def getMsg(self, stub, name, typ, opts): if not name: raise s_exc.BadSyntaxError(mesg='Action requires a name') args = {typ: name} admin = opts.pop('admin', None) if admin and typ == 'user': msg = s_tufo.tufo(':'.join([stub, 'admin']), **args) return msg role = opts.pop('role', None) if role and typ == 'user': args['role'] = role msg = s_tufo.tufo(':'.join([stub, 'urole']), **args) return msg rulefo = self.formRulefo(opts) if rulefo is None: msg = s_tufo.tufo(':'.join([stub, typ]), **args) return msg mod = self.modmap.get(typ) if not mod: # pragma: no cover raise s_exc.BadSyntaxError(mesg='Unknown type encountered', type=typ) args['rule'] = rulefo msg = s_tufo.tufo(':'.join([stub, mod]), **args) return msg
def setUp(self): self.t1 = s_tufo.tufo('bar', baz='faz', derp=20) self.t2 = s_tufo.tufo( 'bar', **{ 'baz': 'faz', 'derp': 20, 'namespace:sound': 'quack' }) self.t3 = ('duck', { 'tufo:form': 'animal', 'animal:stype': 'duck', 'animal:sound': 'quack' })
def __authDelAdmin(self, mesg): mname, mdict = mesg name = mdict.get('user') uobj = self.auth.reqUser(name) uobj.setAdmin(False) ret = s_tufo.tufo(mname, user=(name, uobj._getAuthData())) return True, ret
def test_kwargs_tufo_creation(self): ''' Ensure that tufos' can be created via **kwargs. ''' tuf0 = s_tufo.tufo('bar', **{'baz': 'faz', 'derp': 20, }) r = s_tufo.equal(tuf0, self.tuf0) self.true(r)
def test_simple_tufo_creation(self): ''' Ensure that tufos can be created with explicit arguments. ''' tuf0 = s_tufo.tufo('bar', baz='faz', derp=20) r = s_tufo.equal(tuf0, self.tuf0) self.true(r)
def dump_rows(outp, fd, store, compress=False, genrows_kwargs=None): outp.printf('Starting row dump') if not genrows_kwargs: genrows_kwargs = {} i = 0 j = 0 cur_bytes = 0 bufs = [] kwargs = preset_args.get(store.getStoreType(), {}) kwargs.update(genrows_kwargs) tick = time.time() for rows in store.genStoreRows(**kwargs): j += len(rows) i += len(rows) tufo = s_tufo.tufo('core:save:add:rows', rows=rows) if compress: tufo[1]['rows'] = gzip.compress(s_common.msgenpack(rows), 9) byts = s_common.msgenpack(tufo) bufs.append(byts) cur_bytes += len(byts) if cur_bytes > s_axon.megabyte * DUMP_MEGS: fd.write(b''.join([byts for byts in bufs])) outp.printf('Stored {} rows, total {} rows'.format(j, i)) bufs = [] cur_bytes = 0 j = 0 # There still may be rows we need too write out. if bufs: fd.write(b''.join([byts for byts in bufs])) outp.printf('Stored {} rows, total {} rows'.format(j, i)) bufs = [] tock = time.time() outp.printf('Done dumping rows - took {} seconds.'.format(tock - tick)) outp.printf('Dumped {} rows'.format(i))
def __authDelRoleRule(self, mesg): mname, mdict = mesg name = mdict.get('role') rule = mdict.get('rule') robj = self.auth.reqRole(name) robj.delRule(rule) ret = s_tufo.tufo(mname, role=(name, robj._getAuthData())) return True, ret
def __authDelUserRule(self, mesg): mname, mdict = mesg name = mdict.get('user') rule = mdict.get('rule') uobj = self.auth.reqUser(name) uobj.delRule(rule) ret = s_tufo.tufo(mname, user=(name, uobj._getAuthData())) return True, ret
def __authAddUserRole(self, mesg): mname, mdict = mesg name = mdict.get('user') role = mdict.get('role') uobj = self.auth.reqUser(name) robj = self.auth.reqRole(role) uobj.addRole(role) ret = s_tufo.tufo(mname, user=(name, uobj._getAuthData())) return True, ret
def formRulefo(self, opts): rtype = opts.pop('rule', None) if not rtype: return None form = opts.get('form') prop = opts.get('prop') tag = opts.get('tag') if tag: if form or prop: raise s_exc.BadSyntaxError(mesg='Cannot form rulefo with tag and (form OR prop)') else: return s_tufo.tufo(rtype, tag=tag) if form and prop: return s_tufo.tufo(rtype, form=form, prop=prop) if form and not prop: return s_tufo.tufo(rtype, form=form) raise s_exc.BadSyntaxError(mesg='Unable to form rulefo', prop=prop, form=form, tag=tag, rule=rtype)
