Exemple #1
0
    def setUp(self):
        self.test_user = User.objects.get_or_create(username='******', password='******')[0]
        self.setup_request()

        # Superuser.
        self.superuser = User.objects.get(username='******')

        # Cyder admin.
        self.cyder_admin = User.objects.get_or_create(username='******', password='******')[0]
        self.ctnr_global = Ctnr.objects.get(id=1)
        self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2)
        self.ctnr_user_cyder_admin_global.save()

        # Admin.
        self.ctnr_admin = Ctnr(id=None, name="admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2)
        self.ctnr_user_admin.save()
        self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2)
        self.ctnr_user_cyder_admin.save()

        # User.
        self.ctnr_user = Ctnr(id=None, name="user")
        self.ctnr_user.save()
        self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1)
        self.ctnr_user_user.save()

        # Guest.
        self.ctnr_guest = Ctnr(id=None, name="guest")
        self.ctnr_guest.save()
        self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0)
        self.ctnr_user_guest.save()

        # Pleb.
        self.pleb_user = User.objects.get_or_create(username='******', password='******')[0]
Exemple #2
0
    def test_domain_ctnr(self):
        """Test that an MX's domain must be in the MX's container"""

        ctnr1 = Ctnr(name='test_ctnr1')
        ctnr1.save()
        ctnr1.domains.add(self.o_e)

        MX.objects.create(
            label='foo',
            domain=self.o_e,
            server='bar.oregonstate.edu',
            priority=1,
            ttl=1000,
            ctnr=ctnr1,
        )

        ctnr2 = Ctnr(name='test_ctnr2')
        ctnr2.save()

        self.assertRaises(
            ValidationError,
            MX.objects.create,
            label='bleh',
            domain=self.o_e,
            server='xyz.oregonstate.edu',
            priority=1,
            ttl=1000,
            ctnr=ctnr2,
        )
Exemple #3
0
class CtnrViewTests(TestCase):
    def setUp(self):
        self.url_slug = 'ctnr'
        self.ctnr = Ctnr(name=random_label())
        self.ctnr.save()

    def test_base_app_ctnr(self):
        resp = self.client.get(reverse('ctnr-list'))
        self.assertEqual(resp.status_code, 200)

    def test_get_create_ctnr(self):
        resp = self.client.get(reverse('ctnr-create'))
        self.assertEqual(resp.status_code, 200)

    def test_post_create_ctnr(self):
        resp = self.client.post(reverse('ctnr-create'), self.post_data())
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_update_ctnr(self):
        resp = self.client.get(reverse('ctnr-update', args=[self.ctnr.pk]))
        self.assertEqual(resp.status_code, 200)

    def test_post_update_ctnr(self):
        resp = self.client.post(reverse('ctnr-update',
                                args=[self.ctnr.pk]), self.post_data())
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_details_ctnr(self):
        resp = self.client.get(reverse('ctnr-details', args=[self.ctnr.pk]))
        self.assertEqual(resp.status_code, 200)

    def test_get_delete_ctnr(self):
        resp = self.client.get(reverse('ctnr-delete', args=[self.ctnr.pk]))
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_change_ctnr(self):
        resp = self.client.get(reverse('ctnr-change', args=[self.ctnr.pk]))
        self.assertTrue(resp.status_code in (302, 200))

    def test_post_change_ctnr(self):
        resp = self.client.get(reverse('ctnr-change', args=[self.ctnr.pk]))
        self.assertTrue(resp.status_code in (302, 200))

    def post_data(self):
        return {
            'name': random_label()
        }
Exemple #4
0
class CtnrViewTests(TestCase):
    def setUp(self):
        self.url_slug = "ctnr"
        self.ctnr = Ctnr(name=random_label())
        self.ctnr.save()

    def test_base_app_ctnr(self):
        resp = self.client.get("/%s/" % (self.url_slug))
        self.assertEqual(resp.status_code, 200)

