class TestLsCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_ls(self): rc = pynimbusauthz.ls.main([]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.ls.main(["-t", pynimbusauthz.object_type_s3]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.ls.main([self.name[0:-1]]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) def test_fail_ls(self): rc = pynimbusauthz.ls.main(["-p", "nobucket", self.name[0:-1]]) self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc))
def create_user(self, display_name, id, pw, opts): pycb.log(logging.INFO, "===== def create_user of cbAuthzSecurity.py") db_obj = DB(con_str=self.con_str) user = User(db_obj, friendly=display_name) user_alias = user.create_alias(id, "s3", display_name, alias_data=pw) db_obj.commit() db_obj.close()
class TestTouchCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_touch(self): fname = str(uuid.uuid1()) data = str(uuid.uuid1()) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f, None) rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertNotEqual(f, None) def test_bucket_touch(self): fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main(["-t", pynimbusauthz.object_type_s3, self.user1.get_id(), fname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertNotEqual(f, None) def test_under_bucket_touch(self): bname = str(uuid.uuid1()) fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main(["-t", pynimbusauthz.object_type_s3, self.user1.get_id(), bname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.touch.main(["-p", bname, self.user1.get_id(), fname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3) f1 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) self.assertNotEqual(b1, None) self.assertNotEqual(f1, None) def test_bad_opts(self): bname = str(uuid.uuid1()) fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main([bname, data]) self.assertEqual(rc, 32, "CLI should return failure %d" % (rc)) rc = pynimbusauthz.touch.main(["-p", bname, self.user1.get_id(), fname, data]) self.assertEqual(rc, 33, "CLI should return failure %d" % (rc))
def get_user_object_by_access_id(self, access_id): """Get a new connection every time this is called to make sure it is cleaned up""" db = DB(self._cumulus_db) user_alias = User.find_alias(db, access_id) if not user_alias: raise PhantomAWSException('InvalidClientTokenId') l = list(user_alias) db.close() if l < 1: raise PhantomAWSException('InvalidClientTokenId') return PhantomUserObject(access_id, l[0].get_data(), l[0].get_friendly_name())
class TestCommit(unittest.TestCase): def setUp(self): con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic(self): id = uuid.uuid1() user1 = User(self.db, id, create=True) self.db.rollback() user1 = User(self.db, id, create=True)
class TestUser(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user = User(self.db) def tearDown(self): self.user.destroy_brutally() self.db.close() def test_get_no_quota(self): q = self.user.get_quota() self.assertEqual(q, User.UNLIMITED) def test_set_quota(self): q = 100 self.user.set_quota(q) qrc = self.user.get_quota() self.assertEqual(q, qrc) def test_get_no_usage(self): u = self.user.get_quota_usage() self.assertEqual(u, 0) def test_add_file_usage_one_file(self): size1 = 100 name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, self.user, data, pynimbusauthz.object_type_s3, size=size1) self.db.commit() u = self.user.get_quota_usage() self.assertEqual(u, size1) def test_add_file_usage_many_files(self): size1 = 100 name = "/file/name" data = "/etc/group" total = 0 for i in range(0, 10): file1 = File.create_file(self.db, name+str(i), self.user, data, pynimbusauthz.object_type_s3, size=size1) total = total + size1 self.db.commit() u = self.user.get_quota_usage() self.assertEqual(u, total)
def main(argv=sys.argv[1:]): try: (o, args, p) = setup_options(argv) con_str = pycb.config.authzdb db = DB(con_str) o.emailaddr = args[0] create_user(o, db) report_results(o, db) db.close() except CLIError, clie: if DEBUG: traceback.print_exc(file=sys.stdout) print clie return clie.get_rc()
class TestStatCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_stat(self): rc = pynimbusauthz.stat.main([self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["-a", self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) def test_bad_opts_stat(self): rc = pynimbusauthz.stat.main([]) self.assertEqual(rc, 32, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["nofile"]) self.assertNotEqual(rc, 0, "CLI should return success %s" % (str(rc))) rc = pynimbusauthz.stat.main(["-p", "nobucket", self.name]) self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc)) def test_basic_stat(self): user2 = User(self.db) self.db.commit() rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main([self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["-a", self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
class TestStatCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ["NIMBUS_AUTHZ_DB"] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_stat(self): rc = pynimbusauthz.stat.main([self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["-a", self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) def test_bad_opts_stat(self): rc = pynimbusauthz.stat.main([]) self.assertEqual(rc, 32, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["nofile"]) self.assertNotEqual(rc, 0, "CLI should return success %s" % (str(rc))) rc = pynimbusauthz.stat.main(["-p", "nobucket", self.name]) self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc)) def test_basic_stat(self): user2 = User(self.db) self.db.commit() rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main([self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["-a", self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
def create_user(self, display_name, id, pw, opts): db_obj = DB(con_str=self.con_str) user = User(db_obj, friendly=display_name) user_alias = user.create_alias(id, "s3", display_name, alias_data=pw) db_obj.commit() db_obj.close()
class TestRebaseCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_single_change(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" data = "/etc/group" key = old_base + data file1 = File.create_file(self.db, name, self.user1, key, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, key) f2a = list(f2a) self.assertEqual(len(f2a), 0, "should be no values with key %s len is %d" % (old_base, len(f2a))) key = new_base + data f2a = File.find_files_from_data(self.db, key) f2a = list(f2a) self.assertNotEqual(len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a))) found = False for f2 in f2a: tst_key = f2.get_data_key() if tst_key == key: found = True self.assertTrue(found, "key not found") def test_many_change(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" count = 10 for i in range(0, count): keyname = str(uuid.uuid1()) oldkey = old_base + "/" + keyname File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, new_base + "%") f2a = list(f2a) self.assertEqual(len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a))) def test_many_change_but_not_all(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" other_base = "/NOTHERE" count = 10 for i in range(0, count): keyname = str(uuid.uuid1()) oldkey = old_base + "/" + keyname File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) for i in range(0, count*2): keyname = str(uuid.uuid1()) oldkey = other_base + "/" + keyname File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, new_base + "%") f2a = list(f2a) self.assertEqual(len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a)))
class TestFile(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic_file(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() x = file1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") n2 = file1.get_name() self.assertEqual(name, n2, "Names not equal") d2 = file1.get_data_key() self.assertEqual(data, d2, "Data not equal") o2 = file1.get_owner() self.assertEqual(user1, o2, "Owner not equal") p2 = file1.get_parent() self.assertEqual(None, p2, "There should be no parent") b2 = file1.get_object_type() self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong") def xtest_international_file(self): user1 = User(self.db) name = os.environ["CUMULUS_WORD"] data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() def test_file_children(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1) self.db.commit() p2 = child1.get_parent() self.assertEqual(p2, file1, "parent not set properly") x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = file1.get_all_children() found = False for f in x: if f == child1: found = True self.assertTrue(found, "We should have found that kid!") def test_find_no_file(self): f = File.get_file_from_db_id(self.db, 1000) self.assertEqual(f, None, "We should not have found that file") f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3) self.assertEqual(f, None, "We should not have found that file") def test_file_and_bucket(self): user1 = User(self.db) fname = "NAME" data = "data" b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3) f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1) f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3) self.db.commit() self.assertNotEqual(f1.get_id(), f2.get_id()) f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f1.get_id(), f3.get_id()) self.assertEqual(f2.get_id(), f4.get_id()) self.assertNotEqual(f3.get_id(), f4.get_id()) self.db.commit() def test_change_key(self): user1 = User(self.db) name = "/file/name" old_base = "/old/path/base" fname = "/etc/group" new_base = "/new/base/location/dir" f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3) self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal") new_key = new_base + fname f.set_data_key(new_key) self.db.commit() tst_new_key = f.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key)) f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3) tst_new_key = f2.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key)) def test_find_by_key(self): user1 = User(self.db) name = "/file/name" key = "/old/path/base" f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3) self.db.commit() f2a = File.find_files_from_data(self.db, key) found = False for f2 in f2a: tst_key = f2.get_data_key() if tst_key == key: found = True self.assertTrue(found, "key not found")
class TestAddUserCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_adduser(self): uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) rc = pynimbusauthz.add_user.main(["-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass def test_basic_alias(self): user = User(self.db) uu = user.get_id() aname = "alias1" self.db.commit() rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertNotEqual(ua, None, "alias not found") rc = pynimbusauthz.add_user.main(["-x", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertEqual(ua, None, "alias should not be found") def test_user_alias_remove(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass try: ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.fail("should have had an exception loading user") except: pass def test_set_key(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") key = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.db.commit() k2 = ua.get_data() self.assertEqual(k2, key) def test_default_new_user(self): rc = pynimbusauthz.add_user.main(["-n"]) self.assertEqual(rc, 0, "CLI should return success %d"%(rc)) def test_bad_args(self): uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main([]) self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc)) rc = pynimbusauthz.add_user.main(["-k", uu, uu]) self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc)) rc = pynimbusauthz.add_user.main(["-g", uu]) self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc)) def test_remove_force(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") # add a few alias for i in range(0, 10): aname = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.add_user.main(["-f", "-r", uu]) self.assertEqual(rc, 0, "CLI should return success")
class TestTouchCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_touch(self): fname = str(uuid.uuid1()) data = str(uuid.uuid1()) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f, None) rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertNotEqual(f, None) def test_bucket_touch(self): fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main([ "-t", pynimbusauthz.object_type_s3, self.user1.get_id(), fname, data ]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertNotEqual(f, None) def test_under_bucket_touch(self): bname = str(uuid.uuid1()) fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main([ "-t", pynimbusauthz.object_type_s3, self.user1.get_id(), bname, data ]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.touch.main( ["-p", bname, self.user1.get_id(), fname, data]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3) f1 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) self.assertNotEqual(b1, None) self.assertNotEqual(f1, None) def test_bad_opts(self): bname = str(uuid.uuid1()) fname = str(uuid.uuid1()) data = str(uuid.uuid1()) rc = pynimbusauthz.touch.main([bname, data]) self.assertEqual(rc, 32, "CLI should return failure %d" % (rc)) rc = pynimbusauthz.touch.main( ["-p", bname, self.user1.get_id(), fname, data]) self.assertEqual(rc, 33, "CLI should return failure %d" % (rc))
class TestUser(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) def tearDown(self): self.db.close() def test_basic_userfile(self): perms = self.uf.get_perms() self.assertEqual(len(perms), 4, "Default perms should be none") self.assertTrue("r" in perms, "read not set") self.assertTrue("w" in perms, "write not set") self.assertTrue("R" in perms, "read acl not set") self.assertTrue("W" in perms, "write acl not set") f2 = self.uf.get_file() self.assertEqual(f2, self.file1, "should return the same file") o2 = self.uf.get_owner() self.assertEqual(o2, self.user1, "should return the same user") self.assertTrue(self.uf.can_access("rwRW")) a = self.uf.get_all_children() self.assertEqual(len(list(a)), 0, "should be no children") def test_bad_chmod(self): try: self.uf.chmod("KSA") self.fail("should be a bad parameter exception") except: pass def test_bad_chmod(self): self.uf.chmod("r") try: perms = self.uf.get_perms() self.fail("should not be able to read acl") except: pass self.uf.chmod("Rr") perms = self.uf.get_perms() rc = self.uf.can_access("w") self.assertFalse(rc, "should not be able to write %d" % (rc)) rc = self.uf.can_access("r") self.assertTrue(rc, "should be able to read") self.uf.chmod("RW") def test_grant(self): user2 = User(self.db) self.uf.chmod("R", user=user2) uf2 = UserFile(self.file1, user2) p = uf2.get_perms() self.assertEqual(p, "R", "perms should only be read here") def test_children(self): child1 = File.create_file(self.db, "kid", self.user1, self.data, pynimbusauthz.object_type_s3, parent=self.file1) self.db.commit() x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = self.uf.get_all_children() found = False for f in x: if f.get_file() == child1: found = True self.assertTrue(found, "We should have found that kid!")
class TestChmodCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def validate_perms(self, new): f = File.get_file_from_db_id(self.db, self.file1.get_id()) uf = UserFile(f, self.user1) perms = uf.get_perms(force=True) for p in new: self.assertTrue(p in perms, "bad perms set %s != %s" % (new, perms)) self.assertEqual(len(perms), len(new), "perms dont match %s != %s" % (new, perms)) def test_basic_chmod(self): uu = str(uuid.uuid1()) new_perms = "WR" rc = pynimbusauthz.chmod.main( [self.user1.get_id(), self.file1.get_name(), new_perms]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) self.validate_perms(new_perms) def test_type_chmod(self): uu = str(uuid.uuid1()) new_perms = "WRr" rc = pynimbusauthz.chmod.main([ "-t", self.file1.get_object_type(), self.user1.get_id(), self.file1.get_name(), new_perms ]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) self.validate_perms(new_perms) def test_badopts(self): new_perms = "WR" rc = pynimbusauthz.chmod.main( ["-t", self.file1.get_object_type(), self.user1.get_id()]) self.assertEqual(rc, 32, "CLI should return success %d" % (rc)) rc = pynimbusauthz.chmod.main( [self.user1.get_id(), "notafile", new_perms]) self.assertEqual(rc, 33, "CLI should return success %d" % (rc)) rc = pynimbusauthz.chmod.main([ "-t", self.file1.get_object_type(), "-p", "nobucket", self.user1.get_id(), self.file1.get_name(), new_perms ]) self.assertEqual(rc, 33, "CLI should return success %d" % (rc)) def test_bucket(self): # create a file and a bucket b1 = File.create_file(self.db, "bucket", self.user1, self.data, pynimbusauthz.object_type_s3) f2 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3, parent=b1) self.db.commit() new_perms = "WR" rc = pynimbusauthz.chmod.main([ "-t", f2.get_object_type(), "-p", b1.get_name(), self.user1.get_id(), f2.get_name(), new_perms ]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
class TestAddUserCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) def tearDown(self): self.db.close() os.remove(self.fname) def test_basic_adduser(self): uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) rc = pynimbusauthz.add_user.main(["-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass def test_basic_alias(self): user = User(self.db) uu = user.get_id() aname = "alias1" self.db.commit() rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertNotEqual(ua, None, "alias not found") rc = pynimbusauthz.add_user.main(["-x", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertEqual(ua, None, "alias should not be found") def test_user_alias_remove(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass try: ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.fail("should have had an exception loading user") except: pass def test_set_key(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") key = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.db.commit() k2 = ua.get_data() self.assertEqual(k2, key) def test_default_new_user(self): rc = pynimbusauthz.add_user.main(["-n"]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) def test_bad_args(self): uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main([]) self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc)) rc = pynimbusauthz.add_user.main(["-k", uu, uu]) self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc)) rc = pynimbusauthz.add_user.main(["-g", uu]) self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc)) def test_remove_force(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") # add a few alias for i in range(0, 10): aname = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.add_user.main(["-f", "-r", uu]) self.assertEqual(rc, 0, "CLI should return success")
class TestUser(unittest.TestCase): def setUp(self): #os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic_user(self): user1 = User(self.db) user2 = User(self.db, user1.get_id()) self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") def test_user_to_string(self): user1 = User(self.db) uu = user1.get_id() self.assertEqual(str(user1), uu, "toString function not working for user") def test_destroy_user(self): user1 = User(self.db) uu = user1.get_id() user1.destroy_brutally() try: user1 = User(self.db, uu) self.fail("The uuid should have been deleted %s" % (uu)) except: pass def test_null_alias(self): user1 = User(self.db) all_alias = user1.get_all_alias() self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user") all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3) self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user") def test_create_alias_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "testname@") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "name2@", "pooP") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") print alias1 def test_alias_lookup_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name1@") alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_name(), alias2.get_name(), "Alias names should be the same") self.assertEqual(alias1.get_type(), alias2.get_type(), "Alias types should be the same") self.assertEqual(alias1.get_data(), alias2.get_data(), "Alias data should be the same") def test_alias_lookup(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "1") aliasX = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "2") aliasX = user1.create_alias("/name3", pynimbusauthz.alias_type_s3, "3") aliasX = user1.create_alias("/name4", pynimbusauthz.alias_type_s3, "4") all_alias = user1.get_all_alias() found = False for a in all_alias: if a.get_name() == alias1.get_name() and a.get_type() == alias1.get_type(): found = True