def test_job_group(self):
with session.begin():
user_in_group = data_setup.create_user(password='******')
group = data_setup.create_group()
user_in_group.groups.append(group)
user_not_in_group = data_setup.create_user(password='******')
# Test submitting on behalf of user's group
config1 = create_client_config(username=user_in_group.user_name,
password='******')
out = run_client(['bkr', 'workflow-simple', '--random',
'--arch', self.distro_tree.arch.arch,
'--family', self.distro.osversion.osmajor.osmajor,
'--job-group', group.group_name,
'--task', self.task.name], config=config1)
self.assertTrue(out.startswith('Submitted:'), out)
m = re.search('J:(\d+)', out)
job_id = m.group(1)
with session.begin():
job = Job.by_id(job_id)
self.assertEqual(group, job.group)
# Test submitting on behalf of group user does not belong to
config2 = create_client_config(username=user_not_in_group.user_name,
password='******')
try:
out2 = run_client(['bkr', 'workflow-simple', '--random',
'--arch', self.distro_tree.arch.arch,
'--family', self.distro.osversion.osmajor.osmajor,
'--job-group', group.group_name,
'--task', self.task.name], config=config2)
fail('should raise')
except ClientError, e:
self.assertTrue('You are not a member of the %s group' % \
group.group_name in e.stderr_output, e)
def test_add_systems_pool_privileges(self):
pool_name = data_setup.unique_name(u'mypool%s')
with session.begin():
system_owner = data_setup.create_user(password=u'password')
pool_owner = data_setup.create_user(password=u'password')
s1 = data_setup.create_system(owner=system_owner)
pool = data_setup.create_system_pool(name=pool_name,
owning_user=pool_owner)
try:
run_client(['bkr', 'pool-add', '--pool', pool_name,
'--system', s1.fqdn],
config=create_client_config(
username=system_owner.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn('You do not have permission to'
' add systems to pool %s' % pool_name,
e.stderr_output)
try:
run_client(['bkr', 'pool-add', '--pool', pool_name,
'--system', s1.fqdn],
config=create_client_config(
username=pool_owner.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn('You do not have permission to'
' modify system %s' % s1.fqdn,
e.stderr_output)
def test_add_systems_pool_privileges(self):
pool_name = data_setup.unique_name(u'mypool%s')
with session.begin():
system_owner = data_setup.create_user(password=u'password')
pool_owner = data_setup.create_user(password=u'password')
s1 = data_setup.create_system(owner=system_owner)
pool = data_setup.create_system_pool(name=pool_name,
owning_user=pool_owner)
try:
run_client(
['bkr', 'pool-add', '--pool', pool_name, '--system', s1.fqdn],
config=create_client_config(username=system_owner.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn(
'You do not have permission to'
' add systems to pool %s' % pool_name, e.stderr_output)
try:
run_client(
['bkr', 'pool-add', '--pool', pool_name, '--system', s1.fqdn],
config=create_client_config(username=pool_owner.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn(
'You do not have permission to'
' modify system %s' % s1.fqdn, e.stderr_output)
def setUp(self):
self.user1 = data_setup.create_user(password=u'asdf')
self.user2 = data_setup.create_user(password=u'qwerty')
self.client_config1 = create_client_config(
username=self.user1.user_name, password='******')
self.client_config2 = create_client_config(
username=self.user2.user_name, password='******')
def setUp(self):
self.user1 = data_setup.create_user(password=u'asdf')
self.user2 = data_setup.create_user(password=u'qwerty')
self.client_config1 = create_client_config(username=self.user1.user_name,
password='******')
self.client_config2 = create_client_config(username=self.user2.user_name,
password='******')
def setUp(self):
self.user = data_setup.create_user(password=u'asdf')
self.user2 = data_setup.create_user(password=u'qwerty')
self.system = data_setup.create_system(
owner=self.user, lab_controller=data_setup.create_labcontroller())
self.client_config = create_client_config(username=self.user.user_name,
password='******')
self.client_config2 = create_client_config(
username=self.user2.user_name, password='******')
self.admin_config = create_client_config()
def setUp(self):
