def test_destroy_user(self):
user1 = User(self.db)
uu = user1.get_id()
user1.destroy_brutally()
try:
user1 = User(self.db, uu)
self.fail("The uuid should have been deleted %s" % (uu))
except:
pass
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
user_uu = None
if len(args) == 1:
user_uu = args[0]
if opts.new:
user = User(db_obj,
user_uu,
friendly=opts.friendlyname,
create=True)
pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id()))
else:
user = User(db_obj, user_uu)
pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id()))
if opts.alias != None:
user_alias = user.get_alias(opts.alias, opts.type)
if user_alias == None:
user_alias = user.create_alias(opts.alias, opts.type,
opts.friendlyname)
pynimbusauthz.print_msg(
opts, 0,
"Creating new alias %s:%s" % (opts.type, opts.alias))
if opts.genkey:
data = pynimbusauthz.random_string_gen(42)
pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data))
user_alias.set_data(data)
elif opts.setkey != None:
data = opts.setkey
user_alias.set_data(data)
pynimbusauthz.print_msg(opts, 0, "updated the alias key")
if opts.remove_alias != None:
user_alias = user.get_alias(opts.remove_alias, opts.type)
user_alias.remove()
if opts.remove:
pynimbusauthz.print_msg(opts, 1,
"Removing user %s" % (user.get_id()))
if opts.force:
pynimbusauthz.print_msg(opts, 1, "Removing all references")
user.destroy_brutally()
else:
user.destroy()
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def test_basic_adduser(self):
uu = str(uuid.uuid1())
rc = pynimbusauthz.add_user.main(["-n", uu])
self.assertEqual(rc, 0, "CLI should return success")
user = User(self.db, uu)
rc = pynimbusauthz.add_user.main(["-r", uu])
self.assertEqual(rc, 0, "CLI should return success")
try:
user = User(self.db, uu)
self.fail("should have had an exception loading user")
except:
pass
def test_change_key(self):
user1 = User(self.db)
name = "/file/name"
old_base = "/old/path/base"
fname = "/etc/group"
new_base = "/new/base/location/dir"
f = File.create_file(self.db, name, user1, old_base + fname,
pynimbusauthz.object_type_s3)
self.assertEqual(old_base + fname, f.get_data_key(),
"old value not euqal")
new_key = new_base + fname
f.set_data_key(new_key)
self.db.commit()
tst_new_key = f.get_data_key()
self.assertEqual(tst_new_key, new_key,
"%s should equal %s" % (tst_new_key, new_key))
f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3)
tst_new_key = f2.get_data_key()
self.assertEqual(tst_new_key, new_key,
"%s should equal %s" % (tst_new_key, new_key))
def xtest_international_file(self):
user1 = User(self.db)
name = os.environ['CUMULUS_WORD']
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
def test_file_children(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
child1 = File.create_file(self.db,
"kid",
user1,
data,
pynimbusauthz.object_type_s3,
parent=file1)
self.db.commit()
p2 = child1.get_parent()
self.assertEqual(p2, file1, "parent not set properly")
x = child1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
x = file1.get_all_children()
found = False
for f in x:
if f == child1:
found = True
self.assertTrue(found, "We should have found that kid!")
