def test_regenerate_user_key(self): pubkey = "1 2" privkey = "3 4 5" donor_key = "6 7" # Create a user who will be doing the acquiring. user = maindb.create_user("testuser", "password", "*****@*****.**", "affiliation", pubkey, privkey, donor_key) userport = user.usable_vessel_port vesselcount = 4 # Have every vessel acquisition to the backend request succeed. calls_results = [True] * vesselcount mocklib.mock_backend_acquire_vessel(calls_results) testutil.create_nodes_on_different_subnets(vesselcount, [userport]) # Acquire all vessels on behalf of this user. all_vessels_list = interface.acquire_vessels(user, vesselcount, 'rand') # Release 2 vessels. released_vessels_list = all_vessels_list[:2] kept_vessels_list = all_vessels_list[2:] interface.release_vessels(user, released_vessels_list) # Ensure all of the vessels are marked as having user keys in sync. for vessel in all_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertTrue(vessel.user_keys_in_sync) # We expect a single key to be generated through the keygen api (the new # user public key). mocklib.mock_keygen_generate_keypair([("55 66", "77 88 99")]) interface.change_user_keys(user, pubkey=None) # Get a new user object from the database. user = maindb.get_user(user.username) # Make sure the user's key changed. self.assertEqual(user.user_pubkey, "55 66") self.assertEqual(user.user_privkey, "77 88 99") # Make sure that all of the vessels the user has access to (and no other # vessels) are marked as needing user keys to be sync'd. # Ensure all of the vessels are marked as having user keys in sync. for vessel in kept_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertFalse(vessel.user_keys_in_sync) for vessel in released_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertTrue(vessel.user_keys_in_sync)
def change_key(request): try: user = _validate_and_get_geniuser(request) except LoggedInButFailedGetGeniUserError: return _show_failed_get_geniuser_page(request) info = "" if request.method == 'GET': return render_to_response('control/change_key.html', {'username' : user.username, 'error_msg' : ""}, context_instance=RequestContext(request)) # This is a POST, so figure out if a file was uploaded or if we are supposed # to generate a new key for the user. if request.POST.get('generate', False): interface.change_user_keys(user, pubkey=None) msg = "Your new keys have been generated. You should download them now." return profile(request, msg) else: file = request.FILES.get('pubkey', None) if file is None: msg = "You didn't select a public key file to upload." return profile(request, info, msg) if file.size == 0 or file.size > forms.MAX_PUBKEY_UPLOAD_SIZE: msg = "Invalid file uploaded. The file size limit is " msg += str(forms.MAX_PUBKEY_UPLOAD_SIZE) + " bytes." return profile(request, info, msg) pubkey = file.read() try: validations.validate_pubkey_string(pubkey) except ValidationError: msg = "Invalid public key uploaded." return profile(request, info, msg) # If we made it here, the uploaded key is good. interface.change_user_keys(user, pubkey=pubkey) msg = "Your public key has been successfully changed." return profile(request, msg)
def set_public_key(pwauth, pubkeystring): """ <Purpose> Sets the user account's public key. This requires authenticating with the account password rather than the current API key. <Arguments> pwauth An authorization dict that includes a password instead of an apikey. pubkeystring The account's new public key. <Exceptions> Raises xmlrpclib Fault Objects: FAULTCODE_INVALIDREQUEST if pubkey is invalid. <Returns> None. """ geni_user = _pwauth(pwauth) try: interface.change_user_keys(geni_user, pubkeystring) except ValidationError, e: raise xmlrpclib.Fault(FAULTCODE_INVALIDREQUEST, "Invalid public key: %s" % e)
def test_set_user_key(self): pubkey = "1 2" privkey = "3 4 5" donor_key = "6 7" # Create a user who will be doing the acquiring. user = maindb.create_user("testuser", "password", "*****@*****.**", "affiliation", pubkey, privkey, donor_key) userport = user.usable_vessel_port vesselcount = 4 # Have every vessel acquisition to the backend request succeed. calls_results = [True] * vesselcount mocklib.mock_backend_acquire_vessel(calls_results) testutil.create_nodes_on_different_subnets(vesselcount, [userport]) # Acquire all vessels on behalf of this user. all_vessels_list = interface.acquire_vessels(user, vesselcount, 'rand') # Release 2 vessels. released_vessels_list = all_vessels_list[:2] kept_vessels_list = all_vessels_list[2:] interface.release_vessels(user, released_vessels_list) # Ensure all of the vessels are marked as having user keys in sync. for vessel in all_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertTrue(vessel.user_keys_in_sync) # We expect no keys to be generated through the keygen api. mocklib.mock_keygen_generate_keypair([]) interface.change_user_keys(user, pubkey="55 66") # Get a new user object from the database. user = maindb.get_user(user.username) # Make sure the user's key changed. self.assertEqual(user.user_pubkey, "55 66") self.assertEqual(user.user_privkey, None) # Make sure that all of the vessels the user has access to (and no other # vessels) are marked as needing user keys to be sync'd. # Ensure all of the vessels are marked as having user keys in sync. for vessel in kept_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertFalse(vessel.user_keys_in_sync) for vessel in released_vessels_list: # Get a fresh vessel from the db. vessel = maindb.get_vessel(vessel.node.node_identifier, vessel.name) self.assertTrue(vessel.user_keys_in_sync)