def test_install_done_GET(self):
response = requests.get('%sinstall_done/%s/%s' %
(self.get_proxy_url(), self.recipe.id, 'somefqdn'))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assert_(self.recipe.resource.install_finished is not None)
def test_save_policy(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = put_json(get_server_base() +
'systems/%s/access-policy' % self.system.fqdn, session=s,
data={'rules': [
# keep two existing rules, drop the other
{'id': self.policy.rules[0].id, 'permission': 'view',
'everybody': True, 'user': None, 'group': None},
{'id': self.policy.rules[2].id, 'permission': 'edit_system',
'user': None, 'group': self.privileged_group.group_name},
# .. and add a new rule
{'permission': 'control_system', 'everybody': True,
'user': None, 'group': None},
]})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(len(self.policy.rules), 3)
self.assertEquals(self.policy.rules[0].permission,
SystemPermission.view)
self.assertEquals(self.policy.rules[1].permission,
SystemPermission.edit_system)
self.assertEquals(self.policy.rules[2].permission,
SystemPermission.control_system)
self.assertEquals(self.policy.rules[2].everybody, True)
def test_postreboot(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.postreboot(self.recipe.id)
with session.begin():
session.expire_all()
self.assertEqual(self.system.command_queue[0].action, 'on')
self.assertEqual(self.system.command_queue[1].action, 'off')
def test_save_policy(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = put_json(get_server_base() +
'systems/%s/access-policy' % self.system.fqdn, session=s,
data={'rules': [
# keep two existing rules, drop the other
{'id': self.policy.rules[0].id, 'permission': 'view',
'everybody': True, 'user': None, 'group': None},
{'id': self.policy.rules[2].id, 'permission': 'edit_system',
'user': None, 'group': self.privileged_group.group_name},
# .. and add a new rule
{'permission': 'control_system', 'everybody': True,
'user': None, 'group': None},
]})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(len(self.policy.rules), 3)
self.assertEquals(self.policy.rules[0].permission,
SystemPermission.view)
self.assertEquals(self.policy.rules[1].permission,
SystemPermission.edit_system)
self.assertEquals(self.policy.rules[2].permission,
SystemPermission.control_system)
self.assertEquals(self.policy.rules[2].everybody, True)
def test_xmlrpc_task_stop(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.task_stop(self.recipe.tasks[0].id, 'stop')
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.completed)
def test_modify_attributes_policy(self):
with session.begin():
system1 = data_setup.create_system(shared=False)
system2 = data_setup.create_system(shared=False)
new_owner = data_setup.create_user()
perm = SystemPermission.reserve
user1 = data_setup.create_user()
system1.custom_access_policy.add_rule(perm, user=user1)
system2.custom_access_policy.add_rule(perm, user=user1)
pool = data_setup.create_system_pool(systems=[system1, system2])
user2 = data_setup.create_user()
pool.access_policy.add_rule(perm, user=user2)
run_client(['bkr', 'system-modify',
'--owner', new_owner.user_name,
'--condition', 'Manual',
'--pool-policy', pool.name,
system1.fqdn, system2.fqdn])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertEquals(s.owner.user_name, new_owner.user_name)
self.assertEquals(s.status, SystemStatus.manual)
self.assertFalse(s.active_access_policy.grants(user1, perm))
self.assertTrue(s.active_access_policy.grants(user2, perm))
def test_add_policy_rule(self):
s = requests.Session()
s.post(get_server_base() + 'login',
data={
'user_name': self.owner.user_name,
'password': '******'
}).raise_for_status()
response = post_json(
get_server_base() +
'pools/%s/access-policy/rules/' % self.pool.name,
session=s,
data={
'permission': 'control_system',
'everybody': True,
'user': None,
'group': None
},
)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.pool.access_policy.rules[-1].permission,
SystemPermission.control_system)
self.assertEquals(self.pool.access_policy.rules[-1].everybody,
True)
def test_watchdog_extend_by_fqdn(self):
with session.begin():
lc = data_setup.create_labcontroller()
system = data_setup.create_system(lab_controller=lc)
recipe = data_setup.create_recipe()
data_setup.create_job_for_recipes([recipe])
data_setup.mark_recipe_running(recipe, system=system)
run_client(['bkr', 'watchdog-extend', '--by=600', system.fqdn])
with session.begin():
session.expire_all()
assert_datetime_within(recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() +
datetime.timedelta(seconds=600))
# nonexistent fqdn
try:
run_client(
