def test_edit_existing_name(self): """Target edition with a new name already used in database fails """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name2 = "bad_server" hostname2 = "127.0.0.3" port2 = 55 sshoptions2 = "--zapel" comment2 = "Worse target" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) t2 = target.Target(name=name2, hostname=hostname2, port=port2, sshoptions=sshoptions2, comment=comment2) db.session.add(t) db.session.commit() db.session.add(t2) db.session.commit() t2 = db.session.query(target.Target).filter_by(name=name2) updated_rows = t2.update({"name": name}) db.session.commit()
def test_remove_user(self): """Target removing a user succeeds""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name = "*****@*****.**" sshkey = "something" comment = "seldom" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) u = user.User(name=name, sshkey=sshkey, comment=comment) db.session.add(t) db.session.commit() t.adduser(u) db.session.commit() t.rmuser(u) db.session.commit() t_db = db.session.query(target.Target).filter_by(name=name).first() assert_equal(t_db.members, [])
def test_list_existing_targets(self): """Target listing with existing targets in database succeeds""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" target_list = [] t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) db.session.add(t) db.session.commit() query = db.session.query(target.Target.name).order_by( target.Target.name).all() for row in query: target_list.append(str(row[0])) target_list = "".join(target_list) assert_equal(target_list, "clever_server")
def test_add_usergroup_already_in_target(self): """Target adding a usergroup already in target does nothing (but doesn't raise error) """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" usergroupname = "VVVVVV" comment_usergroup = "Captain Viridian to the rescue" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) ug = usergroup.Usergroup(name=usergroupname, comment=comment_usergroup) db.session.add(t) db.session.commit() t.addusergroup(ug) db.session.commit() t.addusergroup(ug) db.session.commit() t_db = db.session.query(target.Target).filter_by(name=name).first() assert_equal(t_db.gmembers, [ug])
def test_remove_usergroup(self): """Target removing a usergroup succeeds""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" usergroupname = "VVVVVV" comment_usergroup = "Captain Viridian to the rescue" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) ug = usergroup.Usergroup(name=usergroupname, comment=comment_usergroup) db.session.add(t) db.session.commit() t.addusergroup(ug) db.session.commit() t.rmusergroup(ug) db.session.commit() t_db = db.session.query(target.Target).filter_by(name=name).first() assert_equal(t_db.gmembers, [])
def test_add_user_already_in_target(self): """Target adding a user already in target does nothing (but doesn't raise error) """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name = "*****@*****.**" sshkey = "something" comment = "seldom" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) u = user.User(name=name, sshkey=sshkey, comment=comment) db.session.add(t) db.session.commit() t.adduser(u) db.session.commit() t.adduser(u) db.session.commit() t_db = db.session.query(target.Target).filter_by(name=name).first() assert_equal(t_db.members, [u])
def test_search_no_users_match_pattern(self): """Target searching with a pattern that no target match with in database returning nothing succeeds """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" res_list = [] t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) db.session.add(t) db.session.commit() query = db.session.query(target.Target.name).filter( target.Target.name.like("%" + "zhu" + "%")).order_by( target.Target.name).all() for row in query: res_list.append(str(row[0])) res_list = "\n".join(res_list) assert_equal(res_list, "")
def test_create_existing_name(self): """Target creation in database with an already used name fails """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name = "*****@*****.**" sshkey = "railway" comment_user = "******" user_list = [] usergroupname = "Chevaliers_du_zodiaque" comment_usergroup = "Energie_du_cosmos" usergroup_list = [] u = user.User(name=name, sshkey=sshkey, comment=comment_user) user_list.append(u) ug = usergroup.Usergroup(name=usergroupname, comment=comment_usergroup) usergroup_list.append(ug) t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment, members=user_list, gmembers=usergroup_list) db.session.add(t) db.session.commit() t = target.Target(name=name, hostname="a great host", port=port, sshoptions=sshoptions, comment=comment, members=user_list, gmembers=usergroup_list) db.session.add(t) db.session.commit()
def test_search(self): """Target search with targets matching pattern in database succeeds """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name2 = "bad_server" hostname2 = "127.0.0.3" port2 = 55 sshoptions2 = "--zapel" comment2 = "Worse target" res_list = [] t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) t2 = target.Target(name=name2, hostname=hostname2, port=port2, sshoptions=sshoptions2, comment=comment2) db.session.add(t) db.session.add(t2) db.session.commit() query = db.session.query(target.Target.name).filter( target.Target.name.like("%" + "clever" + "%")).order_by( target.Target.name).all() for row in query: res_list.append(str(row[0])) res_list = "\n".join(res_list) assert_equal(res_list, "clever_server")
