def test_add_attribute(rest_client, auth_token):
""" ACCOUNT (REST): add/get/delete attribute."""
acntusr = account_name_generator()
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/' + acntusr,
headers=headers(auth(auth_token)),
json=data)
assert response.status_code == 201
key = account_name_generator()
value = "true"
data = {'key': key, 'value': value}
response = rest_client.post('/accounts/{0}/attr/{1}'.format(acntusr, key),
headers=headers(auth(auth_token)),
json=data)
assert response.status_code == 201
response = rest_client.get('/accounts/' + acntusr + '/attr/',
headers=headers(auth(auth_token)))
assert response.status_code == 200
response = rest_client.delete('/accounts/{0}/attr/{1}'.format(
acntusr, key),
headers=headers(auth(auth_token)),
json=data)
assert response.status_code == 200
def test_delete_identity_of_account(self):
""" ACCOUNT (REST): send a DELETE to remove an identity of an account."""
mw = []
account = account_name_generator()
identity = uuid()
password = '******'
add_account(account, 'USER', '*****@*****.**', 'root', **self.vo)
add_identity(identity, IdentityType.USERPASS, '*****@*****.**', password)
add_account_identity(identity, IdentityType.USERPASS, InternalAccount(account, **self.vo), '*****@*****.**')
headers1 = {'X-Rucio-Account': account, 'X-Rucio-Username': identity, 'X-Rucio-Password': password}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
token = str(res1.header('X-Rucio-Auth-Token'))
# normal deletion
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'authtype': 'USERPASS', 'identity': identity})
res2 = TestApp(account_app.wsgifunc(*mw)).delete('/' + account + '/identities', headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 200)
# unauthorized deletion
other_account = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'authtype': 'USERPASS', 'identity': identity})
res2 = TestApp(account_app.wsgifunc(*mw)).delete('/' + other_account + '/identities', headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 401)
def test_delete_identity_of_account(vo, rest_client):
""" ACCOUNT (REST): send a DELETE to remove an identity of an account."""
account = account_name_generator()
identity = uuid()
password = '******'
add_account(account, 'USER', '*****@*****.**', 'root', vo=vo)
add_identity(identity, IdentityType.USERPASS, '*****@*****.**', password)
add_account_identity(identity, IdentityType.USERPASS,
InternalAccount(account, vo=vo), '*****@*****.**')
auth_response = rest_client.get('/auth/userpass',
headers=headers(
loginhdr(account, identity, password),
vohdr(vo)))
assert auth_response.status_code == 200
assert 'X-Rucio-Auth-Token' in auth_response.headers
token = str(auth_response.headers.get('X-Rucio-Auth-Token'))
assert len(token) != 0
# normal deletion
data = {'authtype': 'USERPASS', 'identity': identity}
response = rest_client.delete('/accounts/' + account + '/identities',
headers=headers(auth(token)),
json=data)
assert response.status_code == 200
# unauthorized deletion
other_account = account_name_generator()
data = {'authtype': 'USERPASS', 'identity': identity}
response = rest_client.delete('/accounts/' + other_account + '/identities',
headers=headers(auth(token)),
json=data)
assert response.status_code == 401
def test_add_attribute(self):
""" ACCOUNT (REST): add/get/delete attribute."""
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 201)
key = account_name_generator()
value = "true"
data = dumps({'key': key, 'value': value})
res3 = TestApp(account_app.wsgifunc(*mw)).post('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True)
assert_equal(res3.status, 201)
res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr + '/attr/', headers=headers2, expect_errors=True)
assert_equal(res4.status, 200)
res5 = TestApp(account_app.wsgifunc(*mw)).delete('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True)
assert_equal(res5.status, 200)
def test_add_attribute(self):
""" ACCOUNT (REST): add/get/delete attribute."""
