Exemple #1
0
class TestLsCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_ls(self):
        rc = pynimbusauthz.ls.main([])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.ls.main(["-t", pynimbusauthz.object_type_s3])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.ls.main([self.name[0:-1]])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))


    def test_fail_ls(self):
        rc = pynimbusauthz.ls.main(["-p", "nobucket", self.name[0:-1]])
        self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #2
0
class TestLsCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1,
                                      self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_ls(self):
        rc = pynimbusauthz.ls.main([])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.ls.main(["-t", pynimbusauthz.object_type_s3])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.ls.main([self.name[0:-1]])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_fail_ls(self):
        rc = pynimbusauthz.ls.main(["-p", "nobucket", self.name[0:-1]])
        self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #3
0
 def create_user(self, display_name, id, pw, opts):
     pycb.log(logging.INFO, "===== def create_user of cbAuthzSecurity.py")
     db_obj = DB(con_str=self.con_str)
     user = User(db_obj, friendly=display_name)
     user_alias = user.create_alias(id, "s3", display_name, alias_data=pw)
     db_obj.commit()
     db_obj.close()
Exemple #4
0
class TestTouchCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_touch(self):
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertEqual(f, None)
        rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertNotEqual(f, None)

    def test_bucket_touch(self):
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main(["-t", pynimbusauthz.object_type_s3, self.user1.get_id(), fname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertNotEqual(f, None)

    def test_under_bucket_touch(self):
        bname = str(uuid.uuid1())
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main(["-t", pynimbusauthz.object_type_s3, self.user1.get_id(), bname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.touch.main(["-p", bname, self.user1.get_id(), fname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

        b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3)
        f1 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)

        self.assertNotEqual(b1, None)
        self.assertNotEqual(f1, None)


    def test_bad_opts(self):
        bname = str(uuid.uuid1())
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main([bname, data])
        self.assertEqual(rc, 32, "CLI should return failure %d" % (rc))
        rc = pynimbusauthz.touch.main(["-p", bname, self.user1.get_id(), fname, data])
        self.assertEqual(rc, 33, "CLI should return failure %d" % (rc))
Exemple #5
0
 def get_user_object_by_access_id(self, access_id):
     """Get a new connection every time this is called to make sure it is cleaned up"""
     db = DB(self._cumulus_db)
     user_alias = User.find_alias(db, access_id)
     if not user_alias:
         raise PhantomAWSException('InvalidClientTokenId')
     l = list(user_alias)
     db.close()
     if l < 1:
         raise PhantomAWSException('InvalidClientTokenId')
     return PhantomUserObject(access_id, l[0].get_data(), l[0].get_friendly_name())
Exemple #6
0
 def get_user_object_by_access_id(self, access_id):
     """Get a new connection every time this is called to make sure it is cleaned up"""
     db = DB(self._cumulus_db)
     user_alias = User.find_alias(db, access_id)
     if not user_alias:
         raise PhantomAWSException('InvalidClientTokenId')
     l = list(user_alias)
     db.close()
     if l < 1:
         raise PhantomAWSException('InvalidClientTokenId')
     return PhantomUserObject(access_id, l[0].get_data(),
                              l[0].get_friendly_name())
Exemple #7
0
class TestCommit(unittest.TestCase):
    def setUp(self):
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic(self):
        id = uuid.uuid1()
        user1 = User(self.db, id, create=True)
        self.db.rollback()
        user1 = User(self.db, id, create=True)
Exemple #8
0
class TestUser(unittest.TestCase):

    def setUp(self):
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)
        self.user = User(self.db)

    def tearDown(self):
        self.user.destroy_brutally()
        self.db.close()

    def test_get_no_quota(self):
        q = self.user.get_quota()
        self.assertEqual(q, User.UNLIMITED)

    def test_set_quota(self):
        q = 100
        self.user.set_quota(q)
        qrc = self.user.get_quota()
        self.assertEqual(q, qrc)

    def test_get_no_usage(self):
        u = self.user.get_quota_usage()
        self.assertEqual(u, 0)

    def test_add_file_usage_one_file(self):
        size1 = 100
        name = "/file/name"
        data = "/etc/group"

        file1 = File.create_file(self.db, name, self.user, data, pynimbusauthz.object_type_s3, size=size1)
        self.db.commit()

        u = self.user.get_quota_usage()
        self.assertEqual(u, size1)

    def test_add_file_usage_many_files(self):
        size1 = 100
        name = "/file/name"
        data = "/etc/group"

        total = 0
        for i in range(0, 10):
            file1 = File.create_file(self.db, name+str(i), self.user, data, pynimbusauthz.object_type_s3, size=size1)
            total = total + size1
        self.db.commit()

        u = self.user.get_quota_usage()
        self.assertEqual(u, total)
Exemple #9
0
def main(argv=sys.argv[1:]):

    try:
        (o, args, p) = setup_options(argv)
        con_str = pycb.config.authzdb
        db = DB(con_str)

        o.emailaddr = args[0]
        create_user(o, db)
        report_results(o, db)
        db.close()
    except CLIError, clie:
        if DEBUG:
            traceback.print_exc(file=sys.stdout)
        
        print clie
        return clie.get_rc()
Exemple #10
0
def main(argv=sys.argv[1:]):