    def test_get_create_ctnr(self):
        resp = self.client.get("/%s/create/" % (self.url_slug))
        self.assertEqual(resp.status_code, 200)

    def test_post_create_ctnr(self):
        resp = self.client.post("/%s/create/" % (self.url_slug), self.post_data())
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_update_ctnr(self):
        resp = self.client.get("/%s/%s/update/" % (self.url_slug, self.ctnr.pk))
        self.assertEqual(resp.status_code, 200)

    def test_post_update_ctnr(self):
        resp = self.client.post("/%s/%s/update/" % (self.url_slug, self.ctnr.pk), self.post_data())
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_details_ctnr(self):
        resp = self.client.get("/%s/%s/" % (self.url_slug, self.ctnr.pk))
        self.assertEqual(resp.status_code, 200)

    def test_get_delete_ctnr(self):
        resp = self.client.get("/%s/%s/delete/" % (self.url_slug, self.ctnr.pk))
        self.assertTrue(resp.status_code in (302, 200))

    def test_get_change_ctnr(self):
        resp = self.client.get("/%s/%s/change/" % (self.url_slug, self.ctnr.pk))
        self.assertTrue(resp.status_code in (302, 200))

    def test_post_change_ctnr(self):
        resp = self.client.get("/%s/change/" % (self.url_slug), {"id": self.ctnr.pk})
        self.assertTrue(resp.status_code in (302, 200))

    def post_data(self):
        return {"name": random_label()}
Exemple #5
0
    def test_domain_ctnr(self):
        """Test that an MX's domain must be in the MX's container"""

        ctnr1 = Ctnr(name='test_ctnr1')
        ctnr1.save()
        ctnr1.domains.add(self.o_e)

        MX.objects.create(
            label='foo',
            domain=self.o_e,
            server='bar.oregonstate.edu',
            priority=1,
            ttl=1000,
            ctnr=ctnr1,
        )

        ctnr2 = Ctnr(name='test_ctnr2')
        ctnr2.save()

        self.assertRaises(
            ValidationError, MX.objects.create,
            label='bleh',
            domain=self.o_e,
            server='xyz.oregonstate.edu',
            priority=1,
            ttl=1000,
            ctnr=ctnr2,
        )
Exemple #6
0
    def setUp(self):
        # test user is for tests only
        self.test_user = User.objects.get_or_create(username='******', password='******')[0]

        # development user exists as fixture, has admin to all ctnrs
        self.dev_user = User.objects.get(username='******')

        # create container where user has no admin
        self.ctnr = Ctnr(id=None, name="no_admin")
        self.ctnr.save()
        self.ctnr_user = CtnrUser(id=None, ctnr=self.ctnr, user=self.test_user, level=0)
        self.ctnr_user.save()

        # create container where user has admin
        self.ctnr_admin = Ctnr(id=None, name="has_admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=1)
        self.ctnr_user_admin.save()

        # create container that is meant to stay empty
        self.ctnr_empty = Ctnr(id=None, name="empty")
        self.ctnr_empty.save()
        self.ctnr_user_empty = CtnrUser(id=None, ctnr=self.ctnr_empty, user=self.test_user, level=1)
        self.ctnr_user_empty.save()
Exemple #7
0
    def setUp(self):
        self.test_user = User.objects.get_or_create(username='******',
                                                    password='******')[0]
        self.setup_request()

        # Superuser.
        self.superuser = User.objects.get(username='******')

        # Cyder admin.
        self.cyder_admin = User.objects.get_or_create(
            username='******', password='******')[0]
        self.ctnr_global = Ctnr.objects.get(id=1)
        self.ctnr_user_cyder_admin_global = CtnrUser(id=None,
                                                     ctnr=self.ctnr_global,
                                                     user=self.cyder_admin,
                                                     level=2)
        self.ctnr_user_cyder_admin_global.save()