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
key = account_name_generator()
value = "true"
data = dumps({'key': key, 'value': value})
r3 = TestApp(account_app.wsgifunc(*mw)).post('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True)
assert_equal(r3.status, 201)
r4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr + '/attr/', headers=headers2, expect_errors=True)
assert_equal(r4.status, 200)
r5 = TestApp(account_app.wsgifunc(*mw)).delete('/{0}/attr/{1}'.format(acntusr, key), headers=headers2, params=data, expect_errors=True)
assert_equal(r5.status, 200)
def test_create_and_check_for_user(self):
""" ACCOUNT (CORE): Test the creation, query, and deletion of an account """
usr = account_name_generator()
invalid_usr = account_name_generator()
add_account(usr, 'USER', 'root')
assert_equal(account_exists(usr), True)
assert_equal(account_exists(invalid_usr), False)
del_account(usr, 'root')
def test_scope_failure(rest_client, auth_token):
""" SCOPE (REST): send a POST to create a new scope for a not existing account to test the error"""
scopeusr = scope_name_generator()
account_name_generator()
response = rest_client.post('/accounts/%s/scopes/%s' %
(scopeusr, scopeusr),
headers=headers(auth(auth_token)))
assert response.status_code == 404
def test_create_and_check_for_user(self):
""" ACCOUNT (CORE): Test the creation, query, and deletion of an account """
usr = account_name_generator()
invalid_usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root')
assert_equal(account_exists(usr), True)
assert_equal(account_exists(invalid_usr), False)
del_account(usr, 'root')
def test_scope_failure(self):
""" SCOPE (REST): send a POST to create a new scope for a not existing account to test the error"""
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
scopeusr = scope_name_generator()
account_name_generator()
res2 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (scopeusr, scopeusr), headers=headers2, expect_errors=True)
assert_equal(res2.status, 404)
def test_update_account(self):
""" ACCOUNT (REST): send a PUT to update an account."""
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 201)
data = dumps({'status': 'SUSPENDED', 'email': 'test'})
headers3 = {'X-Rucio-Auth-Token': str(token)}
res3 = TestApp(account_app.wsgifunc(*mw)).put('/' + acntusr, headers=headers3, params=data, expect_errors=True)
assert_equal(res3.status, 200)
headers4 = {'X-Rucio-Auth-Token': str(token)}
res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers4, expect_errors=True)
body = loads(res4.body.decode())
assert_equal(body['status'], 'SUSPENDED')
assert_equal(body['email'], 'test')
assert_equal(res4.status, 200)
def test_del_user_success(self):
""" ACCOUNT (REST): send a DELETE to disable the new user """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
res3 = TestApp(account_app.wsgifunc(*mw)).delete('/' + acntusr, headers=headers3, expect_errors=True)
assert_equal(res3.status, 200)
headers4 = {'X-Rucio-Auth-Token': str(token)}
res4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers4, expect_errors=True)
body = loads(res4.body.decode())
assert_true(body['status'] == AccountStatus.DELETED.description) # pylint: disable=no-member
assert_equal(res3.status, 200)
def test_attributes(self):
"""CLIENT(ADMIN): Add/List/Delete attributes"""
tmp_acc = account_name_generator()
# create account
cmd = 'rucio-admin account add %s' % tmp_acc
exitcode, out, err = execute(cmd)
# add attribute to the account
cmd = 'rucio-admin account add-attribute {0} --key test_attribute_key --value true'.format(
tmp_acc)
exitcode, out, err = execute(cmd)
print(out)
print(err)
nose.tools.assert_equal(0, exitcode)
# list attributes
cmd = 'rucio-admin account list-attributes {0}'.format(tmp_acc)
exitcode, out, err = execute(cmd)
print(out)
print(err)
nose.tools.assert_equal(0, exitcode)
# delete attribute to the account
cmd = 'rucio-admin account delete-attribute {0} --key test_attribute_key'.format(
