# TODO: Make sure loops like these don't continue forever.
while (ldap_virtue['state'] == 'CREATING'):
time.sleep(5)
ldap_virtue = inst.get_obj('cid', result['id'])
ldap_tools.parse_ldap(ldap_virtue)
assert ldap_virtue['state'] == 'STOPPED'
assert os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'{0}.img').format(result['id']))
assert json.dumps(
ErrorCodes.user['virtueAlreadyExistsForRole']) == ep.virtue_create(
'slapd', 'admintestrole0')
inst.del_obj('cid',
result['id'],
objectClass='OpenLDAPvirtue',
throw_error=True)
def teardown_module():
inst.del_obj(
'cid', 'admintestrole0', objectClass='OpenLDAProle', throw_error=True)
inst.del_obj(
'cid', 'admintestvirtue0', objectClass='OpenLDAPvirtue', throw_error=True)
if os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'admintestrole0.img')):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/non_provisioned_virtues/'
'admintestrole0.img')])
if os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'admintestvirtue0.img')):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/provisioned_virtues/'
'admintestvirtue0.img')])
if test_role_id is not None:
inst.del_obj('cid', test_role_id,
objectClass='OpenLDAProle', throw_error=True)
if os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(test_role_id)):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(test_role_id)])
if test_virtue_id is not None:
inst.del_obj('cid', test_virtue_id,
objectClass='OpenLDAPvirtue', throw_error=True)
if os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'{0}.img').format(test_virtue_id)):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/provisioned_virtues/'
'{0}.img').format(test_virtue_id)])
user = inst.get_obj(
'cusername', 'slapd', objectClass='OpenLDAPuser', throw_error=True)
ldap_tools.parse_ldap(user)
user['authorizedRoleIds'].remove('admintestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj(
'cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
def test_application_calls():
# application_get
assert json.dumps(ErrorCodes.user['invalidId']) == ep.application_get(
'slapd', 'DoesNotExist')
assert json.dumps(
ErrorCodes.user['userNotAuthorized']) == ep.application_get(
'slapd', 'terminal')
app = json.loads(ep.application_get('slapd', 'firefox'))
real_app = inst.get_obj(
'cid', 'firefox', objectClass='OpenLDAPapplication', throw_error=True)
ldap_tools.parse_ldap(real_app)
assert app == real_app
def setup_module():
global inst
global ep
global test_role_id
global test_virtue_id
inst = LDAP('', '')
dn = 'cn=admin,dc=canvas,dc=virtue,dc=com'
inst.get_ldap_connection()
inst.conn.simple_bind_s(dn, 'Test123!')
ep = EndPoint_Admin('slapd', 'Test123!')
ep.inst = inst
role = {
'id': 'admintestrole0',
'name': 'AdminTestRole',
'version': '1.0',
'applicationIds': ['firefox'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': []
}
ldap_role = ldap_tools.to_ldap(role, 'OpenLDAProle')
inst.add_obj(ldap_role, 'roles', 'cid', throw_error=True)
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
if ('admintestrole0' not in user['authorizedRoleIds']):
user['authorizedRoleIds'].append('admintestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
# set to satisfy pytest when listing tests
test_role_id = None
test_virtue_id = None
def test_user_calls():
# user_list
user_list = ep.user_list()
ldap_user_list = inst.get_objs_of_type('OpenLDAPuser')
real_user_list = ldap_tools.parse_ldap_list(ldap_user_list)
assert user_list == json.dumps(real_user_list)
# user_get
assert json.dumps(
ErrorCodes.admin['invalidUsername']) == ep.user_get('DoesNotExist')
user = ep.user_get('slapd')
ldap_user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
assert ldap_user != ()
ldap_tools.parse_ldap(ldap_user)