    try:
        (o, args, p) = setup_options(argv)
        con_str = pycb.config.authzdb
        db = DB(con_str)

        o.emailaddr = args[0]
        create_user(o, db)
        report_results(o, db)
        db.close()
    except CLIError, clie:
        if DEBUG:
            traceback.print_exc(file=sys.stdout)

        print clie
        return clie.get_rc()
Exemple #11
0
class TestStatCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1,
                                      self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_stat(self):
        rc = pynimbusauthz.stat.main([self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["-a", self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_bad_opts_stat(self):
        rc = pynimbusauthz.stat.main([])
        self.assertEqual(rc, 32, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["nofile"])
        self.assertNotEqual(rc, 0, "CLI should return success %s" % (str(rc)))
        rc = pynimbusauthz.stat.main(["-p", "nobucket", self.name])
        self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_basic_stat(self):
        user2 = User(self.db)
        self.db.commit()

        rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main([self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["-a", self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #12
0
class TestStatCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ["NIMBUS_AUTHZ_DB"] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_stat(self):
        rc = pynimbusauthz.stat.main([self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["-a", self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_bad_opts_stat(self):
        rc = pynimbusauthz.stat.main([])
        self.assertEqual(rc, 32, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["nofile"])
        self.assertNotEqual(rc, 0, "CLI should return success %s" % (str(rc)))
        rc = pynimbusauthz.stat.main(["-p", "nobucket", self.name])
        self.assertNotEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_basic_stat(self):
        user2 = User(self.db)
        self.db.commit()

        rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main([self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.stat.main(["-a", self.name])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #13
0
 def create_user(self, display_name, id, pw, opts):
     db_obj = DB(con_str=self.con_str)
     user = User(db_obj, friendly=display_name)
     user_alias = user.create_alias(id, "s3", display_name, alias_data=pw)
     db_obj.commit()
     db_obj.close()
Exemple #14
0
class TestRebaseCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_single_change(self): 
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        data = "/etc/group"

        key = old_base + data
        file1 = File.create_file(self.db, name, self.user1, key, pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, key)
        f2a = list(f2a)
        self.assertEqual(len(f2a), 0, "should be no values with key %s len is %d" % (old_base, len(f2a)))
        key = new_base + data
        f2a = File.find_files_from_data(self.db, key)
        f2a = list(f2a)
        self.assertNotEqual(len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a)))

        found = False
        for f2 in f2a:
            tst_key = f2.get_data_key()
            if tst_key == key:
                found = True
        self.assertTrue(found, "key not found")
       

    def test_many_change(self):
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        count = 10

        for i in range(0, count): 
            keyname = str(uuid.uuid1())
            oldkey = old_base + "/" + keyname
            File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, new_base + "%")
        f2a = list(f2a)
        self.assertEqual(len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a)))


    def test_many_change_but_not_all(self):
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        other_base = "/NOTHERE"
        count = 10

        for i in range(0, count):
            keyname = str(uuid.uuid1())
            oldkey = old_base + "/" + keyname
            File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3)
        for i in range(0, count*2):
            keyname = str(uuid.uuid1())
            oldkey = other_base + "/" + keyname
            File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, new_base + "%")
        f2a = list(f2a)
        self.assertEqual(len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a)))
Exemple #15
0
class TestFile(unittest.TestCase):
    def setUp(self):
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic_file(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()
        x = file1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")
        n2 = file1.get_name()
        self.assertEqual(name, n2, "Names not equal")
        d2 = file1.get_data_key()
        self.assertEqual(data, d2, "Data not equal")
        o2 = file1.get_owner()
        self.assertEqual(user1, o2, "Owner not equal")
        p2 = file1.get_parent()
        self.assertEqual(None, p2, "There should be no parent")
        b2 = file1.get_object_type()
        self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")

    def xtest_international_file(self):
        user1 = User(self.db)
        name = os.environ["CUMULUS_WORD"]
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()

    def test_file_children(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()

        child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1)
        self.db.commit()

        p2 = child1.get_parent()
        self.assertEqual(p2, file1, "parent not set properly")

        x = child1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")

        x = file1.get_all_children()
        found = False
        for f in x:
            if f == child1:
                found = True

        self.assertTrue(found, "We should have found that kid!")

    def test_find_no_file(self):
        f = File.get_file_from_db_id(self.db, 1000)
        self.assertEqual(f, None, "We should not have found that file")
        f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3)
        self.assertEqual(f, None, "We should not have found that file")

    def test_file_and_bucket(self):
        user1 = User(self.db)
        fname = "NAME"
        data = "data"
        b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3)
        f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1)
        f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()

        self.assertNotEqual(f1.get_id(), f2.get_id())

        f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)
        f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertEqual(f1.get_id(), f3.get_id())
        self.assertEqual(f2.get_id(), f4.get_id())
        self.assertNotEqual(f3.get_id(), f4.get_id())
        self.db.commit()

    def test_change_key(self):
        user1 = User(self.db)
        name = "/file/name"
        old_base = "/old/path/base"
        fname = "/etc/group"
        new_base = "/new/base/location/dir"
        f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3)

        self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal")

        new_key = new_base + fname
        f.set_data_key(new_key)
        self.db.commit()

        tst_new_key = f.get_data_key()
        self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))

        f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3)