def dump_blobs(outp, fd, store): i = 0 outp.printf('Dumping blobstore') for key in store.getBlobKeys(): valu = store.getBlobValu(key) tufo = s_tufo.tufo('syn:core:blob:set', key=key, valu=s_msgpack.en(valu)) byts = s_msgpack.en(tufo) fd.write(byts) i += 1 outp.printf('Done dumping {} keys from blobstore.'.format(i))
def gen_backup_tufo(options): d = {'rows:compress': options.compress, 'synapse:version': synapse.version, 'synapse:rows:output': options.output, 'synapse:cortex:input': options.store, 'synapse:cortex:blob_store': options.dump_blobstore, 'synapse:cortex:revstore': options.revstorage, 'time:created': s_common.now(), 'python:version': s_common.version } tufo = s_tufo.tufo('syn:cortex:rowdump:info', **d) return tufo
def setUp(self): self.t1 = s_tufo.tufo('bar', baz='faz', derp=20) self.t2 = s_tufo.tufo('bar', derp=20, baz='faz') self.t3 = s_tufo.tufo('foo', derp=20, baz='faz') self.t4 = s_tufo.tufo('bar', derp=20, baz='faz', prop='value') self.t5 = s_tufo.tufo('bar', **{'baz': 'faz', 'derp': 20, 'namespace:sound': 'quack'}) self.t6 = s_tufo.tufo('bar', **{'baz': 'faz', 'derp': 20})
def runCmdOpts(self, opts): core = self.getCmdItem() # type: s_auth.AuthMixin act = opts.pop('act') typ = opts.pop('type') name = opts.pop('name', None) astub = 'auth:add' dstub = 'auth:del' # Form our mesg if act == 'get': if name: mesg = s_tufo.tufo('auth:req:%s' % typ, **{self.typmap.get(typ): name}) else: mesg = ('auth:get:%s' % self.getmap.get(typ), {}) elif act == 'add': mesg = self.getMsg(astub, name, typ, opts) elif act == 'del': mesg = self.getMsg(dstub, name, typ, opts) else: # pragma: no cover raise s_exc.BadSyntaxError(mesg='Unknown action provided', act=act) # Execute remote call isok, retn = core.authReact(mesg) retn = s_common.reqok(isok, retn) # Format output if opts.get('json'): outp = json.dumps(retn, indent=2, sort_keys=True) else: width, _ = shutil.get_terminal_size((120, 24)) if width == 0: # In CI we may not have a tty available. width = 120 outp = pprint.pformat(retn, width=width) self.printf(outp) return retn
def test_auth_mixin(self): rname = 'pennywise' uname = 'bob' hatguy = 'hatguy' nrole = 'ninja' rule1 = ('node:add', {'form': 'strform'}) with self.getTestDir() as dirn: foo = TstAthMxn(dirn, root=rname) # Test decorators isok, retn = foo.authReact(s_tufo.tufo('auth:get:users')) self.false(isok) self.eq(retn[0], 'NoSuchUser') with s_scope.enter({'syn:user': uname}): isok, retn = foo.authReact(s_tufo.tufo('auth:get:users')) self.false(isok) self.eq(retn[0], 'NoSuchUser') with s_scope.enter({'syn:user': rname}): isok, retn = foo.authReact(s_tufo.tufo('auth:get:users')) self.true(isok) self.eq(retn[0], 'auth:get:users') self.isin(rname, retn[1].get('users')) isok, retn = foo.authReact(s_tufo.tufo('auth:get:roles')) self.true(isok) self.eq(retn[0], 'auth:get:roles') self.eq(retn[1].get('roles'), []) isok, retn = foo.authReact( s_tufo.tufo('auth:req:user', user=rname)) self.true(isok) self.eq(retn[0], 'auth:req:user') root = retn[1].get('user') self.istufo(root) self.eq(root[0], rname) self.true(root[1].get('admin')) self.eq(root[1].get('rules'), []) self.eq(root[1].get('roles'), []) isok, retn = foo.authReact( s_tufo.tufo('auth:add:role', role=nrole)) self.true(isok) self.eq(retn[0], 'auth:add:role') role = retn[1].get('role') self.istufo(role) isok, retn = foo.authReact(s_tufo.tufo('auth:get:roles')) self.eq(retn[1].get('roles'), [nrole]) isok, retn = foo.authReact( s_tufo.tufo('auth:add:rrule', role=nrole, rule=rule1)) self.true(isok) self.eq(retn[0], 'auth:add:rrule') role = retn[1].get('role') self.len(1, role[1].get('rules')) self.eq(role[1].get('rules'), [rule1]) isok, retn = foo.authReact( s_tufo.tufo('auth:add:urole', role=nrole, user=rname)) self.true(isok) self.eq(retn[0], 'auth:add:urole') root = retn[1].get('user') self.isin(nrole, root[1].get('roles')) isok, retn = foo.authReact( s_tufo.tufo('auth:req:role', role=nrole)) self.true(isok) self.eq(retn[0], 'auth:req:role') role = retn[1].get('role') self.istufo(role) isok, retn = foo.authReact( s_tufo.tufo('auth:add:user', user=uname)) self.true(isok) self.eq(retn[0], 'auth:add:user') user = retn[1].get('user') self.istufo(user) self.eq(user[0], uname) isok, retn = foo.authReact( s_tufo.tufo('auth:add:urule', user=uname, rule=rule1)) self.true(isok) self.eq(retn[0], 'auth:add:urule') user = retn[1].get('user') self.len(1, user[1].get('rules')) isok, retn = foo.authReact( s_tufo.tufo('auth:add:urole', user=uname, role=nrole)) self.true(isok) user = retn[1].get('user') self.len(1, user[1].get('roles')) isok, retn = foo.authReact( s_tufo.tufo('auth:add:user', user=hatguy)) self.true(isok) user = retn[1].get('user') self.eq(user[0], hatguy) self.false(user[1].get('admin')) isok, retn = foo.authReact( s_tufo.tufo('auth:add:admin', user=hatguy)) self.true(isok) self.eq(retn[0], 'auth:add:admin') user = retn[1].get('user') self.eq(user[0], hatguy) self.true(user[1].get('admin')) isok, retn = foo.authReact( s_tufo.tufo('auth:del:admin', user=hatguy)) self.true(isok) self.eq(retn[0], 'auth:del:admin') user = retn[1].get('user') self.eq(user[0], hatguy) self.false(user[1].get('admin')) # Now that we have the uname user we'll fail in a different way with s_scope.enter({'syn:user': uname}): isok, retn = foo.authReact(s_tufo.tufo('auth:get:users')) self.false(isok) self.eq(retn[0], 'AuthDeny') # Destructive testing with s_scope.enter({'syn:user': rname}): isok, retn = foo.authReact( s_tufo.tufo( 'auth:del:rrule', role=nrole, rule=rule1, )) self.true(isok) self.eq(retn[0], 'auth:del:rrule') role = retn[1].get('role') self.len(0, role[1].get('rules')) isok, retn = foo.authReact( s_tufo.tufo('auth:del:urule', user=uname, rule=rule1)) self.true(isok) self.eq(retn[0], 'auth:del:urule') user = retn[1].get('user') self.len(0, user[1].get('rules')) isok, retn = foo.authReact( s_tufo.tufo('auth:del:urole', user=uname, role=nrole)) self.true(isok) self.eq(retn[0], 'auth:del:urole') user = retn[1].get('user') self.len(0, user[1].get('roles')) isok, retn = foo.authReact( s_tufo.tufo('auth:del:user', user=uname)) self.true(isok) self.eq(retn[0], 'auth:del:user') self.eq(retn[1].get('user'), uname) self.true(retn[1].get('deleted')) isok, retn = foo.authReact( s_tufo.tufo('auth:del:role', role=nrole)) self.true(isok) self.eq(retn[0], 'auth:del:role') self.eq(retn[1].get('role'), nrole) self.true(retn[1].get('deleted')) isoke, retn = foo.authReact( s_tufo.tufo('auth:req:user', user=rname)) root = retn[1].get('user') self.eq(root[1].get('roles'), []) # Broken mixin use class Broken(s_auth.AuthMixin): def __init__(self): pass broke = Broken() isok, retn = broke.authReact(s_tufo.tufo('auth:get:users')) self.false(isok) self.eq(retn[0], 'AttributeError')
def __authAddUser(self, mesg): mname, mdict = mesg name = mdict.get('user') uobj = self.auth.addUser(name) ret = s_tufo.tufo(mname, user=(name, uobj._getAuthData())) return True, ret
def __authDelUser(self, mesg): mname, mdict = mesg name = mdict.get('user') _ret = self.auth.delUser(name) ret = s_tufo.tufo(mname, user=name, deleted=_ret) return True, ret
def __authDelRole(self, mesg): mname, mdict = mesg name = mdict.get('role') _ret = self.auth.delRole(name) ret = s_tufo.tufo(mname, role=name, deleted=_ret) return True, ret
def __authAddRole(self, mesg): mname, mdict = mesg name = mdict.get('role') robj = self.auth.addRole(name) ret = s_tufo.tufo(mname, role=(name, robj._getAuthData())) return True, ret