assert json.loads(user) == ldap_user
# user_virtue_list
assert json.dumps(
ErrorCodes.admin['invalidUsername']) == ep.user_virtue_list(
'DoesNotExist')
virtue_list = ep.user_virtue_list('slapd')
ldap_virtue_list = inst.get_objs_of_type('OpenLDAPvirtue')
parsed_virtue_list = ldap_tools.parse_ldap_list(ldap_virtue_list)
real_virtue_list = []
for v in parsed_virtue_list:
if (v['username'] == 'slapd'):
real_virtue_list.append(v)
assert json.loads(virtue_list) == real_virtue_list
def test_resource_calls():
# resource_get
assert json.dumps(
ErrorCodes.admin['invalidId']) == ep.resource_get('DoesNotExist')
res = ep.resource_get('fileshare1')
ldap_res = inst.get_obj(
'cid', 'fileshare1', objectClass='OpenLDAPresource', throw_error=True)
assert ldap_res != ()
ldap_tools.parse_ldap(ldap_res)
assert res == json.dumps(ldap_res)
# resource_list
res_list = ep.resource_list()
ldap_res_list = inst.get_objs_of_type('OpenLDAPresource')
real_res_list = ldap_tools.parse_ldap_list(ldap_res_list)
assert res_list == json.dumps(real_res_list)
def test_get_obj():
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
slapd_name = ad_inst.query_ad('cn', 'slapd')[0][1]['sAMAccountName'][0]
assert user == {
'cusername': ['slapd'],
'cauthRoleIds': ['[]'],
'ou': ['virtue'],
'objectClass': ['OpenLDAPuser'],
'name': [json.dumps(slapd_name)]
}
ldap_tools.parse_ldap(user)
assert user == {
'username': '******',
'authorizedRoleIds': [],
'name': slapd_name
}
def test_role_calls():
# role_get
assert json.dumps(ErrorCodes.user['invalidId']) == ep.role_get(
'slapd', 'DoesNotExist')
assert json.dumps(ErrorCodes.user['userNotAuthorized']) == ep.role_get(
'slapd', 'emptyrole')
role = json.loads(ep.role_get('slapd', 'usertestrole0'))
real_role = inst.get_obj('cid',
'usertestrole0',
objectClass='OpenLDAProle',
throw_error=True)
ldap_tools.parse_ldap(real_role)
# role_get also returns an ip address for that user/role's virtue.
# The user shouldn't have one, because virtue_create hasn't been tested/called.
real_role['ipAddress'] = 'NULL'
assert role == real_role
# user_role_list
user = inst.get_obj('cusername', 'slapd', 'OpenLDAPuser', True)
ldap_tools.parse_ldap(user)
roles = json.loads(ep.user_role_list('slapd'))
real_roles = []
for r in user['authorizedRoleIds']:
role = inst.get_obj('cid', r, 'OpenLDAProle', True)
if (role != ()):
ldap_tools.parse_ldap(role)
role['ipAddress'] = 'NULL'
real_roles.append(role)
if (roles != real_roles):
print(roles)
print
print(real_roles)
assert roles == real_roles
assert ep.user_role_list('fpatwa') == json.dumps([])
def test_virtue_calls():
# virtue_get
assert json.dumps(ErrorCodes.user['invalidId']) == ep.virtue_get(
'slapd', 'DoesNotExist')
assert json.dumps(ErrorCodes.user['userNotAuthorized']) == ep.virtue_get(
'fpatwa', 'usertestvirtue0')
virtue = json.loads(ep.virtue_get('slapd', 'usertestvirtue0'))
real_virtue = inst.get_obj(
'cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
real_virtue = {
'id': real_virtue['id'],
'username': real_virtue['username'],
'roleId': real_virtue['roleId'],
'applicationIds': real_virtue['applicationIds'],
'resourceIds': real_virtue['resourceIds'],
'transducerIds': real_virtue['transducerIds'],
'networkRules': real_virtue['networkRules'],
'state': real_virtue['state'],
'ipAddress': real_virtue['ipAddress']
}
assert virtue == real_virtue
# user_virtue_list
virtues = json.loads(ep.user_virtue_list('slapd'))
assert virtues == [real_virtue]
assert ep.user_virtue_list('fpatwa') == json.dumps([])
# virtue_launch
assert (json.dumps(ErrorCodes.user['invalidId']) ==
ep.virtue_launch('slapd', 'DoesNotExist', use_valor=False))
assert (json.dumps(ErrorCodes.user['userNotAuthorized']) ==
