def test_delete_identity_of_account(self): """ ACCOUNT (REST): send a DELETE to remove an identity of an account.""" mw = [] account = account_name_generator() identity = uuid() password = '******' add_account(account, 'USER', '*****@*****.**', 'root', **self.vo) add_identity(identity, IdentityType.USERPASS, '*****@*****.**', password) add_account_identity(identity, IdentityType.USERPASS, InternalAccount(account, **self.vo), '*****@*****.**') headers1 = {'X-Rucio-Account': account, 'X-Rucio-Username': identity, 'X-Rucio-Password': password} headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) token = str(res1.header('X-Rucio-Auth-Token')) # normal deletion headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'authtype': 'USERPASS', 'identity': identity}) res2 = TestApp(account_app.wsgifunc(*mw)).delete('/' + account + '/identities', headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 200) # unauthorized deletion other_account = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'authtype': 'USERPASS', 'identity': identity}) res2 = TestApp(account_app.wsgifunc(*mw)).delete('/' + other_account + '/identities', headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 401)
def test_add_identity_to_account(self): """ ACCOUNT (REST): send a POST to add an identity to an account.""" mw = [] account = 'root' headers1 = {'X-Rucio-Account': account, 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) identity = uuid() # normal addition headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'authtype': 'USERPASS', 'email': '*****@*****.**', 'password': '******', 'identity': identity}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + account + '/identities', headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) # duplicate identity res4 = TestApp(account_app.wsgifunc(*mw)).post('/' + account + '/identities', headers=headers2, params=data, expect_errors=True) assert_equal(res4.status, 409) # missing password identity = uuid() data = dumps({'authtype': 'USERPASS', 'email': '*****@*****.**', 'identity': identity}) res3 = TestApp(account_app.wsgifunc(*mw)).post('/' + account + '/identities', headers=headers2, params=data, expect_errors=True) assert_equal(res3.status, 400)
def test_update_account(self): """ ACCOUNT (REST): send a PUT to update an account.""" mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) acntusr = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) data = dumps({'status': 'SUSPENDED', 'email': 'test'}) headers3 = {'X-Rucio-Auth-Token': str(token)} res3 = TestApp(account_app.wsgifunc(*mw)).put('/' + acntusr, headers=headers3, params=data, expect_errors=True) assert_equal(res3.status, 200) headers4 = {'X-Rucio-Auth-Token': str(token)} res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers4, expect_errors=True) body = loads(res4.body.decode()) assert_equal(body['status'], 'SUSPENDED') assert_equal(body['email'], 'test') assert_equal(res4.status, 200)
def test_add_attribute(self): """ ACCOUNT (REST): add/get/delete attribute.""" mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) acntusr = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) key = account_name_generator() value = "true" data = dumps({'key': key, 'value': value}) res3 = TestApp(account_app.wsgifunc(*mw)).post('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True) assert_equal(res3.status, 201) res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr + '/attr/', headers=headers2, expect_errors=True) assert_equal(res4.status, 200) res5 = TestApp(account_app.wsgifunc(*mw)).delete('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True) assert_equal(res5.status, 200)
def test_del_user_success(self): """ ACCOUNT (REST): send a DELETE to disable the new user """ mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) acntusr = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) headers3 = {'X-Rucio-Auth-Token': str(token)} res3 = TestApp(account_app.wsgifunc(*mw)).delete('/' + acntusr, headers=headers3, expect_errors=True) assert_equal(res3.status, 200) headers4 = {'X-Rucio-Auth-Token': str(token)} res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers4, expect_errors=True) body = loads(res4.body.decode()) assert_true(body['status'] == AccountStatus.DELETED.description) # pylint: disable=no-member assert_equal(res3.status, 200)
def test_list_scope_no_scopes(self): """ SCOPE (REST): send a GET list all scopes for one account without scopes """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} acntusr = account_name_generator() data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) headers3 = {'X-Rucio-Auth-Token': str(token)} res4 = TestApp(account_app.wsgifunc(*mw)).get('/%s/scopes/' % (acntusr), headers=headers3, params=data, expect_errors=True) assert_equal(res4.status, 404) assert_equal(res4.header('ExceptionClass'), 'ScopeNotFound')
