def test_process_request_noapp(self): """Test processing ticket request.""" treadmill.zkutils.get.side_effect = kazoo.client.NoNodeError tkt_locker = tickets.TicketLocker(kazoo.client.KazooClient(), '/var/spool/tickets') # With no node node error, result will be empty dict. self.assertEqual( {}, tkt_locker.process_request('host/[email protected]', 'foo#1234'))
def locker(tkt_spool_dir, trusted, no_register): """Run ticket locker daemon.""" trusted_apps = {} for hostname, app, tkts in trusted: tkts = list(set(tkts.split(','))) _LOGGER.info('Trusted: %s/%s : %r', hostname, app, tkts) trusted_apps[(hostname, app)] = tkts tkt_locker = tickets.TicketLocker(context.GLOBAL.zk.conn, tkt_spool_dir, trusted=trusted_apps) tickets.run_server(tkt_locker, register=(not no_register))
def test_publish(self): """Test tickets publishing.""" tkt_locker = tickets.TicketLocker(kazoo.client.KazooClient(), self.tkt_dir) io.open(os.path.join(self.tkt_dir, 'x@r1'), 'w+').close() io.open(os.path.join(self.tkt_dir, 'x@r2'), 'w+').close() io.open(os.path.join(self.tkt_dir, 'x@r3'), 'w+').close() tkt_locker.publish_tickets(['@r1', '@r2'], once=True) treadmill.zkutils.put.assert_has_calls([ mock.call(mock.ANY, '/tickets/x@r1/h', 'klist-output', ephemeral=True), mock.call(mock.ANY, '/tickets/x@r2/h', 'klist-output', ephemeral=True), ], any_order=True)
def test_process_trusted(self): """Test processing trusted app.""" tkt_locker = tickets.TicketLocker(kazoo.client.KazooClient(), self.tkt_dir, trusted={ ('aaa.xxx.com', 'master'): ['x@r1'] }) with io.open(os.path.join(self.tkt_dir, 'x@r1'), 'w+') as f: f.write('x') # base64 encoded 'x'. self.assertEqual({'x@r1': b'eA=='}, tkt_locker.process_request('host/[email protected]', 'master'))
def test_prune(self): """Test pruning published tickets.""" tkt_locker = tickets.TicketLocker(kazoo.client.KazooClient(), self.tkt_dir) tickets.krbcc_ok.return_value = True tkt_locker.prune_tickets() tickets.krbcc_ok.assert_called_with(os.path.join(self.tkt_dir, 'x@r1')) self.assertFalse(zkutils.ensure_deleted.called) tickets.krbcc_ok.reset_mock() tickets.krbcc_ok.return_value = False tkt_locker.prune_tickets() tickets.krbcc_ok.assert_called_with(os.path.join(self.tkt_dir, 'x@r1')) zkutils.ensure_deleted.assert_called_with(mock.ANY, '/tickets/x@r1/h')
def test_process_request(self): """Test processing ticket request.""" treadmill.zkutils.get.return_value = {'tickets': ['tkt1']} tkt_locker = tickets.TicketLocker(kazoo.client.KazooClient(), '/var/spool/tickets') # With no ticket in /var/spool/tickets, result will be empty dict self.assertEqual({}, tkt_locker.process_request('host/[email protected]', 'foo#1234')) kazoo.client.KazooClient.exists.assert_called_with( '/placement/aaa.xxx.com/foo#1234') # Invalid (non host) principal self.assertEqual( None, tkt_locker.process_request('*****@*****.**', 'foo#1234'))
def locker(tkt_spool_dir): """Run ticket locker daemon.""" tkt_locker = tickets.TicketLocker(context.GLOBAL.zk.conn, tkt_spool_dir) tickets.run_server(tkt_locker)
def publish(tkt_spool_dir, realms): """Run ticket locker daemon.""" tkt_locker = tickets.TicketLocker(context.GLOBAL.zk.conn, tkt_spool_dir) tkt_locker.publish_tickets(realms)