tmp_acc)
exitcode, out, err = execute(cmd)
print(out)
print(err)
nose.tools.assert_equal(0, exitcode)
def test_list_scope(self):
""" SCOPE (REST): send a GET list all scopes for one account """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
tmp_val = account_name_generator()
headers2 = {'Rucio-Type': 'user', 'X-Rucio-Account': 'root', 'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/%s' % tmp_val, headers=headers2, params=data, expect_errors=True)
assert_equal(res2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
for scope in self.scopes:
data = dumps({})
res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (tmp_val, scope), headers=headers3, params=data, expect_errors=True)
assert_equal(res3.status, 201)
res4 = TestApp(account_app.wsgifunc(*mw)).get('/%s/scopes/' % tmp_val, headers=headers3, expect_errors=True)
assert_equal(res4.status, 200)
svr_list = loads(res4.body)
for scope in self.scopes:
assert_in(scope, svr_list)
def test_list_scope(rest_client, auth_token):
""" SCOPE (REST): send a GET list all scopes for one account """
tmp_val = account_name_generator()
headers_dict = {'Rucio-Type': 'user', 'X-Rucio-Account': 'root'}
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/%s' % tmp_val,
headers=headers(auth(auth_token),
hdrdict(headers_dict)),
json=data)
assert response.status_code == 201
scopes = [scope_name_generator() for _ in range(5)]
for scope in scopes:
response = rest_client.post('/accounts/%s/scopes/%s' %
(tmp_val, scope),
headers=headers(auth(auth_token)),
json={})
assert response.status_code == 201
response = rest_client.get('/accounts/%s/scopes/' % tmp_val,
headers=headers(auth(auth_token)))
assert response.status_code == 200
svr_list = loads(response.get_data(as_text=True))
for scope in scopes:
assert scope in svr_list
def test_get_user_success(self):
""" ACCOUNT (REST): send a GET to retrieve the infos of the new user """
mw = []
headers1 = {
'X-Rucio-Account': 'root',
'X-Rucio-Username': '******',
'X-Rucio-Password': '******'
}
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass',
headers=headers1,
expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr,
headers=headers2,
params=data,
expect_errors=True)
assert_equal(res2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
res3 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr,
headers=headers3,
expect_errors=True)
body = loads(res3.body)
assert_equal(body['account'], acntusr)
assert_equal(res3.status, 200)
def test_list_scope(self):
""" SCOPE (REST): send a GET list all scopes for one account """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
tmp_val = account_name_generator()
headers2 = {'Rucio-Type': 'user', 'X-Rucio-Account': 'root', 'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/%s' % tmp_val, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
for scope in self.scopes:
data = dumps({})
r3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (tmp_val, scope), headers=headers3, params=data, expect_errors=True)
assert_equal(r3.status, 201)
r4 = TestApp(account_app.wsgifunc(*mw)).get('/%s/scopes/' % tmp_val, headers=headers3, expect_errors=True)
assert_equal(r4.status, 200)
svr_list = loads(r4.body)
for scope in self.scopes:
assert_in(scope, svr_list)
def test_list_scope_no_scopes(self):
""" SCOPE (REST): send a GET list all scopes for one account without scopes """
mw = []
headers1 = {
'X-Rucio-Account': 'root',
'X-Rucio-Username': '******',
'X-Rucio-Password': '******'
}
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass',
headers=headers1,
expect_errors=True)
assert_equal(res1.status, 200)
token = str(res1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
acntusr = account_name_generator()
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr,
headers=headers2,
params=data,
expect_errors=True)