        tst_new_key = f2.get_data_key()
        self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))

    def test_find_by_key(self):
        user1 = User(self.db)
        name = "/file/name"
        key = "/old/path/base"
        f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3)
        self.db.commit()

        f2a = File.find_files_from_data(self.db, key)

        found = False
        for f2 in f2a:
            tst_key = f2.get_data_key()
            if tst_key == key:
                found = True
        self.assertTrue(found, "key not found")
Exemple #16
0
class TestAddUserCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_adduser(self):
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", uu])
        self.assertEqual(rc, 0, "CLI should return success")
        user = User(self.db, uu)
        rc = pynimbusauthz.add_user.main(["-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")
        try:
            user = User(self.db, uu)
            self.fail("should have had an exception loading user")
        except:
            pass

    def test_basic_alias(self):
        user = User(self.db)
        uu = user.get_id()
        aname = "alias1"
        self.db.commit()
        rc = pynimbusauthz.add_user.main(["-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.assertNotEqual(ua, None, "alias not found")
        rc = pynimbusauthz.add_user.main(["-x", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.assertEqual(ua, None, "alias should not be found")

    def test_user_alias_remove(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        user = User(self.db, uu)
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)

        rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")

        try:
            user = User(self.db, uu)
            self.fail("should have had an exception loading user")
        except:
            pass
        try:
            ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
            self.fail("should have had an exception loading user")
        except:
            pass

    def test_set_key(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
 
        key = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        user = User(self.db, uu)
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.db.commit()
        k2 = ua.get_data()
        self.assertEqual(k2, key)

    def test_default_new_user(self):
        rc = pynimbusauthz.add_user.main(["-n"])
        self.assertEqual(rc, 0, "CLI should return success %d"%(rc))

    def test_bad_args(self):
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main([])
        self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc))
        rc = pynimbusauthz.add_user.main(["-k", uu, uu])
        self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc))
        rc = pynimbusauthz.add_user.main(["-g", uu])
        self.assertNotEqual(rc, 0, "CLI should not return success %d"%(rc))

    def test_remove_force(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        #  add a few alias
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        rc = pynimbusauthz.add_user.main(["-f", "-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")
Exemple #17
0
 def create_user(self, display_name, id, pw, opts):
     db_obj = DB(con_str=self.con_str)
     user = User(db_obj, friendly=display_name)
     user_alias = user.create_alias(id, "s3", display_name, alias_data=pw)
     db_obj.commit()
     db_obj.close()
Exemple #18
0
class TestTouchCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_touch(self):
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertEqual(f, None)
        rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertNotEqual(f, None)

    def test_bucket_touch(self):
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main([
            "-t", pynimbusauthz.object_type_s3,
            self.user1.get_id(), fname, data
        ])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

        f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertNotEqual(f, None)

    def test_under_bucket_touch(self):
        bname = str(uuid.uuid1())
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main([
            "-t", pynimbusauthz.object_type_s3,
            self.user1.get_id(), bname, data
        ])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.touch.main(
            ["-p", bname, self.user1.get_id(), fname, data])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

        b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3)
        f1 = File.get_file(self.db,
                           fname,
                           pynimbusauthz.object_type_s3,
                           parent=b1)

        self.assertNotEqual(b1, None)
        self.assertNotEqual(f1, None)

    def test_bad_opts(self):
        bname = str(uuid.uuid1())
        fname = str(uuid.uuid1())
        data = str(uuid.uuid1())
        rc = pynimbusauthz.touch.main([bname, data])
        self.assertEqual(rc, 32, "CLI should return failure %d" % (rc))
        rc = pynimbusauthz.touch.main(
            ["-p", bname, self.user1.get_id(), fname, data])
        self.assertEqual(rc, 33, "CLI should return failure %d" % (rc))
Exemple #19
0
class TestUser(unittest.TestCase):
    def setUp(self):
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1,
                                      self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)

    def tearDown(self):
        self.db.close()

    def test_basic_userfile(self):
        perms = self.uf.get_perms()
        self.assertEqual(len(perms), 4, "Default perms should be none")
        self.assertTrue("r" in perms, "read not set")
        self.assertTrue("w" in perms, "write not set")
        self.assertTrue("R" in perms, "read acl not set")
        self.assertTrue("W" in perms, "write acl not set")

        f2 = self.uf.get_file()
        self.assertEqual(f2, self.file1, "should return the same file")

        o2 = self.uf.get_owner()
        self.assertEqual(o2, self.user1, "should return the same user")

        self.assertTrue(self.uf.can_access("rwRW"))

        a = self.uf.get_all_children()
        self.assertEqual(len(list(a)), 0, "should be no children")

    def test_bad_chmod(self):
        try:
            self.uf.chmod("KSA")
            self.fail("should be a bad parameter exception")
        except:
            pass

    def test_bad_chmod(self):
        self.uf.chmod("r")
        try:
            perms = self.uf.get_perms()
            self.fail("should not be able to read acl")
        except:
            pass
        self.uf.chmod("Rr")
        perms = self.uf.get_perms()
        rc = self.uf.can_access("w")
        self.assertFalse(rc, "should not be able to write %d" % (rc))
        rc = self.uf.can_access("r")
        self.assertTrue(rc, "should be able to read")
        self.uf.chmod("RW")