self.user = data_setup.create_user(password=u'asdf')
self.user2 = data_setup.create_user(password=u'qwerty')
self.system = data_setup.create_system(owner=self.user,
lab_controller=data_setup.create_labcontroller())
self.client_config = create_client_config(username=self.user.user_name,
password='******')
self.client_config2 = create_client_config(username=self.user2.user_name,
password='******')
self.client_config3 = create_client_config()
def setUp(self):
self.user1 = data_setup.create_user(user_name="foo",
password=u'asdf',
email_address="*****@*****.**")
self.user2 = data_setup.create_user(user_name="bar",
password=u'qwerty',
email_address="*****@*****.**")
self.client_config1 = create_client_config(username=self.user1.user_name,
password='******')
self.client_config2 = create_client_config(username=self.user2.user_name,
password='******')
def test_ldap_group(self):
if not config.get("identity.ldap.enabled", False):
raise SkipTest('Server is not configured for LDAP')
group_name = u'wyfp'
display_name = u'My LDAP Group'
out = run_client(['bkr', 'group-create', '--ldap',
'--display-name', display_name,
group_name])
group = Group.by_name(group_name)
self.assertEquals(group.membership_type, GroupMembershipType.ldap)
self.assertEquals(group.users, [User.by_user_name(u'asaha')])
with session.begin():
rand_user = data_setup.create_user(password = '******')
rand_client_config = create_client_config(username=rand_user.user_name,
password='******')
group_name = u'alp'
display_name = u'ALP'
try:
out = run_client(['bkr', 'group-create', '--ldap',
'--display-name', display_name,
group_name],
config = rand_client_config)
self.fail('Must fail or die')
except ClientError, e:
self.assert_('Only admins can create LDAP groups' in
e.stderr_output)
def test_on_error_warns_if_server_version_does_not_match(self):
fake_server = Process(
'http_server.py',
args=[
sys.executable,
pkg_resources.resource_filename('bkr.inttest',
'http_server.py'), '--base',
'/notexist', '--add-response-header', 'X-Beaker-Version:999.3'
],
listen_port=19998)
fake_server.start()
self.addCleanup(fake_server.stop)
# use AUTH_METHOD=none because we can't authenticate to the fake server
config = create_client_config(hub_url='http://localhost:19998',
auth_method=u'none')
try:
run_client(['bkr', 'system-status', 'asdf.example.com'],
config=config)
self.fail('should raise')
except ClientError as e:
self.assertEquals(
e.stderr_output,
'WARNING: client version is %s but server version is 999.3\n'
'HTTP error: 404 Client Error: Not Found\n' % __version__)
def test_ldap_group(self):
group_name = 'wyfp'
display_name = 'My LDAP Group'
out = run_client(['bkr', 'group-create', '--ldap',
'--display-name', display_name,
group_name])
group = Group.by_name(group_name)
self.assertEquals(group.ldap, True)
self.assertEquals(group.users, [User.by_user_name(u'asaha')])
with session.begin():
rand_user = data_setup.create_user(password = '******')
rand_client_config = create_client_config(username=rand_user.user_name,
password='******')
group_name = 'alp'
display_name = 'ALP'
try:
out = run_client(['bkr', 'group-create', '--ldap',
'--display-name', display_name,
group_name],
config = rand_client_config)
self.fail('Must fail or die')
except ClientError, e:
self.assert_('Only admins can create LDAP groups' in
e.stderr_output)
def setUp(self):
jobs_to_generate = 2
self.products = [
data_setup.create_product() for _ in range(jobs_to_generate)
]
self.users = [
data_setup.create_user(password='******')
for _ in range(jobs_to_generate)
]
self.groups = [
data_setup.create_group() for _ in range(jobs_to_generate)
]
_ = [
group.add_member(self.users[i])
for i, group in enumerate(self.groups)
]
self.jobs = [
data_setup.create_completed_job(product=self.products[x],
owner=self.users[x],
group=self.groups[x])
for x in range(jobs_to_generate)
]
self.client_configs = [
create_client_config(username=user.user_name, password='******')
for user in self.users
]
def test_can_do_dry_run_anonymously(self):
config = create_client_config(username=u'ignored', password=u'ignored',
auth_method=u'none')
out = run_client(['bkr', 'workflow-simple', '--distro', self.distro.name,
'--task', self.task.name, '--dry-run', '--pretty-xml'],