        # Admin.
        self.ctnr_admin = Ctnr(id=None, name="admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None,
                                        ctnr=self.ctnr_admin,
                                        user=self.test_user,
                                        level=2)
        self.ctnr_user_admin.save()
        self.ctnr_user_cyder_admin = CtnrUser(id=None,
                                              ctnr=self.ctnr_admin,
                                              user=self.cyder_admin,
                                              level=2)
        self.ctnr_user_cyder_admin.save()

        # User.
        self.ctnr_user = Ctnr(id=None, name="user")
        self.ctnr_user.save()
        self.ctnr_user_user = CtnrUser(id=None,
                                       ctnr=self.ctnr_user,
                                       user=self.test_user,
                                       level=1)
        self.ctnr_user_user.save()

        # Guest.
        self.ctnr_guest = Ctnr(id=None, name="guest")
        self.ctnr_guest.save()
        self.ctnr_user_guest = CtnrUser(id=None,
                                        ctnr=self.ctnr_guest,
                                        user=self.test_user,
                                        level=0)
        self.ctnr_user_guest.save()

        # Pleb.
        self.pleb_user = User.objects.get_or_create(username='******',
                                                    password='******')[0]
Exemple #8
0
class PermissionsTest(TestCase):
    fixtures = ['initial_data.json']

    def setUp(self):
        self.test_user = User.objects.get_or_create(username='******', password='******')[0]
        self.setup_request()

        # Superuser.
        self.superuser = User.objects.get(username='******')

        # Cyder admin.
        self.cyder_admin = User.objects.get_or_create(username='******', password='******')[0]
        self.ctnr_global = Ctnr.objects.get(id=1)
        self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2)
        self.ctnr_user_cyder_admin_global.save()

        # Admin.
        self.ctnr_admin = Ctnr(id=None, name="admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2)
        self.ctnr_user_admin.save()
        self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2)
        self.ctnr_user_cyder_admin.save()

        # User.
        self.ctnr_user = Ctnr(id=None, name="user")
        self.ctnr_user.save()
        self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1)
        self.ctnr_user_user.save()

        # Guest.
        self.ctnr_guest = Ctnr(id=None, name="guest")
        self.ctnr_guest.save()
        self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0)
        self.ctnr_user_guest.save()

        # Pleb.
        self.pleb_user = User.objects.get_or_create(username='******', password='******')[0]

    def test_soa_perms(self):
        """
        Test SOA perms
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': ['all'],
            'admin': ['view'],
            'user': ['view'],
            'guest': ['view'],
        }

        # initialize obj into ctnrs
        obj = SOA()
        obj.primary = '192.168.1.1'
        obj.contact = '192.168.1.1'
        obj.save()
        domain = Domain(id=None, name='foo')
        domain.soa = obj
        domain.save()
        self.ctnr_admin.domains.add(domain)
        self.ctnr_user.domains.add(domain)
        self.ctnr_guest.domains.add(domain)
        self.save_all_ctnrs()

        self.check_perms_each_user(obj, perm_table)

    def test_domain_perms(self):
        """
        Test domain perms
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': ['view', 'update'],
            'admin': ['view', 'update'],
            'user': ['view', 'update'],
            'guest': ['view'],
        }

        # Initialize obj into ctnrs.
        obj = Domain(id=None, name='foo')
        obj.save()
        self.ctnr_admin.domains.add(obj)
        self.ctnr_user.domains.add(obj)
        self.ctnr_guest.domains.add(obj)
        self.save_all_ctnrs()

        self.check_perms_each_user(obj, perm_table)

    def test_domain_records_perms(self):
        """
        Test common domain record perms (cname, mx, txt, srv, ns)
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': ['all'],
            'admin': ['all'],
            'user': ['all'],
            'guest': ['view'],
        }