['bkr', 'watchdog-extend', 'ireallydontexistblah.test.fqdn'])
self.fail('Must raise')
except ClientError as e:
self.assertIn(
'Cannot find any recipe running on ireallydontexistblah.test.fqdn',
e.stderr_output)
def test_postreboot(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.postreboot(self.recipe.id)
with session.begin():
session.expire_all()
self.assertEqual(self.system.command_queue[0].action, 'on')
self.assertEqual(self.system.command_queue[1].action, 'off')
def test_grant_group(self):
with session.begin():
user = data_setup.create_user()
group = data_setup.create_group()
group.add_member(user)
self.assertFalse(
self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
run_client([
'bkr', 'policy-grant', '--system', self.system.fqdn,
'--permission', 'edit_system', '--group', group.group_name
])
with session.begin():
session.expire_all()
self.assertTrue(
self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
# non-existent group
try:
run_client([
'bkr', 'policy-grant', '--system', self.system.fqdn,
'--permission', 'edit_system', '--group', 'idontexist'
])
self.fail('Must fail or die')
except ClientError as e:
self.assertIn("Group 'idontexist' does not exist", e.stderr_output)
def test_update_system_pool(self):
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = patch_json(get_server_base() +
'pools/%s/' % self.pool.name, session=s,
data={'name': 'newname',
'description': 'newdescription',
'owner': {'user_name': self.user.user_name}})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.pool.name, 'newname')
self.assertEquals(self.pool.description, 'newdescription')
self.assertEquals(self.pool.owner.user_name, self.user.user_name)
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.user.user_name,
'password': '******'}).raise_for_status()
response = patch_json(get_server_base() +
'pools/%s/' % self.pool.name, session=s,
data={'name': 'newname',
'description': 'newdescription',
'owner': {'group_name': self.group.group_name}})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEquals(self.pool.owner, self.group)
self.assertFalse(self.pool.owning_user)
def test_add_system_to_pool(self):
with session.begin():
other_system = data_setup.create_system(owner=self.owner)
s = requests.Session()
s.post(get_server_base() + 'login', data={'user_name': self.owner.user_name,
'password': '******'}).raise_for_status()
response = post_json(get_server_base() + 'pools/%s/systems/' % self.pool.name,
session=s, data={'fqdn': other_system.fqdn})
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertItemsEqual(self.pool.systems, [self.system, other_system])
self.assertEquals(self.pool.activity[-1].field_name, 'System')
self.assertEquals(self.pool.activity[-1].action, 'Added')
self.assertEquals(self.pool.activity[-1].new_value, unicode(other_system))
self.assertEquals(other_system.activity[-1].field_name, 'Pool')
self.assertEquals(other_system.activity[-1].action, 'Added')
self.assertEquals(other_system.activity[-1].new_value, unicode(self.pool))
# adding to a pool that doesn't exist is a 404
response = post_json(get_server_base() + 'pools/nosuchpool/systems/',
session=s, data={'fqdn': other_system.fqdn})
self.assertEquals(response.status_code, 404)
self.assertEquals(response.text, 'System pool nosuchpool does not exist')
# adding a system that doesn't exist is a 400
response = post_json(get_server_base() + 'pools/%s/systems/' % self.pool.name,
session=s, data={'fqdn': 'nosuchsystem'})
self.assertEquals(response.status_code, 400)
self.assertEquals(response.text, "System 'nosuchsystem' does not exist")
def test_modify_attributes_policy(self):
with session.begin():
system1 = data_setup.create_system(shared=False)
system2 = data_setup.create_system(shared=False)
new_owner = data_setup.create_user()
perm = SystemPermission.reserve
user1 = data_setup.create_user()
system1.custom_access_policy.add_rule(perm, user=user1)
system2.custom_access_policy.add_rule(perm, user=user1)
pool = data_setup.create_system_pool(systems=[system1, system2])
user2 = data_setup.create_user()
pool.access_policy.add_rule(perm, user=user2)
run_client([
'bkr', 'system-modify', '--owner', new_owner.user_name,
'--condition', 'Manual', '--pool-policy', pool.name, system1.fqdn,
system2.fqdn
])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertEquals(s.owner.user_name, new_owner.user_name)
self.assertEquals(s.status, SystemStatus.manual)
self.assertFalse(s.active_access_policy.grants(user1, perm))
self.assertTrue(s.active_access_policy.grants(user2, perm))
def test_200(self):
check_all_trees(ignore_errors=True)
with session.begin():
session.expire_all()