    def test_grant(self):
        user2 = User(self.db)
        self.uf.chmod("R", user=user2)

        uf2 = UserFile(self.file1, user2)

        p = uf2.get_perms()
        self.assertEqual(p, "R", "perms should only be read here")

    def test_children(self):
        child1 = File.create_file(self.db,
                                  "kid",
                                  self.user1,
                                  self.data,
                                  pynimbusauthz.object_type_s3,
                                  parent=self.file1)
        self.db.commit()

        x = child1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")

        x = self.uf.get_all_children()
        found = False
        for f in x:
            if f.get_file() == child1:
                found = True
        self.assertTrue(found, "We should have found that kid!")
Exemple #20
0
class TestChmodCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1,
                                      self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def validate_perms(self, new):
        f = File.get_file_from_db_id(self.db, self.file1.get_id())
        uf = UserFile(f, self.user1)
        perms = uf.get_perms(force=True)
        for p in new:
            self.assertTrue(p in perms,
                            "bad perms set %s != %s" % (new, perms))
        self.assertEqual(len(perms), len(new),
                         "perms dont match %s != %s" % (new, perms))

    def test_basic_chmod(self):
        uu = str(uuid.uuid1())
        new_perms = "WR"
        rc = pynimbusauthz.chmod.main(
            [self.user1.get_id(),
             self.file1.get_name(), new_perms])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        self.validate_perms(new_perms)

    def test_type_chmod(self):
        uu = str(uuid.uuid1())
        new_perms = "WRr"
        rc = pynimbusauthz.chmod.main([
            "-t",
            self.file1.get_object_type(),
            self.user1.get_id(),
            self.file1.get_name(), new_perms
        ])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        self.validate_perms(new_perms)

    def test_badopts(self):
        new_perms = "WR"

        rc = pynimbusauthz.chmod.main(
            ["-t", self.file1.get_object_type(),
             self.user1.get_id()])
        self.assertEqual(rc, 32, "CLI should return success %d" % (rc))

        rc = pynimbusauthz.chmod.main(
            [self.user1.get_id(), "notafile", new_perms])
        self.assertEqual(rc, 33, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.chmod.main([
            "-t",
            self.file1.get_object_type(), "-p", "nobucket",
            self.user1.get_id(),
            self.file1.get_name(), new_perms
        ])
        self.assertEqual(rc, 33, "CLI should return success %d" % (rc))

    def test_bucket(self):
        # create a file and a bucket
        b1 = File.create_file(self.db, "bucket", self.user1, self.data,
                              pynimbusauthz.object_type_s3)
        f2 = File.create_file(self.db,
                              self.name,
                              self.user1,
                              self.data,
                              pynimbusauthz.object_type_s3,
                              parent=b1)
        self.db.commit()

        new_perms = "WR"
        rc = pynimbusauthz.chmod.main([
            "-t",
            f2.get_object_type(), "-p",
            b1.get_name(),
            self.user1.get_id(),
            f2.get_name(), new_perms
        ])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #21
0
class TestAddUserCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_basic_adduser(self):
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", uu])
        self.assertEqual(rc, 0, "CLI should return success")
        user = User(self.db, uu)
        rc = pynimbusauthz.add_user.main(["-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")
        try:
            user = User(self.db, uu)
            self.fail("should have had an exception loading user")
        except:
            pass

    def test_basic_alias(self):
        user = User(self.db)
        uu = user.get_id()
        aname = "alias1"
        self.db.commit()
        rc = pynimbusauthz.add_user.main(["-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.assertNotEqual(ua, None, "alias not found")
        rc = pynimbusauthz.add_user.main(["-x", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.assertEqual(ua, None, "alias should not be found")

    def test_user_alias_remove(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        user = User(self.db, uu)
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)

        rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")

        try:
            user = User(self.db, uu)
            self.fail("should have had an exception loading user")
        except:
            pass
        try:
            ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
            self.fail("should have had an exception loading user")
        except:
            pass

    def test_set_key(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        key = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        user = User(self.db, uu)
        ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
        self.db.commit()
        k2 = ua.get_data()
        self.assertEqual(k2, key)

    def test_default_new_user(self):
        rc = pynimbusauthz.add_user.main(["-n"])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))

    def test_bad_args(self):
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main([])
        self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc))
        rc = pynimbusauthz.add_user.main(["-k", uu, uu])
        self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc))
        rc = pynimbusauthz.add_user.main(["-g", uu])
        self.assertNotEqual(rc, 0, "CLI should not return success %d" % (rc))

    def test_remove_force(self):
        aname = str(uuid.uuid1())
        uu = str(uuid.uuid1())
        rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
        self.assertEqual(rc, 0, "CLI should return success")

