class SecurityContextTestCase(unittest.TestCase): logger = getLogger("SecurityContextTestCase") file = "security.xml.sample" def setUp(self): self.context = Context() self.logger.debug(str(len(self.context.roles))) def tearDown(self): del self.context def testPermissions(self): self.assertTrue(len(self.context.permissions) == 5) self.assertEqual(self.context.permissions[0].id, "allow-all") self.assertEqual(self.context.permissions[2].id, "deny-localhost") self.assertEqual(len(self.context.permissions[2].constraints), 2) def testRoles(self): self.assertTrue(len(self.context.roles) == 2) self.assertEqual(self.context.roles[1].id, "administrator") def testUsers(self): self.assertTrue(len(self.context.users) == 2) u = self.context.get_user("user1", "123") self.assertTrue(u is not None) command = "nmap -v localhost" self.assertFalse(u.is_permitted(command))
def get_user(req, id): ctx = Context() user = ctx.get_user(id=id) if not user: raise Http404 resp = [] resp.append("'name': '%s'" % user.name.replace("'", "\\'")) resp.append("'login': '******'" % user.login.replace("'", "\\'")) resp.append("'superuser': %s" % str(user.superuser).lower()) resp.append("'roles': ['%s']" % "','".join([r.id for r in user.roles])) return HttpResponse("{%s}" % ",".join(resp))
def login(req): logger.debug("aeeeeeeeee") response = HttpResponse() error = "" errorclass = "hide" if req.POST: ctx = Context() user = ctx.get_user(req.POST['login'], req.POST['password']) if user: req.session['umit_user'] = user return HttpResponseRedirect("/html/") else: error = "Incorrect username or password" errorclass = "" response.loadTemplate("html/login.html") return response % {"error": error, "errorclass": errorclass}
def login(req): resp = HttpResponse() ctx = Context() if req.POST: resp['Content-type'] = "text/plain" user = ctx.get_user(req.POST['login'], req.POST['password']) if req.GET.has_key("json"): if user: req.session['umit_user'] = user resp.write('OK') else: resp.write('FAIL') return resp else: if user: req.session['umit_user'] = user return HttpResponseRedirect("/") else: resp.loadTemplate("login.html") return resp
def edit_user(req, id): ctx = Context() user = ctx.get_user(id=id) if not user: raise Http404 user.name = req.POST['name'] user.roles = [] for id in (req.POST['roles'].strip() and req.POST['roles'].split(",") or []): user.roles.append(ctx.get_role(id)) user.superuser = (req.POST['superuser'] == "yes") if req.POST['password'].strip(): password = req.POST['password'] for i in xrange(len(ctx.users)): if ctx.users[i].login == id: ctx.users[i] = user break ctx.write_xml() return HttpResponse("{'result': 'OK'}")