def testMyProxyEnvironment(self): """ Test the myProxyEnvironment context manager In this test a new Proxy and MyProxy are initialized """ myProxy = Proxy(self.dict) # Create the proxy myProxy.create() proxyPath = myProxy.getProxyFilename() userDN = myProxy.getSubject() self.assertTrue(os.path.exists(proxyPath)) # Delegate and check the proxy myProxy.delegate(credential=proxyPath, serverRenewer=True) valid = myProxy.checkMyProxy() self.assertTrue(valid) # Make sure X509_USER_PROXY exists only in the context manager and corresponds to a file if 'X509_USER_PROXY' in os.environ: del os.environ['X509_USER_PROXY'] self.assertFalse('X509_USER_PROXY' in os.environ) with myProxyEnvironment(userDN=userDN, serverCert=serverCert, serverKey=serverKey, myproxySrv='myproxy.cern.ch', proxyDir='/tmp/', logger=self.logger): self.assertTrue('X509_USER_PROXY' in os.environ) self.assertTrue(os.path.exists(os.environ['X509_USER_PROXY'])) self.assertFalse('X509_USER_PROXY' in os.environ) return
class Proxy(object): ''' CMS uses proxies constantly. This class is a wrapper function around WMCore proxy handling, to allow the user to update/check/delete their proxy in myproxy and update/check the local proxy ''' def __init__(self): ''' Constructor ''' self.helper = WMCoreProxy({'logger' : logging}) def getProxyFilename(self): return self.helper.getProxyFilename() def initProxy(self): self.helper.create() def deleteProxy(self): self.helper.destroy() def uploadToMyproxy(self, allowedDN): self.helper.serverDN = allowedDN self.helper.delegate( None, True )
def createNewVomsProxy(self, timeleftthreshold=0): """ Handles the proxy creation: - checks if a valid proxy still exists - performs the creation if it is expired """ ## TODO add the change to have user-cert/key defined in the config. userproxy = Proxy( self.defaultDelegation ) userproxy.userDN = userproxy.getSubject() proxytimeleft = 0 self.logger.debug("Getting proxy life time left") # does it return an integer that indicates? proxytimeleft = userproxy.getTimeLeft() self.logger.debug("Proxy is valid: %i" % proxytimeleft) #if it is not expired I check if role and/or group are changed if not proxytimeleft < timeleftthreshold and self.defaultDelegation['role']!=None and self.defaultDelegation['group']!=None: group , role = userproxy.getUserGroupAndRoleFromProxy( userproxy.getProxyFilename()) if group != self.defaultDelegation['group'] or role != self.defaultDelegation['role']: self.proxyChanged = True #if the proxy is expired, or we changed role and/or group, we need to create a new one if proxytimeleft < timeleftthreshold or self.proxyChanged: # creating the proxy self.logger.debug("Creating a proxy for %s hours" % self.defaultDelegation['proxyValidity'] ) userproxy.create() proxytimeleft = userproxy.getTimeLeft() group , role = userproxy.getUserGroupAndRoleFromProxy( userproxy.getProxyFilename()) if proxytimeleft > 0 and group == self.defaultDelegation['group'] and role == self.defaultDelegation['role']: self.logger.debug("Proxy created.") else: raise ProxyCreationException("Problems creating proxy.") return userproxy.getSubject( ), userproxy.getProxyFilename()
class ProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='proxy_unittests.log', filemode='w') logger_name = 'ProxyTest' self.logger = logging.getLogger(logger_name) self.dict = {'logger': self.logger, 'server_key' : '/home/crab/.globus/hostkey.pem', 'server_cert' : '/home/crab/.globus/hostcert.pem', 'vo': 'cms', 'group': 'integration', 'role': 'NULL', 'myProxySvr': 'myproxy.cern.ch', 'proxyValidity' : '192:00', 'min_time_left' : 36000, 'uisource' : '/afs/cern.ch/cms/LCG/LCG-2/UI/cms_ui_env.sh'} #, 'serverDN' : '/C=IT/O=INFN/OU=Host/L=Perugia/CN=crab.pg.infn.it'} self.proxyPath = None self.proxy = Proxy( self.dict ) self.serverKey = self.dict['server_key'] self.serverDN = None if self.dict.has_key('serverDN'): self.serverDN = self.dict['serverDN'] def tearDown(self): """ _tearDown_ Tear down the proxy. """ self.proxy.destroy() return def getUserIdentity(self): """ _getUserIdentity_ Retrieve the user's subject from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-identity"], stdout = subprocess.PIPE, stderr = subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] def