        #  add a few alias
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        rc = pynimbusauthz.add_user.main(["-f", "-r", uu])
        self.assertEqual(rc, 0, "CLI should return success")
Exemple #22
0
class TestUser(unittest.TestCase):

    def setUp(self):
        #os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic_user(self):
        user1 = User(self.db)
        user2 = User(self.db, user1.get_id())

        self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal")

    def test_user_to_string(self):
        user1 = User(self.db)
        uu = user1.get_id()
        self.assertEqual(str(user1), uu, "toString function not working for user")

    def test_destroy_user(self):
        user1 = User(self.db)
        uu = user1.get_id()
        user1.destroy_brutally()

        try:
            user1 = User(self.db, uu)
            self.fail("The uuid should have been deleted %s" % (uu))
        except:
            pass

    def test_null_alias(self):
        user1 = User(self.db)
        all_alias = user1.get_all_alias()
        self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user")
        all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3)
        self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user")


    def test_create_alias_simple(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "testname@")

        user2 = alias1.get_canonical_user()
        self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal")
        alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "name2@", "pooP")

        user2 = alias1.get_canonical_user()
        self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal")
        print alias1
        
    def test_alias_lookup_simple(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name1@")
        alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)

        self.assertEqual(alias1.get_name(), alias2.get_name(), "Alias names should be the same")
        self.assertEqual(alias1.get_type(), alias2.get_type(), "Alias types should be the same")
        self.assertEqual(alias1.get_data(), alias2.get_data(), "Alias data should be the same")

    def test_alias_lookup(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "1")
        aliasX = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "2")
        aliasX = user1.create_alias("/name3", pynimbusauthz.alias_type_s3, "3")
        aliasX = user1.create_alias("/name4", pynimbusauthz.alias_type_s3, "4")
        all_alias = user1.get_all_alias()
        found = False
        for a in all_alias:
            if a.get_name() == alias1.get_name() and a.get_type() == alias1.get_type():
                found = True
        self.assertTrue(found, "We should have found the alias")

        all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3)
        found = False
        for a in all_alias:
            if a.get_name() == alias1.get_name() and a.get_type() == alias1.get_type():
                found = True
        self.assertTrue(found, "We should have found the alias")

    def test_delete_alias(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@")
        alias1.remove()
        alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)
        self.assertEqual(alias2, None, "The alias should be gone")

    def test_create_same_alias(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@")

        try:
            alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@")
            self.fail("This should have caused an conflict on insert")
        except:
            pass

    def find_user_id(self, u, list):
        for l in list:
            if u == l:
                return True
        return False

    def test_find_user(self):
        user1 = User(self.db)
        self.db.commit()
        id = user1.get_id()
        fid = id[1:]
        lid = id[:-1]
        mid = id[1:-1]

        # find by exact id
        u_all = User.find_user(self.db, id)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, fid)
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, lid)
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, mid)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(user1, u_all))

    def test_find_user_alias(self):
        user1 = User(self.db)
        self.db.commit()
        alias_name = "helloname"
        alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name)
        self.db.commit()
        fid = "%%" + alias_name[1:]
        lid = alias_name[:-1] + "%%"
        mid = "%%" + alias_name[1:-1] + "%%"

        # find by exact id
        u_all = UserAlias.find_alias(self.db, alias_name)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, fid)
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, lid)
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, mid)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(alias1, u_all))


    def test_set_alias_data(self):
        user1 = User(self.db)
        self.db.commit()
        alias_name = "helloname"
        alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name)
        key = "helloworld"
        alias1.set_data(key)
        self.db.commit()

        alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3)
        self.assertEqual(alias1.get_data(), alias2.get_data(), "alias not equal")
        self.assertEqual(key, alias2.get_data(), "alias not equal")
Exemple #23
0
class TestListUserCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        (tmpFD, self.outFileName) = tempfile.mkstemp("koatests")
        os.close(tmpFD)

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def find_out_string(self, s):
        f = open(self.outFileName)
        lines = f.readlines()
        f.close()

        for l in lines:
            ndx = l.find(s)
            if ndx >= 0:
                return True
        return False

    def test_basic_list_user(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        self.db.commit()
        rc = pynimbusauthz.list_user.main(["-O", self.outFileName])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")

    def test_list_alias(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        #  add a few alias
        alias_a = []
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            alias_a.append(aname)
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        self.db.commit()
        rc = pynimbusauthz.list_user.main(["-a", "-O", self.outFileName])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")
        for a in alias_a:
            rc = self.find_out_string(a)
            self.assertTrue(rc, "Username not found")

    def test_find_by_alias(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        #  add a few alias
        alias_a = []
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            alias_a.append(aname)
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        self.db.commit()
        rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")
Exemple #24
0
class TestRebaseCli(unittest.TestCase):
    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
        #        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def test_single_change(self):
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        data = "/etc/group"

        key = old_base + data
        file1 = File.create_file(self.db, name, self.user1, key,
                                 pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, key)
        f2a = list(f2a)
        self.assertEqual(
            len(f2a), 0,
            "should be no values with key %s len is %d" % (old_base, len(f2a)))
        key = new_base + data
        f2a = File.find_files_from_data(self.db, key)
        f2a = list(f2a)
        self.assertNotEqual(
            len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a)))

        found = False
        for f2 in f2a:
            tst_key = f2.get_data_key()
            if tst_key == key:
                found = True
        self.assertTrue(found, "key not found")

    def test_many_change(self):
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        count = 10

        for i in range(0, count):
            keyname = str(uuid.uuid1())
            oldkey = old_base + "/" + keyname
            File.create_file(self.db, name + oldkey, self.user1, oldkey,
                             pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, new_base + "%")
        f2a = list(f2a)
        self.assertEqual(
            len(f2a), count,
            "length of the new items should be %d is %s" % (count, len(f2a)))