ep.virtue_launch('fpatwa', 'usertestvirtue0', use_valor=False))
assert (json.dumps(ErrorCodes.user['success']) ==
ep.virtue_launch('slapd', 'usertestvirtue0', use_valor=False))
real_virtue = inst.get_obj(
'cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
assert 'RUNNING' in real_virtue['state']
# virtue_application_launch
assert (json.dumps(ErrorCodes.user['userNotAuthorized']) ==
ep.virtue_application_launch('fpatwa', 'usertestvirtue0',
'firefox', use_ssh=False))
assert (json.dumps(ErrorCodes.user['invalidVirtueId']) ==
ep.virtue_application_launch('slapd', 'DoesNotExist',
'firefox', use_ssh=False))
assert (json.dumps(ErrorCodes.user['invalidApplicationId']) ==
ep.virtue_application_launch('slapd', 'usertestvirtue0',
'DoesNotExist', use_ssh=False))
assert (json.dumps(ErrorCodes.user['applicationNotInVirtue']) ==
ep.virtue_application_launch('slapd', 'usertestvirtue0',
'terminal', use_ssh=False))
assert (json.dumps(ErrorCodes.user['success']) ==
ep.virtue_application_launch('slapd', 'usertestvirtue0',
'firefox', use_ssh=False))
real_virtue = inst.get_obj(
'cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
assert real_virtue['applicationIds'] == ['firefox']
assert (json.dumps(ErrorCodes.user['applicationAlreadyLaunched']) ==
ep.virtue_application_launch('slapd', 'usertestvirtue0',
'firefox', use_ssh=False))
# virtue_application_stop
assert (json.dumps(ErrorCodes.user['userNotAuthorized']) ==
ep.virtue_application_stop('fpatwa', 'usertestvirtue0',
'firefox', use_ssh=False))
assert (json.dumps(ErrorCodes.user['invalidVirtueId']) ==
ep.virtue_application_stop('slapd', 'DoesNotExist',
'firefox', use_ssh=False))
assert (json.dumps(ErrorCodes.user['invalidApplicationId']) ==
ep.virtue_application_stop('slapd', 'usertestvirtue0',
'DoesNotExist', use_ssh=False))
assert (json.dumps(ErrorCodes.user['applicationNotInVirtue']) ==
ep.virtue_application_stop('slapd', 'usertestvirtue0',
'terminal', use_ssh=False))
assert (json.dumps(ErrorCodes.user['success']) ==
ep.virtue_application_stop('slapd', 'usertestvirtue0',
'firefox', use_ssh=False))
real_virtue = inst.get_obj(
'cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
assert real_virtue['applicationIds'] == []
assert (json.dumps(ErrorCodes.user['applicationAlreadyStopped']) ==
ep.virtue_application_stop('slapd', 'usertestvirtue0',
'firefox', use_ssh=False))
# virtue_stop
assert (json.dumps(ErrorCodes.user['invalidId']) ==
ep.virtue_stop('slapd', 'DoesNotExist', use_valor=False))
assert (json.dumps(ErrorCodes.user['userNotAuthorized']) ==
ep.virtue_stop('fpatwa', 'usertestvirtue0', use_valor=False))
assert (json.dumps(ErrorCodes.user['success']) ==
ep.virtue_stop('slapd', 'usertestvirtue0', use_valor=False))
def test_role_calls():
# role_create
good_role = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': ['firefox', 'thunderbird'],
'startingResourceIds': ['fileshare1'],
'startingTransducerIds': [],
'networkRules': []
}
bad_role_1 = {
'id': 'NotRelevant',
'version': '1.0',
'applicationIds': ['firefox', 'thunderbird'],
'startingResourceIds': ['fileshare1'],
'startingTransducerIds': [],
'networkRules': []
}
bad_role_2 = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': "['firefox', 'thunderbird']",
'startingResourceIds': "['fileshare1']",
'startingTransducerIds': "[]",
'networkRules': []
}
bad_role_3 = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': ['firefox', 'thunderbird', 'DoesNotExist'],
'startingResourceIds': ['fileshare1'],
'startingTransducerIds': [],
'networkRules': []
}
bad_role_4 = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': ['firefox', 'thunderbird'],
'startingResourceIds': ['fileshare1', 'DoesNotExist'],
'startingTransducerIds': [],
'networkRules': []
}