        # Initialize objs into ctnrs.
        domain = Domain(id=None, name='foo')
        domain.save()
        self.ctnr_admin.domains.add(domain)
        self.ctnr_user.domains.add(domain)
        self.ctnr_guest.domains.add(domain)
        self.save_all_ctnrs()
        domain_records = []
        domain_records.append(AddressRecord(domain=domain))
        domain_records.append(CNAME(domain=domain))
        domain_records.append(MX(domain=domain))
        domain_records.append(SRV(domain=domain))
        domain_records.append(TXT(domain=domain))
        domain_records.append(Nameserver(domain=domain))

        for obj in domain_records:
            self.check_perms_each_user(obj, perm_table)

    def setup_request(self):
        """
        Utility function for flushing and setting up request object for testing
        """
        self.request = HttpRequest()
        self.request.user = self.test_user
        self.request.session = SessionStore()

    def save_all_ctnrs(self):
        """
        Utility function that simply saves all of the defined ctnrs
        Called after adding an object to each one
        """
        self.ctnr_admin.save()
        self.ctnr_user.save()
        self.ctnr_guest.save()

    def check_perms_each_user(self, obj, perm_table):
        """
        Utility function for checking permissions
        """
        # Superuser.
        self.request.user = self.superuser
        self.request.session['ctnr'] = self.ctnr_guest
        self.assert_perms(obj, perm_table, 'superuser')

        # Cyder admin.
        self.request.user = self.cyder_admin
        self.request.session['ctnr'] = self.ctnr_admin
        self.assert_perms(obj, perm_table, 'cyder_admin')

        # Admin.
        self.request.user = self.test_user
        self.request.session['ctnr'] = self.ctnr_admin
        self.assert_perms(obj, perm_table, 'admin')

        # User.
        self.request.session['ctnr'] = self.ctnr_user
        self.assert_perms(obj, perm_table, 'user')

        # Guest.
        self.request.session['ctnr'] = self.ctnr_guest
        self.assert_perms(obj, perm_table, 'guest')

        # Pleb.
        self.request.user = self.pleb_user
        self.assert_perms(obj, perm_table, 'pleb')

    def assert_perms(self, obj, perm_table, user_level):
        """
        Utility function that gets each type of permissions for an object and
        asserts against perm table.
        """
        create_perm = self.request.user.get_profile().has_perm(self.request, obj, 'create')
        view_perm = self.request.user.get_profile().has_perm(self.request, obj, 'view')
        update_perm = self.request.user.get_profile().has_perm(self.request, obj, 'update')
        delete_perm = self.request.user.get_profile().has_perm(self.request, obj, 'delete')

        actual_perms = {
            'all': create_perm and view_perm and update_perm and delete_perm,
            'create': create_perm,
            'view': view_perm,
            'update': update_perm,
            'delete': delete_perm,
        }

        # Superuser.
        actual_perms_list = [create_perm, view_perm, update_perm, delete_perm]
        if user_level == 'superuser':
            for perm in actual_perms_list:
                self.assertTrue(perm,
                    "Superuser should automatically have all permissions"
                )
            return

        # Pleb.
        if not user_level in perm_table:
            for actual_perm in actual_perms_list:
                self.assertTrue(not actual_perm,
                    "%s should not have any permissions to %s"
                        % (user_level, obj.__class__.__name__)
                )
            return

        # Get what permissions should be from permissions table.
        test_perm_list = perm_table[user_level]

        # Generically compare actual perms to what they should be (test_perm_list).
        for perm_type, actual_perm in actual_perms.iteritems():

            # If should have perm.
            if perm_type in test_perm_list:
                self.assertTrue(actual_perm,
                    "%s should have %s perms to %s"
                        % (user_level, perm_type, obj.__class__.__name__)
                )

            # If should not have perm.
            elif 'all' not in test_perm_list:
                self.assertTrue(not actual_perm,
                    "%s should not have %s perms to %s"
                        % (user_level, perm_type, obj.__class__.__name__)
                )
Exemple #9
0
class PermissionsTest(TestCase):
    fixtures = ['core/users.json']

    def setUp(self):
        self.test_user = User.objects.create(username='******')
        self.setup_request()

