def setup_module():
global inst
global ep
inst = LDAP('', '')
dn = 'cn=admin,dc=canvas,dc=virtue,dc=com'
inst.get_ldap_connection()
inst.conn.simple_bind_s(dn, 'Test123!')
ep = EndPoint('slapd', 'Test123!')
ep.inst = inst
role = {
'id': 'usertestrole0',
'name': 'UserTestRole',
'version': '1.0',
'applicationIds': ['firefox'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': []
}
virtue = {
'id': 'usertestvirtue0',
'username': '******',
'roleId': 'usertestrole0',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_role = ldap_tools.to_ldap(role, 'OpenLDAProle')
inst.add_obj(ldap_role, 'roles', 'cid', throw_error=True)
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
if ('usertestrole0' not in user['authorizedRoleIds']):
user['authorizedRoleIds'].append('usertestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
def add_role(id,
name,
version,
appIds,
resIds,
transIds,
networkRules,
state='CREATED'):
role = {
'id': id,
'name': name,
'version': version,
'applicationIds': appIds,
'startingResourceIds': resIds,
'startingTransducerIds': transIds,
'networkRules': networkRules,
'state': state
}
if (type(appIds) == str):
role['applicationIds'] = json.loads(appIds)
if (type(resIds) == str):
role['startingResourceIds'] = json.loads(resIds)
if (type(transIds) == str):
role['startingTransducerIds'] = json.loads(transIds)
ldap_role = to_ldap(role, 'OpenLDAProle')
inst.add_obj(ldap_role, 'roles', 'cid', throw_error=True)
def add_resource(id, type, unc, credentials):
res = {'id': id, 'type': type, 'unc': unc, 'credentials': credentials}
ldap_res = to_ldap(res, 'OpenLDAPresource')
inst.add_obj(ldap_res, 'resources', 'cid', throw_error=True)
def teardown_module():
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
user['authorizedRoleIds'].remove('usertestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
inst.del_obj('cid',
'usertestrole0',
objectClass='OpenLDAProle',
throw_error=True)
inst.del_obj('cid',
'usertestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
def setup_module():
global inst
global ep
global test_role_id
global test_virtue_id
inst = LDAP('', '')
dn = 'cn=admin,dc=canvas,dc=virtue,dc=com'
inst.get_ldap_connection()
inst.conn.simple_bind_s(dn, 'Test123!')
ep = EndPoint_Admin('slapd', 'Test123!')
ep.inst = inst
role = {
'id': 'admintestrole0',
'name': 'AdminTestRole',
'version': '1.0',
'applicationIds': ['firefox'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': []
}
ldap_role = ldap_tools.to_ldap(role, 'OpenLDAProle')
inst.add_obj(ldap_role, 'roles', 'cid', throw_error=True)
user = inst.get_obj('cusername',
'slapd',
objectClass='OpenLDAPuser',
throw_error=True)
ldap_tools.parse_ldap(user)
if ('admintestrole0' not in user['authorizedRoleIds']):
user['authorizedRoleIds'].append('admintestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj('cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
# set to satisfy pytest when listing tests
test_role_id = None
test_virtue_id = None
def add_application(id, name, version, os, port=None):
app = {'id': id, 'name': name, 'version': version, 'os': os}
if (port is not None):
app['port'] = int(port)
ldap_app = to_ldap(app, 'OpenLDAPapplication')
inst.add_obj(ldap_app, 'applications', 'cid', throw_error=True)
def test_virtue_destroy():
response = session.get(base_url + '/virtue/destroy')
assert response.json() == ErrorCodes.user['unspecifiedError']['result']
try:
# 'Create' a Virtue
subprocess.check_call([
'sudo', 'mv', '/mnt/efs/images/tests/8GB.img',
('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_DESTROY.img')
])
virtue = {
'id': 'TEST_VIRTUE_DESTROY',
'username': '******',
'roleId': 'TBD',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