# The working tree should not be expired.
self.assertTrue(any(dla.lab_controller == self.lc
for dla in self.distro_tree.lab_controller_assocs))
def test_install_start_GET(self):
response = requests.get('%sinstall_start/%s' %
(self.get_proxy_url(), self.recipe.id))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(self.recipe.tasks[0].results[0].path, u'/start')
def test_200(self):
check_all_trees(ignore_errors=True)
with session.begin():
session.expire_all()
# The working tree should not be expired.
self.assertTrue(any(dla.lab_controller == self.lc
for dla in self.distro_tree.lab_controller_assocs))
def test_modify_active_access_policy(self):
with session.begin():
user1 = data_setup.create_user()
perm = SystemPermission.reserve
system1 = data_setup.create_system(shared=False)
system2 = data_setup.create_system(shared=False)
system1.custom_access_policy.add_rule(perm, user=user1)
system2.custom_access_policy.add_rule(perm, user=user1)
pool = data_setup.create_system_pool(systems=[system1, system2])
user2 = data_setup.create_user()
pool.access_policy.add_rule(perm, user=user2)
# use pool policy
run_client(['bkr', 'system-modify',
'--pool-policy', pool.name,
system1.fqdn, system2.fqdn])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertFalse(s.active_access_policy.grants(user1, perm))
self.assertTrue(s.active_access_policy.grants(user2, perm))
self.assertEquals(s.activity[-1].field_name, u'Active Access Policy')
self.assertEquals(s.activity[-1].action, u'Changed')
self.assertEquals(s.activity[-1].old_value, 'Custom Access Policy')
self.assertEquals(s.activity[-1].new_value,'Pool policy: %s' % pool.name)
# system not in a pool
try:
run_client(['bkr', 'system-modify',
'--pool-policy', data_setup.create_system_pool().name,
system1.fqdn])
except ClientError as e:
self.assertIn('To use a pool policy, the system must be in the pool first',
e.stderr_output)
# Revert to custom policy
run_client(['bkr', 'system-modify',
'--use-custom-policy',
system1.fqdn, system2.fqdn])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertTrue(s.active_access_policy.grants(user1, perm))
self.assertFalse(s.active_access_policy.grants(user2, perm))
# insufficient permission to change active policy
with session.begin():
user1 = data_setup.create_user(password='******')
try:
run_client(['bkr', 'system-modify',
'--use-custom-policy',
'--user', user1.user_name,
'--password', 'abc',
system1.fqdn])
self.fail('Must raise')
except ClientError as e:
self.assertIn('Cannot edit system access policy',
e.stderr_output)
def test_install_start_GET(self):
response = requests.get('%sinstall_start/%s' %
(self.get_proxy_url(), self.recipe.id))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(self.recipe.tasks[0].results[0].path, u'/start')
def test_start_and_complete_external_task(self):