        # Superuser.
        self.superuser = User.objects.get(username='******')

        # Cyder admin.
        self.cyder_admin = User.objects.create(username='******')
        self.ctnr_global = Ctnr.objects.get(id=1)
        self.ctnr_user_cyder_admin_global = CtnrUser(id=None,
                                                     ctnr=self.ctnr_global,
                                                     user=self.cyder_admin,
                                                     level=2)
        self.ctnr_user_cyder_admin_global.save()

        # Admin.
        self.ctnr_admin = Ctnr(id=None, name="admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None,
                                        ctnr=self.ctnr_admin,
                                        user=self.test_user,
                                        level=2)
        self.ctnr_user_admin.save()
        self.ctnr_user_cyder_admin = CtnrUser(id=None,
                                              ctnr=self.ctnr_admin,
                                              user=self.cyder_admin,
                                              level=2)
        self.ctnr_user_cyder_admin.save()

        # User.
        self.ctnr_user = Ctnr(id=None, name="user")
        self.ctnr_user.save()
        self.ctnr_user_user = CtnrUser(id=None,
                                       ctnr=self.ctnr_user,
                                       user=self.test_user,
                                       level=1)
        self.ctnr_user_user.save()

        # Guest.
        self.ctnr_guest = Ctnr(id=None, name="guest")
        self.ctnr_guest.save()
        self.ctnr_user_guest = CtnrUser(id=None,
                                        ctnr=self.ctnr_guest,
                                        user=self.test_user,
                                        level=0)
        self.ctnr_user_guest.save()

        # Pleb.
        self.pleb_user = User.objects.create(username='******')

    def test_soa_perms(self):
        """
        Test SOA perms
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': ['all'],
            'admin': [cy.ACTION_VIEW],
            'user': [cy.ACTION_VIEW],
            'guest': [cy.ACTION_VIEW],
        }

        # initialize obj into ctnrs
        obj = SOA()
        obj.primary = '192.168.1.1'
        obj.contact = '192.168.1.1'
        obj.save()
        domain = Domain(id=None, name='foo')
        domain.soa = obj
        domain.save()
        self.ctnr_admin.domains.add(domain)
        self.ctnr_user.domains.add(domain)
        self.ctnr_guest.domains.add(domain)
        self.save_all_ctnrs()

        self.check_perms_each_user(obj, perm_table)

    def test_domain_perms(self):
        """
        Test domain perms
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': [cy.ACTION_VIEW, cy.ACTION_UPDATE],
            'admin': [cy.ACTION_VIEW, cy.ACTION_UPDATE],
            'user': [cy.ACTION_VIEW, cy.ACTION_UPDATE],
            'guest': [cy.ACTION_VIEW],
        }

        # Initialize obj into ctnrs.
        obj = Domain(id=None, name='foo')
        obj.save()
        self.ctnr_admin.domains.add(obj)
        self.ctnr_user.domains.add(obj)
        self.ctnr_guest.domains.add(obj)
        self.save_all_ctnrs()

        self.check_perms_each_user(obj, perm_table)

    def test_domain_records_perms(self):
        """
        Test common domain record perms (cname, mx, txt, srv, ns)
        """
        self.setup_request()

        perm_table = {
            'cyder_admin': ['all'],
            'admin': ['all'],
            'user': ['all'],
            'guest': [cy.ACTION_VIEW],
        }

        # Initialize objs into ctnrs.
        domain = Domain(id=None, name='foo')
        domain.save()
        self.ctnr_admin.domains.add(domain)
        self.ctnr_user.domains.add(domain)
        self.ctnr_guest.domains.add(domain)
        self.save_all_ctnrs()
        domain_records = []
        domain_records.append(AddressRecord(domain=domain))
        domain_records.append(CNAME(domain=domain))
        domain_records.append(MX(domain=domain))
        domain_records.append(SRV(domain=domain))
        domain_records.append(TXT(domain=domain))
        domain_records.append(Nameserver(domain=domain))

        for obj in domain_records:
            self.check_perms_each_user(obj, perm_table)