config=config)
self.assertIn('<job', out)
def test_ldap_group(self):
group_name = u'wyfp'
display_name = u'My LDAP Group'
out = run_client([
'bkr', 'group-create', '--ldap', '--display-name', display_name,
group_name
])
group = Group.by_name(group_name)
self.assertEquals(group.membership_type, GroupMembershipType.ldap)
self.assertEquals(group.users, [User.by_user_name(u'asaha')])
with session.begin():
rand_user = data_setup.create_user(password='******')
rand_client_config = create_client_config(username=rand_user.user_name,
password='******')
group_name = u'alp'
display_name = u'ALP'
try:
out = run_client([
'bkr', 'group-create', '--ldap', '--display-name',
display_name, group_name
],
config=rand_client_config)
self.fail('Must fail or die')
except ClientError, e:
self.assert_(
'Only admins can create LDAP groups' in e.stderr_output)
def test_error_message_if_cacert_points_to_wrong_path(self):
config = create_client_config(cacert='/does/not/exist')
with self.assertRaises(ClientError) as assertion:
run_client(['bkr', 'whoami'], config=config)
self.assertEqual(
'CA_CERT configuration points to non-existing file: /does/not/exist\n',
assertion.exception.stderr_output)
def test_error_message_if_cacert_points_to_wrong_path(self):
config = create_client_config(cacert='/does/not/exist')
with self.assertRaises(ClientError) as assertion:
run_client(['bkr', 'whoami'], config=config)
self.assertEqual(
'CA_CERT configuration points to non-existing file: /does/not/exist\n',
assertion.exception.stderr_output)
def test_hub(self):
# wrong hub in config, correct one passed on the command line
config = create_client_config(hub_url='http://notexist.invalid')
run_client([
'bkr', '--hub',
get_server_base().rstrip('/'), 'list-labcontrollers'
],
config=config)
def setUp(self):
with session.begin():
self.user = data_setup.create_user(password=u'asdf')
self.group = data_setup.create_group(owner=self.user)
self.client_config = create_client_config(username=self.user.user_name,
password=u'asdf')
rand_user = data_setup.create_user(password=u'asdf')
self.group.add_member(rand_user)
self.rand_client_config = create_client_config(username=rand_user.user_name,
password=u'asdf')
admin = data_setup.create_admin(password=u'password')
self.admin_client_config = create_client_config(username=admin.user_name,
password=u'password')
self.fake_ldap_group = data_setup.create_group(
membership_type=GroupMembershipType.ldap)
def setUp(self):
with session.begin():
self.user = data_setup.create_user(password=u'asdf')
self.group = data_setup.create_group(owner=self.user)
self.client_config = create_client_config(username=self.user.user_name,
password=u'asdf')
rand_user = data_setup.create_user(password=u'asdf')
self.group.add_member(rand_user)
self.rand_client_config = create_client_config(username=rand_user.user_name,
password=u'asdf')
admin = data_setup.create_admin(password=u'password')
self.admin_client_config = create_client_config(username=admin.user_name,
password=u'password')
self.fake_ldap_group = data_setup.create_group(
membership_type=GroupMembershipType.ldap)
def setUp(self):
if not config.get('openstack.identity_api_url'):
raise SkipTest('OpenStack Integration is not enabled')
with session.begin():
self.password = u'asdf'
self.user = data_setup.create_user(password=self.password)
self.client_config = create_client_config(
username=self.user.user_name, password=self.password)
def setUp(self):
if not config.get('openstack.identity_api_url'):
raise SkipTest('OpenStack Integration is not enabled')
with session.begin():
self.password = u'asdf'
self.user = data_setup.create_user(password=self.password)
self.client_config = create_client_config(username=self.user.user_name,
password=self.password)
def setUp(self):
jobs_to_generate = 2
self.products = [data_setup.create_product() for product in range(jobs_to_generate)]
self.users = [data_setup.create_user(password="******") for user in range(jobs_to_generate)]
self.jobs = [
data_setup.create_completed_job(product=self.products[x], owner=self.users[x])
for x in range(jobs_to_generate)
]
self.client_configs = [create_client_config(username=user.user_name, password="******") for user in self.users]