def test_scope_success(self): """ SCOPE (REST): send a POST to create a new account and scope """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert res1.status == 200 token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} acntusr = account_name_generator() data = dumps({'type': 'USER', 'email': 'rucio.email.com'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert res2.status == 201 headers3 = {'X-Rucio-Auth-Token': str(token)} scopeusr = scope_name_generator() res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (acntusr, scopeusr), headers=headers3, expect_errors=True) assert res3.status == 201
def test_auth_saml(self): """ MULTI VO (REST): Test saml authentication to multiple VOs """ mw = [] try: add_account_identity('ddmlab', 'SAML', 'root', '*****@*****.**', 'root', **self.vo) add_account_identity('ddmlab', 'SAML', 'root', '*****@*****.**', 'root', **self.new_vo) except Duplicate: pass # Might already exist, can skip # Can't rely on `onelogin` module being present, so get tokens from API instead token_tst = get_auth_token_saml('root', 'ddmlab', 'unknown', None, **self.vo).token token_new = get_auth_token_saml('root', 'ddmlab', 'unknown', None, **self.new_vo).token headers_tst = {'X-Rucio-Auth-Token': str(token_tst)} res_tst = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) accounts_tst = [parse_response(a)['account'] for a in res_tst.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_tst), 0) assert_in(self.account_tst, accounts_tst) assert_not_in(self.account_new, accounts_tst) headers_new = {'X-Rucio-Auth-Token': str(token_new)} res_new = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) accounts_new = [parse_response(a)['account'] for a in res_new.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_new), 0) assert_in(self.account_new, accounts_new) assert_not_in(self.account_tst, accounts_new)
def test_auth_userpass(self): """ MULTI VO (REST): Test userpass authentication to multiple VOs """ mw = [] headers_tst = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers_tst.update(self.vo_header) res_tst = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) token_tst = str(res_tst.header('X-Rucio-Auth-Token')) headers_new = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} headers_new.update(self.new_header) res_new = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) token_new = str(res_new.header('X-Rucio-Auth-Token')) headers_tst = {'X-Rucio-Auth-Token': str(token_tst)} res_tst = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) accounts_tst = [parse_response(a)['account'] for a in res_tst.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_tst), 0) assert_in(self.account_tst, accounts_tst) assert_not_in(self.account_new, accounts_tst) headers_new = {'X-Rucio-Auth-Token': str(token_new)} res_new = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) accounts_new = [parse_response(a)['account'] for a in res_new.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_new), 0) assert_in(self.account_new, accounts_new) assert_not_in(self.account_tst, accounts_new)
def test_create_user_failure(self): """ ACCOUNT (REST): send a POST with an existing user to test the error case """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res1 = TestApp(account_app.wsgifunc(*mw)).post('/jdoe', headers=headers, params=data, expect_errors=True) res1 = TestApp(account_app.wsgifunc(*mw)).post('/jdoe', headers=headers, params=data, expect_errors=True) assert_equal(res1.status, 409)
def test_list_scope(self): """ SCOPE (REST): send a GET list all scopes for one account """ mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) tmp_val = account_name_generator() headers2 = {'Rucio-Type': 'user', 'X-Rucio-Account': 'root', 'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/%s' % tmp_val, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) headers3 = {'X-Rucio-Auth-Token': str(token)} for scope in self.scopes: data = dumps({}) res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (tmp_val, scope), headers=headers3, params=data, expect_errors=True) assert_equal(res3.status, 201) res4 = TestApp(account_app.wsgifunc(*mw)).get('/%s/scopes/' % tmp_val, headers=headers3, expect_errors=True) assert_equal(res4.status, 200) svr_list = loads(res4.body) for scope in self.scopes: assert_in(scope, svr_list)
def test_get_user_success(self): """ ACCOUNT (REST): send a GET to retrieve the infos of the new user """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) acntusr = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) headers3 = {'X-Rucio-Auth-Token': str(token)} res3 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers3, expect_errors=True) body = loads(res3.body) assert_equal(body['account'], acntusr) assert_equal(res3.status, 200)