bad_role_5 = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': ['firefox', 'thunderbird'],
'startingResourceIds': ['fileshare1'],
'startingTransducerIds': ['DoesNotExist'],
'networkRules': []
}
bad_role_6 = {
'id': 'NotRelevant',
'name': 'browsing',
'version': '1.0',
'applicationIds': [],
'startingResourceIds': ['fileshare1'],
'startingTransducerIds': ['DoesNotExist'],
'networkRules': []
}
assert json.dumps(ErrorCodes.admin['invalidFormat']) == ep.role_create(
bad_role_1, use_ssh=False)
assert json.dumps(ErrorCodes.admin['invalidFormat']) == ep.role_create(
bad_role_2, use_ssh=False)
assert json.dumps(
ErrorCodes.admin['invalidApplicationId']) == ep.role_create(
bad_role_3, use_ssh=False)
assert json.dumps(ErrorCodes.admin['invalidResourceId']) == ep.role_create(
bad_role_4, use_ssh=False)
assert json.dumps(
ErrorCodes.admin['invalidTransducerId']) == ep.role_create(
bad_role_5, use_ssh=False)
assert json.dumps(
ErrorCodes.admin['NoApplicationId']) == ep.role_create(
bad_role_6, use_ssh=False)
result_role_json = ep.role_create(good_role, use_ssh=False)
result_role = json.loads(result_role_json)
# role create should ignore the ID provided
assert result_role['id'] != 'NotRelevant'
assert result_role == {'id': result_role['id'], 'name': good_role['name']}
good_role['id'] = result_role['id']
good_role['state'] = 'CREATED'
good_role['startingTransducerIds'] = [
'path_mkdir', 'bprm_set_creds', 'task_create', 'task_alloc',
'inode_create', 'socket_connect', 'socket_bind', 'socket_accept',
'socket_listen', 'create_process', 'process_start', 'process_died',
'srv_create_proc', 'open_fd'
]
time.sleep(1)
ldap_role = inst.get_obj('cid', result_role['id'],
objectClass='OpenLDAProle')
assert ldap_role != ()
ldap_tools.parse_ldap(ldap_role)
# TODO: Make sure loops like these don't continue forever.
while (ldap_role['state'] == 'CREATING'):
time.sleep(5)
ldap_role = inst.get_obj('cid', result_role['id'])
ldap_tools.parse_ldap(ldap_role)
assert ldap_role == good_role
assert os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(result_role['id']))
# This will be used in teardown_module()
global test_role_id
test_role_id = result_role['id']
# role_list
role_list = ep.role_list()
ldap_role_list = inst.get_objs_of_type('OpenLDAProle')
real_role_list = ldap_tools.parse_ldap_list(ldap_role_list)
assert role_list == json.dumps(real_role_list)
# user_role_authorize
assert json.dumps(
ErrorCodes.admin['invalidUsername']) == ep.user_role_authorize(
'DoesNotExist', test_role_id)
assert json.dumps(
ErrorCodes.admin['invalidRoleId']) == ep.user_role_authorize(
'slapd', 'DoesNotExist')
assert ep.user_role_authorize('slapd', test_role_id) == json.dumps(
ErrorCodes.admin['success'])
# Make sure LDAP has been updated
user = inst.get_obj(
'cusername', 'slapd', objectClass='OpenLDAPuser', throw_error=True)
ldap_tools.parse_ldap(user)
assert test_role_id in user['authorizedRoleIds']
# Try to authorize twice
assert json.dumps(
ErrorCodes.admin['userAlreadyAuthorized']) == ep.user_role_authorize(
'slapd', test_role_id)
# user_role_unauthorize
assert json.dumps(
ErrorCodes.admin['invalidUsername']) == ep.user_role_unauthorize(
'DoesNotExist', test_role_id)
assert json.dumps(
ErrorCodes.admin['invalidRoleId']) == ep.user_role_unauthorize(
'slapd', 'DoesNotExist')
# Todo: Check return when user is using a virtue
assert ep.user_role_unauthorize('slapd', test_role_id) == json.dumps(
ErrorCodes.admin['success'])
# Make sure LDAP has been updated
user = inst.get_obj(
'cusername', 'slapd', objectClass='OpenLDAPuser', throw_error=True)
ldap_tools.parse_ldap(user)
assert test_role_id not in user['authorizedRoleIds']
# Try to unauthorize twice
assert json.dumps(ErrorCodes.admin[
