def test_system_user_valid_no_check(self): client = mock.MagicMock() self.assertTrue( validate_user_external_auth(get_worker_user(), client=client)) self.assertTrue( validate_user_external_auth(get_node_init_user(), client=client)) client.get_groups.assert_not_called()
def test_node_init_user_has_no_profile(self): user = get_node_init_user() profile = None try: profile = user.userprofile except UserProfile.DoesNotExist: # Expected. pass self.assertIsNone(profile)
def test_system_user_valid_no_check(self): self.assertTrue( validate_user_external_auth(get_worker_user(), self.auth_info, rbac_client=self.client)) self.assertTrue( validate_user_external_auth(get_node_init_user(), self.auth_info, rbac_client=self.client)) self.client.allowed_for_user.assert_not_called()
def _create_token(self, node): """Create an OAuth token for a given node. :param node: The system that is to be allowed access to the metadata service. :type node: Node :return: Token for the node to use. :rtype: piston.models.Token """ token = create_auth_token(get_node_init_user()) self.create(node=node, token=token, key=token.key) return token
def _create_token(self, node): """Create an OAuth token for a given node. :param node: The system that is to be allowed access to the metadata service. :type node: Node :return: Token for the node to use. :rtype: piston.models.Token """ token = create_auth_token(get_node_init_user()) self.create(node=node, token=token, key=token.key) return token
def test_is_authenticated_external_auth_system_user(self): mock_validate = self.patch(api_auth, "validate_user_external_auth") mock_validate.return_value = True auth = MAASAPIAuthentication() user = get_node_init_user() request = self.make_request() mock_token = mock.Mock(user=user) auth.is_valid_request = lambda request: True auth.validate_token = lambda request: (mock.Mock(), mock_token, None) self.assertTrue(auth.is_authenticated(request)) mock_validate.assert_not_called()
def test_holds_node_init_user(self): user = get_node_init_user() self.assertIsInstance(user, User) self.assertEqual(user_name, user.username)
def test_always_returns_same_user(self): node_init_user = get_node_init_user() self.assertEqual(node_init_user.id, get_node_init_user().id)
def test_node_init_user_cannot_access(self): token = NodeKey.objects.get_token_for_node(factory.make_Node()) client = MAASSensibleOAuthClient(get_node_init_user(), token) response = client.get(reverse('nodes_handler')) self.assertEqual(http.client.FORBIDDEN, response.status_code)
def test_node_init_user_cannot_access(self): backend = MAASAuthorizationBackend() self.assertFalse( backend.has_perm(get_node_init_user(), NODE_PERMISSION.VIEW, make_unallocated_node()))
def test_node_init_user_not_valid(self): user = get_node_init_user() form = ManageUserGroupsForm(data={'user': [str(user.id)]}) self.assertFalse(form.is_valid())
def make_node_client(node=None): """Create a test client logged in as if it were `node`.""" if node is None: node = factory.make_node() token = NodeKey.objects.get_token_for_node(node) return OAuthAuthenticatedClient(get_node_init_user(), token)
def test_node_init_user_cannot_access(self): backend = MAASAuthorizationBackend() self.assertFalse(backend.has_perm( get_node_init_user(), NODE_PERMISSION.VIEW, make_unallocated_node()))
def test_node_init_user_cannot_access(self): token = NodeKey.objects.get_token_for_node(factory.make_node()) client = OAuthAuthenticatedClient(get_node_init_user(), token) response = client.get(reverse('nodes_handler'), {'op': 'list'}) self.assertEqual(httplib.FORBIDDEN, response.status_code)
def make_node_client(self, node=None): """Create a test client logged in as if it were `node`.""" if node is None: node = factory.make_node() token = NodeKey.objects.get_token_for_node(node) return OAuthAuthenticatedClient(get_node_init_user(), token)
def test_node_init_user_not_in_default_group(self): default_group = UserGroup.objects.get_default_usergroup() self.assertNotIn(get_node_init_user(), default_group.users.all())
def test_user_can_access_pool_node_init_user(self): user = get_node_init_user() pool = factory.make_ResourcePool() self.assertTrue(ResourcePool.objects.user_can_access_pool(user, pool))
def test_node_init_user_cannot_access(self): backend = MAASAuthorizationBackend() self.assertFalse( backend.has_perm(get_node_init_user(), NodePermission.view, factory.make_Node()))
def test_node_init_user_has_no_profile(self): user = get_node_init_user() self.assertRaises(UserProfile.DoesNotExist, user.get_profile)