    def setup_request(self):
        """
        Utility function for flushing and setting up request object for testing
        """
        self.request = HttpRequest()
        self.request.user = self.test_user
        self.request.session = SessionStore()

    def save_all_ctnrs(self):
        """
        Utility function that simply saves all of the defined ctnrs
        Called after adding an object to each one
        """
        self.ctnr_admin.save()
        self.ctnr_user.save()
        self.ctnr_guest.save()

    def check_perms_each_user(self, obj, perm_table):
        """
        Utility function for checking permissions
        """
        # Superuser.
        self.request.user = self.superuser
        self.request.session['ctnr'] = self.ctnr_guest
        self.assert_perms(obj, perm_table, 'superuser')

        # Cyder admin.
        self.request.user = self.cyder_admin
        self.request.session['ctnr'] = self.ctnr_admin
        self.assert_perms(obj, perm_table, 'cyder_admin')

        # Admin.
        self.request.user = self.test_user
        self.request.session['ctnr'] = self.ctnr_admin
        self.assert_perms(obj, perm_table, 'admin')

        # User.
        self.request.session['ctnr'] = self.ctnr_user
        self.assert_perms(obj, perm_table, 'user')

        # Guest.
        self.request.session['ctnr'] = self.ctnr_guest
        self.assert_perms(obj, perm_table, 'guest')

        # Pleb.
        self.request.user = self.pleb_user
        self.assert_perms(obj, perm_table, 'pleb')

    def assert_perms(self, obj, perm_table, user_level):
        """
        Utility function that gets each type of permissions for an object and
        asserts against perm table.
        """
        create_perm = self.request.user.get_profile().has_perm(
            self.request, cy.ACTION_CREATE, obj=obj)
        view_perm = self.request.user.get_profile().has_perm(self.request,
                                                             cy.ACTION_VIEW,
                                                             obj=obj)
        update_perm = self.request.user.get_profile().has_perm(
            self.request, cy.ACTION_UPDATE, obj=obj)
        delete_perm = self.request.user.get_profile().has_perm(
            self.request, cy.ACTION_DELETE, obj=obj)

        actual_perms = {
            'all': create_perm and view_perm and update_perm and delete_perm,
            cy.ACTION_CREATE: create_perm,
            cy.ACTION_VIEW: view_perm,
            cy.ACTION_UPDATE: update_perm,
            cy.ACTION_DELETE: delete_perm,
        }

        # Superuser.
        actual_perms_list = [create_perm, view_perm, update_perm, delete_perm]
        if user_level == 'superuser':
            for perm in actual_perms_list:
                self.assertTrue(perm, "Superuser should have all permissions")
            return

        # Pleb.
        if not user_level in perm_table:
            for actual_perm in actual_perms_list:
                self.assertTrue(
                    not actual_perm,
                    "%s should not have any permissions to %s" %
                    (user_level, obj.__class__.__name__))
            return

        # Get what permissions should be from permissions table.
        test_perm_list = perm_table[user_level]

        # Generically compare actual perms to what they should be
        # (test_perm_list).
        for perm_type, actual_perm in actual_perms.iteritems():

            # If should have perm.
            if perm_type in test_perm_list:
                self.assertTrue(
                    actual_perm, "%s should have %s perms to %s" %
                    (user_level, perm_type, obj.__class__.__name__))

            # If should not have perm.
            elif 'all' not in test_perm_list:
                self.assertTrue(
                    not actual_perm, "%s should not have %s perms to %s" %
                    (user_level, perm_type, obj.__class__.__name__))
Exemple #10
0
 def setUp(self):
     self.url_slug = 'ctnr'
     self.ctnr = Ctnr(name=random_label())
     self.ctnr.save()
Exemple #11
0
class CtnrPermissionsTest(TestCase):
    fixtures = ['initial_data.json']

    def setUp(self):
        # test user is for tests only
        self.test_user = User.objects.get_or_create(username='******', password='******')[0]