    def test_many_change_but_not_all(self):
        name = "/file/name"
        old_base = "/OLD"
        new_base = "/NEW"
        other_base = "/NOTHERE"
        count = 10

        for i in range(0, count):
            keyname = str(uuid.uuid1())
            oldkey = old_base + "/" + keyname
            File.create_file(self.db, name + oldkey, self.user1, oldkey,
                             pynimbusauthz.object_type_s3)
        for i in range(0, count * 2):
            keyname = str(uuid.uuid1())
            oldkey = other_base + "/" + keyname
            File.create_file(self.db, name + oldkey, self.user1, oldkey,
                             pynimbusauthz.object_type_s3)
        self.db.commit()

        rc = pynimbusauthz.rebase.main([old_base, new_base])
        self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))

        f2a = File.find_files_from_data(self.db, new_base + "%")
        f2a = list(f2a)
        self.assertEqual(
            len(f2a), count,
            "length of the new items should be %d is %s" % (count, len(f2a)))
Exemple #25
0
class TestUser(unittest.TestCase):
    def setUp(self):
        #os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic_user(self):
        user1 = User(self.db)
        user2 = User(self.db, user1.get_id())

        self.assertEqual(user1.get_id(), user2.get_id(),
                         "User IDs should be equal")

    def test_user_to_string(self):
        user1 = User(self.db)
        uu = user1.get_id()
        self.assertEqual(str(user1), uu,
                         "toString function not working for user")

    def test_destroy_user(self):
        user1 = User(self.db)
        uu = user1.get_id()
        user1.destroy_brutally()

        try:
            user1 = User(self.db, uu)
            self.fail("The uuid should have been deleted %s" % (uu))
        except:
            pass

    def test_null_alias(self):
        user1 = User(self.db)
        all_alias = user1.get_all_alias()
        self.assertEqual(len(list(all_alias)), 0,
                         "No alias should be in DB for new user")
        all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3)
        self.assertEqual(len(list(all_alias)), 0,
                         "No alias should be in DB for new user")

    def test_create_alias_simple(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
                                    "testname@")

        user2 = alias1.get_canonical_user()
        self.assertEqual(user1.get_id(), user2.get_id(),
                         "User IDs should be equal")
        alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3,
                                    "name2@", "pooP")

        user2 = alias1.get_canonical_user()
        self.assertEqual(user1.get_id(), user2.get_id(),
                         "User IDs should be equal")
        print alias1

    def test_alias_lookup_simple(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
                                    "name1@")
        alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)

        self.assertEqual(alias1.get_name(), alias2.get_name(),
                         "Alias names should be the same")
        self.assertEqual(alias1.get_type(), alias2.get_type(),
                         "Alias types should be the same")
        self.assertEqual(alias1.get_data(), alias2.get_data(),
                         "Alias data should be the same")

    def test_alias_lookup(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "1")
        aliasX = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "2")
        aliasX = user1.create_alias("/name3", pynimbusauthz.alias_type_s3, "3")
        aliasX = user1.create_alias("/name4", pynimbusauthz.alias_type_s3, "4")
        all_alias = user1.get_all_alias()
        found = False
        for a in all_alias:
            if a.get_name() == alias1.get_name() and a.get_type(
            ) == alias1.get_type():
                found = True
        self.assertTrue(found, "We should have found the alias")

        all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3)
        found = False
        for a in all_alias:
            if a.get_name() == alias1.get_name() and a.get_type(
            ) == alias1.get_type():
                found = True
        self.assertTrue(found, "We should have found the alias")

    def test_delete_alias(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
                                    "name@")
        alias1.remove()
        alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)
        self.assertEqual(alias2, None, "The alias should be gone")

    def test_create_same_alias(self):
        user1 = User(self.db)
        alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
                                    "name@")

        try:
            alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
                                        "name@")
            self.fail("This should have caused an conflict on insert")
        except:
            pass

    def find_user_id(self, u, list):
        for l in list:
            if u == l:
                return True
        return False

    def test_find_user(self):
        user1 = User(self.db)
        self.db.commit()
        id = user1.get_id()
        fid = id[1:]
        lid = id[:-1]
        mid = id[1:-1]

        # find by exact id
        u_all = User.find_user(self.db, id)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, fid)
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, lid)
        self.assertTrue(self.find_user_id(user1, u_all))
        # find by exact partial 1
        u_all = User.find_user(self.db, mid)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(user1, u_all))

    def test_find_user_alias(self):
        user1 = User(self.db)
        self.db.commit()
        alias_name = "helloname"
        alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3,
                                    alias_name)
        self.db.commit()
        fid = "%%" + alias_name[1:]
        lid = alias_name[:-1] + "%%"
        mid = "%%" + alias_name[1:-1] + "%%"