getUserAttributes(self): """ _getUserAttributes_ Retrieve the user's attributes from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-fqan"], stdout = subprocess.PIPE, stderr = subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] @attr("integration") def testDestroyBeforeCreation(self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.destroy( ) self.proxyPath = self.proxy.getProxyFilename() assert not os.path.exists(self.proxyPath) @attr("integration") def testCreateProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() time.sleep( 5 ) proxyPath = self.proxy.getProxyFilename() assert os.path.exists(proxyPath) @attr("integration") def testCheckProxyTimeLeft( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() timeLeft = self.proxy.getTimeLeft() print timeLeft assert ( int(timeLeft) / 3600 ) == 192 @attr("integration") def testRenewProxy( self ): """ """ if not os.path.exists( self.serverKey ): time.sleep( 70 ) self.proxy.renew() time.sleep( 10 ) timeLeft = self.proxy.getTimeLeft() assert ( int(timeLeft) / 3600 ) == 191 @attr("integration") def testDestroyProxy(self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.destroy( ) self.proxyPath = self.proxy.getProxyFilename() assert not os.path.exists(self.proxyPath) @attr("integration") def testGetSubject(self): """ _testGetSubject_ Verify that the getSubject() method works correctly. """ if os.path.exists(self.serverKey): return self.testCreateProxy() subject = self.proxy.getSubject( ) self.assertEqual(subject, self.getUserIdentity(), "Error: Wrong subject.") return @attr("integration") def testGetUserName( self ): """ _testGetUserName_ Verify that the getUserName() method correctly determines the user's name. """ if os.path.exists( self.serverKey ): return self.testCreateProxy() user = self.proxy.getUserName( ) identity = self.getUserIdentity().split("/")[ len(self.getUserIdentity().split("/")) - 1 ][3:] self.assertEqual(user, identity, "Error: User name is wrong: |%s|\n|%s|" % (user, identity)) return @attr("integration") def checkAttribute( self ): """ """ if not os.path.exists( self.serverKey ): valid = self.proxy.checkAttribute( ) assert valid == True @attr("integration") def testCheckTimeLeft( self ): """ """ if not os.path.exists( self.serverKey ): valid = self.proxy.check( self.proxyPath ) assert valid == True @attr("integration") def testDelegateMyProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() self.proxy.delegate( credential = self.proxyPath ) valid = self.proxy.checkMyProxy( ) assert valid == True @attr("integration") def testDelegateServerAndMyProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() self.proxy.delegate( credential = self.proxyPath, serverRenewer = True ) valid = self.proxy.checkMyProxy( checkRenewer = True ) assert valid == True @attr("integration") def testCheckMyProxy( self ): """ """ if not os.path.exists( self.serverKey ) and self.serverDN: self.proxy.create() self.proxy.delegate( ) valid = self.proxy.checkMyProxy( ) assert valid == True @attr("integration") def testCheckMyProxyServer( self ): """ """ if not os.path.exists( self.serverKey ) and self.serverDN: self.proxy.create() self.proxy.delegate( serverRenewer = True ) valid = self.proxy.checkMyProxy( checkRenewer = True ) assert valid == True @attr("integration") def testLogonRenewMyProxy( self ): """ """ if os.path.exists( self.serverKey ): proxyFile = self.proxy.logonRenewMyProxy( ) assert os.path.exists( proxyFile ) @attr("integration") def testRenewMyProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() time.sleep( 70 ) self.proxy.renewMyProxy( proxy = self.proxyPath ) time.sleep( 5 ) timeLeft = self.proxy.getMyProxyTimeLeft( proxy = self.proxyPath ) assert ( int(timeLeft) / 3600 ) == 167 @attr("integration") def testRenewMyProxyForServer( self ): """ """ if not os.path.exists( self.serverKey ) and self.serverDN: self.proxy.create() time.sleep( 70 ) self.proxy.renewMyProxy( proxy = self.proxyPath, serverRenewer = True ) time.sleep( 5 ) timeLeft = self.proxy.getMyProxyTimeLeft( proxy = self.proxyPath, serverRenewer = True ) assert ( int(timeLeft) / 3600 ) == 167 @attr("integration") def testRenewMyProxyByServer( self ): """ """ if os.path.exists( self.serverKey ): proxyPath = self.proxy.getProxyFilename( serverRenewer = True ) self.proxy.logonRenewMyProxy( proxyPath ) timeLeft = self.proxy.getTimeLeft( proxyPath ) assert ( int(timeLeft) / 3600 ) > 120 @attr("integration") def testVomsRenewal( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() proxyPath = self.proxy.getProxyFilename( ) time.sleep( 70 ) attribute = self.proxy.prepareAttForVomsRenewal( self.proxy.getAttributeFromProxy( proxyPath ) ) self.proxy.vomsExtensionRenewal( proxyPath, attribute ) vomsTimeLeft = self.proxy.getVomsLife( proxyPath ) assert ( int(vomsTimeLeft) / 3600 ) == 191 @attr("integration") def testElevateAttribute( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() proxyPath = self.proxy.getProxyFilename( ) # getProxyDetails allows to buid the proxy attribute from the parameters given attribute = self.proxy.prepareAttForVomsRenewal( '/cms/Role=NULL/Capability=NULL' ) self.proxy.vomsExtensionRenewal( proxyPath, attribute ) assert self.proxy.getAttributeFromProxy( proxyPath ) == '/cms/Role=NULL/Capability=NULL' @attr("integration") def testUserGroupInProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() assert self.proxy.group == self.getUserAttributes().split('\n')[0].split('/')[2] @attr("integration") def testUserRoleInProxy( self ): """ """ if not os.path.exists( self.serverKey ): self.proxy.create() assert self.proxy.role == self.getUserAttributes().split('\n')[0].split('/')[3].split('=')[1] @attr("integration") def testGetAttributes( self ): """ """ if not os.path.exists( self.serverKey ): if not self.dict['role']: role = 'NULL' self.proxy.create() assert self.proxy.getAttributeFromProxy().split('/')[2] == self.dict['group'] assert self.proxy.getAttributeFromProxy().split('/')[3].split('=')[1] == role @attr("integration") def testGetAttributes( self ): """ """ if not os.path.exists( self.serverKey ): if not self.dict['role']: role = 'NULL' self.proxy.create() proxyPath = self.proxy.getProxyFilename( ) if self.dict['group'] and self.dict['role']: assert self.proxy.getUserGroupAndRoleFromProxy( proxyPath )[0] == self.dict['group'] assert self.proxy.getUserGroupAndRoleFromProxy( proxyPath )[1] == self.dict['role']
class ProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig( level=logging.DEBUG, format="%(asctime)s %(name)-12s %(levelname)-8s %(message)s", datefmt="%m-%d %H:%M", filename="proxy_unittests.log", filemode="w", ) logger_name = "ProxyTest" self.logger = logging.getLogger(logger_name) self.dict = { "logger": self.logger, "vo": "cms", "group": group, "role": role, "myProxySvr": myProxySvr, "proxyValidity": "192:00", "min_time_left": 36000, "uisource": uiPath, } self.proxyPath = None self.proxy = Proxy(self.dict) def tearDown(self): """ _tearDown_ Tear down the proxy. """ return def getUserIdentity(self): """ _getUserIdentity_ Retrieve the user's subject from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen( ["voms-proxy-info", "-identity"], stdout=subprocess.PIPE, stderr=subprocess.PIPE ) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] def getUserAttributes(self): """ _getUserAttributes_ Retrieve the user's attributes from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen( ["voms-proxy-info", "-fqan"], stdout=subprocess.PIPE, stderr=subprocess.PIPE ) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] @attr("integration") def testGetUserCertEnddate(self): """ Test if getTimeLeft method returns correctly the proxy time left. """ daysleft = self.proxy.getUserCertEnddate() self.assertEqual(daysleft, 29) # set this as the number of days left in .globus/usercert.pem @attr("integration") def testAAACreateProxy(self): """ Test if create method creates correctly the proxy. This is sort of bad form to require that this test run first, but the alternative is entering a password for every single invocation """ self.proxy.create() time.sleep(5) proxyPath = self.proxy.getProxyFilename() self.assertTrue(os.path.exists(proxyPath)) @attr("integration") def testCheckProxyTimeLeft(self): """ Test if getTimeLeft method returns correctly the proxy time left. """ timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testRenewProxy(self): """ Test if the renew method renews correctly the user proxy. """ time.sleep(70) self.proxy.renew() time.sleep(10) timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testDestroyProxy(self): """ Test the proxy destroy method. """ self.proxy.destroy() self.proxyPath = self.proxy.getProxyFilename() self.assertFalse(os.path.exists(self.proxyPath)) # Create the proxy after the destroy self.proxy.create() @attr("integration") def testGetSubject(self): """ _testGetSubject_ Verify that the getSubject() method works correctly. """ subject = self.proxy.getSubject() self.assertEqual(subject, self.getUserIdentity(), "Error: Wrong subject.") return @attr("integration") def testGetUserName(self): """ _testGetUserName_ Verify that the getUserName() method correctly determines the user's name. """ user = self.proxy.getUserName() identity = self.getUserIdentity().split("/")[len(self.getUserIdentity().split("/")) - 1][3:] self.assertEqual(user, identity, "Error: User name is wrong: |%s|\n|%s|" % (user, identity)) return @attr("integration") def testCheckAttribute(self): """ Test if the checkAttribute method checks correctly the attributes validity. """ valid = self.proxy.checkAttribute() self.assertTrue(valid) @attr("integration") def testCheckTimeLeft(self): """ Test if the check method checks correctly the proxy validity. """ valid = self.proxy.check(self.proxyPath) self.assertTrue(valid) @attr("integration") def testVomsRenewal(self): """ Test if vomsExtensionRenewal method renews correctly the voms-proxy. """ proxyPath = self.proxy.getProxyFilename() time.sleep(70) attribute = self.proxy.prepareAttForVomsRenewal(self.proxy.getAttributeFromProxy(proxyPath)) self.proxy.vomsExtensionRenewal(proxyPath, attribute) vomsTimeLeft = self.proxy.getVomsLife(proxyPath) self.assertEqual(int(vomsTimeLeft) / 3600, 191) @attr("integration") def testElevateAttribute(self): """ Test if the vomsExtensionRenewal method elevate last attributes given. """ proxyPath = self.proxy.getProxyFilename() attribute = self.proxy.prepareAttForVomsRenewal("/cms/Role=NULL/Capability=NULL") self.proxy.vomsExtensionRenewal(proxyPath, attribute) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath), "/cms/Role=NULL/Capability=NULL") # Restore the original configuration of the proxy self.proxy.create() @attr("integration") def testUserGroupInProxy(self): """ Test if getUserAttributes method returns correctly the user group. """ self.assertTrue(self.proxy.group, "No group set. Testing incomplete.") self.assertEqual(self.proxy.group, self.getUserAttributes().split("\n")[0].split("/")[2]) @attr("integration") def testUserRoleInProxy(self): """ Test if getUserAttributes method returns correctly the user role. """ self.assertEqual(self.proxy.role, self.getUserAttributes().split("\n")[0].split("/")[3].split("=")[1]) @attr("integration") def testGetAttributes(self): """ Test getAttributeFromProxy method. """ self.assertTrue(self.proxy.group, "No group set. Testing incomplete.") if not self.dict["role"]: role = "NULL" else: role = self.dict["role"] proxyPath = self.proxy.getProxyFilename() self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath).split("/")[2], self.dict["group"]) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath).split("/")[3].split("=")[1], role) @attr("integration") def testGetUserGroupAndRole(self): """ Test GetUserGroupAndRoleFromProxy method. """ if not self.dict["role"]: role = "NULL" else: role = self.dict["role"] proxyPath = self.proxy.getProxyFilename() if self.dict["group"] and self.dict["role"]: self.assertEqual(self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[0], self.dict["group"]) self.assertEqual(self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[1], role)
class ProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig( level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='proxy_unittests.log', filemode='w') logger_name = 'ProxyTest' self.logger = logging.getLogger(logger_name) self.dict = { 'logger': self.logger, 'vo': 'cms', 'group': group, 'role': role, 'myProxySvr': myProxySvr, 'proxyValidity': '192:00', 'min_time_left': 36000, 'uisource': uiPath } self.proxyPath = None self.proxy = Proxy(self.dict) def tearDown(self): """ _tearDown_ Tear down the proxy. """ return def getUserIdentity(self): """ _getUserIdentity_ Retrieve the user's subject from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-identity"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] def getUserAttributes(self): """ _getUserAttributes_ Retrieve the user's attributes from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-fqan"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] @attr("integration") def testAAACreateProxy(self): """ Test if create method creates correctly the proxy. This is sort of bad form to require that this test run first, but the alternative is entering a password for every single invocation """ self.proxy.create() time.sleep(5) proxyPath = self.proxy.getProxyFilename() self.assertTrue(os.path.exists(proxyPath)) @attr("integration") def testCheckProxyTimeLeft(self): """ Test if getTimeLeft method returns correctly the proxy time left. """ timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testRenewProxy(self): """ Test if the renew method renews correctly the user proxy. """ time.sleep(70) self.proxy.renew() time.sleep(10) timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testDestroyProxy(self): """ Test the proxy destroy method. """ self.proxy.destroy() self.proxyPath = self.proxy.getProxyFilename() self.assertFalse(os.path.exists(self.proxyPath)) # Create the proxy after the destroy self.proxy.create() @attr("integration") def testGetSubject(self): """ _testGetSubject_ Verify that the getSubject() method works correctly. """ subject = self.proxy.getSubject() self.assertEqual(subject, self.getUserIdentity(), "Error: Wrong subject.") return @attr("integration") def testGetUserName(self): """ _testGetUserName_ Verify that the getUserName() method correctly determines the user's name. """ user = self.proxy.getUserName() identity = self.getUserIdentity().split("/")[ len(self.getUserIdentity().split("/")) - 1][3:] self.assertEqual( user, identity, "Error: User name is wrong: |%s|\n|%s|" % (user, identity)) return @attr("integration") def testCheckAttribute(self): """ Test if the checkAttribute method checks correctly the attributes validity. """ valid = self.proxy.checkAttribute() self.assertTrue(valid) @attr("integration") def testCheckTimeLeft(self): """ Test if the check method checks correctly the proxy validity. """ valid = self.proxy.check(self.proxyPath) self.assertTrue(valid) @attr("integration") def testVomsRenewal(self): """ Test if vomsExtensionRenewal method renews correctly the voms-proxy. """ proxyPath = self.proxy.getProxyFilename() time.sleep(70) attribute = self.proxy.prepareAttForVomsRenewal( self.proxy.getAttributeFromProxy(proxyPath)) self.proxy.vomsExtensionRenewal(proxyPath, attribute) vomsTimeLeft = self.proxy.getVomsLife(proxyPath) self.assertEqual(int(vomsTimeLeft) / 3600, 191) @attr("integration") def testElevateAttribute(self): """ Test if the vomsExtensionRenewal method elevate last attributes given. """ proxyPath = self.proxy.getProxyFilename() attribute = self.proxy.prepareAttForVomsRenewal( '/cms/Role=NULL/Capability=NULL') self.proxy.vomsExtensionRenewal(proxyPath, attribute) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath), '/cms/Role=NULL/Capability=NULL') # Restore the original configuration of the proxy self.proxy.create() @attr("integration") def testUserGroupInProxy(self): """ Test if getUserAttributes method returns correctly the user group. """ self.assertTrue(self.proxy.group, 'No group set. Testing incomplete.') self.assertEqual(self.proxy.group, self.getUserAttributes().split('\n')[0].split('/')[2]) @attr("integration") def testUserRoleInProxy(self): """ Test if getUserAttributes method returns correctly the user role. """ self.assertEqual( self.proxy.role, self.getUserAttributes().split('\n')[0].split('/')[3].split('=') [1]) @attr("integration") def testGetAttributes(self): """ Test getAttributeFromProxy method. """ self.assertTrue(self.proxy.group, 'No group set. Testing incomplete.') if not self.dict['role']: role = 'NULL' else: role = self.dict['role'] proxyPath = self.proxy.getProxyFilename() self.assertEqual( self.proxy.getAttributeFromProxy(proxyPath).split('/')[2], self.dict['group']) self.assertEqual( self.proxy.getAttributeFromProxy(proxyPath).split('/')[3].split( '=')[1], role) @attr("integration") def testGetUserGroupAndRole(self): """ Test GetUserGroupAndRoleFromProxy method. """ if not self.dict['role']: role = 'NULL' else: role = self.dict['role'] proxyPath = self.proxy.getProxyFilename() if self.dict['group'] and self.dict['role']: self.assertEqual( self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[0], self.dict['group']) self.assertEqual( self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[1], role)
class MyProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='proxy_unittests.log', filemode='w') logger_name = 'ProxyTest' self.logger = logging.getLogger(logger_name) self.dict = {'logger': self.logger, 'vo': 'cms', 'group': group, 'role': role, 'myProxySvr': myProxySvr, 'proxyValidity' : '192:00', 'min_time_left' : 36000, 'uisource' : uiPath, 'serverDN' : serverDN} self.proxyPath = None self.proxy = Proxy( self.dict ) self.serverDN = self.dict['serverDN'] def tearDown(self): """ _tearDown_ """ return @attr("integration") def testAAACreateMyProxy( self ): """ Test if delegate method create correctly the MyProxy. """ self.proxy.create() self.proxy.delegate( credential = self.proxyPath ) valid = self.proxy.checkMyProxy( ) self.assertTrue(valid, 'Could not create MyProxy') @attr("integration") def testDelegateServer( self ): """ Test if delegate method create MyProxy and delegate the retrieval to the server correctly. """ self.proxy.delegate( credential = self.proxyPath, serverRenewer = True ) valid = self.proxy.checkMyProxy( checkRenewer = True ) self.assertTrue(valid) @attr("integration") def testCheckMyProxy( self ): """ Test if checkMyProxy checks correctly the MyProxy validity. """ valid = self.proxy.checkMyProxy( ) self.assertTrue(valid) @attr("integration") def testRenewMyProxy( self ): """ Test if renewMyProxy method renews correctly the MyProxy. """ self.proxy.renewMyProxy( proxy = self.proxyPath ) time.sleep( 5 ) timeLeft = self.proxy.getMyProxyTimeLeft( proxy = self.proxyPath ) self.assertEqual(int(timeLeft) / 3600, 167) @attr("integration") def testRenewMyProxyForServer( self ): """ Renew MyProxy which the retrieval is delegated to a server. """ time.sleep( 70 ) self.proxy.renewMyProxy( proxy = self.proxyPath, serverRenewer = True ) time.sleep( 5 ) timeLeft = self.proxy.getMyProxyTimeLeft( proxy = self.proxyPath, serverRenewer = True ) self.assertEqual(int(timeLeft) / 3600, 167) @attr("integration") def testMyProxyEnvironment(self): """ Test the myProxyEnvironment context manager In this test a new Proxy and MyProxy are initialized """ myProxy = Proxy(self.dict) # Create the proxy myProxy.create() proxyPath = myProxy.getProxyFilename() userDN = myProxy.getSubject() self.assertTrue(os.path.exists(proxyPath)) # Delegate and check the proxy myProxy.delegate(credential=proxyPath, serverRenewer=True) valid = myProxy.checkMyProxy() self.assertTrue(valid) # Make sure X509_USER_PROXY exists only in the context manager and corresponds to a file if 'X509_USER_PROXY' in os.environ: del os.environ['X509_USER_PROXY'] self.assertFalse('X509_USER_PROXY' in os.environ) with myProxyEnvironment(userDN=userDN, serverCert=serverCert, serverKey=serverKey, myproxySrv='myproxy.cern.ch', proxyDir='/tmp/', logger=self.logger): self.assertTrue('X509_USER_PROXY' in os.environ) self.assertTrue(os.path.exists(os.environ['X509_USER_PROXY'])) self.assertFalse('X509_USER_PROXY' in os.environ) return
class MyProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig( level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='proxy_unittests.log', filemode='w') logger_name = 'ProxyTest' self.logger = logging.getLogger(logger_name) self.dict = { 'logger': self.logger, 'vo': 'cms', 'group': group, 'role': role, 'myProxySvr': myProxySvr, 'proxyValidity': '192:00', 'min_time_left': 36000, 'uisource': uiPath, 'serverDN': serverDN } self.proxyPath = None self.proxy = Proxy(self.dict) self.serverDN = self.dict['serverDN'] def tearDown(self): """ _tearDown_ """ return @attr("integration") def testAAACreateMyProxy(self): """ Test if delegate method create correctly the MyProxy. """ self.proxy.create() self.proxy.delegate(credential=self.proxyPath) valid = self.proxy.checkMyProxy() self.assertTrue(valid, 'Could not create MyProxy') @attr("integration") def testDelegateServer(self): """ Test if delegate method create