self.assertTrue(found, "We should have found the alias") all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3) found = False for a in all_alias: if a.get_name() == alias1.get_name() and a.get_type() == alias1.get_type(): found = True self.assertTrue(found, "We should have found the alias") def test_delete_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") alias1.remove() alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias2, None, "The alias should be gone") def test_create_same_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") try: alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") self.fail("This should have caused an conflict on insert") except: pass def find_user_id(self, u, list): for l in list: if u == l: return True return False def test_find_user(self): user1 = User(self.db) self.db.commit() id = user1.get_id() fid = id[1:] lid = id[:-1] mid = id[1:-1] # find by exact id u_all = User.find_user(self.db, id) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, fid) self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, lid) self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, mid) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(user1, u_all)) def test_find_user_alias(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) self.db.commit() fid = "%%" + alias_name[1:] lid = alias_name[:-1] + "%%" mid = "%%" + alias_name[1:-1] + "%%" # find by exact id u_all = UserAlias.find_alias(self.db, alias_name) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, fid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, lid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, mid) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all)) def test_set_alias_data(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) key = "helloworld" alias1.set_data(key) self.db.commit() alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_data(), alias2.get_data(), "alias not equal") self.assertEqual(key, alias2.get_data(), "alias not equal")
class TestListUserCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) (tmpFD, self.outFileName) = tempfile.mkstemp("koatests") os.close(tmpFD) def tearDown(self): self.db.close() os.remove(self.fname) def find_out_string(self, s): f = open(self.outFileName) lines = f.readlines() f.close() for l in lines: ndx = l.find(s) if ndx >= 0: return True return False def test_basic_list_user(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) self.db.commit() rc = pynimbusauthz.list_user.main(["-O", self.outFileName]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found") def test_list_alias(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) # add a few alias alias_a = [] for i in range(0, 10): aname = str(uuid.uuid1()) alias_a.append(aname) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") self.db.commit() rc = pynimbusauthz.list_user.main(["-a", "-O", self.outFileName]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found") for a in alias_a: rc = self.find_out_string(a) self.assertTrue(rc, "Username not found") def test_find_by_alias(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) # add a few alias alias_a = [] for i in range(0, 10): aname = str(uuid.uuid1()) alias_a.append(aname) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") self.db.commit() rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found")
class TestRebaseCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def test_single_change(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" data = "/etc/group" key = old_base + data file1 = File.create_file(self.db, name, self.user1, key, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, key) f2a = list(f2a) self.assertEqual( len(f2a), 0, "should be no values with key %s len is %d" % (old_base, len(f2a))) key = new_base + data f2a = File.find_files_from_data(self.db, key) f2a = list(f2a) self.assertNotEqual( len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a))) found = False for f2 in f2a: tst_key = f2.get_data_key() if tst_key == key: found = True self.assertTrue(found, "key not found") def test_many_change(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" count = 10 for i in range(0, count): keyname = str(uuid.uuid1()) oldkey = old_base + "/" + keyname File.create_file(self.db, name + oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, new_base + "%") f2a = list(f2a) self.assertEqual( len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a))) def test_many_change_but_not_all(self): name = "/file/name" old_base = "/OLD" new_base = "/NEW" other_base = "/NOTHERE" count = 10 for i in range(0, count): keyname = str(uuid.uuid1()) oldkey = old_base + "/" + keyname File.create_file(self.db, name + oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) for i in range(0, count * 2): keyname = str(uuid.uuid1()) oldkey = other_base + "/" + keyname File.create_file(self.db, name + oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3) self.db.commit() rc = pynimbusauthz.rebase.main([old_base, new_base]) self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc)) f2a = File.find_files_from_data(self.db, new_base + "%") f2a = list(f2a) self.assertEqual( len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a)))