def test_create_user_non_json_body(self): """ ACCOUNT (REST): send a POST with a non json body""" mw = [] headers = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers, expect_errors=True) assert_equal(res.status, 200) token = str(res.header('X-Rucio-Auth-Token')) headers = {'X-Rucio-Auth-Token': str(token)} data = {'type': 'USER'} ret = TestApp(account_app.wsgifunc(*mw)).post('/testuser', headers=headers, params=data, expect_errors=True) assert_equal(ret.header('ExceptionClass'), 'ValueError') assert_equal( ret.normal_body, '{"ExceptionMessage": "cannot decode json parameter dictionary", "ExceptionClass": "ValueError"}' ) assert_equal(ret.status, 400)
def test_create_user_missing_parameter(self): """ ACCOUNT (REST): send a POST with a missing parameter""" mw = [] headers = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers, expect_errors=True) assert_equal(res.status, 200) token = str(res.header('X-Rucio-Auth-Token')) headers = {'X-Rucio-Auth-Token': str(token)} data = dumps({}) ret = TestApp(account_app.wsgifunc(*mw)).post('/account', headers=headers, params=data, expect_errors=True) assert_equal(ret.header('ExceptionClass'), 'KeyError') assert_equal( ret.normal_body, '{"ExceptionMessage": "\'type\' not defined", "ExceptionClass": "KeyError"}' ) assert_equal(ret.status, 400)
def test_create_user_not_json_dict(self): """ ACCOUNT (REST): send a POST with a non dictionary json body""" mw = [] headers = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } res = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers, expect_errors=True) assert_equal(res.status, 200) token = str(res.header('X-Rucio-Auth-Token')) headers = {'X-Rucio-Auth-Token': str(token)} data = dumps(('account', 'account')) res = TestApp(account_app.wsgifunc(*mw)).post('/testaccount', headers=headers, params=data, expect_errors=True) assert_equal(res.header('ExceptionClass'), 'TypeError') assert_equal( res.normal_body, '{"ExceptionMessage": "body must be a json dictionary", "ExceptionClass": "TypeError"}' ) assert_equal(res.status, 400)
def test_create_user_success(self): """ ACCOUNT (REST): send a POST to create a new user """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert res1.status == 200 token = str(res1.header('X-Rucio-Auth-Token')) acntusr = account_name_generator() headers2 = {'X-Rucio-Auth-Token': str(token)} data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert res2.status == 201
def test_auth_ssh(self): """ MULTI VO (REST): Test ssh authentication to multiple VOs """ mw = [] try: add_account_identity(PUBLIC_KEY, 'SSH', 'root', '*****@*****.**', 'root', **self.vo) add_account_identity(PUBLIC_KEY, 'SSH', 'root', '*****@*****.**', 'root', **self.new_vo) except Duplicate: pass # Might already exist, can skip headers_tst = {'X-Rucio-Account': 'root'} headers_tst.update(self.vo_header) res_tst = TestApp(auth_app.wsgifunc(*mw)).get('/ssh_challenge_token', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) challenge_tst = str(res_tst.header('X-Rucio-SSH-Challenge-Token')) headers_tst.update({'X-Rucio-SSH-Signature': ssh_sign(PRIVATE_KEY, challenge_tst)}) res_tst = TestApp(auth_app.wsgifunc(*mw)).get('/ssh', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) token_tst = str(res_tst.header('X-Rucio-Auth-Token')) headers_new = {'X-Rucio-Account': 'root'} headers_new.update(self.new_header) res_new = TestApp(auth_app.wsgifunc(*mw)).get('/ssh_challenge_token', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) challenge_tst = str(res_new.header('X-Rucio-SSH-Challenge-Token')) headers_new.update({'X-Rucio-SSH-Signature': ssh_sign(PRIVATE_KEY, challenge_tst)}) res_new = TestApp(auth_app.wsgifunc(*mw)).get('/ssh', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) token_new = str(res_new.header('X-Rucio-Auth-Token')) headers_tst = {'X-Rucio-Auth-Token': str(token_tst)} res_tst = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) accounts_tst = [parse_response(a)['account'] for a in res_tst.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_tst), 0) assert_in(self.account_tst, accounts_tst) assert_not_in(self.account_new, accounts_tst) headers_new = {'X-Rucio-Auth-Token': str(token_new)} res_new = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) accounts_new = [parse_response(a)['account'] for a in res_new.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_new), 0) assert_in(self.account_new, accounts_new) assert_not_in(self.account_tst, accounts_new)
def test_del_user_failure(self): """ ACCOUNT (REST): send a DELETE with a wrong user to test the error """ mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} res2 = TestApp(account_app.wsgifunc(*mw)).delete('/wronguser', headers=headers2, expect_errors=True) assert_equal(res2.status, 404)