def test_remove_systems_pool_privileges(self):
pool_name = data_setup.unique_name('mypool%s')
with session.begin():
system_owner = data_setup.create_user(password='******')
pool_owner = data_setup.create_user(password='******')
random_user = data_setup.create_user(password='******')
s1 = data_setup.create_system(owner=system_owner)
s2 = data_setup.create_system(owner=system_owner)
s3 = data_setup.create_system(owner=system_owner)
pool = data_setup.create_system_pool(name=pool_name,
owning_user=pool_owner,
systems=[s1, s2, s3]
)
run_client(['bkr', 'pool-remove', '--pool', pool_name,
'--system', s1.fqdn],
config=create_client_config(
username=system_owner.user_name,
password='******'))
with session.begin():
session.refresh(pool)
self.assertNotIn(s1, pool.systems)
run_client(['bkr', 'pool-remove', '--pool', pool_name,
'--system', s2.fqdn],
config=create_client_config(
username=pool_owner.user_name,
password='******'))
with session.begin():
session.refresh(pool)
self.assertNotIn(s2, pool.systems)
try:
run_client(['bkr', 'pool-remove', '--pool', pool_name,
'--system', s3.fqdn],
config=create_client_config(
username=random_user.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn('You do not have permission to modify system %s'
'or remove systems from pool %s' % (s3.fqdn, pool_name),
e.stderr_output)
def test_can_do_dry_run_anonymously(self):
config = create_client_config(username=u'ignored',
password=u'ignored',
auth_method=u'none')
out = run_client([
'bkr', 'workflow-simple', '--distro', self.distro.name, '--task',
self.task.name, '--dry-run', '--pretty-xml'
],
config=config)
self.assertIn('<job', out)
def test_non_admin_cannot_delete(self):
with session.begin():
user3 = data_setup.create_user(password=u"qwerty")
client_config1 = create_client_config(username=user3.user_name, password="******")
try:
# it's okay to use the same user since we won't reach there anyway :-)
run_client(["bkr", "remove-account", user3.user_name], config=client_config1)
self.fail("Must fail or die")
except ClientError, e:
self.assertIn("Not member of group: admin", e.stderr_output)
def test_password_not_set_on_server_side(self):
# A user account might have a NULL password if the Beaker site is using
# Kerberos authentication, or if their account is new and the admin
# hasn't set a password yet.
with session.begin():
user = data_setup.create_user(password=None)
with self.assertRaises(ClientError) as assertion:
run_client(['bkr', 'whoami'], config=create_client_config(
username=user.user_name, password='******'))
self.assertIn('Invalid username or password', assertion.exception.stderr_output)
def test_private_system(self):
with session.begin():
owner = data_setup.create_user(password=u'owner')
system = data_setup.create_system(private=True, owner=owner)
other_user = data_setup.create_user(password=u'other')
owner_client_config = create_client_config(username=owner.user_name,
password=u'owner')
other_client_config = create_client_config(
username=other_user.user_name, password=u'other')
# owner should be able to see their own system
out = run_client(['bkr', 'policy-list', system.fqdn],
config=owner_client_config)
self.assertNotEqual('', out)
# to an unprivileged user the system should appear not to exist
try:
run_client(['bkr', 'policy-list', system.fqdn],
config=other_client_config)
self.fail('Should fail')
except ClientError as e:
self.assertIn('System not found', e.stderr_output)
def test_private_system(self):
with session.begin():
owner = data_setup.create_user(password=u'owner')
system = data_setup.create_system(private=True, owner=owner)
other_user = data_setup.create_user(password=u'other')
owner_client_config = create_client_config(
username=owner.user_name, password=u'owner')
other_client_config = create_client_config(
username=other_user.user_name, password=u'other')
# owner should be able to see their own system
out = run_client(['bkr', 'policy-list', system.fqdn],
config=owner_client_config)
self.assertNotEqual('', out)
# to an unprivileged user the system should appear not to exist
try:
run_client(['bkr', 'policy-list', system.fqdn],
config=other_client_config)
self.fail('Should fail')
except ClientError as e:
self.assertIn('System not found', e.stderr_output)