        # development user exists as fixture, has admin to all ctnrs
        self.dev_user = User.objects.get(username='******')

        # create container where user has no admin
        self.ctnr = Ctnr(id=None, name="no_admin")
        self.ctnr.save()
        self.ctnr_user = CtnrUser(id=None, ctnr=self.ctnr, user=self.test_user, level=0)
        self.ctnr_user.save()

        # create container where user has admin
        self.ctnr_admin = Ctnr(id=None, name="has_admin")
        self.ctnr_admin.save()
        self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=1)
        self.ctnr_user_admin.save()

        # create container that is meant to stay empty
        self.ctnr_empty = Ctnr(id=None, name="empty")
        self.ctnr_empty.save()
        self.ctnr_user_empty = CtnrUser(id=None, ctnr=self.ctnr_empty, user=self.test_user, level=1)
        self.ctnr_user_empty.save()

    def test_session_has_ctnr_dev(self):
        """
        Test middleware sets session ctnr on log in
        Precondition: no session container
        Postcondition: session container
        """
        request = HttpRequest()
        request.user = AnonymousUser()
        request.session = SessionStore()

        dev_middleware = DevAuthenticationMiddleware()
        dev_middleware.process_request(request)

        self.assertTrue('ctnr' in request.session)

    def test_ctnr_domain(self):
        """
        Test being in ctnr /w domain gives appropriate perms
        Precondition: domain in ctnr
        Postcondition: has full perm to domain if admin, read only if not
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create domain, add domain to ctnr
        domain = Domain(id=None, name='foo')
        domain.save()

        self.ctnr.domains.add(domain)
        self.ctnr.save()

        self.ctnr_admin.domains.add(domain)
        self.ctnr_admin.save()

        # checks where user is not admin
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=True)
        self.assertFalse(has_perm, 'user should not have write access')

        # checks where user is admin
        request.session['ctnr'] = self.ctnr_admin
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=True)
        self.assertTrue(has_perm, 'user should have write access')

        # checks where obj not in ctnr
        request.session['ctnr'] = self.ctnr_empty
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=False)
        self.assertFalse(has_perm, 'user should not have read access')
        has_perm = self.test_user.get_profile().has_perm(request, domain, write=True)
        self.assertFalse(has_perm, 'user should not have write access')

    def test_ctnr_reverse_domain(self):
        """
        Test being in ctnr /w rdomain gives appropriate perms
        Precondition: rdomain in ctnr
        Postcondition: full perm if admin, read only if not
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create reverse domain, add reverse domain to ctnr
        rdomain = ReverseDomain(id=None, name='128')
        rdomain.save()

        self.ctnr.reverse_domains.add(rdomain)
        self.ctnr.save()

        self.ctnr_admin.reverse_domains.add(rdomain)
        self.ctnr_admin.save()

        # checks where user is not admin
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True)
        self.assertFalse(has_perm, 'user should not have write access')

        # checks where user is admin
        request.session = {'ctnr': self.ctnr_admin}
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True)
        self.assertTrue(has_perm, 'user should have write access')

        # checks where obj not in ctnr
        request.session = {'ctnr': self.ctnr_empty}
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False)
        self.assertFalse(has_perm, 'user should not have read access')
        has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True)
        self.assertFalse(has_perm, 'user should not have write access')

    def test_ctnr_domain_records(self):
        """
        Test being in ctnr /w common domain records gives appropriate perms
        common domain records: cname, mx, txt, srv
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create domain, add domain to ctnr
        domain = Domain(id=None, name='foo')
        domain.save()

        self.ctnr.domains.add(domain)
        self.ctnr.save()

        self.ctnr_admin.domains.add(domain)
        self.ctnr_admin.save()

        domain_records = []
        domain_records.append(AddressRecord(domain=domain))
        domain_records.append(CNAME(domain=domain))
        domain_records.append(MX(domain=domain))
        domain_records.append(Nameserver(domain=domain))
        domain_records.append(SRV(domain=domain))
        domain_records.append(TXT(domain=domain))

        for record in domain_records:
            # checks where user is not admin
            request.session = {'ctnr': self.ctnr}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