assert_equal(res2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
res4 = TestApp(account_app.wsgifunc(*mw)).get('/%s/scopes/' %
(acntusr),
headers=headers3,
params=data,
expect_errors=True)
assert_equal(res4.status, 404)
assert_equal(res4.header('ExceptionClass'), 'ScopeNotFound')
def test_create_user_success(self):
""" ACCOUNT (REST): send a POST to create a new user """
mw = []
headers1 = {
'X-Rucio-Account': 'root',
'X-Rucio-Username': '******',
'X-Rucio-Password': '******'
}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass',
headers=headers1,
expect_errors=True)
assert res1.status == 200
token = str(res1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER', 'email': '*****@*****.**'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr,
headers=headers2,
params=data,
expect_errors=True)
assert res2.status == 201
def test_scope_success(self):
""" SCOPE (REST): send a POST to create a new account and scope """
mw = []
headers1 = {
'X-Rucio-Account': 'root',
'X-Rucio-Username': '******',
'X-Rucio-Password': '******'
}
headers1.update(self.vo_header)
res1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass',
headers=headers1,
expect_errors=True)
assert res1.status == 200
token = str(res1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
acntusr = account_name_generator()
data = dumps({'type': 'USER', 'email': 'rucio.email.com'})
res2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr,
headers=headers2,
params=data,
expect_errors=True)
assert res2.status == 201
headers3 = {'X-Rucio-Auth-Token': str(token)}
scopeusr = scope_name_generator()
res3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' %
(acntusr, scopeusr),
headers=headers3,
expect_errors=True)
assert res3.status == 201
def test_create_user_success(rest_client, auth_token):
""" ACCOUNT (REST): send a POST to create a new user """
acntusr = account_name_generator()
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/' + acntusr,
headers=headers(auth(auth_token)),
json=data)
assert response.status_code == 201
def test_add_account(self):
"""CLIENT(ADMIN): Add account"""
tmp_val = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_val
print self.marker + cmd
exitcode, out, err = execute(cmd)
print out,
nose.tools.assert_equal('Added new account: %s\n' % tmp_val, out)
def test_add_account(self):
"""CLIENT(ADMIN): Add account"""
tmp_val = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_val
print(self.marker + cmd)
exitcode, out, err = execute(cmd)
print(out, )
nose.tools.assert_equal('Added new account: %s\n' % tmp_val, out)
def test_add_account_attribute(self):
""" ACCOUNT (CORE): Test adding attribute to account """
account = InternalAccount('root', **self.vo)
key = account_name_generator()
value = True
add_account_attribute(account, key, value)
assert {'key': key, 'value': True} in list_account_attributes(account)
with pytest.raises(Duplicate):
add_account_attribute(account, key, value)
def setUp(self):
""" Setup the Test Case """
if config_get_bool('common', 'multi_vo', raise_exception=False, default=False):
self.vo = {'vo': config_get('client', 'vo', raise_exception=False, default='tst')}
else:
self.vo = {}
self.account = InternalAccount(account_name_generator(), **self.vo)
add_account(self.account, AccountType.USER, '*****@*****.**')
def test_scope_success(rest_client, auth_token):
""" SCOPE (REST): send a POST to create a new account and scope """
acntusr = account_name_generator()
data = {'type': 'USER', 'email': 'rucio.email.com'}
response = rest_client.post('/accounts/' + acntusr, headers=headers(auth(auth_token)), json=data)
assert response.status_code == 201
scopeusr = scope_name_generator()
response = rest_client.post('/accounts/%s/scopes/%s' % (acntusr, scopeusr), headers=headers(auth(auth_token)))
assert response.status_code == 201
def test_account_status(self):
""" ACCOUNT (CORE): Test changing and quering account status """
usr = account_name_generator()