def setUp(self):
with session.begin():
self.user = data_setup.create_user(password = '******')
self.group = data_setup.create_group(owner=self.user)
self.client_config = create_client_config(username=self.user.user_name,
password='******')
rand_user = data_setup.create_user(password = '******')
rand_user.groups.append(self.group)
self.rand_client_config = create_client_config(username=rand_user.user_name,
password='******')
admin = data_setup.create_admin(password='******')
self.admin_client_config = create_client_config(username=admin.user_name,
password='******')
self.fake_ldap_group = data_setup.create_group(ldap=True)
self.mail_capture = mail_capture.MailCaptureThread()
self.mail_capture.start()
def test_remove_systems_pool_privileges(self):
pool_name = data_setup.unique_name(u'mypool%s')
with session.begin():
system_owner = data_setup.create_user(password=u'password')
pool_owner = data_setup.create_user(password=u'password')
random_user = data_setup.create_user(password=u'password')
s1 = data_setup.create_system(owner=system_owner)
s2 = data_setup.create_system(owner=system_owner)
s3 = data_setup.create_system(owner=system_owner)
pool = data_setup.create_system_pool(name=pool_name,
owning_user=pool_owner,
systems=[s1, s2, s3])
run_client(
['bkr', 'pool-remove', '--pool', pool_name, '--system', s1.fqdn],
config=create_client_config(username=system_owner.user_name,
password='******'))
with session.begin():
session.refresh(pool)
self.assertNotIn(s1, pool.systems)
run_client(
['bkr', 'pool-remove', '--pool', pool_name, '--system', s2.fqdn],
config=create_client_config(username=pool_owner.user_name,
password='******'))
with session.begin():
session.refresh(pool)
self.assertNotIn(s2, pool.systems)
try:
run_client([
'bkr', 'pool-remove', '--pool', pool_name, '--system', s3.fqdn
],
config=create_client_config(
username=random_user.user_name,
password='******'))
self.fail('Must fail')
except ClientError as e:
self.assertIn(
'You do not have permission to modify system %s'
'or remove systems from pool %s' % (s3.fqdn, pool_name),
e.stderr_output)
def test_add_invalid_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
client_config = create_client_config(username=user.user_name,
password='******')
try:
out = run_client(['bkr', 'user-modify', '--add-submission-delegate',
'1thatdoesnotexist'], config=client_config)
self.fail('Added an invalid submission delegate')
except ClientError, e:
self.assertTrue('1thatdoesnotexist is not a valid user' in \
e.stderr_output, e.stderr_output)
def test_add_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
delegate = data_setup.create_user()
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'user-modify', '--add-submission-delegate',
delegate.user_name], config=client_config)
self.assertTrue('Added submission delegate %s' % delegate.user_name in out, out)
session.expire(user)
with session.begin():
self.assertEqual(user.submission_delegates, [delegate])
def setUp(self):
with session.begin():
self.user = data_setup.create_user(password='******')
self.group = data_setup.create_group(owner=self.user)
self.client_config = create_client_config(
username=self.user.user_name, password='******')
rand_user = data_setup.create_user(password='******')
rand_user.groups.append(self.group)
self.rand_client_config = create_client_config(
username=rand_user.user_name, password='******')
admin = data_setup.create_admin(password='******')
self.admin_client_config = create_client_config(
username=admin.user_name, password='******')
self.fake_ldap_group = data_setup.create_group(ldap=True)
self.mail_capture = mail_capture.MailCaptureThread()
self.mail_capture.start()
self.addCleanup(self.mail_capture.stop)
def test_add_invalid_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
client_config = create_client_config(username=user.user_name,
password='******')
try:
out = run_client(['bkr', 'user-modify', '--add-submission-delegate',
'1thatdoesnotexist'], config=client_config)
self.fail('Added an invalid submission delegate')
except ClientError, e:
self.assertTrue('1thatdoesnotexist is not a valid user' in \
e.stderr_output, e.stderr_output)
def test_password_not_set_on_server_side(self):