# Alternative harnesses which support external tasks can report back
# the name and version of the task after they fetch it.
task_url = '%srecipes/%s/tasks/%s/' % (self.get_proxy_url(),
self.recipe.id, self.recipe.tasks[2].id)
name = '/external/example'
version = '3.14-1'
response = requests.patch(task_url, data=dict(status='Running',
name=name, version=version))
self.assertEquals(response.status_code, 200)
json = response.json()
self.assertEquals(json['status'], 'Running')
self.assertEquals(json['name'], name)
self.assertEquals(json['version'], version)
with session.begin():
session.expire_all()
task = self.recipe.tasks[2]
self.assertEquals(task.status, TaskStatus.running)
self.assertEquals(task.name, name)
self.assertEquals(task.version, version)
response = requests.patch(task_url, data=dict(status='Completed'))
self.assertEquals(response.status_code, 200)
self.assertEquals(response.json()['status'], 'Completed')
with session.begin():
session.expire_all()
task = self.recipe.tasks[2]
self.assertEquals(task.status, TaskStatus.completed)
def test_start_and_complete_external_task(self):
# Alternative harnesses which support external tasks can report back
# the name and version of the task after they fetch it.
task_url = '%srecipes/%s/tasks/%s/' % (
self.get_proxy_url(), self.recipe.id, self.recipe.tasks[2].id)
name = '/external/example'
version = '3.14-1'
response = requests.patch(task_url,
data=dict(status='Running',
name=name,
version=version))
self.assertEquals(response.status_code, 200)
json = response.json()
self.assertEquals(json['status'], 'Running')
self.assertEquals(json['name'], name)
self.assertEquals(json['version'], version)
with session.begin():
session.expire_all()
task = self.recipe.tasks[2]
self.assertEquals(task.status, TaskStatus.running)
self.assertEquals(task.name, name)
self.assertEquals(task.version, version)
response = requests.patch(task_url, data=dict(status='Completed'))
self.assertEquals(response.status_code, 200)
self.assertEquals(response.json()['status'], 'Completed')
with session.begin():
session.expire_all()
task = self.recipe.tasks[2]
self.assertEquals(task.status, TaskStatus.completed)
def test_postreboot_GET(self):
response = requests.get('%spostreboot/%s' %
(self.get_proxy_url(), self.recipe.id))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(self.system.command_queue[0].action, 'reboot')
def test_xmlrpc_task_stop(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.task_stop(self.recipe.tasks[0].id, 'stop')
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.completed)
def test_watchdog_extend_by_plain_task_id(self):
run_client(['bkr','watchdog-extend', '--by=600', str(self.recipe.tasks[0].id)])
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() + datetime.timedelta(seconds=600))
def test_successfully_deleted(self):
response = self.s.delete(get_server_base() + 'powertypes/%s' % self.powertype.id)
response.raise_for_status()
with session.begin():
session.expire_all()
with self.assertRaises(NoResultFound):
PowerType.by_name(self.powertype_name)
def test_xmlrpc_task_abort(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.task_stop(self.recipe.tasks[0].id, 'abort', 'fooed the bar up')
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.aborted)
self.assertEquals(task.results[-1].log, u'fooed the bar up')
def test_xmlrpc_extend_watchdog(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
result_id = s.extend_watchdog(self.recipe.tasks[0].id, 600)
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() + datetime.timedelta(seconds=600))
def test_install_done_GET(self):
response = requests.get(
'%sinstall_done/%s/%s' %
(self.get_proxy_url(), self.recipe.id, 'somefqdn'))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assert_(self.recipe.resource.install_finished is not None)
def test_postreboot_GET(self):
response = requests.get('%spostreboot/%s' %
(self.get_proxy_url(), self.recipe.id))
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(self.system.command_queue[0].action, 'on')
self.assertEqual(self.system.command_queue[1].action, 'off')
