def test_regenerate_user_key(self):
pubkey = "1 2"
privkey = "3 4 5"
donor_key = "6 7"
# Create a user who will be doing the acquiring.
user = maindb.create_user("testuser", "password", "*****@*****.**", "affiliation",
pubkey, privkey, donor_key)
userport = user.usable_vessel_port
vesselcount = 4
# Have every vessel acquisition to the backend request succeed.
calls_results = [True] * vesselcount
mocklib.mock_backend_acquire_vessel(calls_results)
testutil.create_nodes_on_different_subnets(vesselcount, [userport])
# Acquire all vessels on behalf of this user.
all_vessels_list = interface.acquire_vessels(user, vesselcount, 'rand')
# Release 2 vessels.
released_vessels_list = all_vessels_list[:2]
kept_vessels_list = all_vessels_list[2:]
interface.release_vessels(user, released_vessels_list)
# Ensure all of the vessels are marked as having user keys in sync.
for vessel in all_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name)
self.assertTrue(vessel.user_keys_in_sync)
# We expect a single key to be generated through the keygen api (the new
# user public key).
mocklib.mock_keygen_generate_keypair([("55 66", "77 88 99")])
interface.change_user_keys(user, pubkey=None)
# Get a new user object from the database.
user = maindb.get_user(user.username)
# Make sure the user's key changed.
self.assertEqual(user.user_pubkey, "55 66")
self.assertEqual(user.user_privkey, "77 88 99")
# Make sure that all of the vessels the user has access to (and no other
# vessels) are marked as needing user keys to be sync'd.
# Ensure all of the vessels are marked as having user keys in sync.
for vessel in kept_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name)
self.assertFalse(vessel.user_keys_in_sync)
for vessel in released_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name)
self.assertTrue(vessel.user_keys_in_sync)
def change_key(request):
try:
user = _validate_and_get_geniuser(request)
except LoggedInButFailedGetGeniUserError:
return _show_failed_get_geniuser_page(request)
info = ""
if request.method == 'GET':
return render_to_response('control/change_key.html',
{'username' : user.username,
'error_msg' : ""},
context_instance=RequestContext(request))
# This is a POST, so figure out if a file was uploaded or if we are supposed
# to generate a new key for the user.
if request.POST.get('generate', False):
interface.change_user_keys(user, pubkey=None)
msg = "Your new keys have been generated. You should download them now."
return profile(request, msg)
else:
file = request.FILES.get('pubkey', None)
if file is None:
msg = "You didn't select a public key file to upload."
return profile(request, info, msg)
if file.size == 0 or file.size > forms.MAX_PUBKEY_UPLOAD_SIZE:
msg = "Invalid file uploaded. The file size limit is "
msg += str(forms.MAX_PUBKEY_UPLOAD_SIZE) + " bytes."
return profile(request, info, msg)
pubkey = file.read()
try:
validations.validate_pubkey_string(pubkey)
except ValidationError:
msg = "Invalid public key uploaded."
return profile(request, info, msg)
# If we made it here, the uploaded key is good.
interface.change_user_keys(user, pubkey=pubkey)
msg = "Your public key has been successfully changed."
return profile(request, msg)
def change_key(request):
try:
user = _validate_and_get_geniuser(request)
except LoggedInButFailedGetGeniUserError:
return _show_failed_get_geniuser_page(request)
info = ""
if request.method == 'GET':
return render_to_response('control/change_key.html',
{'username' : user.username,
'error_msg' : ""},
context_instance=RequestContext(request))
# This is a POST, so figure out if a file was uploaded or if we are supposed
# to generate a new key for the user.
if request.POST.get('generate', False):
interface.change_user_keys(user, pubkey=None)
msg = "Your new keys have been generated. You should download them now."
return profile(request, msg)
else:
file = request.FILES.get('pubkey', None)
if file is None:
msg = "You didn't select a public key file to upload."