def test_file_and_bucket(self):
user1 = User(self.db)
fname = "NAME"
data = "data"
b1 = File.create_file(self.db, "bucket", user1, data,
pynimbusauthz.object_type_s3)
f1 = File.create_file(self.db,
fname,
user1,
data,
pynimbusauthz.object_type_s3,
parent=b1)
f2 = File.create_file(self.db, fname, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
self.assertNotEqual(f1.get_id(), f2.get_id())
f3 = File.get_file(self.db,
fname,
pynimbusauthz.object_type_s3,
parent=b1)
f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertEqual(f1.get_id(), f3.get_id())
self.assertEqual(f2.get_id(), f4.get_id())
self.assertNotEqual(f3.get_id(), f4.get_id())
self.db.commit()
def test_find_user_alias(self):
user1 = User(self.db)
self.db.commit()
alias_name = "helloname"
alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3,
alias_name)
self.db.commit()
fid = "%%" + alias_name[1:]
lid = alias_name[:-1] + "%%"
mid = "%%" + alias_name[1:-1] + "%%"
# find by exact id
u_all = UserAlias.find_alias(self.db, alias_name)
self.assertNotEqual(u_all, None, "we should have found somethings")
self.assertTrue(self.find_user_id(alias1, u_all))
# find by exact partial 1
u_all = UserAlias.find_alias(self.db, fid)
self.assertTrue(self.find_user_id(alias1, u_all))
# find by exact partial 1
u_all = UserAlias.find_alias(self.db, lid)
self.assertTrue(self.find_user_id(alias1, u_all))
# find by exact partial 1
u_all = UserAlias.find_alias(self.db, mid)
self.assertNotEqual(u_all, None, "we should have found somethings")
self.assertTrue(self.find_user_id(alias1, u_all))
def test_delete_alias(self):
user1 = User(self.db)
alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
"name@")
alias1.remove()
alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)
self.assertEqual(alias2, None, "The alias should be gone")
def __init__(self, db_obj, row):
self.db_obj = db_obj
self.id = row[File.cols['id']]
self.name = row[File.cols['name']]
user_id = row[File.cols['owner_id']]
self.owner = User(self.db_obj, user_id)
self.data_key = row[File.cols['data_key']]
ot = row[File.cols['object_type']]
self.object_type = pynimbusauthz.reverse_lookup_type(pynimbusauthz.object_types, ot)
file_id = row[File.cols['parent_id']]
if file_id == None:
self.parent = None
else:
self.parent = File.get_file_from_db_id(db_obj, file_id)
self.md5sum = row[File.cols['md5sum']]
self.object_size = row[File.cols['object_size']]
ctm = row[File.cols['creation_time']]
if ctm != None:
ctm = str(ctm)
ndx = ctm.rfind(".")
if ndx > 0:
ctm = ctm[:ndx]
self.creation_time = time.strptime(ctm, "%Y-%m-%d %H:%M:%S")
else:
self.creation_time = None
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename and a datakey\nTry --help"
)
user_name = args[0]
object_name = args[1]
data = args[2]
user = User(db_obj, uu=user_name)
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
File.create_file(db_obj,
object_name,
user,
data,
opts.type,
parent=parent)
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def test_null_alias(self):
user1 = User(self.db)
all_alias = user1.get_all_alias()
self.assertEqual(len(list(all_alias)), 0,
"No alias should be in DB for new user")
all_alias = user1.get_alias_by_type(pynimbusauthz.alias_type_s3)
self.assertEqual(len(list(all_alias)), 0,
"No alias should be in DB for new user")
def test_basic_list_user(self):
uu = str(uuid.uuid1())
user = User(self.db, uu, create=True)
self.db.commit()
rc = pynimbusauthz.list_user.main(["-O", self.outFileName])
self.assertEqual(rc, 0, "CLI should return success")
rc = self.find_out_string(uu)
self.assertTrue(rc, "Username not found")
def test_grant(self):
user2 = User(self.db)
self.uf.chmod("R", user=user2)
uf2 = UserFile(self.file1, user2)
p = uf2.get_perms()
self.assertEqual(p, "R", "perms should only be read here")
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.db.commit()
def test_basic_stat(self):
user2 = User(self.db)
self.db.commit()
rc = pynimbusauthz.chmod.main([user2.get_id(), self.name, "Rrw"])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
rc = pynimbusauthz.stat.main([self.name])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
rc = pynimbusauthz.stat.main(["-a", self.name])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
def setUp(self):
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
def remove_user(self, force=False):
try:
if force:
uc = User(self.db_obj,
uu=self.get_canonical_id(),
create=False)
uc.destroy_brutally()
else:
self.alias.remove()
finally:
self.db_obj.commit()
def test_create_same_alias(self):
user1 = User(self.db)
alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
"name@")
try:
alias2 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
"name@")
