def test_verify_user_tenant_and_role__role(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = (False, 'Group does not exist as a group in the system')
result = _verify_user_tenant_and_group(tenant_folder, 'some_user', 'gddroup', 'made_up_role')
self.assertEqual(result, expected_result)
def _set_ssh_key(user,
group,
home_folder,
pub_key_str=None,
pub_key_file=None):
"""
Add the given public key to the users home folder
:param home_folder:
:param pub_key_str: The string containing the public key
:param pub_key_file: The file containing the public key
:return: None
"""
if not pub_key_str and not pub_key_file:
return
ssh_dir = os.path.join(home_folder, '.ssh')
create_path(ssh_dir)
auth_keys_path = os.path.join(home_folder, '.ssh', 'authorized_keys')
pub_key = pub_key_str
if not pub_key_str:
with open(pub_key_file, 'r') as f:
pub_key = f.read()
with open(auth_keys_path, 'a') as f:
f.write(pub_key)
if pub_key[-1] != '\n':
f.write('\n')
shutil.chown(ssh_dir, user, group)
shutil.chown(auth_keys_path, user, group)
def test_verify_user_tenant_and_role__valid_input(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = True, ""
result = _verify_user_tenant_and_group(tenant_folder, 'the_roots', 'wheel', 'wheel')
self.assertEqual(expected_result, result)
def test_verify_user_tenant_and_role__user(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = (False, 'Group does not exist as a group in the system')
result = _verify_user_tenant_and_group(tenant_folder, 'root', 'invalidGroup', 'wheel')
self.assertEqual(expected_result, result)
def _create_sftp_departures_zone(sftp_conf):
"""
create sftp departures zone
:param None
:return: None
"""
if os.path.exists(os.path.join(sftp_conf['home'], sftp_conf['base_dir'])):
create_path(os.path.join(sftp_conf['home'], sftp_conf['base_dir'], sftp_conf['sftp_departures_dir']))
def _create_sftp_base_dir(sftp_conf):
"""
create sftp base dir if not exists
:param None
:return: None
"""
if os.path.exists(sftp_conf['home']):
create_path(os.path.join(sftp_conf['home'], sftp_conf['base_dir']))
def test_verify_user_tenant_and_role__valid_input(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = True, ""
result = _verify_user_tenant_and_group(tenant_folder, 'the_roots',
'wheel', 'wheel')
self.assertEqual(expected_result, result)
def test_verify_user_tenant_and_role__role(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = (False,
'Group does not exist as a group in the system')
result = _verify_user_tenant_and_group(tenant_folder, 'some_user',
'gddroup', 'made_up_role')
self.assertEqual(result, expected_result)
def test__create_non_existing_path_as_root(self):
test_path = "/tmp/sftp"
create_path(test_path)
self.assertTrue(os.path.exists(test_path))
# cleanup
if os.path.exists(test_path):
shutil.rmtree(test_path, True)
self.assertFalse(os.path.exists(test_path))
def test__create_non_existing_path_as_root(self):
test_path = "/tmp/sftp"
create_path(test_path)
self.assertTrue(os.path.exists(test_path))
# cleanup
if os.path.exists(test_path):
shutil.rmtree(test_path, True)
self.assertFalse(os.path.exists(test_path))
def test_verify_user_tenant_and_role__user(self):
tenant_folder = os.path.join(self.__temp_dir, 'test_does_exist')
create_path(tenant_folder)
expected_result = (False,
'Group does not exist as a group in the system')
result = _verify_user_tenant_and_group(tenant_folder, 'root',
'invalidGroup', 'wheel')
self.assertEqual(expected_result, result)
def create_tenant(tenant, sftp_conf):
'''
Create the necessary directories for the given tenant
:param tenant: The name of the tenant
:param sftp_conf: The configuration information for the tenant
:return: None
'''
dir_list = create_list_of_dirs_for_tenant(tenant, sftp_conf)
print('Directories created for tenant:')
for path in dir_list:
create_path(path)
os.chmod(path, 0o755)
print('\t', path)
def create_tenant(tenant, sftp_conf):
'''
Create the necessary directories for the given tenant
:param tenant: The name of the tenant
:param sftp_conf: The configuration information for the tenant
:return: None
'''
dir_list = create_list_of_dirs_for_tenant(tenant, sftp_conf)
print('Directories created for tenant:')
for path in dir_list:
create_path(path)
os.chmod(path, 0o755)
print('\t', path)
def _create_user(user, home_folder, sftp_folder, role, directory_name):
"""
create the given user with the specified home-folder and group
:param user: the username of the user to create
:param home_folder: the path to the users home folder
:param role: the name of the user's role which will be used to assign a user to a group
:return: None
"""
create_path(sftp_folder)
subprocess.call([
'adduser', '-d', home_folder, '-g', role, '-s', '/sbin/nologin', user
])
_create_role_specific_folder(user, sftp_folder, role, directory_name)
def _create_role_specific_folder(user, sftp_user_folder, role, directory_name):
"""
Create the directory and set the permissions for the file drop folder
:param user: the username of the user to create
:param sftp_user_folder: the path to the users home folder
:param role: the name of the user's role which will be used to assign a user to a group
:param file_drop_name: the name of the file drop folder (should be in the sftp_config dict)
:return: None
"""
file_drop_loc = os.path.join(sftp_user_folder, directory_name)
# Change the user's home sftp to a+rw
os.chmod(sftp_user_folder, 0o755)
# create file drop location and set proper permission
create_path(file_drop_loc)
change_owner(file_drop_loc, user, role)
os.chmod(file_drop_loc, 0o775)