async def test_lsst_dds_partition_prefix_required(self) -> None: # Delete LSST_DDS_PARTITION_PREFIX. This should prevent # constructing a Domain with utils.modify_environ(LSST_DDS_PARTITION_PREFIX=None): async with salobj.Domain() as domain: with pytest.raises(RuntimeError): salobj.SalInfo(domain=domain, name="Test", index=1)
def run(self, result: typing.Any) -> None: """Override `run` to set a random LSST_DDS_PARTITION_PREFIX and set LSST_SITE=test for every test. https://stackoverflow.com/a/11180583 """ salobj.set_random_lsst_dds_partition_prefix() with utils.modify_environ(LSST_SITE="test"): super().run(result)
async def test_bad_site(self) -> None: config_dir = TEST_CONFIGS_ROOT / "good_with_site_file" with utils.modify_environ(LSST_SITE="no_such_site"): async with self.make_csc( initial_state=salobj.State.STANDBY, config_dir=config_dir, ): await self.assert_next_summary_state(salobj.State.STANDBY) with salobj.assertRaisesAckError(): await self.remote.cmd_start.start(timeout=STD_TIMEOUT)
def test_env_var_secrets(self) -> None: """Check that moto.mock ovewrites authorization env vars.""" env_names = ( "AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", ) env_dict = {name: f"arbitrary value for {name}" for name in env_names} with utils.modify_environ(**env_dict): with moto.mock_s3(): for name, my_value in env_dict.items(): assert os.environ[name] != my_value for name, my_value in env_dict.items(): assert os.environ[name] == my_value
async def test_default_authorize(self) -> None: """Test that LSST_DDS_ENABLE_AUTHLIST correctly sets the default_authorize attribute. """ async with salobj.Domain() as domain: for env_var_value in ("0", "1", None, "2", "", "00"): expected_default_authorize = True if env_var_value == "1" else False index = next(index_gen) with utils.modify_environ( LSST_DDS_ENABLE_AUTHLIST=env_var_value): salinfo = salobj.SalInfo(domain=domain, name="Test", index=index) assert salinfo.default_authorize == expected_default_authorize
async def test_script_environ(self) -> None: """Test that creating a script does not modify os.environ. I would like to also test that a script has master priority 0 (which is done by temporarily setting env var salobj.MASTER_PRIORITY_ENV_VAR to "0"), but that information is not available. """ for master_priority in ("21", None): with utils.modify_environ( **{salobj.MASTER_PRIORITY_ENV_VAR: master_priority}): initial_environ = os.environ.copy() async with NonConfigurableScript(index=self.index): assert os.environ == initial_environ # Test again when script is closed, just to be sure; # closing a script should not modify the environment. assert os.environ == initial_environ
async def test_authorization(self) -> None: """Test authorization. For simplicity this test calls setAuthList without a +/- prefix. The prefix is tested elsewhere. """ # TODO DM-36605 remove use of utils.modify_environ # once authlist support is enabled by default with utils.modify_environ(LSST_DDS_ENABLE_AUTHLIST="1"): async with self.make_csc(initial_state=salobj.State.ENABLED): await self.assert_next_sample( self.remote.evt_authList, authorizedUsers="", nonAuthorizedCSCs="", ) domain = self.csc.salinfo.domain # Note that self.csc and self.remote have the same user_host. csc_user_host = domain.user_host # Make a remote that pretends to be from a different CSC # and test non-authorized CSCs other_name_index = "Script:5" async with self.make_remote( identity=other_name_index) as other_csc_remote: all_csc_names = ["ATDome", "Hexapod:1", other_name_index] for csc_names in all_permutations(all_csc_names): csc_names_str = ", ".join(csc_names) with self.subTest(csc_names_str=csc_names_str): await self.remote.cmd_setAuthList.set_start( nonAuthorizedCSCs=csc_names_str, timeout=STD_TIMEOUT) await self.assert_next_sample( self.remote.evt_authList, authorizedUsers="", nonAuthorizedCSCs=", ".join(sorted(csc_names)), ) if other_name_index in csc_names: # A blocked CSC; this should fail. with salobj.assertRaisesAckError( ack=salobj.SalRetCode.CMD_NOPERM): await other_csc_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) else: # Not a blocked CSC; this should work. await other_csc_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) # My user_host should work regardless of # non-authorized CSCs. await self.remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) # Disabling authorization should always work self.csc.cmd_wait.authorize = False try: await other_csc_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) finally: self.csc.cmd_wait.authorize = True # Test authorized users that are not me. # Reported auth users should always be in alphabetical order; # test this by sending users NOT in alphabetical order. all_other_user_hosts = [ f"notme{i}{csc_user_host}" for i in (3, 2, 1) ] other_user_host = all_other_user_hosts[1] async with self.make_remote( identity=other_user_host) as other_user_remote: for auth_user_hosts in all_permutations( all_other_user_hosts): users_str = ", ".join(auth_user_hosts) with self.subTest(users_str=users_str): await self.remote.cmd_setAuthList.set_start( authorizedUsers=users_str, nonAuthorizedCSCs="", timeout=STD_TIMEOUT, ) await self.assert_next_sample( self.remote.evt_authList, authorizedUsers=", ".join( sorted(auth_user_hosts)), nonAuthorizedCSCs="", ) if other_user_host in auth_user_hosts: # An allowed user; this should work. await other_user_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) else: # Not an allowed user; this should fail. with salobj.assertRaisesAckError( ack=salobj.SalRetCode.CMD_NOPERM): await other_user_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) # Temporarily disable authorization and try again; # this should always work. self.csc.cmd_wait.authorize = False try: await other_user_remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT) finally: self.csc.cmd_wait.authorize = True # My user_host should work regardless of # authorized users. self.remote.salinfo.domain.identity = csc_user_host await self.remote.cmd_wait.set_start( duration=0, timeout=STD_TIMEOUT)
async def test_specified_s3_endpoint_url(self) -> None: endpoint_url = "http://foo.bar.edu:9000" with utils.modify_environ(S3_ENDPOINT_URL=endpoint_url): bucket = salobj.AsyncS3Bucket(self.bucket_name) assert bucket.service_resource.meta.client.meta.endpoint_url == endpoint_url
async def test_no_s3_endpoint_url(self) -> None: # Clear "S3_ENDPOINT_URL" if it exists. with utils.modify_environ(S3_ENDPOINT_URL=None): bucket = salobj.AsyncS3Bucket(self.bucket_name) assert "amazon" in bucket.service_resource.meta.client.meta.endpoint_url
async def test_blank_s3_endpoint_url(self) -> None: with utils.modify_environ(S3_ENDPOINT_URL=""): bucket = salobj.AsyncS3Bucket(self.bucket_name) assert "amazon" in bucket.service_resource.meta.client.meta.endpoint_url