def test_destroy_user(self): user1 = User(self.db) uu = user1.get_id() user1.destroy_brutally() try: user1 = User(self.db, uu) self.fail("The uuid should have been deleted %s" % (uu)) except: pass
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) user_uu = None if len(args) == 1: user_uu = args[0] if opts.new: user = User(db_obj, user_uu, friendly=opts.friendlyname, create=True) pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id())) else: user = User(db_obj, user_uu) pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id())) if opts.alias != None: user_alias = user.get_alias(opts.alias, opts.type) if user_alias == None: user_alias = user.create_alias(opts.alias, opts.type, opts.friendlyname) pynimbusauthz.print_msg( opts, 0, "Creating new alias %s:%s" % (opts.type, opts.alias)) if opts.genkey: data = pynimbusauthz.random_string_gen(42) pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data)) user_alias.set_data(data) elif opts.setkey != None: data = opts.setkey user_alias.set_data(data) pynimbusauthz.print_msg(opts, 0, "updated the alias key") if opts.remove_alias != None: user_alias = user.get_alias(opts.remove_alias, opts.type) user_alias.remove() if opts.remove: pynimbusauthz.print_msg(opts, 1, "Removing user %s" % (user.get_id())) if opts.force: pynimbusauthz.print_msg(opts, 1, "Removing all references") user.destroy_brutally() else: user.destroy() db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def test_basic_adduser(self): uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) rc = pynimbusauthz.add_user.main(["-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass
def test_change_key(self): user1 = User(self.db) name = "/file/name" old_base = "/old/path/base" fname = "/etc/group" new_base = "/new/base/location/dir" f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3) self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal") new_key = new_base + fname f.set_data_key(new_key) self.db.commit() tst_new_key = f.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key)) f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3) tst_new_key = f2.get_data_key() self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))
def xtest_international_file(self): user1 = User(self.db) name = os.environ['CUMULUS_WORD'] data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit()
def test_file_children(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1) self.db.commit() p2 = child1.get_parent() self.assertEqual(p2, file1, "parent not set properly") x = child1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") x = file1.get_all_children() found = False for f in x: if f == child1: found = True self.assertTrue(found, "We should have found that kid!")
def test_file_and_bucket(self): user1 = User(self.db) fname = "NAME" data = "data" b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3) f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1) f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3) self.db.commit() self.assertNotEqual(f1.get_id(), f2.get_id()) f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1) f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3) self.assertEqual(f1.get_id(), f3.get_id()) self.assertEqual(f2.get_id(), f4.get_id()) self.assertNotEqual(f3.get_id(), f4.get_id()) self.db.commit()
def test_find_user_alias(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) self.db.commit() fid = "%%" + alias_name[1:] lid = alias_name[:-1] + "%%" mid = "%%" + alias_name[1:-1] + "%%" # find by exact id u_all = UserAlias.find_alias(self.db, alias_name) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, fid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, lid) self.assertTrue(self.find_user_id(alias1, u_all)) # find by exact partial 1 u_all = UserAlias.find_alias(self.db, mid) self.assertNotEqual(u_all, None, "we should have found somethings") self.assertTrue(self.find_user_id(alias1, u_all))
def test_delete_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") alias1.remove() alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias2, None, "The alias should be gone")
def __init__(self, db_obj, row): self.db_obj = db_obj self.id = row[File.cols['id']] self.name = row[File.cols['name']] user_id = row[File.cols['owner_id']] self.owner = User(self.db_obj, user_id) self.data_key = row[File.cols['data_key']] ot = row[File.cols['object_type']] self.object_type = pynimbusauthz.reverse_lookup_type(pynimbusauthz.object_types, ot) file_id = row[File.cols['parent_id']] if file_id == None: self.parent = None else: self.parent = File.get_file_from_db_id(db_obj, file_id) self.md5sum = row[File.cols['md5sum']] self.object_size = row[File.cols['object_size']] ctm = row[File.cols['creation_time']] if ctm != None: ctm = str(ctm) ndx = ctm.rfind(".") if ndx > 0: ctm = ctm[:ndx] self.creation_time = time.strptime(ctm, "%Y-%m-%d %H:%M:%S") else: self.creation_time = None
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) != 3: raise AuthzException( 'CLI_PARAMETER', "You must specify a username filename and a datakey\nTry --help" ) user_name = args[0] object_name = args[1] data = args[2] user = User(db_obj, uu=user_name) parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent)) File.create_file(db_obj, object_name, user, data, opts.type, parent=parent) db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def test_null_alias(self): user1 = User(self.db) all_alias = user1.get_all_alias() self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user") all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3) self.assertEqual(len(list(all_alias)), 0, "No alias should be in DB for new user")