# A user account might have a NULL password if the Beaker site is using
# Kerberos authentication, or if their account is new and the admin
# hasn't set a password yet.
with session.begin():
user = data_setup.create_user(password=None)
with self.assertRaises(ClientError) as assertion:
run_client(['bkr', 'whoami'],
config=create_client_config(username=user.user_name,
password='******'))
self.assertIn('Invalid username or password',
assertion.exception.stderr_output)
def test_add_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
delegate = data_setup.create_user()
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'user-modify', '--add-submission-delegate',
delegate.user_name], config=client_config)
self.assertTrue('Added submission delegate %s' % delegate.user_name in out, out)
session.expire(user)
with session.begin():
self.assertEqual(user.submission_delegates, [delegate])
def test_non_admin_cannot_delete(self):
with session.begin():
user3 = data_setup.create_user(password=u'qwerty')
client_config1 = create_client_config(username = user3.user_name,
password='******')
try:
# it's okay to use the same user since we won't reach there anyway :-)
run_client(['bkr', 'remove-account', user3.user_name],
config=client_config1)
self.fail('Must fail or die')
except ClientError, e:
self.assertIn('Not member of group: admin', e.stderr_output)
def test_anonymous_user_cannot_comment(self):
with session.begin():
client_config = create_client_config(username=None, password=None)
comment_text = u'Never gonna make you cry'
try:
run_client(['bkr', 'job-comment', self.job.recipesets[0].t_id,
'--message', comment_text], config=client_config)
self.fail('should raise')
except ClientError, e:
self.assertEquals(e.status, 1)
self.assertIn('Invalid username or password', e.stderr_output)
def test_job_group(self):
with session.begin():
user_in_group = data_setup.create_user(password='******')
group = data_setup.create_group()
user_in_group.groups.append(group)
user_not_in_group = data_setup.create_user(password='******')
# Test submitting on behalf of user's group
config1 = create_client_config(username=user_in_group.user_name,
password='******')
out = run_client([
'bkr', 'workflow-simple', '--random', '--arch',
self.distro_tree.arch.arch, '--family',
self.distro.osversion.osmajor.osmajor, '--job-group',
group.group_name, '--task', self.task.name
],
config=config1)
self.assertTrue(out.startswith('Submitted:'), out)
m = re.search('J:(\d+)', out)
job_id = m.group(1)
with session.begin():
job = Job.by_id(job_id)
self.assertEqual(group, job.group)
# Test submitting on behalf of group user does not belong to
config2 = create_client_config(username=user_not_in_group.user_name,
password='******')
try:
out2 = run_client([
'bkr', 'workflow-simple', '--random', '--arch',
self.distro_tree.arch.arch, '--family',
self.distro.osversion.osmajor.osmajor, '--job-group',
group.group_name, '--task', self.task.name
],
config=config2)
fail('should raise')
except ClientError, e:
self.assertTrue('User %s is not a member of group %s' % \
(user_not_in_group.user_name, group.group_name) in \
e.stderr_output, e)
def test_submit_job(self):
with session.begin():
user = data_setup.create_user(password='******')
group = data_setup.create_group(group_name='somegroup')
user.groups.append(group)
# Test submitting on behalf of user's group
config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'job-submit',
pkg_resources.resource_filename('bkr.inttest', 'complete-job.xml')],
config=config)
self.assert_(out.startswith('Submitted:'), out)
def test_pool_modify_insufficient_priv(self):
with session.begin():
user1 = data_setup.create_user()
user2 = data_setup.create_user(password=u'password')
pool = data_setup.create_system_pool(owning_user=user1)
try:
run_client(
['bkr', 'pool-modify', '--name', 'arandomnewname', pool.name],
config=create_client_config(username=user2.user_name,
password='******'))
self.fail('Must error out')
except ClientError as e:
self.assertIn('Cannot edit system pool', e.stderr_output)
def test_can_cancel_group_job(self):
with session.begin():
group = data_setup.create_group()
user = data_setup.create_user(password='******')
user2 = data_setup.create_user()
user.groups.append(group)
user2.groups.append(group)
self.job.group = group
self.job.owner = user2
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'job-cancel', self.job.t_id],