        # find by exact id
        u_all = UserAlias.find_alias(self.db, alias_name)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, fid)
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, lid)
        self.assertTrue(self.find_user_id(alias1, u_all))
        # find by exact partial 1
        u_all = UserAlias.find_alias(self.db, mid)
        self.assertNotEqual(u_all, None, "we should have found somethings")
        self.assertTrue(self.find_user_id(alias1, u_all))

    def test_set_alias_data(self):
        user1 = User(self.db)
        self.db.commit()
        alias_name = "helloname"
        alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3,
                                    alias_name)
        key = "helloworld"
        alias1.set_data(key)
        self.db.commit()

        alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3)
        self.assertEqual(alias1.get_data(), alias2.get_data(),
                         "alias not equal")
        self.assertEqual(key, alias2.get_data(), "alias not equal")
Exemple #26
0
class TestUser(unittest.TestCase):

    def setUp(self):
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)

    def tearDown(self):
        self.db.close()

    def test_basic_userfile(self):
        perms = self.uf.get_perms()
        self.assertEqual(len(perms), 4, "Default perms should be none")
        self.assertTrue("r" in perms, "read not set")
        self.assertTrue("w" in perms, "write not set")
        self.assertTrue("R" in perms, "read acl not set")
        self.assertTrue("W" in perms, "write acl not set")

        f2 = self.uf.get_file()
        self.assertEqual(f2, self.file1, "should return the same file")

        o2 = self.uf.get_owner()
        self.assertEqual(o2, self.user1, "should return the same user")

        self.assertTrue(self.uf.can_access("rwRW"))

        a = self.uf.get_all_children()
        self.assertEqual(len(list(a)), 0, "should be no children")

    def test_bad_chmod(self):
        try:
            self.uf.chmod("KSA")
            self.fail("should be a bad parameter exception")
        except:
            pass

    def test_bad_chmod(self):
        self.uf.chmod("r")
        try:
            perms = self.uf.get_perms()
            self.fail("should not be able to read acl")
        except:
            pass
        self.uf.chmod("Rr")
        perms = self.uf.get_perms()
        rc = self.uf.can_access("w")
        self.assertFalse(rc, "should not be able to write %d"  % (rc))
        rc = self.uf.can_access("r")
        self.assertTrue(rc, "should be able to read")
        self.uf.chmod("RW")


    def test_grant(self):
        user2 = User(self.db)
        self.uf.chmod("R", user=user2)

        uf2 = UserFile(self.file1, user2)

        p = uf2.get_perms()
        self.assertEqual(p, "R", "perms should only be read here")
       
    def test_children(self):
        child1 = File.create_file(self.db, "kid", self.user1, self.data, pynimbusauthz.object_type_s3, parent=self.file1)
        self.db.commit()

        x = child1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")

        x = self.uf.get_all_children()
        found = False
        for f in x:
            if f.get_file() == child1:
                found = True
        self.assertTrue(found, "We should have found that kid!")
Exemple #27
0
class TestUser(unittest.TestCase):

    def setUp(self):
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic_file(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()
        x = file1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")
        n2 = file1.get_name()
        self.assertEqual(name, n2, "Names not equal")
        d2 = file1.get_data_key()
        self.assertEqual(data, d2, "Data not equal")
        o2 = file1.get_owner()
        self.assertEqual(user1, o2, "Owner not equal")
        p2 = file1.get_parent()
        self.assertEqual(None, p2, "There should be no parent")
        b2 = file1.get_object_type()
        self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")

    def test_file_children(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()
                
        child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1)
        self.db.commit()

        p2 = child1.get_parent()
        self.assertEqual(p2, file1, "parent not set properly")

        x = child1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")

        x = file1.get_all_children()
        found = False
        for f in x:
            if f == child1:
                found = True

        self.assertTrue(found, "We should have found that kid!")

    def test_find_no_file(self):
        f = File.get_file_from_db_id(self.db, 1000)
        self.assertEqual(f, None, "We should not have found that file")
        f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3)
        self.assertEqual(f, None, "We should not have found that file")

    def test_file_and_bucket(self):
        user1 = User(self.db)
        fname = "NAME"
        data = "data"
        b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3)
        f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1)
        f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()

        self.assertNotEqual(f1.get_id(), f2.get_id())
        
        f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)
        f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertEqual(f1.get_id(), f3.get_id())
        self.assertEqual(f2.get_id(), f4.get_id())
        self.assertNotEqual(f3.get_id(), f4.get_id())
        self.db.commit()
Exemple #28
0
class TestChmodCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        self.user1 = User(self.db)
        self.name = "/file/name"
        self.data = "/etc/group"
        self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
        self.uf = UserFile(self.file1)
        self.db.commit()

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def validate_perms(self, new):
        f = File.get_file_from_db_id(self.db, self.file1.get_id())
        uf = UserFile(f, self.user1)
        perms = uf.get_perms(force=True)
        for p in new:
            self.assertTrue(p in perms, "bad perms set %s != %s" % (new, perms))
        self.assertEqual(len(perms), len(new), "perms dont match %s != %s" % (new, perms))

    def test_basic_chmod(self):
        uu = str(uuid.uuid1())
        new_perms = "WR"
        rc = pynimbusauthz.chmod.main([self.user1.get_id(), self.file1.get_name(), new_perms])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        self.validate_perms(new_perms)

    def test_type_chmod(self):
        uu = str(uuid.uuid1())
        new_perms = "WRr"
        rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), self.user1.get_id(), self.file1.get_name(), new_perms])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
        self.validate_perms(new_perms)

    def test_badopts(self):
        new_perms = "WR"

        rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), self.user1.get_id()])
        self.assertEqual(rc, 32, "CLI should return success %d" % (rc))