return profile(request, info, msg)
if file.size == 0 or file.size > forms.MAX_PUBKEY_UPLOAD_SIZE:
msg = "Invalid file uploaded. The file size limit is "
msg += str(forms.MAX_PUBKEY_UPLOAD_SIZE) + " bytes."
return profile(request, info, msg)
pubkey = file.read()
try:
validations.validate_pubkey_string(pubkey)
except ValidationError:
msg = "Invalid public key uploaded."
return profile(request, info, msg)
# If we made it here, the uploaded key is good.
interface.change_user_keys(user, pubkey=pubkey)
msg = "Your public key has been successfully changed."
return profile(request, msg)
def set_public_key(pwauth, pubkeystring):
"""
<Purpose>
Sets the user account's public key. This requires authenticating with the
account password rather than the current API key.
<Arguments>
pwauth
An authorization dict that includes a password instead of an apikey.
pubkeystring
The account's new public key.
<Exceptions>
Raises xmlrpclib Fault Objects:
FAULTCODE_INVALIDREQUEST if pubkey is invalid.
<Returns>
None.
"""
geni_user = _pwauth(pwauth)
try:
interface.change_user_keys(geni_user, pubkeystring)
except ValidationError, e:
raise xmlrpclib.Fault(FAULTCODE_INVALIDREQUEST, "Invalid public key: %s" % e)
def set_public_key(pwauth, pubkeystring):
"""
<Purpose>
Sets the user account's public key. This requires authenticating with the
account password rather than the current API key.
<Arguments>
pwauth
An authorization dict that includes a password instead of an apikey.
pubkeystring
The account's new public key.
<Exceptions>
Raises xmlrpclib Fault Objects:
FAULTCODE_INVALIDREQUEST if pubkey is invalid.
<Returns>
None.
"""
geni_user = _pwauth(pwauth)
try:
interface.change_user_keys(geni_user, pubkeystring)
except ValidationError, e:
raise xmlrpclib.Fault(FAULTCODE_INVALIDREQUEST,
"Invalid public key: %s" % e)
def test_set_user_key(self):
pubkey = "1 2"
privkey = "3 4 5"
donor_key = "6 7"
# Create a user who will be doing the acquiring.
user = maindb.create_user("testuser", "password",
"*****@*****.**", "affiliation", pubkey,
privkey, donor_key)
userport = user.usable_vessel_port
vesselcount = 4
# Have every vessel acquisition to the backend request succeed.
calls_results = [True] * vesselcount
mocklib.mock_backend_acquire_vessel(calls_results)
testutil.create_nodes_on_different_subnets(vesselcount, [userport])
# Acquire all vessels on behalf of this user.
all_vessels_list = interface.acquire_vessels(user, vesselcount, 'rand')
# Release 2 vessels.
released_vessels_list = all_vessels_list[:2]
kept_vessels_list = all_vessels_list[2:]
interface.release_vessels(user, released_vessels_list)
# Ensure all of the vessels are marked as having user keys in sync.
for vessel in all_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier,
vessel.name)
self.assertTrue(vessel.user_keys_in_sync)
# We expect no keys to be generated through the keygen api.
mocklib.mock_keygen_generate_keypair([])
interface.change_user_keys(user, pubkey="55 66")
# Get a new user object from the database.
user = maindb.get_user(user.username)
# Make sure the user's key changed.
self.assertEqual(user.user_pubkey, "55 66")
self.assertEqual(user.user_privkey, None)
# Make sure that all of the vessels the user has access to (and no other
# vessels) are marked as needing user keys to be sync'd.
# Ensure all of the vessels are marked as having user keys in sync.
for vessel in kept_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier,
vessel.name)
self.assertFalse(vessel.user_keys_in_sync)
for vessel in released_vessels_list:
# Get a fresh vessel from the db.
vessel = maindb.get_vessel(vessel.node.node_identifier,
vessel.name)
self.assertTrue(vessel.user_keys_in_sync)