def test_basic_list_user(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) self.db.commit() rc = pynimbusauthz.list_user.main(["-O", self.outFileName]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found")
def test_grant(self): user2 = User(self.db) self.uf.chmod("R", user=user2) uf2 = UserFile(self.file1, user2) p = uf2.get_perms() self.assertEqual(p, "R", "perms should only be read here")
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit()
def test_basic_stat(self): user2 = User(self.db) self.db.commit() rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main([self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc)) rc = pynimbusauthz.stat.main(["-a", self.name]) self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1)
def remove_user(self, force=False): try: if force: uc = User(self.db_obj, uu=self.get_canonical_id(), create=False) uc.destroy_brutally() else: self.alias.remove() finally: self.db_obj.commit()
def test_create_same_alias(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") try: alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name@") self.fail("This should have caused an conflict on insert") except: pass
def test_alias_lookup_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "name1@") alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_name(), alias2.get_name(), "Alias names should be the same") self.assertEqual(alias1.get_type(), alias2.get_type(), "Alias types should be the same") self.assertEqual(alias1.get_data(), alias2.get_data(), "Alias data should be the same")
def test_user_alias_remove(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu]) self.assertEqual(rc, 0, "CLI should return success") try: user = User(self.db, uu) self.fail("should have had an exception loading user") except: pass try: ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.fail("should have had an exception loading user") except: pass
def test_basic_alias(self): user = User(self.db) uu = user.get_id() aname = "alias1" self.db.commit() rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertNotEqual(ua, None, "alias not found") rc = pynimbusauthz.add_user.main(["-x", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.assertEqual(ua, None, "alias should not be found")
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit()
def test_set_alias_data(self): user1 = User(self.db) self.db.commit() alias_name = "helloname" alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3, alias_name) key = "helloworld" alias1.set_data(key) self.db.commit() alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3) self.assertEqual(alias1.get_data(), alias2.get_data(), "alias not equal") self.assertEqual(key, alias2.get_data(), "alias not equal")
def test_find_by_key(self): user1 = User(self.db) name = "/file/name" key = "/old/path/base" f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3) self.db.commit() f2a = File.find_files_from_data(self.db, key) found = False for f2 in f2a: tst_key = f2.get_data_key() if tst_key == key: found = True self.assertTrue(found, "key not found")
def test_create_alias_simple(self): user1 = User(self.db) alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3, "testname@") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3, "name2@", "pooP") user2 = alias1.get_canonical_user() self.assertEqual(user1.get_id(), user2.get_id(), "User IDs should be equal") print alias1
def test_find_by_alias(self): uu = str(uuid.uuid1()) user = User(self.db, uu, create=True) self.db.commit() # add a few alias alias_a = [] for i in range(0, 10): aname = str(uuid.uuid1()) alias_a.append(aname) rc = pynimbusauthz.add_user.main(["-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]]) self.assertEqual(rc, 0, "CLI should return success") rc = self.find_out_string(uu) self.assertTrue(rc, "Username not found")
def test_set_key(self): aname = str(uuid.uuid1()) uu = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") key = str(uuid.uuid1()) rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu]) self.assertEqual(rc, 0, "CLI should return success") user = User(self.db, uu) ua = user.get_alias(aname, pynimbusauthz.alias_type_s3) self.db.commit() k2 = ua.get_data() self.assertEqual(k2, key)
def test_basic_file(self): user1 = User(self.db) name = "/file/name" data = "/etc/group" file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3) self.db.commit() x = file1.get_all_children() self.assertEqual(len(list(x)), 0, "The file should have no children") n2 = file1.get_name() self.assertEqual(name, n2, "Names not equal") d2 = file1.get_data_key() self.assertEqual(data, d2, "Data not equal") o2 = file1.get_owner() self.assertEqual(user1, o2, "Owner not equal") p2 = file1.get_parent() self.assertEqual(None, p2, "There should be no parent") b2 = file1.get_object_type() self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")
def main(argv=sys.argv[1:]): try: repo_dir = argv[0] repo_dir = str(repo_dir).strip() con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) user = User(db_obj, uu="CumulusPublicUser") if user == None: raise Exception("No public user") File.create_file(db_obj, repo_dir, user, repo_dir, pynimbusauthz.alias_type_s3) db_obj.commit() except: raise return 0