def test_xmlrpc_task_abort(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
s.task_stop(self.recipe.tasks[0].id, 'abort', 'fooed the bar up')
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.aborted)
self.assertEquals(task.results[-1].log, u'fooed the bar up')
def test_remove_account(self):
with session.begin():
user = data_setup.create_user()
job = data_setup.create_job(owner=user)
data_setup.mark_job_running(job)
owned_system = data_setup.create_system(owner=user)
loaned_system = data_setup.create_system()
loaned_system.loaned = user
reserved_system = data_setup.create_system(
status=SystemStatus.manual)
reserved_system.reserve_manually(service=u'testdata', user=user)
reserved_system.custom_access_policy.add_rule(
SystemPermission.reserve, user=user)
group = data_setup.create_group(owner=user)
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'removed': 'now'},
session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertIsNotNone(user.removed)
# running jobs should be cancelled
job.update_status()
self.assertEquals(job.status, TaskStatus.cancelled)
self.assertIn('User %s removed' % user.user_name,
job.recipesets[0].recipes[0].tasks[0].results[0].log)
# reservations should be released
self.assertIsNone(reserved_system.user)
# loans should be returned
self.assertIsNone(loaned_system.loaned)
# access policy rules should be removed
self.assertEqual([], [
rule for rule in reserved_system.custom_access_policy.rules
if rule.user == user
])
self.assertEqual(reserved_system.activity[0].field_name,
u'Access Policy Rule')
self.assertEqual(reserved_system.activity[0].action, u'Removed')
self.assertEqual(reserved_system.activity[0].old_value,
u'<grant reserve to %s>' % user.user_name)
# systems owned by the user should be transferred to the caller
self.assertEqual(owned_system.owner.user_name,
data_setup.ADMIN_USER)
self.assertEqual(owned_system.activity[0].field_name, u'Owner')
self.assertEqual(owned_system.activity[0].action, u'Changed')
self.assertEqual(owned_system.activity[0].old_value,
user.user_name)
self.assertEqual(owned_system.activity[0].new_value,
data_setup.ADMIN_USER)
# group membership/ownership should be removed
self.assertNotIn(group, user.groups)
self.assertNotIn(user, group.users)
self.assertFalse(group.has_owner(user))
self.assertEqual(group.activity[-1].field_name, u'User')
self.assertEqual(group.activity[-1].action, u'Removed')
self.assertEqual(group.activity[-1].old_value, user.user_name)
def test_remove_account(self):
with session.begin():
user = data_setup.create_user()
job = data_setup.create_job(owner=user)
data_setup.mark_job_running(job)
owned_system = data_setup.create_system(owner=user)
loaned_system = data_setup.create_system()
loaned_system.loaned = user
reserved_system = data_setup.create_system(status=SystemStatus.manual)
reserved_system.reserve_manually(service=u'testdata', user=user)
reserved_system.custom_access_policy.add_rule(
SystemPermission.reserve, user=user)
owned_pool = data_setup.create_system_pool(owning_user=user)
group = data_setup.create_group(owner=user)
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'removed': 'now'}, session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertIsNotNone(user.removed)
# running jobs should be cancelled
job.update_status()
self.assertEquals(job.status, TaskStatus.cancelled)
self.assertIn('User %s removed' % user.user_name,
job.recipesets[0].recipes[0].tasks[0].results[0].log)
# reservations should be released
self.assertIsNone(reserved_system.user)
# loans should be returned
self.assertIsNone(loaned_system.loaned)
# access policy rules should be removed
self.assertEqual([],
[rule for rule in reserved_system.custom_access_policy.rules
if rule.user == user])
self.assertEqual(reserved_system.activity[0].field_name, u'Access Policy Rule')
self.assertEqual(reserved_system.activity[0].action, u'Removed')
self.assertEqual(reserved_system.activity[0].old_value,
u'User:%s:reserve' % user.user_name)
# systems owned by the user should be transferred to the caller
self.assertEqual(owned_system.owner.user_name, data_setup.ADMIN_USER)