MyProxy and delegate the retrieval to the server correctly. """ self.proxy.delegate(credential=self.proxyPath, serverRenewer=True) valid = self.proxy.checkMyProxy(checkRenewer=True) self.assertTrue(valid) @attr("integration") def testCheckMyProxy(self): """ Test if checkMyProxy checks correctly the MyProxy validity. """ valid = self.proxy.checkMyProxy() self.assertTrue(valid) @attr("integration") def testRenewMyProxy(self): """ Test if renewMyProxy method renews correctly the MyProxy. """ self.proxy.renewMyProxy(proxy=self.proxyPath) time.sleep(5) timeLeft = self.proxy.getMyProxyTimeLeft(proxy=self.proxyPath) self.assertEqual(int(int(timeLeft) // 3600), 167) @attr("integration") def testRenewMyProxyForServer(self): """ Renew MyProxy which the retrieval is delegated to a server. """ time.sleep(70) self.proxy.renewMyProxy(proxy=self.proxyPath, serverRenewer=True) time.sleep(5) timeLeft = self.proxy.getMyProxyTimeLeft(proxy=self.proxyPath, serverRenewer=True) self.assertEqual(int(int(timeLeft) // 3600), 167) @attr("integration") def testMyProxyEnvironment(self): """ Test the myProxyEnvironment context manager In this test a new Proxy and MyProxy are initialized """ myProxy = Proxy(self.dict) # Create the proxy myProxy.create() proxyPath = myProxy.getProxyFilename() userDN = myProxy.getSubject() self.assertTrue(os.path.exists(proxyPath)) # Delegate and check the proxy myProxy.delegate(credential=proxyPath, serverRenewer=True) valid = myProxy.checkMyProxy() self.assertTrue(valid) # Make sure X509_USER_PROXY exists only in the context manager and corresponds to a file if 'X509_USER_PROXY' in os.environ: del os.environ['X509_USER_PROXY'] self.assertFalse('X509_USER_PROXY' in os.environ) with myProxyEnvironment(userDN=userDN, serverCert=serverCert, serverKey=serverKey, myproxySrv='myproxy.cern.ch', proxyDir='/tmp/', logger=self.logger): self.assertTrue('X509_USER_PROXY' in os.environ) self.assertTrue(os.path.exists(os.environ['X509_USER_PROXY'])) self.assertFalse('X509_USER_PROXY' in os.environ) return
class ProxyTest(unittest.TestCase): def setUp(self): """ Setup for unit tests """ logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='proxy_unittests.log', filemode='w') logger_name = 'ProxyTest' self.logger = logging.getLogger(logger_name) self.dict = {'logger': self.logger, 'vo': 'cms', 'group': group, 'role': role, 'myProxySvr': myProxySvr, 'proxyValidity' : '192:00', 'min_time_left' : 36000} self.proxyPath = None self.proxy = Proxy( self.dict ) def tearDown(self): """ _tearDown_ Tear down the proxy. """ return def getUserIdentity(self): """ _getUserIdentity_ Retrieve the user's subject from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-identity"], stdout = subprocess.PIPE, stderr = subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] def getUserAttributes(self): """ _getUserAttributes_ Retrieve the user's attributes from the voms-proxy-info call. """ vomsProxyInfoCall = subprocess.Popen(["voms-proxy-info", "-fqan"], stdout = subprocess.PIPE, stderr = subprocess.PIPE) if vomsProxyInfoCall.wait() != 0: return None (stdout, stderr) = vomsProxyInfoCall.communicate() return stdout[0:-1] @attr("integration") def testGetUserCertEnddate( self ): """ Test if getTimeLeft method returns correctly the proxy time left. """ daysleft = self.proxy.getUserCertEnddate() self.assertEqual(daysleft, 58) #set this as the number of days left in .globus/usercert.pem daysleft = self.proxy.getUserCertEnddate(openSSL=False) self.assertEqual(daysleft, 58) #set this as the number of days left in .globus/usercert.pem @attr("integration") def testAAACreateProxy( self ): """ Test if create method creates correctly the proxy. This is sort of bad form to require that this test run first, but the alternative is entering a password for every single invocation """ self.proxy.create() time.sleep( 5 ) proxyPath = self.proxy.getProxyFilename() self.assertTrue(os.path.exists(proxyPath)) @attr("integration") def testCheckProxyTimeLeft( self ): """ Test if getTimeLeft method returns correctly the proxy time left. """ timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testRenewProxy( self ): """ Test if the renew method renews correctly the user proxy. """ time.sleep( 70 ) self.proxy.renew() time.sleep( 