add_account(usr, 'USER', 'root')
assert_equal(get_account_status(usr), AccountStatus.ACTIVE) # Should be active by default
set_account_status(usr, AccountStatus.SUSPENDED)
assert_equal(get_account_status(usr), AccountStatus.SUSPENDED)
set_account_status(usr, AccountStatus.ACTIVE)
assert_equal(get_account_status(usr), AccountStatus.ACTIVE)
del_account(usr, 'root')
def test_add_scope(self):
"""CLIENT(ADMIN): Add scope"""
tmp_scp = scope_name_generator()
tmp_acc = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_acc
exitcode, out, err = execute(cmd)
cmd = 'rucio-admin scope add --account %s --scope %s' % (tmp_acc, tmp_scp)
print self.marker + cmd
exitcode, out, err = execute(cmd)
print out, err
nose.tools.assert_equal('Added new scope to account: %s-%s\n' % (tmp_scp, tmp_acc), out)
def test_account_status(self):
""" ACCOUNT (CORE): Test changing and quering account status """
usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root')
assert_equal(get_account_status(usr),
AccountStatus.ACTIVE) # Should be active by default
set_account_status(usr, AccountStatus.SUSPENDED)
assert_equal(get_account_status(usr), AccountStatus.SUSPENDED)
set_account_status(usr, AccountStatus.ACTIVE)
assert_equal(get_account_status(usr), AccountStatus.ACTIVE)
del_account(usr, 'root')
def test_add_identity(self):
"""CLIENT(ADMIN): Add identity"""
tmp_val = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_val
exitcode, out, err = execute(cmd)
nose.tools.assert_equal('Added new account: %s\n' % tmp_val, out)
cmd = 'rucio-admin identity add --account %s --type GSS --id [email protected] --email [email protected]' % tmp_val
print self.marker + cmd
exitcode, out, err = execute(cmd)
print out,
nose.tools.assert_equal('Added new identity to account: [email protected]%s\n' % tmp_val, out)
def test_get_user_success(rest_client, auth_token):
""" ACCOUNT (REST): send a GET to retrieve the infos of the new user """
acntusr = account_name_generator()
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/' + acntusr, headers=headers(auth(auth_token)), json=data)
assert response.status_code == 201
response = rest_client.get('/accounts/' + acntusr, headers=headers(auth(auth_token)))
assert response.status_code == 200
body = loads(response.get_data(as_text=True))
assert body['account'] == acntusr
def test_list_scope_no_scopes(rest_client, auth_token):
""" SCOPE (REST): send a GET list all scopes for one account without scopes """
acntusr = account_name_generator()
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/' + acntusr, headers=headers(auth(auth_token)), json=data)
assert response.status_code == 201
response = rest_client.get('/accounts/%s/scopes/' % acntusr, headers=headers(auth(auth_token)))
assert response.status_code == 404
assert response.headers.get('ExceptionClass') == 'ScopeNotFound'
def test_add_scope(self):
"""CLIENT(ADMIN): Add scope"""
tmp_scp = scope_name_generator()
tmp_acc = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_acc
exitcode, out, err = execute(cmd)
cmd = 'rucio-admin scope add --account %s --scope %s' % (tmp_acc, tmp_scp)
print(self.marker + cmd)
exitcode, out, err = execute(cmd)
print(out, err)
nose.tools.assert_equal('Added new scope to account: %s-%s\n' % (tmp_scp, tmp_acc), out)
def test_add_identity(self):
"""CLIENT(ADMIN): Add identity"""
tmp_val = account_name_generator()
cmd = 'rucio-admin account add %s' % tmp_val
exitcode, out, err = execute(cmd)
nose.tools.assert_equal('Added new account: %s\n' % tmp_val, out)
cmd = 'rucio-admin identity add --account %s --type GSS --id [email protected] --email [email protected]' % tmp_val
print(self.marker + cmd)
exitcode, out, err = execute(cmd)
print(out, )
nose.tools.assert_equal('Added new identity to account: [email protected]%s\n' % tmp_val, out)
def test_ban_unban_account(self):
""" ACCOUNT (CLIENTS): create a new account and ban/unban it."""