self.assertEqual(owned_system.activity[0].field_name, u'Owner')
self.assertEqual(owned_system.activity[0].action, u'Changed')
self.assertEqual(owned_system.activity[0].old_value, user.user_name)
self.assertEqual(owned_system.activity[0].new_value, data_setup.ADMIN_USER)
# pools owned by the user should be transferred to the caller
self.assertEqual(owned_pool.owner.user_name, data_setup.ADMIN_USER)
self.assertEqual(owned_pool.activity[0].field_name, u'Owner')
self.assertEqual(owned_pool.activity[0].action, u'Changed')
self.assertEqual(owned_pool.activity[0].old_value, user.user_name)
self.assertEqual(owned_pool.activity[0].new_value, data_setup.ADMIN_USER)
# group membership/ownership should be removed
self.assertNotIn(group, user.groups)
self.assertNotIn(user, group.users)
self.assertFalse(group.has_owner(user))
self.assertEqual(group.activity[-1].field_name, u'User')
self.assertEqual(group.activity[-1].action, u'Removed')
self.assertEqual(group.activity[-1].old_value, user.user_name)
def test_change_condition(self):
with session.begin():
system = data_setup.create_system(status=SystemStatus.automated)
run_client(['bkr', 'system-modify', '--condition=Manual', system.fqdn])
with session.begin():
session.expire_all()
self.assertEquals(system.status, SystemStatus.manual)
self.assertEquals(system.activity[0].field_name, u'Status')
self.assertEquals(system.activity[0].new_value, u'Manual')
def check_result(self, result_id, result_type, path, score, log):
with session.begin():
session.expire_all()
result = self.recipe.tasks[0].results[0]
self.assertEquals(result.id, result_id)
self.assertEquals(result.result, result_type)
self.assertEquals(result.path, path)
self.assertEquals(result.score, score)
self.assertEquals(result.log, log)
def test_active_access_policy_selection(self):
with session.begin():
user = data_setup.create_user()
owner = data_setup.create_user(password='******')
system = data_setup.create_system(owner=owner)
data_setup.create_system_pool(systems=[system])
pool2 = data_setup.create_system_pool(systems=[system])
pool2.access_policy.add_rule(user=user,
permission=SystemPermission.edit_system)
b = self.browser
login(b, owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# Currently the system is using its custom access policy
self.assertTrue(pane.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_selected())
# change to pool policy
pane.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').click()
Select(pane.find_element_by_name('pool_name')).select_by_visible_text(pool2.name)
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# wait for the request to complete
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
# check if the policy change has persisted
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
self.assertTrue(b.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').is_selected())
selected_options = Select(b.find_element_by_name('pool_name')).\
all_selected_options
self.assertTrue(len(selected_options), 1)
self.assertEquals(selected_options[0].text, pool2.name)
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_selected())
with session.begin():
session.expire_all()
self.assertTrue(system.active_access_policy.grants(user,
SystemPermission.edit_system))
logout(b)
# no change allowed when not logged in/no right privileges
b.get(get_server_base() + 'view/%s/' % system.fqdn)
b.find_element_by_link_text('Access Policy').click()
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use policy from pool:")]'
'/input[@type="radio"]').is_enabled())
selected_options = Select(b.find_element_by_name('pool_name')). \
all_selected_options
self.assertEquals(selected_options[0].text, pool2.name)
self.assertFalse(b.find_element_by_xpath(
'//label[contains(string(.), "Use custom access policy")]'
'/input[@type="radio"]').is_enabled())
def test_watchdog_extend_by_recipe_task(self):
run_client(
['bkr', 'watchdog-extend', '--by=600', self.recipe.tasks[0].t_id])
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() +
datetime.timedelta(seconds=600))