            # checks where user is admin
            request.session = {'ctnr': self.ctnr_admin}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertTrue(has_perm, 'user should have write access')

            # checks where obj not in ctnr
            request.session = {'ctnr': self.ctnr_empty}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertFalse(has_perm, 'user should not have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

    def test_ctnr_rdomain_records(self):
        """
        Test being in ctnr /w common domain records gives appropriate perms
        common domain records: cname, mx, txt, srv
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create domain, add domain to ctnr
        rdomain = ReverseDomain(id=None, name='128')
        rdomain.save()

        self.ctnr.reverse_domains.add(rdomain)
        self.ctnr.save()

        self.ctnr_admin.reverse_domains.add(rdomain)
        self.ctnr_admin.save()

        rdomain_records = []
        rdomain_records.append(PTR(reverse_domain=rdomain))
        rdomain_records.append(ReverseNameserver(reverse_domain=rdomain))

        for record in rdomain_records:
            # checks where user is not admin
            request.session = {'ctnr': self.ctnr}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

            # checks where user is admin
            request.session = {'ctnr': self.ctnr_admin}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertTrue(has_perm, 'user should have write access')

            # checks where obj not in ctnr
            request.session = {'ctnr': self.ctnr_empty}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertFalse(has_perm, 'user should not have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

    def test_ctnr_rdomain_records(self):
        """
        Test being in ctnr /w common domain records gives appropriate perms
        common domain records: cname, mx, txt, srv
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create domain, add domain to ctnr
        rdomain = ReverseDomain(id=None, name='128')
        rdomain.save()

        self.ctnr.reverse_domains.add(rdomain)
        self.ctnr.save()

        self.ctnr_admin.reverse_domains.add(rdomain)
        self.ctnr_admin.save()

        rdomain_records = []
        rdomain_records.append(PTR(reverse_domain=rdomain))
        rdomain_records.append(ReverseNameserver(reverse_domain=rdomain))

        for record in rdomain_records:
            # checks where user is not admin
            request.session = {'ctnr': self.ctnr}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

            # checks where user is admin
            request.session = {'ctnr': self.ctnr_admin}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertTrue(has_perm, 'user should have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertTrue(has_perm, 'user should have write access')

            # checks where obj not in ctnr
            request.session = {'ctnr': self.ctnr_empty}
            has_perm = self.test_user.get_profile().has_perm(request, record, write=False)
            self.assertFalse(has_perm, 'user should not have read access')
            has_perm = self.test_user.get_profile().has_perm(request, record, write=True)
            self.assertFalse(has_perm, 'user should not have write access')

    def test_ctnr_soa(self):
        """
        Test being in ctnr /w soa record gives appropriate perms
        """
        request = HttpRequest()
        request.user = self.test_user
        request.session = SessionStore()
        request.session['ctnr'] = self.ctnr

        # create domain with soa, add domain to ctnr
        soa = SOA()
        soa.primary = '192.168.1.1'
        soa.contact = '192.168.1.1'
        soa.save()

        domain = Domain(id=None, name='foo')
        domain.soa = soa
        domain.save()

        self.ctnr.domains.add(domain)
        self.ctnr.save()

        self.ctnr_admin.domains.add(domain)
        self.ctnr_admin.save()

        # checks where user is not admin
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=True)
        self.assertFalse(has_perm, 'user should not have write access')

        # checks where user is admin
        request.session = {'ctnr': self.ctnr_admin}
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=False)
        self.assertTrue(has_perm, 'user should have read access')
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=True)
        self.assertTrue(has_perm, 'user should have write access')

        # checks where obj not in ctnr
        request.session = {'ctnr': self.ctnr_empty}
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=False)
        self.assertFalse(has_perm, 'user should not have read access')
        has_perm = self.test_user.get_profile().has_perm(request, soa, write=True)
        self.assertFalse(has_perm, 'user should not have write access')