        rc = pynimbusauthz.chmod.main([self.user1.get_id(), "notafile", new_perms])
        self.assertEqual(rc, 33, "CLI should return success %d" % (rc))
        rc = pynimbusauthz.chmod.main(["-t", self.file1.get_object_type(), "-p", "nobucket", self.user1.get_id(), self.file1.get_name(), new_perms])
        self.assertEqual(rc, 33, "CLI should return success %d" % (rc))

    def test_bucket(self):
        # create a file and a bucket
        b1 = File.create_file(self.db, "bucket", self.user1, self.data, pynimbusauthz.object_type_s3)
        f2 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3, parent=b1)
        self.db.commit()

        new_perms = "WR"
        rc = pynimbusauthz.chmod.main(["-t", f2.get_object_type(), "-p", b1.get_name(), self.user1.get_id(), f2.get_name(), new_perms])
        self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
Exemple #29
0
class TestFile(unittest.TestCase):

    def setUp(self):
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        con = pynimbusauthz.db.make_test_database()
        self.db = DB(con=con)

    def tearDown(self):
        self.db.close()

    def test_basic_file(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()
        x = file1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")
        n2 = file1.get_name()
        self.assertEqual(name, n2, "Names not equal")
        d2 = file1.get_data_key()
        self.assertEqual(data, d2, "Data not equal")
        o2 = file1.get_owner()
        self.assertEqual(user1, o2, "Owner not equal")
        p2 = file1.get_parent()
        self.assertEqual(None, p2, "There should be no parent")
        b2 = file1.get_object_type()
        self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")

    def test_file_children(self):
        user1 = User(self.db)
        name = "/file/name"
        data = "/etc/group"
        file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()
                
        child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1)
        self.db.commit()

        p2 = child1.get_parent()
        self.assertEqual(p2, file1, "parent not set properly")

        x = child1.get_all_children()
        self.assertEqual(len(list(x)), 0, "The file should have no children")

        x = file1.get_all_children()
        found = False
        for f in x:
            if f == child1:
                found = True

        self.assertTrue(found, "We should have found that kid!")

    def test_find_no_file(self):
        f = File.get_file_from_db_id(self.db, 1000)
        self.assertEqual(f, None, "We should not have found that file")
        f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3)
        self.assertEqual(f, None, "We should not have found that file")

    def test_file_and_bucket(self):
        user1 = User(self.db)
        fname = "NAME"
        data = "data"
        b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3)
        f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1)
        f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3)
        self.db.commit()

        self.assertNotEqual(f1.get_id(), f2.get_id())
        
        f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)
        f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
        self.assertEqual(f1.get_id(), f3.get_id())
        self.assertEqual(f2.get_id(), f4.get_id())
        self.assertNotEqual(f3.get_id(), f4.get_id())
        self.db.commit()

    def test_change_key(self):
        user1 = User(self.db)
        name = "/file/name"
        old_base = "/old/path/base"
        fname = "/etc/group"
        new_base = "/new/base/location/dir"
        f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3)

        self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal")

        new_key = new_base + fname
        f.set_data_key(new_key)
        self.db.commit()

        tst_new_key = f.get_data_key()
        self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))

        f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3)

        tst_new_key = f2.get_data_key()
        self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))


    def test_find_by_key(self):
        user1 = User(self.db)
        name = "/file/name"
        key = "/old/path/base"
        f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3)
        self.db.commit()

        f2a = File.find_files_from_data(self.db, key)

        found = False
        for f2 in f2a:
            tst_key = f2.get_data_key()
            if tst_key == key:
                found = True
        self.assertTrue(found, "key not found")
Exemple #30
0
class TestListUserCli(unittest.TestCase):

    def setUp(self):
        (osf, self.fname) = tempfile.mkstemp()
        os.close(osf)
#        os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
        os.environ['NIMBUS_AUTHZ_DB'] = self.fname
        pynimbusauthz.db.make_test_database(self.fname)
        self.db = DB(con_str=self.fname)
        (tmpFD, self.outFileName) = tempfile.mkstemp("koatests")
        os.close(tmpFD)

    def tearDown(self):
        self.db.close()
        os.remove(self.fname)

    def find_out_string(self, s):
        f = open(self.outFileName)
        lines = f.readlines()
        f.close()

        for l in lines:
            ndx = l.find(s)
            if ndx >= 0:
                return True
        return False

    def test_basic_list_user(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        self.db.commit()
        rc = pynimbusauthz.list_user.main(["-O", self.outFileName])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")

    def test_list_alias(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        #  add a few alias
        self.db.commit()
        alias_a = []
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            alias_a.append(aname)
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        rc = pynimbusauthz.list_user.main(["-a", "-O", self.outFileName])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")
        for a in alias_a:
            rc = self.find_out_string(a)
            self.assertTrue(rc, "Username not found")

    def test_find_by_alias(self):
        uu = str(uuid.uuid1())
        user = User(self.db, uu, create=True)
        self.db.commit()
        #  add a few alias
        alias_a = []
        for i in range(0, 10):
            aname = str(uuid.uuid1())
            alias_a.append(aname)
            rc = pynimbusauthz.add_user.main(["-a", aname, uu])
            self.assertEqual(rc, 0, "CLI should return success")

        rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]])
        self.assertEqual(rc, 0, "CLI should return success")
        rc = self.find_out_string(uu)
        self.assertTrue(rc, "Username not found")