'userNotAlreadyAuthorized']) == ep.user_role_unauthorize(
'slapd', test_role_id)
def test_virtue_stop():
response = session.get(base_url + '/virtue/stop')
assert response.json() == ErrorCodes.user['unspecifiedError']['result']
rethink_manager = RethinkDbManager()
try:
# 'Create' a Virtue
subprocess.check_call([
'sudo', 'mv', '/mnt/efs/images/tests/8GB.img',
('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_STOP.img')
])
virtue = {
'id': 'TEST_VIRTUE_STOP',
'username': '******',
'roleId': 'TBD',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
# virtue_launch() it
response = session.get(base_url + '/virtue/launch',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(ErrorCodes.user['success'])
rethink_virtue = rethink_manager.get_virtue('TEST_VIRTUE_STOP')
assert type(rethink_virtue) == dict
# virtue_stop() it
response = session.get(base_url + '/virtue/stop',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(ErrorCodes.user['success'])
time.sleep(5)
real_virtue = inst.get_obj('cid',
'TEST_VIRTUE_STOP',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
assert real_virtue['state'] == 'STOPPED'
assert rethink_manager.get_virtue('TEST_VIRTUE_STOP') == None
sysctl_stat = subprocess.call([
'ssh', '-i', key_path, 'ubuntu@' + rethink_virtue['address'], '-o',
'StrictHostKeyChecking=no', 'sudo systemctl status gaius'
],
stdout=subprocess.PIPE)
# errno=3 means that gaius isn't running
assert sysctl_stat == 0
xl_list = subprocess.check_output([
'ssh', '-i', key_path, 'ubuntu@' + rethink_virtue['address'], '-o',
'StrictHostKeyChecking=no', 'sudo xl list'
])
# There shouldn't be a VM running on the valor. If the test's virtue
# isn't the only one that's running, this failure may be a false alarm.
assert xl_list.count('\n') == 2
response = session.get(base_url + '/virtue/stop',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(
ErrorCodes.user['virtueAlreadyStopped']['result'])
result = query_elasticsearch_with_timeout([
('user', settings['user']), ('real_func_name', 'virtue_stop'),
('virtue_id', 'TEST_VIRTUE_STOP')
])
assert 'hits' in result and 'total' in result[
'hits'] and result['hits']['total'] > 0
except:
raise
finally:
inst.del_obj('cid', 'TEST_VIRTUE_STOP', objectClass='OpenLDAPvirtue')
subprocess.check_call([
'sudo', 'mv',
('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_STOP.img'), '/mnt/efs/images/tests/8GB.img'
])
def test_write_to_ldap():
temp_role = {
'id': 'routeradmin',
'name': 'Router Admin',
'applicationIds': ['firefox', 'xterm'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': [],
'version': '1.0'
}
ldap_temp_role = ldap_tools.to_ldap(temp_role, 'OpenLDAProle')
assert ldap_temp_role == {
'objectClass': 'OpenLDAProle',
'ou': 'virtue',
'cid': 'routeradmin',
'name': '"Router Admin"',
'cversion': '"1.0"',
'cappIds': json.dumps(['firefox', 'xterm']),
'cstartResIds': '[]',
'cstartTransIds': '[]',
'cnetRules': '[]'
}
try:
assert 0 == inst.add_obj(ldap_temp_role,
'roles',
'cid',
throw_error=True)
ldap_temp_role_2 = inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
temp_role_2 = copy.deepcopy(ldap_temp_role_2)
ldap_tools.parse_ldap(temp_role_2)
assert temp_role == temp_role_2
ldap_temp_role_2['cversion'] = ['1.1']
assert 0 == inst.modify_obj('cid',
'routeradmin',
ldap_temp_role_2,
objectClass='OpenLDAProle',
throw_error=True)
ldap_temp_role_3 = inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
assert ldap_temp_role_2 == ldap_temp_role_3
assert 0 == inst.del_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
except Exception as e:
inst.del_obj('cid', 'routeradmin', objectClass='OpenLDAProle')
traceback.print_exc()
pass
assert () == inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