# virtue_destroy() it
response = session.get(base_url + '/virtue/destroy',
params={'virtueId': 'TEST_VIRTUE_DESTROY'})
assert response.text == json.dumps(ErrorCodes.admin['success'])
assert not os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_DESTROY.img'))
assert () == inst.get_obj('cid',
'TEST_VIRTUE_DESTROY',
objectClass='OpenLDAPvirtue',
throw_error=True)
result = query_elasticsearch_with_timeout([
('user', settings['user']),
('real_func_name', 'admin_virtue_destroy'),
('virtue_id', 'TEST_VIRTUE_DESTROY')
])
assert 'hits' in result and 'total' in result[
'hits'] and result['hits']['total'] > 0
except:
raise
finally:
inst.del_obj('cid',
'TEST_VIRTUE_DESTROY',
objectClass='OpenLDAPvirtue')
def teardown_module():
inst.del_obj(
'cid', 'admintestrole0', objectClass='OpenLDAProle', throw_error=True)
inst.del_obj(
'cid', 'admintestvirtue0', objectClass='OpenLDAPvirtue', throw_error=True)
if os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'admintestrole0.img')):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/non_provisioned_virtues/'
'admintestrole0.img')])
if os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'admintestvirtue0.img')):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/provisioned_virtues/'
'admintestvirtue0.img')])
if test_role_id is not None:
inst.del_obj('cid', test_role_id,
objectClass='OpenLDAProle', throw_error=True)
if os.path.exists(('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(test_role_id)):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/non_provisioned_virtues/'
'{0}.img').format(test_role_id)])
if test_virtue_id is not None:
inst.del_obj('cid', test_virtue_id,
objectClass='OpenLDAPvirtue', throw_error=True)
if os.path.exists(('/mnt/efs/images/provisioned_virtues/'
'{0}.img').format(test_virtue_id)):
subprocess.check_call(['sudo', 'rm',
('/mnt/efs/images/provisioned_virtues/'
'{0}.img').format(test_virtue_id)])
user = inst.get_obj(
'cusername', 'slapd', objectClass='OpenLDAPuser', throw_error=True)
ldap_tools.parse_ldap(user)
user['authorizedRoleIds'].remove('admintestrole0')
ldap_user = ldap_tools.to_ldap(user, 'OpenLDAPuser')
inst.modify_obj(
'cusername',
'slapd',
ldap_user,
objectClass='OpenLDAPuser',
throw_error=True)
def add_transducer(id_, name, type_, startEnabled, startingConfiguration,
requiredAccess):
transducer = {
'id': id_,
'name': name,
'type': type_,
'startEnabled': startEnabled,
'startingConfiguration': startingConfiguration,
'requiredAccess': requiredAccess
}
if (type(startingConfiguration) == str):
transducer['startingConfiguration'] = json.loads(startingConfiguration)
if (type(requiredAccess) == str):
transducer['requiredAccess'] = json.loads(requiredAccess)
ldap_transducer = to_ldap(transducer, 'OpenLDAPtransducer')
inst.add_obj(ldap_transducer, 'transducers', 'cid', throw_error=True)
def test_virtue_destroy():
virtue = {
'id': 'admintestvirtue0',
'username': '******',
'roleId': 'admintestrole0',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
img_path = '/mnt/efs/images/provisioned_virtues/admintestvirtue0.img'
subprocess.check_call(['sudo', 'rsync', '/mnt/efs/images/unities/8GB.img',
img_path])
assert json.dumps(ErrorCodes.user['invalidId']) == ep.virtue_destroy(
'DoesNotExist')
assert ep.virtue_destroy('admintestvirtue0') == json.dumps(
ErrorCodes.user['success'])
real_virtue = inst.get_obj(
'cid',
'admintestvirtue0',
objectClass='OpenLDAPvirtue',
throw_error=True)
assert real_virtue == ()
assert not os.path.exists(img_path)
def test_virtue_stop():
response = session.get(base_url + '/virtue/stop')
assert response.json() == ErrorCodes.user['unspecifiedError']['result']
rethink_manager = RethinkDbManager()
try:
# 'Create' a Virtue
subprocess.check_call([