self.fail("This should have caused an conflict on insert")
except:
pass
def test_alias_lookup_simple(self):
user1 = User(self.db)
alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
"name1@")
alias2 = user1.get_alias("/name/", pynimbusauthz.alias_type_s3)
self.assertEqual(alias1.get_name(), alias2.get_name(),
"Alias names should be the same")
self.assertEqual(alias1.get_type(), alias2.get_type(),
"Alias types should be the same")
self.assertEqual(alias1.get_data(), alias2.get_data(),
"Alias data should be the same")
def test_user_alias_remove(self):
aname = str(uuid.uuid1())
uu = str(uuid.uuid1())
rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
user = User(self.db, uu)
ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
rc = pynimbusauthz.add_user.main(["-x", aname, "-r", uu])
self.assertEqual(rc, 0, "CLI should return success")
try:
user = User(self.db, uu)
self.fail("should have had an exception loading user")
except:
pass
try:
ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
self.fail("should have had an exception loading user")
except:
pass
def test_basic_alias(self):
user = User(self.db)
uu = user.get_id()
aname = "alias1"
self.db.commit()
rc = pynimbusauthz.add_user.main(["-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
self.assertNotEqual(ua, None, "alias not found")
rc = pynimbusauthz.add_user.main(["-x", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
self.assertEqual(ua, None, "alias should not be found")
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
self.db.commit()
def test_set_alias_data(self):
user1 = User(self.db)
self.db.commit()
alias_name = "helloname"
alias1 = user1.create_alias(alias_name, pynimbusauthz.alias_type_s3,
alias_name)
key = "helloworld"
alias1.set_data(key)
self.db.commit()
alias2 = user1.get_alias(alias_name, pynimbusauthz.alias_type_s3)
self.assertEqual(alias1.get_data(), alias2.get_data(),
"alias not equal")
self.assertEqual(key, alias2.get_data(), "alias not equal")
def test_find_by_key(self):
user1 = User(self.db)
name = "/file/name"
key = "/old/path/base"
f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3)
self.db.commit()
f2a = File.find_files_from_data(self.db, key)
found = False
for f2 in f2a:
tst_key = f2.get_data_key()
if tst_key == key:
found = True
self.assertTrue(found, "key not found")
def test_create_alias_simple(self):
user1 = User(self.db)
alias1 = user1.create_alias("/name/", pynimbusauthz.alias_type_s3,
"testname@")
user2 = alias1.get_canonical_user()
self.assertEqual(user1.get_id(), user2.get_id(),
"User IDs should be equal")
alias1 = user1.create_alias("/name2", pynimbusauthz.alias_type_s3,
"name2@", "pooP")
user2 = alias1.get_canonical_user()
self.assertEqual(user1.get_id(), user2.get_id(),
"User IDs should be equal")
print alias1
def test_find_by_alias(self):
uu = str(uuid.uuid1())
user = User(self.db, uu, create=True)
self.db.commit()
# add a few alias
alias_a = []
for i in range(0, 10):
aname = str(uuid.uuid1())
alias_a.append(aname)
rc = pynimbusauthz.add_user.main(["-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
rc = pynimbusauthz.list_user.main(["-s", "-O", self.outFileName, alias_a[0]])
self.assertEqual(rc, 0, "CLI should return success")
rc = self.find_out_string(uu)
self.assertTrue(rc, "Username not found")
def test_set_key(self):
aname = str(uuid.uuid1())
uu = str(uuid.uuid1())
rc = pynimbusauthz.add_user.main(["-n", "-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
rc = pynimbusauthz.add_user.main(["-g", "-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
key = str(uuid.uuid1())
rc = pynimbusauthz.add_user.main(["-k", key, "-a", aname, uu])
self.assertEqual(rc, 0, "CLI should return success")
user = User(self.db, uu)
ua = user.get_alias(aname, pynimbusauthz.alias_type_s3)
self.db.commit()
k2 = ua.get_data()
self.assertEqual(k2, key)
def test_basic_file(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
x = file1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
n2 = file1.get_name()
self.assertEqual(name, n2, "Names not equal")
d2 = file1.get_data_key()
self.assertEqual(data, d2, "Data not equal")
o2 = file1.get_owner()
self.assertEqual(user1, o2, "Owner not equal")
p2 = file1.get_parent()
self.assertEqual(None, p2, "There should be no parent")
b2 = file1.get_object_type()
self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")
def main(argv=sys.argv[1:]):
try:
repo_dir = argv[0]
repo_dir = str(repo_dir).strip()
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
user = User(db_obj, uu="CumulusPublicUser")
if user == None:
raise Exception("No public user")
File.create_file(db_obj, repo_dir, user, repo_dir,
pynimbusauthz.alias_type_s3)
db_obj.commit()
except:
raise
return 0