account = account_name_generator()
type, email = 'USER', '*****@*****.**'
ret = self.client.add_account(account, type, email)
assert_true(ret)
self.client.set_account_status(account=account, status='SUSPENDED')
status = self.client.get_account(account=account)['status']
assert_equal(status, 'SUSPENDED')
self.client.set_account_status(account=account, status='ACTIVE')
status = self.client.get_account(account=account)['status']
assert_equal(status, 'ACTIVE')
def test_scope_duplicate(rest_client, auth_token):
""" SCOPE (REST): send a POST to create a already existing scope to test the error"""
acntusr = account_name_generator()
data = {'type': 'USER', 'email': '*****@*****.**'}
response = rest_client.post('/accounts/' + acntusr, headers=headers(auth(auth_token)), json=data)
assert response.status_code == 201
scopeusr = scope_name_generator()
response = rest_client.post('/accounts/%s/scopes/%s' % (acntusr, scopeusr), headers=headers(auth(auth_token)))
assert response.status_code == 201
response = rest_client.post('/accounts/%s/scopes/%s' % (acntusr, scopeusr), headers=headers(auth(auth_token)))
assert response.status_code == 409
def test_update_account(self):
""" ACCOUNT (CORE): Test changing and quering account parameters """
usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root', **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.ACTIVE # Should be active by default
update_account(account=usr, key='status', value=AccountStatus.SUSPENDED, **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.SUSPENDED
update_account(account=usr, key='status', value=AccountStatus.ACTIVE, **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.ACTIVE
update_account(account=usr, key='email', value='test', **self.vo)
email = get_account_info(account=usr, **self.vo)['email']
assert email == 'test'
del_account(usr, 'root', **self.vo)
def test_post_account(self):
"""ACCOUNT (CURL): add account"""
cmd = 'curl -s -i --cacert %s -H "X-Rucio-Account: root" --cert %s --key %s -X GET %s/auth/x509 | tr -d \'\r\' | grep X-Rucio-Auth-Token:' % (
self.cacert, self.usercert, self.userkey, self.auth_host)
exitcode, out, err = execute(cmd)
nose.tools.assert_in('X-Rucio-Auth-Token', out)
os.environ['RUCIO_TOKEN'] = out[len('X-Rucio-Auth-Token: '):].rstrip()
cmd = '''curl -s -i --cacert %s -H "X-Rucio-Auth-Token: $RUCIO_TOKEN" -H "Rucio-Type: user" -d '{"type": "USER", "email": "*****@*****.**"}' -X POST %s/accounts/%s''' % (
self.cacert, self.host, account_name_generator())
print(self.marker + cmd)
exitcode, out, err = execute(cmd)
print(out)
nose.tools.assert_in('201 Created', out)
def test_list_accounts(self):
""" ACCOUNT (CLIENTS): get list of all accounts."""
dn = '/C=CH/ST=Geneva/O=CERN/OU=PH-ADP-CO/CN=DDMLAB Client Certificate/[email protected]'
acc_list = [account_name_generator() for i in xrange(5)]
for account in acc_list:
self.client.add_account(account, 'USER')
svr_list = [a['account'] for a in self.client.list_accounts(account_type='SERVICE', identity=dn)]
assert_true('root' in svr_list)
svr_list = [a['account'] for a in self.client.list_accounts(account_type='USER')]
for account in acc_list:
assert_true(account in svr_list)
def test_scope_failure(self):
""" SCOPE (REST): send a POST to create a new scope for a not existing account to test the error"""
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
scopeusr = scope_name_generator() # NOQA
acntusr = account_name_generator() # NOQA
r2 = TestApp(account_app.wsgifunc(*mw)).post('/%(scopeusr)s/scopes/%(scopeusr)s' % locals(), headers=headers2, expect_errors=True)
assert_equal(r2.status, 404)
def test_create_user_success(self):
""" ACCOUNT (REST): send a POST to create a new user """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
def test_add_account_success(self):
""" ACCOUNT (CLIENTS): create a new account and get information about account."""