config=client_config)
def test_submit_job(self):
with session.begin():
user = data_setup.create_user(password=u'password')
group = data_setup.create_group(group_name=u'somegroup')
group.add_member(user)
# Test submitting on behalf of user's group
config = create_client_config(username=user.user_name,
password=u'password')
out = run_client(['bkr', 'job-submit',
pkg_resources.resource_filename('bkr.inttest', 'complete-job.xml')],
config=config)
self.assert_(out.startswith('Submitted:'), out)
def test_can_cancel_group_job(self):
with session.begin():
group = data_setup.create_group()
user = data_setup.create_user(password='******')
user2 = data_setup.create_user()
group.add_member(user)
group.add_member(user2)
self.job.group = group
self.job.owner = user2
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'job-cancel',
self.job.t_id], config=client_config)
def test_remove_invalid_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
notadelegate = data_setup.create_user()
client_config = create_client_config(username=user.user_name,
password='******')
try:
run_client(['bkr', 'user-modify', '--remove-submission-delegate',
notadelegate.user_name], config=client_config)
self.fail('Does not throw error when removing non delegate')
except ClientError, e:
self.assertTrue('%s is not a submission delegate of %s' % \
(notadelegate.user_name, user) in e.stderr_output,
e.stderr_output)
def test_remove_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
delegate1 = data_setup.create_user()
delegate2 = data_setup.create_user()
user.submission_delegates[:] = [delegate1, delegate2]
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'user-modify', '--remove-submission-delegate',
delegate1.user_name], config=client_config)
self.assertTrue('Removed submission delegate %s' % delegate1.user_name in out)
session.expire(user)
with session.begin():
self.assertEqual(user.submission_delegates, [delegate2])
def test_remove_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
delegate1 = data_setup.create_user()
delegate2 = data_setup.create_user()
user.submission_delegates[:] = [delegate1, delegate2]
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'user-modify', '--remove-submission-delegate',
delegate1.user_name], config=client_config)
self.assertTrue('Removed submission delegate %s' % delegate1.user_name in out)
session.expire(user)
with session.begin():
self.assertEqual(user.submission_delegates, [delegate2])
def test_remove_invalid_submission_delegate(self):
with session.begin():
user = data_setup.create_user(password='******')
notadelegate = data_setup.create_user()
client_config = create_client_config(username=user.user_name,
password='******')
try:
run_client(['bkr', 'user-modify', '--remove-submission-delegate',
notadelegate.user_name], config=client_config)
self.fail('Does not throw error when removing non delegate')
except ClientError, e:
self.assertTrue('%s is not a submission delegate of %s' % \
(notadelegate.user_name, user) in e.stderr_output,
e.stderr_output)
def test_delete_group_job(self):
with session.begin():
group = data_setup.create_group()
user = data_setup.create_user(password='******')
user2 = data_setup.create_user()
user.groups.append(group)
user2.groups.append(group)
self.job.group = group
self.job.owner = user2
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'job-delete', self.job.t_id],
config=client_config)
self.assert_(out.startswith('Jobs deleted:'), out)
self.assert_(self.job.t_id in out, out)
def test_whoami_proxy_user(self):
with session.begin():
group = data_setup.create_group()
proxy_perm = Permission.by_name(u'proxy_auth')
group.permissions.append(proxy_perm)
proxied_user = data_setup.create_user()
proxying_user = data_setup.create_user(password='******')
group.add_member(proxying_user)
out = run_client(
['bkr', 'whoami', '--proxy-user', proxied_user.user_name],
config=create_client_config(username=proxying_user.user_name,
password='******'))
self.assertIn('"username": "******"' % proxied_user.user_name, out)
self.assertIn('"proxied_by_username": "******"' % proxying_user.user_name,
out)
def test_delete_group_job(self):
with session.begin():
group = data_setup.create_group()
user = data_setup.create_user(password='******')
user2 = data_setup.create_user()
user.groups.append(group)
user2.groups.append(group)
self.job.group = group
self.job.owner = user2