def test_xmlrpc_extend_watchdog(self):
s = xmlrpclib.ServerProxy(self.get_proxy_url())
result_id = s.extend_watchdog(self.recipe.tasks[0].id, 600)
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() +
datetime.timedelta(seconds=600))
def test_successfully_deleted(self):
response = self.s.delete(get_server_base() +
'powertypes/%s' % self.powertype.id)
response.raise_for_status()
with session.begin():
session.expire_all()
with self.assertRaises(NoResultFound):
PowerType.by_name(self.powertype_name)
def check_result(self, result_id, result_type, path, score, log):
with session.begin():
session.expire_all()
result = self.recipe.tasks[0].results[0]
self.assertEquals(result.id, result_id)
self.assertEquals(result.result, result_type)
self.assertEquals(result.path, path)
self.assertEquals(result.score, score)
self.assertEquals(result.log, log)
def test_change_condition(self):
with session.begin():
system = data_setup.create_system(status=SystemStatus.automated)
run_client(['bkr', 'system-modify', '--condition=Manual', system.fqdn])
with session.begin():
session.expire_all()
self.assertEquals(system.status, SystemStatus.manual)
self.assertEquals(system.activity[0].field_name, u'Status')
self.assertEquals(system.activity[0].new_value, u'Manual')
def test_POST_watchdog(self):
watchdog_url = '%srecipes/%s/watchdog' % (self.get_proxy_url(),
self.recipe.id)
response = requests.post(watchdog_url, data=dict(seconds=600))
self.assertEquals(response.status_code, 204)
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() + datetime.timedelta(seconds=600))
def test_grant_everybody(self):
with session.begin():
user = data_setup.create_user()
self.assertFalse(self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
run_client(['bkr', 'policy-grant', '--system', self.system.fqdn,
'--permission', 'edit_system', '--everybody'])
with session.begin():
session.expire_all()
self.assertTrue(self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
def test_POST_task_abort(self):
status_url = '%srecipes/%s/tasks/%s/status' % (self.get_proxy_url(),
self.recipe.id, self.recipe.tasks[0].id)
response = requests.post(status_url, data=dict(status='Aborted',
message='fooed the bar up'))
self.assertEquals(response.status_code, 204)
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.aborted)
self.assertEquals(task.results[-1].log, u'fooed the bar up')
def test_404(self):
with session.begin():
distro_tree = data_setup.create_distro_tree(
lab_controllers=[self.lc],
urls=['http://localhost:19998/error/404'])
check_all_trees(ignore_errors=True)
with session.begin():
session.expire_all()
# The distro tree should be expired.
self.assertFalse(any(dla.lab_controller == self.lc
for dla in distro_tree.lab_controller_assocs))
def test_disable_user(self):
with session.begin():
user = data_setup.create_user()
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'disabled': True}, session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertTrue(user.disabled)
def test_update_display_name(self):
with session.begin():
user = data_setup.create_user(display_name=u'Frodo Baggins')
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'display_name': u'Frodo Gamgee'}, session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(user.display_name, u'Frodo Gamgee')
def test_error_when_deleting_referenced_power_type(self):
with session.begin():
system = data_setup.create_system()
power_type = system.power.power_type
response = self.s.delete(get_server_base() + 'powertypes/%s' % power_type.id)
self.assertEqual(400, response.status_code)
with session.begin():
session.expire_all()
self.assertTrue(session.query(PowerType).filter_by(
name=power_type.name).count())
def test_update_email_address(self):
with session.begin():
user = data_setup.create_user(email_address=u'*****@*****.**')
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'email_address': u'*****@*****.**'}, session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertEqual(user.email_address, u'*****@*****.**')
def test_set_root_password(self):
with session.begin():
user = data_setup.create_user()
