def validate_perms(self, new): f = File.get_file_from_db_id(self.db, self.file1.get_id()) uf = UserFile(f, self.user1) perms = uf.get_perms(force=True) for p in new: self.assertTrue(p in perms, "bad perms set %s != %s" % (new, perms)) self.assertEqual(len(perms), len(new), "perms dont match %s != %s" % (new, perms))
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts,args) = setup_options(argv) if len(args) != 3: raise AuthzException('CLI_PARAMETER', "You must specify a username filename permssions") user_name = args[0] object_name = args[1] requested_perms = args[2] parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent)) file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: raise AuthzException('FILE_EXISTS', "file %s:%s not found" % (opts.type, object_name)) user = User(db_obj, uu=user_name) uf = UserFile(file1) # create a uesrfile with owner so we can chmod uf.chmod(requested_perms, user=user) pynimbusauthz.print_msg(opts, 0, "changed %s to %s for %s" % (str(file1), requested_perms, str(user))) db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def test_grant(self): user2 = User(self.db) self.uf.chmod("R", user=user2) uf2 = UserFile(self.file1, user2) p = uf2.get_perms() self.assertEqual(p, "R", "perms should only be read here")
def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1)
def get_uf(self, bucketName, objectName=None): file = self.get_file_obj(bucketName, objectName) if file == None: pycb.log(logging.INFO, "b:o not found %s:%s" % (bucketName, str(objectName))) raise cbException('NoSuchKey') uf = UserFile(file, self.user) return uf
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) != 3: raise AuthzException( 'CLI_PARAMETER', "You must specify a username filename permssions") user_name = args[0] object_name = args[1] requested_perms = args[2] parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent)) file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: raise AuthzException( 'FILE_EXISTS', "file %s:%s not found" % (opts.type, object_name)) user = User(db_obj, uu=user_name) uf = UserFile(file1) # create a uesrfile with owner so we can chmod uf.chmod(requested_perms, user=user) pynimbusauthz.print_msg( opts, 0, "changed %s to %s for %s" % (str(file1), requested_perms, str(user))) db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) == 0: raise AuthzException('CLI_PARAMETER', "You must specify a filename") parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "bucket %s not found" % (opts.parent)) object_name = args[0] file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: pynimbusauthz.print_msg(opts, 0, "File not found") return uf = UserFile(file1) msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner", "user", "perms") pynimbusauthz.print_msg(opts, 1, msg) n = uf.get_file().get_name() t = uf.get_file().get_object_type() stat_print_uf(opts, uf, n, t) if opts.all: user_list = uf.get_file().get_all_users() for u in user_list: uf = UserFile(uf.get_file(), u) stat_print_uf(opts, uf, " ", " ") except AuthzException, ae: print ae return ae.get_rc()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts,args) = setup_options(argv) if len(args) == 0: raise AuthzException('CLI_PARAMETER', "You must specify a filename") parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "bucket %s not found" % (opts.parent)) object_name = args[0] file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: pynimbusauthz.print_msg(opts, 0, "File not found") return uf = UserFile(file1) msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner", "user", "perms") pynimbusauthz.print_msg(opts, 1, msg) n = uf.get_file().get_name() t = uf.get_file().get_object_type() stat_print_uf(opts, uf, n, t) if opts.all: user_list = uf.get_file().get_all_users() for u in user_list: uf = UserFile(uf.get_file(), u) stat_print_uf(opts, uf, " ", " ") except AuthzException, ae: print ae return ae.get_rc()
class TestUser(unittest.TestCase): def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) def tearDown(self): self.db.close() def test_basic_userfile(self): perms = self.uf.get_perms() self.assertEqual(len(perms), 4, "Default perms should be none") self.assertTrue("r" in perms, "read not set") self.assertTrue("w" in perms, "write not set") self.assertTrue("R" in perms, "read acl not set") self.assertTrue("W" in perms, "write acl not set") f2 = self.uf.get_file() self.assertEqual(f2, self.file1, "should return the same file") o2 = self.uf.get_owner() self.assertEqual(o2, self.user1, "should return the same user") self.assertTrue(self.uf.can_access("rwRW")) a = self.uf.get_all_children() self.assertEqual(len(list(a)), 0, "should be no children") def test_bad_chmod(self): try: self.uf.chmod("KSA") self.fail("should be a bad parameter exception") except: pass def test_bad_chmod(self): self.uf.chmod("r") try: perms = self.uf.get_perms() self.fail("should not be able to read acl") except: pass self.uf.chmod("Rr") perms = self.uf.get_perms() rc = self.uf.can_access("w") self.assertFalse(rc, "should not be able to write %d" % (rc)) rc = self.uf.can_access("r") self.assertTrue(rc, "should be able to read") self.uf.chmod("RW") def test_grant(self): user2 = User(self.db) self.uf.chmod("R", user=user2) uf2 = UserFile(self.file1, user2) p = uf2.get_perms() self.assertEqual(p, "R", "perms should only be read here") def test_children(self): child1 = File.create_file(self.db, "kid", self.user1, self.data, pynimbusauthz.object_type_s3, parent=self.file1) self.db.commit() x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = self.uf.get_all_children() found = False for f in x: if f.get_file() == child1: found = True self.assertTrue(found, "We should have found that kid!")