def test_whoami_account(self): """ ACCOUNT (REST): Test the whoami method.""" mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} res2 = TestApp(account_app.wsgifunc(*mw)).get('/whoami', headers=headers2, expect_errors=True) assert_equal(res2.status, 303)
def test_scope_duplicate(self): """ SCOPE (REST): send a POST to create a already existing scope to test the error""" mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} acntusr = account_name_generator() data = dumps({'type': 'USER', 'email': '*****@*****.**'}) res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True) assert_equal(res2.status, 201) headers3 = {'X-Rucio-Auth-Token': str(token)} scopeusr = scope_name_generator() res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (acntusr, scopeusr), headers=headers3, expect_errors=True) assert_equal(res3.status, 201) res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (acntusr, scopeusr), headers=headers3, expect_errors=True) assert_equal(res3.status, 409)
def test_scope_failure(self): """ SCOPE (REST): send a POST to create a new scope for a not existing account to test the error""" mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': str(token)} scopeusr = scope_name_generator() account_name_generator() res2 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (scopeusr, scopeusr), headers=headers2, expect_errors=True) assert_equal(res2.status, 404)
def test_auth_x509(self): """ MULTI VO (REST): Test X509 authentication to multiple VOs """ mw = [] # TestApp doesn't support `cert` argument, so get tokens from API instead token_tst = get_auth_token_x509('root', '/CN=Rucio User', 'unknown', None, **self.vo).token token_new = get_auth_token_x509('root', '/CN=Rucio User', 'unknown', None, **self.new_vo).token headers_tst = {'X-Rucio-Auth-Token': str(token_tst)} res_tst = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) accounts_tst = [parse_response(a)['account'] for a in res_tst.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_tst), 0) assert_in(self.account_tst, accounts_tst) assert_not_in(self.account_new, accounts_tst) headers_new = {'X-Rucio-Auth-Token': str(token_new)} res_new = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) accounts_new = [parse_response(a)['account'] for a in res_new.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_new), 0) assert_in(self.account_new, accounts_new) assert_not_in(self.account_tst, accounts_new)
def test_auth_gss(self): """ MULTI VO (REST): Test gss authentication to multiple VOs """ mw = [] # Can't rely on `requests_kerberos` module being present, so get tokens from API instead token_tst = get_auth_token_gss('root', '*****@*****.**', 'unknown', None, **self.vo).token token_new = get_auth_token_gss('root', '*****@*****.**', 'unknown', None, **self.new_vo).token headers_tst = {'X-Rucio-Auth-Token': str(token_tst)} res_tst = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_tst, expect_errors=True) assert_equal(res_tst.status, 200) accounts_tst = [parse_response(a)['account'] for a in res_tst.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_tst), 0) assert_in(self.account_tst, accounts_tst) assert_not_in(self.account_new, accounts_tst) headers_new = {'X-Rucio-Auth-Token': str(token_new)} res_new = TestApp(account_app.wsgifunc(*mw)).get('/', headers=headers_new, expect_errors=True) assert_equal(res_new.status, 200) accounts_new = [parse_response(a)['account'] for a in res_new.body.decode().split('\n')[:-1]] assert_not_equal(len(accounts_new), 0) assert_in(self.account_new, accounts_new) assert_not_in(self.account_tst, accounts_new)
def test_list_scope_account_not_found(self): """ SCOPE (REST): send a GET list all scopes for a not existing account """ mw = [] headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'} res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert_equal(res1.status, 200) token = str(res1.header('X-Rucio-Auth-Token')) headers3 = {'X-Rucio-Auth-Token': str(token)} res3 = TestApp(account_app.wsgifunc(*mw)).get('/testaccount/scopes', headers=headers3, expect_errors=True) assert_equal(res3.status, 404) assert_equal(res3.header('ExceptionClass'), 'AccountNotFound')
def test_get_user_failure(self): """ ACCOUNT (REST): send a GET with a wrong user test the error """ mw = [] headers1 = { 'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******' } headers1.update(self.vo_header) res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True) assert res1.status == 200 token = str(res1.header('X-Rucio-Auth-Token')) headers2 = {'X-Rucio-Auth-Token': token} res2 = TestApp(account_app.wsgifunc(*mw)).get('/wronguser', headers=headers2, expect_errors=True) assert res2.status == 404