10 ) timeLeft = self.proxy.getTimeLeft() self.assertEqual(int(timeLeft) / 3600, 191) @attr("integration") def testDestroyProxy(self ): """ Test the proxy destroy method. """ self.proxy.destroy( ) self.proxyPath = self.proxy.getProxyFilename() self.assertFalse(os.path.exists(self.proxyPath)) # Create the proxy after the destroy self.proxy.create() @attr("integration") def testGetSubject(self): """ _testGetSubject_ Verify that the getSubject() method works correctly. """ subject = self.proxy.getSubject( ) self.assertEqual(subject, self.getUserIdentity(), "Error: Wrong subject.") return @attr("integration") def testGetUserName( self ): """ _testGetUserName_ Verify that the getUserName() method correctly determines the user's name. """ user = self.proxy.getUserName( ) identity = self.getUserIdentity().split("/")[ len(self.getUserIdentity().split("/")) - 1 ][3:] self.assertEqual(user, identity, "Error: User name is wrong: |%s|\n|%s|" % (user, identity)) return @attr("integration") def testCheckAttribute( self ): """ Test if the checkAttribute method checks correctly the attributes validity. """ valid = self.proxy.checkAttribute( ) self.assertTrue(valid) @attr("integration") def testCheckTimeLeft( self ): """ Test if the check method checks correctly the proxy validity. """ valid = self.proxy.check( self.proxyPath ) self.assertTrue(valid) @attr("integration") def testVomsRenewal( self ): """ Test if vomsExtensionRenewal method renews correctly the voms-proxy. """ proxyPath = self.proxy.getProxyFilename( ) time.sleep( 70 ) attribute = self.proxy.prepareAttForVomsRenewal( self.proxy.getAttributeFromProxy( proxyPath ) ) self.proxy.vomsExtensionRenewal( proxyPath, attribute ) vomsTimeLeft = self.proxy.getVomsLife( proxyPath ) self.assertEqual(int(vomsTimeLeft) / 3600, 191) @attr("integration") def testElevateAttribute( self ): """ Test if the vomsExtensionRenewal method elevate last attributes given. """ proxyPath = self.proxy.getProxyFilename( ) attribute = self.proxy.prepareAttForVomsRenewal( '/cms/Role=NULL/Capability=NULL' ) self.proxy.vomsExtensionRenewal( proxyPath, attribute ) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath), '/cms/Role=NULL/Capability=NULL') # Restore the original configuration of the proxy self.proxy.create() @attr("integration") def testUserGroupInProxy( self ): """ Test if getUserAttributes method returns correctly the user group. """ self.assertTrue(self.proxy.group, 'No group set. Testing incomplete.') self.assertEqual(self.proxy.group, self.getUserAttributes().split('\n')[0].split('/')[2]) @attr("integration") def testUserRoleInProxy( self ): """ Test if getUserAttributes method returns correctly the user role. """ self.assertEqual(self.proxy.role, self.getUserAttributes().split('\n')[0].split('/')[3].split('=')[1]) @attr("integration") def testGetAttributes( self ): """ Test getAttributeFromProxy method. Can tested this with: voms-proxy-init -voms cms:/cms/integration #or any group of yours export PROXY_GROUP=integration python test/python/WMCore_t/Credential_t/Proxy_t.py ProxyTest.testGetAttributes """ self.assertTrue(self.proxy.group, 'No group set. Testing incomplete.') if not self.dict['role']: role = 'NULL' else: role = self.dict['role'] proxyPath = self.proxy.getProxyFilename( ) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath).split('/')[2], self.dict['group']) self.assertEqual(self.proxy.getAttributeFromProxy(proxyPath).split('/')[3].split('=')[1], role) #test with the allAttributes flag self.assertTrue(self.proxy.getAttributeFromProxy(proxyPath, allAttributes=True)>1) @attr("integration") def testGetUserGroupAndRole( self ): """ Test GetUserGroupAndRoleFromProxy method. """ if not self.dict['role']: role = 'NULL' else: role = self.dict['role'] proxyPath = self.proxy.getProxyFilename( ) if self.dict['group'] and self.dict['role']: self.assertEqual(self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[0], self.dict['group']) self.assertEqual(self.proxy.getUserGroupAndRoleFromProxy(proxyPath)[1], role) @attr("integration") def testGetAllUserGroups( self ): """ Test GetAllUserGroups method. """ proxyPath = self.proxy.getProxyFilename( ) groups = self.proxy.getAllUserGroups(proxyPath) print(list(groups))