'sudo', 'mv', '/mnt/efs/images/tests/8GB.img',
('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_STOP.img')
])
virtue = {
'id': 'TEST_VIRTUE_STOP',
'username': '******',
'roleId': 'TBD',
'applicationIds': [],
'resourceIds': [],
'transducerIds': [],
'networkRules': [],
'state': 'STOPPED',
'ipAddress': 'NULL'
}
ldap_virtue = ldap_tools.to_ldap(virtue, 'OpenLDAPvirtue')
inst.add_obj(ldap_virtue, 'virtues', 'cid', throw_error=True)
# virtue_launch() it
response = session.get(base_url + '/virtue/launch',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(ErrorCodes.user['success'])
rethink_virtue = rethink_manager.get_virtue('TEST_VIRTUE_STOP')
assert type(rethink_virtue) == dict
# virtue_stop() it
response = session.get(base_url + '/virtue/stop',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(ErrorCodes.user['success'])
time.sleep(5)
real_virtue = inst.get_obj('cid',
'TEST_VIRTUE_STOP',
objectClass='OpenLDAPvirtue',
throw_error=True)
ldap_tools.parse_ldap(real_virtue)
assert real_virtue['state'] == 'STOPPED'
assert rethink_manager.get_virtue('TEST_VIRTUE_STOP') == None
sysctl_stat = subprocess.call([
'ssh', '-i', key_path, 'ubuntu@' + rethink_virtue['address'], '-o',
'StrictHostKeyChecking=no', 'sudo systemctl status gaius'
],
stdout=subprocess.PIPE)
# errno=3 means that gaius isn't running
assert sysctl_stat == 0
xl_list = subprocess.check_output([
'ssh', '-i', key_path, 'ubuntu@' + rethink_virtue['address'], '-o',
'StrictHostKeyChecking=no', 'sudo xl list'
])
# There shouldn't be a VM running on the valor. If the test's virtue
# isn't the only one that's running, this failure may be a false alarm.
assert xl_list.count('\n') == 2
response = session.get(base_url + '/virtue/stop',
params={'virtueId': 'TEST_VIRTUE_STOP'})
assert response.text == json.dumps(
ErrorCodes.user['virtueAlreadyStopped']['result'])
result = query_elasticsearch_with_timeout([
('user', settings['user']), ('real_func_name', 'virtue_stop'),
('virtue_id', 'TEST_VIRTUE_STOP')
])
assert 'hits' in result and 'total' in result[
'hits'] and result['hits']['total'] > 0
except:
raise
finally:
inst.del_obj('cid', 'TEST_VIRTUE_STOP', objectClass='OpenLDAPvirtue')
subprocess.check_call([
'sudo', 'mv',
('/mnt/efs/images/provisioned_virtues/'
'TEST_VIRTUE_STOP.img'), '/mnt/efs/images/tests/8GB.img'
])
def test_write_to_ldap():
temp_role = {
'id': 'routeradmin',
'name': 'Router Admin',
'applicationIds': ['firefox', 'xterm'],
'startingResourceIds': [],
'startingTransducerIds': [],
'networkRules': [],
'version': '1.0'
}
ldap_temp_role = ldap_tools.to_ldap(temp_role, 'OpenLDAProle')
assert ldap_temp_role == {
'objectClass': 'OpenLDAProle',
'ou': 'virtue',
'cid': 'routeradmin',
'name': '"Router Admin"',
'cversion': '"1.0"',
'cappIds': json.dumps(['firefox', 'xterm']),
'cstartResIds': '[]',
'cstartTransIds': '[]',
'cnetRules': '[]'
}
try:
assert 0 == inst.add_obj(ldap_temp_role,
'roles',
'cid',
throw_error=True)
ldap_temp_role_2 = inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
temp_role_2 = copy.deepcopy(ldap_temp_role_2)
ldap_tools.parse_ldap(temp_role_2)
assert temp_role == temp_role_2
ldap_temp_role_2['cversion'] = ['1.1']
assert 0 == inst.modify_obj('cid',
'routeradmin',
ldap_temp_role_2,
objectClass='OpenLDAProle',
throw_error=True)
ldap_temp_role_3 = inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
assert ldap_temp_role_2 == ldap_temp_role_3
assert 0 == inst.del_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
except Exception as e:
inst.del_obj('cid', 'routeradmin', objectClass='OpenLDAProle')
traceback.print_exc()
pass
assert () == inst.get_obj('cid',
'routeradmin',
objectClass='OpenLDAProle',
throw_error=True)