class TestUser(unittest.TestCase): def setUp(self): #os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic_user(self): user1 = User(self.db) user2 = User(self.db, user1.get_id()) self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") def test_user_to_string(self): user1 = User(self.db) uu = user1.get_id() self.assertEqual(str(user1), uu, "toString function not working for user") def test_destroy_user(self): user1 = User(self.db) uu = user1.get_id() user1.destroy_brutally() try: user1 = User(self.db, uu) self.fail("The uuid should have been deleted %s" % (uu)) except: pass def test_null_alias(self): user1 = User(self.db) all_alias = user1.get_all_alias() self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user") all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3) self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user") def test_create_alias_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "testname@") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "name2@", "pooP") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") print alias1 def test_alias_lookup_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name1@") alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_name(), alias2.get_name(), "Alias names should be the same") self.assertEqual(alias1.get_type(), alias2.get_type(), "Alias types should be the same") self.assertEqual(alias1.get_data(), alias2.get_data(), "Alias data should be the same") def test_alias_lookup(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "1") aliasX = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "2") aliasX = user1.create_alias("/name3", pynimbusauthz.alias_type_s3, "3") aliasX = user1.create_alias("/name4", pynimbusauthz.alias_type_s3, "4") all_alias = user1.get_all_alias() found = False for a in all_alias: if a.get_name() == alias1.get_name() and a.get_type( ) == alias1.get_type(): found = True self.assertTrue(found, "We should have found the alias") all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3) found = False for a in all_alias: if a.get_name() == alias1.get_name() and a.get_type( ) == alias1.get_type(): found = True self.assertTrue(found, "We should have found the alias") def test_delete_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") alias1.remove() alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias2, None, "The alias should be gone") def test_create_same_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") try: alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") self.fail("This should have caused an conflict on insert") except: pass def find_user_id(self, u, list): for l in list: if u == l: return True return False def test_find_user(self): user1 = User(self.db) self.db.commit() id = user1.get_id() fid = id[1:] lid = id[:-1] mid = id[1:-1] # find by exact id u_all = User.find_user(self.db, id) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, fid) self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, lid) self.assertTrue(self.find_user_id(user1, u_all)) # find by exact partial 1 u_all = User.find_user(self.db, mid) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(user1, u_all)) def test_find_user_alias(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) self.db.commit() fid = "%%" + alias_name[1:] lid = alias_name[:-1] + "%%" mid = "%%" + alias_name[1:-1] + "%%" # find by exact id u_all = UserAlias.find_alias(self.db, alias_name) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, fid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, lid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, mid) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all)) def test_set_alias_data(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) key = "helloworld" alias1.set_data(key) self.db.commit() alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_data(), alias2.get_data(), "alias not equal") self.assertEqual(key, alias2.get_data(), "alias not equal")
class TestUser(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic_file(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() x = file1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") n2 = file1.get_name() self.assertEqual(name, n2, "Names not equal") d2 = file1.get_data_key() self.assertEqual(data, d2, "Data not equal") o2 = file1.get_owner() self.assertEqual(user1, o2, "Owner not equal") p2 = file1.get_parent() self.assertEqual(None, p2, "There should be no parent") b2 = file1.get_object_type() self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong") def test_file_children(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1) self.db.commit() p2 = child1.get_parent() self.assertEqual(p2, file1, "parent not set properly") x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = file1.get_all_children() found = False for f in x: if f == child1: found = True self.assertTrue(found, "We should have found that kid!") def test_find_no_file(self): f = File.get_file_from_db_id(self.db, 1000) self.assertEqual(f, None, "We should not have found that file") f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3) self.assertEqual(f, None, "We should not have found that file") def test_file_and_bucket(self): user1 = User(self.db) fname = "NAME" data = "data" b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3) f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1) f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3) self.db.commit() self.assertNotEqual(f1.get_id(), f2.get_id()) f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f1.get_id(), f3.get_id()) self.assertEqual(f2.get_id(), f4.get_id()) self.assertNotEqual(f3.get_id(), f4.get_id()) self.db.commit()
class TestChmodCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit() def tearDown(self): self.db.close() os.remove(self.fname) def validate_perms(self, new): f = File.get_file_from_db_id(self.db, self.file1.get_id()) uf = UserFile(f, self.user1) perms = uf.get_perms(force=True) for p in new: self.assertTrue(p in perms, "bad perms set %s != %s" % (new, perms)) self.assertEqual(len(perms), len(new), "perms dont match %s != %s" % (new, perms)) def test_basic_chmod(self): uu = str(uuid.uuid1()) new_perms = "WR" rc = pynimbusauthz.chmod.main([self.user1.get_id(), self.file1.get_name(), new_perms]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) self.validate_perms(new_perms) def test_type_chmod(self): uu = str(uuid.uuid1()) new_perms = "WRr" rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), self.user1.get_id(), self.file1.get_name(), new_perms]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) self.validate_perms(new_perms) def test_badopts(self): new_perms = "WR" rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), self.user1.get_id()]) self.assertEqual(rc, 32, "CLI should return success %d" % (rc)) rc = pynimbusauthz.chmod.main([self.user1.get_id(), "notafile", new_perms]) self.assertEqual(rc, 33, "CLI should return success %d" % (rc)) rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), "-p", "nobucket", self.user1.get_id(), self.file1.get_name(), new_perms]) self.assertEqual(rc, 33, "CLI should return success %d" % (rc)) def test_bucket(self): # create a file and a bucket b1 = File.create_file(self.db, "bucket", self.user1, self.data, pynimbusauthz.object_type_s3) f2 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3, parent=b1) self.db.commit() new_perms = "WR" rc = pynimbusauthz.chmod.main(["-t", f2.get_object_type(), "-p", b1.get_name(), self.user1.get_id(), f2.get_name(), new_perms]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
class TestFile(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) def tearDown(self): self.db.close() def test_basic_file(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() x = file1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") n2 = file1.get_name() self.assertEqual(name, n2, "Names not equal") d2 = file1.get_data_key() self.assertEqual(data, d2, "Data not equal") o2 = file1.get_owner() self.assertEqual(user1, o2, "Owner not equal") p2 = file1.get_parent() self.assertEqual(None, p2, "There should be no parent") b2 = file1.get_object_type() self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong") def test_file_children(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1) self.db.commit() p2 = child1.get_parent() self.assertEqual(p2, file1, "parent not set properly") x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = file1.get_all_children() found = False for f in x: if f == child1: found = True self.assertTrue(found, "We should have found that kid!") def test_find_no_file(self): f = File.get_file_from_db_id(self.db, 1000) self.assertEqual(f, None, "We should not have found that file") f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3) self.assertEqual(f, None, "We should not have found that file") def test_file_and_bucket(self): user1 = User(self.db) fname = "NAME" data = "data" b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3) f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1) f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3) self.db.commit() self.assertNotEqual(f1.get_id(), f2.get_id()) f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f1.get_id(), f3.get_id()) self.assertEqual(f2.get_id(), f4.get_id()) self.assertNotEqual(f3.get_id(), f4.get_id()) self.db.commit() def test_change_key(self): user1 = User(self.db) name = "/file/name" old_base = "/old/path/base" fname = "/etc/group" new_base = "/new/base/location/dir" f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3) self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal") new_key = new_base + fname f.set_data_key(new_key) self.db.commit() tst_new_key = f.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key)) f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3) tst_new_key = f2.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key)) def test_find_by_key(self): user1 = User(self.db) name = "/file/name" key = "/old/path/base" f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3) self.db.commit() f2a = File.find_files_from_data(self.db, key) found = False for f2 in f2a: tst_key = f2.get_data_key() if tst_key == key: found = True self.assertTrue(found, "key not found")
class TestListUserCli(unittest.TestCase): def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) (tmpFD, self.outFileName) = tempfile.mkstemp("koatests") os.close(tmpFD) def tearDown(self): self.db.close() os.remove(self.fname) def find_out_string(self, s): f = open(self.outFileName) lines = f.readlines() f.close() for l in lines: ndx = l.find(s) if ndx >= 0: return True return False def test_basic_list_user(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) self.db.commit() rc = pynimbusauthz.list_user.main(["-O", self.outFileName]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found") def test_list_alias(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) # add a few alias self.db.commit() alias_a = [] for i in range(0, 10): aname = str(uuid.uuid1()) alias_a.append(aname) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.list_user.main(["-a", "-O", self.outFileName]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found") for a in alias_a: rc = self.find_out_string(a) self.assertTrue(rc, "Username not found") def test_find_by_alias(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) self.db.commit() # add a few alias alias_a = [] for i in range(0, 10): aname = str(uuid.uuid1()) alias_a.append(aname) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found")