def test_list_files_filters_by_owner(self):
factory.make_FileStorage(owner=factory.make_User())
response = self.make_API_GET_request()
self.assertEqual(http.client.OK, response.status_code)
parsed_results = json_load_bytes(response.content)
self.assertEqual([], parsed_results)
def test_getUserFromSessionId_returns_None_for_invalid_key(self):
self.client.login(user=maas_factory.make_User())
session_id = maas_factory.make_name("sessionid")
protocol, factory = self.make_protocol()
self.assertIs(None, protocol.getUserFromSessionId(session_id))
def test_whoami_returns_forbidden_if_not_logged_in(self):
self.client.logout()
factory.make_User()
response = self.client.get(reverse("users_handler"), {"op": "whoami"})
self.assertEqual(http.client.UNAUTHORIZED, response.status_code,
response.content)
def test_ProfileForm_validates_if_email_unchanged(self):
email = '*****@*****.**' % factory.make_string()
user = factory.make_User(email=email)
form = ProfileForm(instance=user, data={'email': email})
self.assertTrue(form.is_valid())
def test_is_authenticated_external_auth(self):
user = factory.make_User()
request = self.make_request(user=user)
auth = MAASAPIAuthentication()
self.assertTrue(auth.is_authenticated(request))
def test_missing_action_raises_error(self):
user = factory.make_User()
device = self.make_device_with_ip_address(owner=user)
handler = DeviceHandler(user, {})
with ExpectedException(NodeActionError):
handler.action({"system_id": device.system_id})
def test_returns_owner_if_node_found(self):
node = factory.make_Node(owner=factory.make_User())
make_provider_state_file(node=node)
self.assertEqual(node.owner, get_bootstrap_node_owner())
def test_user_can_edit_VirtualBlockDevice_when_node_owner(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
node = factory.make_Node(owner=user)
device = factory.make_VirtualBlockDevice(node=node)
self.assertTrue(backend.has_perm(user, NODE_PERMISSION.EDIT, device))
def make_user(self, name='test', password='******'):
"""Create a user with a password."""
return factory.make_User(username=name, password=password)
def test_user_can_lock_locked_node(self):
backend = MAASAuthorizationBackend()
owner = factory.make_User()
node = factory.make_Node(
owner=owner, status=NODE_STATUS.DEPLOYED, locked=True)
self.assertTrue(backend.has_perm(owner, NODE_PERMISSION.LOCK, node))
def test_user_can_view_BlockDevice_when_no_node_owner(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
node = factory.make_Node()
device = factory.make_BlockDevice(node=node)
self.assertTrue(backend.has_perm(user, NODE_PERMISSION.VIEW, device))
def test_user_can_edit_his_own_nodes(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
self.assertTrue(backend.has_perm(
user, NODE_PERMISSION.EDIT, make_allocated_node(owner=user)))
def test_user_cannot_edit_unowned_node(self):
backend = MAASAuthorizationBackend()
self.assertFalse(backend.has_perm(
factory.make_User(), NODE_PERMISSION.EDIT,
factory.make_Node()))
def test_user_cannot_edit_nodes_owned_by_others(self):
backend = MAASAuthorizationBackend()
self.assertFalse(backend.has_perm(
factory.make_User(), NODE_PERMISSION.EDIT, make_allocated_node()))
def test_get_form_class_returns_DeviceForm_for_update(self):
user = factory.make_User()
handler = DeviceHandler(user, {})
self.assertIs(DeviceForm, handler.get_form_class("update"))
def test_user_can_view(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
self.assertTrue(
backend.has_perm(
user, NODE_PERMISSION.VIEW, self.factory()))
def test_get_form_class_raises_error_for_unknown_action(self):
user = factory.make_User()
handler = DeviceHandler(user, {})
self.assertRaises(
HandlerError,
handler.get_form_class, factory.make_name())
def test_user_cannot_edit(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
self.assertFalse(
backend.has_perm(
user, NODE_PERMISSION.EDIT, self.factory()))
def test_update_raise_permissions_error_for_non_admin(self):
user = factory.make_User()
handler = DeviceHandler(user, {})
self.assertRaises(
HandlerPermissionError,
handler.update, {})
def test_user_not_admin(self):
backend = MAASAuthorizationBackend()
user = factory.make_User()
self.assertFalse(
backend.has_perm(
user, NODE_PERMISSION.ADMIN, self.factory()))
def test_returns_None_if_node_does_not_exist(self):
node = factory.make_Node(owner=factory.make_User())
make_provider_state_file(node=node)
node.delete()
self.assertIsNone(get_bootstrap_node_owner())
def make_allocated_node(owner=None):
"""Create a node, owned by `owner` (or create owner if not given)."""
if owner is None:
owner = factory.make_User()
return factory.make_Node(owner=owner, status=NODE_STATUS.ALLOCATED)
def test_is_authenticated(self):
Config.objects.set_config('external_auth_url', '')
user = factory.make_User()
request = self.make_request(user=user)
auth = MAASAPIAuthentication()
self.assertTrue(auth.is_authenticated(request))
def test_user_can_view_unowned_node(self):
backend = MAASAuthorizationBackend()
self.assertTrue(backend.has_perm(
factory.make_User(), NODE_PERMISSION.VIEW,
factory.make_Node()))
def get_user_and_session_id(self):
user = maas_factory.make_User()
self.client.login(user=user)
session_id = self.client.session._session_key
return user, session_id
def test_user_can_view_nodes_owned_by_others(self):
backend = MAASAuthorizationBackend()
self.assertTrue(backend.has_perm(
factory.make_User(), NODE_PERMISSION.VIEW, make_allocated_node()))
def make_user(self):
return maas_factory.make_User()
def test_get_object_raises_exception_if_owner_by_another_user(self):
user = factory.make_User()
device = self.make_device_with_ip_address()
handler = DeviceHandler(user, {})
with ExpectedException(HandlerDoesNotExistError):
handler.get_object({"system_id": device.system_id})
def test_create_is_admin_only(self):
user = factory.make_User()
handler = DHCPSnippetHandler(user, {}, None)
self.assertRaises(HandlerPermissionError, handler.create, {})
def test_pockets_to_disable(self):
handler = GeneralHandler(factory.make_User(), {})
self.assertEqual(PackageRepository.objects.get_pockets_to_disable(),
handler.pockets_to_disable({}))