s = requests.Session()
requests_login(s)
response = patch_json(get_server_base() + 'users/%s' % user.user_name,
data={'root_password': u'D6BeK7Cq9a4M'}, session=s)
response.raise_for_status()
with session.begin():
session.expire_all()
self.assertIsNotNone(user._root_password)
def test_POST_watchdog(self):
watchdog_url = '%srecipes/%s/watchdog' % (self.get_proxy_url(),
self.recipe.id)
response = requests.post(watchdog_url, data=dict(seconds=600))
self.assertEquals(response.status_code, 204)
with session.begin():
session.expire_all()
assert_datetime_within(self.recipe.watchdog.kill_time,
tolerance=datetime.timedelta(seconds=10),
reference=datetime.datetime.utcnow() +
datetime.timedelta(seconds=600))
def test_grant_everybody(self):
with session.begin():
user = data_setup.create_user()
self.assertFalse(self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
run_client(['bkr', 'policy-grant', '--system', self.system.fqdn,
'--permission', 'edit_system', '--everybody'])
with session.begin():
session.expire_all()
self.assertTrue(self.system.custom_access_policy.grants(
user, SystemPermission.edit_system))
def test_user_can_reset_their_own_password(self):
b = self.browser
login(b, user=self.user.user_name, password='******')
b.get(get_server_base() + 'users/%s' % self.user.user_name)
password_form = b.find_element_by_xpath('//div[@class="password-reset"]//form')
password_form.find_element_by_name('password').send_keys('newpass')
password_form.submit()
b.find_element_by_xpath('//h4[text()="Password has been reset"]')
with session.begin():
session.expire_all()
self.assertTrue(self.user.check_password(u'newpass'))
def test_404(self):
with session.begin():
distro_tree = data_setup.create_distro_tree(
lab_controllers=[self.lc],
urls=['http://localhost:19998/error/404'])
check_all_trees(ignore_errors=True)
with session.begin():
session.expire_all()
# The distro tree should be expired.
self.assertFalse(any(dla.lab_controller == self.lc
for dla in distro_tree.lab_controller_assocs))
def test_modify_active_access_policy(self):
with session.begin():
user1 = data_setup.create_user()
perm = SystemPermission.reserve
system1 = data_setup.create_system(shared=False)
system2 = data_setup.create_system(shared=False)
system1.custom_access_policy.add_rule(perm, user=user1)
system2.custom_access_policy.add_rule(perm, user=user1)
pool = data_setup.create_system_pool(systems=[system1, system2])
user2 = data_setup.create_user()
pool.access_policy.add_rule(perm, user=user2)
# use pool policy
run_client([
'bkr', 'system-modify', '--pool-policy', pool.name, system1.fqdn,
system2.fqdn
])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertFalse(s.active_access_policy.grants(user1, perm))
self.assertTrue(s.active_access_policy.grants(user2, perm))
self.assertEquals(s.activity[-1].field_name,
u'Active Access Policy')
self.assertEquals(s.activity[-1].action, u'Changed')
self.assertEquals(s.activity[-1].old_value,
'Custom access policy')
self.assertEquals(s.activity[-1].new_value,
'Pool policy: %s' % pool.name)
# system not in a pool
try:
run_client([
'bkr', 'system-modify', '--pool-policy',
data_setup.create_system_pool().name, system1.fqdn
])
except ClientError as e:
self.assertIn(
'To use a pool policy, the system must be in the pool first',
e.stderr_output)
# Revert to custom policy
run_client([
'bkr', 'system-modify', '--use-custom-policy', system1.fqdn,
system2.fqdn
])
with session.begin():
session.expire_all()
for s in [system1, system2]:
self.assertTrue(s.active_access_policy.grants(user1, perm))
self.assertFalse(s.active_access_policy.grants(user2, perm))
def test_POST_task_abort(self):
status_url = '%srecipes/%s/tasks/%s/status' % (
self.get_proxy_url(), self.recipe.id, self.recipe.tasks[0].id)
response = requests.post(status_url,
data=dict(status='Aborted',
message='fooed the bar up'))
self.assertEquals(response.status_code, 204)
with session.begin():
session.expire_all()
task = self.recipe.tasks[0]
self.assertEquals(task.status, TaskStatus.aborted)
self.assertEquals(task.results[-1].log, u'fooed the bar up')