account = account_name_generator()
type = 'USER'
ret = self.client.add_account(account, type)
assert_true(ret)
with assert_raises(Duplicate):
self.client.add_account(account, type)
with assert_raises(InvalidObject):
self.client.add_account('BAD_ACCOUNT_NAME', type)
with assert_raises(InvalidObject):
self.client.add_account('toooooooloooooonaccounnnnnnnntnammmmme', type)
acc_info = self.client.get_account(account)
assert_equal(acc_info['account'], account)
def test_scope_success(self):
""" SCOPE (REST): send a POST to create a new account and scope """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
acntusr = account_name_generator()
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
scopeusr = scope_name_generator()
r3 = TestApp(account_app.wsgifunc(*mw)).post('/%s/scopes/%s' % (acntusr, scopeusr), headers=headers3, expect_errors=True)
assert_equal(r3.status, 201)
def test_list_scope_no_scopes(self):
""" SCOPE (REST): send a GET list all scopes for one account without scopes """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
headers2 = {'X-Rucio-Auth-Token': str(token)}
acntusr = account_name_generator()
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
r4 = TestApp(account_app.wsgifunc(*mw)).get('/%(acntusr)s/scopes/' % locals(), headers=headers3, params=data, expect_errors=True)
assert_equal(r4.status, 404)
assert_equal(r4.header('ExceptionClass'), 'ScopeNotFound')
def test_del_identity(self):
"""CLIENT(ADMIN): Test del identity"""
tmp_acc = account_name_generator()
# create account
cmd = 'rucio-admin account add %s' % tmp_acc
exitcode, out, err = execute(cmd)
# add identity to account
cmd = 'rucio-admin identity add --account %s --type GSS --id [email protected] --email [email protected]' % tmp_acc
exitcode, out, err = execute(cmd)
# delete identity from account
cmd = 'rucio-admin identity delete --account %s --type GSS --id [email protected]' % tmp_acc
print self.marker + cmd
exitcode, out, err = execute(cmd)
print out, err
nose.tools.assert_equal('Deleted identity: [email protected]\n', out)
# list identities for account
cmd = 'rucio-admin account list-identities %s' % (tmp_acc)
print self.marker + cmd
print cmd
exitcode, out, err = execute(cmd)
print out, err
nose.tools.assert_equal('', out)
def test_del_user_success(self):
""" ACCOUNT (REST): send a DELETE to disable the new user """
mw = []
headers1 = {'X-Rucio-Account': 'root', 'X-Rucio-Username': '******', 'X-Rucio-Password': '******'}
r1 = TestApp(auth_app.wsgifunc(*mw)).get('/userpass', headers=headers1, expect_errors=True)
assert_equal(r1.status, 200)
token = str(r1.header('X-Rucio-Auth-Token'))
acntusr = account_name_generator()
headers2 = {'X-Rucio-Auth-Token': str(token)}
data = dumps({'type': 'USER'})
r2 = TestApp(account_app.wsgifunc(*mw)).post('/' + acntusr, headers=headers2, params=data, expect_errors=True)
assert_equal(r2.status, 201)
headers3 = {'X-Rucio-Auth-Token': str(token)}
r3 = TestApp(account_app.wsgifunc(*mw)).delete('/' + acntusr, headers=headers3, expect_errors=True)
assert_equal(r3.status, 200)
headers4 = {'X-Rucio-Auth-Token': str(token)}
r4 = TestApp(account_app.wsgifunc(*mw)).get('/' + acntusr, headers=headers4, expect_errors=True)
body = loads(r4.body)
assert_true(body['status'] == AccountStatus.DELETED.description)
assert_equal(r3.status, 200)
def setup(self):
self.account = account_name_generator()
add_account(self.account, AccountType.USER)
def test_post_account(self):
"""ACCOUNT (CURL): add account"""
cmd = 'curl -s -i --cacert %s -H "X-Rucio-Account: root" -E %s -X GET %s/auth/x509 | grep X-Rucio-Auth-Token:' % (self.cacert, self.usercert, self.auth_host)
exitcode, out, err = execute(cmd)
nose.tools.assert_in('X-Rucio-Auth-Token', out)
os.environ['RUCIO_TOKEN'] = out[len('X-Rucio-Auth-Token: '):-1]
cmd = '''curl -s -i --cacert %s -H "X-Rucio-Auth-Token: $RUCIO_TOKEN" -H "Rucio-Type: user" -d '{"type": "USER"}' -X POST %s/accounts/%s''' % (self.cacert, self.host, account_name_generator())
print self.marker + cmd
exitcode, out, err = execute(cmd)
print out
nose.tools.assert_in('201 Created', out)
def test_list_scopes_no_scopes(self):
""" SCOPE (CLIENTS): try to list scopes for an account without scopes."""
account = account_name_generator()
self.account_client.add_account(account, 'USER')
self.scope_client.list_scopes_for_account(account)
def test_list_scopes_account_not_found(self):
""" SCOPE (CLIENTS): try to list scopes for a non existing account."""
account = account_name_generator()
self.scope_client.list_scopes_for_account(account)