client_config = create_client_config(username=user.user_name,
password='******')
out = run_client(['bkr', 'job-delete', self.job.t_id],
config=client_config)
self.assert_(out.startswith('Jobs deleted:'), out)
self.assert_(self.job.t_id in out, out)
def test_pool_modify_insufficient_priv(self):
with session.begin():
user1 = data_setup.create_user()
user2 = data_setup.create_user(password=u'password')
pool = data_setup.create_system_pool(owning_user=user1)
try:
run_client(['bkr', 'pool-modify',
'--name', 'arandomnewname',
pool.name],
config=create_client_config(
username=user2.user_name, password='******'))
self.fail('Must error out')
except ClientError as e:
self.assertIn('Cannot edit system pool',
e.stderr_output)
def test_whoami_proxy_user(self):
with session.begin():
group = data_setup.create_group()
proxy_perm = Permission.by_name(u'proxy_auth')
group.permissions.append(proxy_perm)
proxied_user = data_setup.create_user()
proxying_user = data_setup.create_user(password='******')
group.add_member(proxying_user)
out = run_client(['bkr', 'whoami',
'--proxy-user', proxied_user.user_name],
config=\
create_client_config(
username=proxying_user.user_name,
password='******'))
self.assertIn('"username": "******"' % proxied_user.user_name, out)
self.assertIn('"proxied_by_username": "******"' % proxying_user.user_name, out)
def test_job_owner(self):
with session.begin():
bot = data_setup.create_user(password='******')
user = data_setup.create_user()
user.add_submission_delegate(bot, service=u'testdata')
config = create_client_config(username=bot.user_name, password='******')
out = run_client(['bkr', 'workflow-simple',
'--job-owner', user.user_name,
'--arch', self.distro_tree.arch.arch,
'--family', self.distro.osversion.osmajor.osmajor,
'--task', self.task.name], config=config)
self.assertTrue(out.startswith('Submitted:'), out)
m = re.search('J:(\d+)', out)
job_id = m.group(1)
with session.begin():
job = Job.by_id(job_id)
self.assertEquals(job.owner, user)
def test_job_owner(self):
with session.begin():
bot = data_setup.create_user(password='******')
user = data_setup.create_user()
user.add_submission_delegate(bot, service=u'testdata')
config = create_client_config(username=bot.user_name, password='******')
out = run_client(['bkr', 'workflow-simple',
'--job-owner', user.user_name,
'--arch', self.distro_tree.arch.arch,
'--family', self.distro.osversion.osmajor.osmajor,
'--task', self.task.name], config=config)
self.assertTrue(out.startswith('Submitted:'), out)
m = re.search('J:(\d+)', out)
job_id = m.group(1)
with session.begin():
job = Job.by_id(job_id)
self.assertEquals(job.owner, user)
def setUp(self):
jobs_to_generate = 2
self.products = [
data_setup.create_product() for product in range(jobs_to_generate)
]
self.users = [
data_setup.create_user(password='******')
for user in range(jobs_to_generate)
]
self.jobs = [
data_setup.create_completed_job(product=self.products[x],
owner=self.users[x])
for x in range(jobs_to_generate)
]
self.client_configs = [
create_client_config(username=user.user_name, password='******')
for user in self.users
]
def test_on_error_warns_if_server_version_does_not_match(self):
fake_server = Process('http_server.py', args=[sys.executable,
pkg_resources.resource_filename('bkr.inttest', 'http_server.py'),
'--base', '/notexist',
'--add-response-header', 'X-Beaker-Version:999.3'],
listen_port=19998)
fake_server.start()
self.addCleanup(fake_server.stop)
# use AUTH_METHOD=none because we can't authenticate to the fake server
config = create_client_config(hub_url='http://localhost:19998',
auth_method=u'none')
try:
run_client(['bkr', 'system-status', 'asdf.example.com'], config=config)
self.fail('should raise')
except ClientError as e:
error_lines = e.stderr_output.splitlines()
self.assertEquals(error_lines[0],
'WARNING: client version is %s but server version is 999.3'
% __version__)
self.assertIn('HTTP error: 404 Client Error: Not Found',
error_lines[1])
def test_hub(self):
# wrong hub in config, correct one passed on the command line
config = create_client_config(hub_url='http://notexist.invalid')
run_client(['bkr', '--hub', get_server_base().rstrip('/'),
'list-labcontrollers'], config=config)
def setUp(self):
self.user = data_setup.create_user(password=u'asdf')
self.job = data_setup.create_completed_job(owner=self.user)
self.client_config = create_client_config(username=self.user.user_name,
password='******')