def target_create(): """Add a target in the database""" # Only POST data are handled if request.method != "POST": return "ERROR: POST method is required ", 405, \ {"content-type": "text/plain; charset=utf-8"} # Simplification for the reading name = request.form["name"] hostname = request.form["hostname"] login = request.form["login"] port = request.form["port"] sshoptions = request.form["sshoptions"] comment = request.form["comment"] # Check for required fields if not name or not hostname: return "ERROR: The name and hostname are required ", 417, \ {"content-type": "text/plain; charset=utf-8"} if not login: login = "******" if not port: port = 22 # Check unicity for name query = db.session.query(target.Target.name)\ .filter_by(name=name).first() if query is not None: return 'ERROR: The name "' + name + \ '" is already used by another target ', 417, \ {"content-type": "text/plain; charset=utf-8"} t = target.Target(name=name, hostname=hostname, login=login, port=port, sshoptions=sshoptions, comment=comment) db.session.add(t) # Try to add the target on the database try: db.session.commit() except exc.SQLAlchemyError as e: return 'ERROR: "' + name + '" -> ' + e.message, 409, \ {"content-type": "text/plain; charset=utf-8"} return 'OK: "' + name + '" -> created', 200, \ {"content-type": "text/plain; charset=utf-8"}
def test_delete_non_existing_target(self): """Target deletion with a non existing target fails""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) db.session.delete(t) db.session.commit()
def test_remove_user_not_in_target(self): """Target removing a user not in target does nothing (but doesn't raise error) """ name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" name = "*****@*****.**" sshkey = "something" comment = "seldom" name2 = "*****@*****.**" sshkey2 = "queue" comment2 = "yellow" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) u = user.User(name=name, sshkey=sshkey, comment=comment) u2 = user.User(name=name2, sshkey=sshkey2, comment=comment2) db.session.add(t) db.session.commit() t.adduser(u) t.adduser(u2) db.session.commit() t.rmuser(u) db.session.commit() t.rmuser(u) db.session.commit() t_db = db.session.query(target.Target).filter_by(name=name).first() assert_equal(t_db.members, [u2])
def test_create(self): """Target creation in database succeeds""" targetname = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" output = """Name: clever_server\nHostname: 127.0.0.1\nPort: 54\nSSH options: --zap\nComment: Magnificent target\nAttached users: [email protected]\nUsergroup list: Chevaliers_du_zodiaque\nUsers who can access this target: [email protected]\nAll usergroups: Chevaliers_du_zodiaque\nMember of the following targetgroups: """ username = "******" sshkey = "railway" comment_user = "******" user_list = [] usergroupname = "Chevaliers_du_zodiaque" comment_usergroup = "Energie_du_cosmos" usergroup_list = [] u = user.User(name=username, sshkey=sshkey, comment=comment_user) user_list.append(u) ug = usergroup.Usergroup(name=usergroupname, comment=comment_usergroup) usergroup_list.append(ug) t = target.Target(name=targetname, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment, members=user_list, gmembers=usergroup_list) db.session.add(t) db.session.commit() t_db = db.session.query( target.Target).filter_by(name="clever_server").first() assert_equal(t_db.name, targetname) assert_equal(t_db.hostname, hostname) assert_equal(t_db.port, port) assert_equal(t_db.sshoptions, sshoptions) assert_equal(t_db.comment, comment) assert_equal(repr(t_db), output)
def test_show(self): """Target show in database succeeds""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) db.session.add(t) db.session.commit() target_data = target.Target.query.filter_by(name=name).first() assert_equal(name, target_data.name) assert_equal(hostname, target_data.hostname) assert_equal(port, target_data.port) assert_equal(sshoptions, target_data.sshoptions) assert_equal(comment, target_data.comment)
def test_delete(self): """Target deletion in database succeeds""" name = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" t = target.Target(name=name, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment) db.session.add(t) db.session.commit() db.session.delete(t) db.session.commit() t_db = db.session.query( target.Target).filter_by(name="clever_server").first() assert_is_none(t_db)
def target_create(): """Add a target in the database""" # Only POST data are handled if request.method != "POST": return utils.response("ERROR: POST method is required ", 405) # Simplification for the reading name = request.form["name"].replace(" ", "") hostname = request.form["hostname"].replace(" ", "") targettype = request.form["targettype"].replace(" ", "") login = request.form["login"].replace(" ", "") port = request.form["port"].replace(" ", "") sshoptions = request.form["sshoptions"] comment = request.form["comment"] changepwd = request.form["changepwd"].replace(" ", "") sessiondur = "" if "sessiondur" in request.form: if utils.is_number(request.form["sessiondur"]): app.logger.error(request.form["sessiondur"]) sessiondur = int(request.form["sessiondur"].replace(" ", "")) * 60 # Check for required fields if not name or not hostname: return utils.response("ERROR: The name and hostname are" + \ " required", 417) if not targettype: targettype = "ssh" if not login: login = "******" if not port: if targettype == "ssh": port = 22 elif targettype == "mysql": port = 3306 elif targettype == "postgresql": port = 5432 elif targettype == "oracle": port = 1521 if not changepwd: changepwd = False elif changepwd == "True": changepwd = True else: changepwd = False if not sessiondur: sessiondur = 60 * int(config.DB_SESSIONS_TO) # Check unicity for name query = db.session.query(target.Target.name)\ .filter_by(name=name).first() if query is not None: return utils.response('ERROR: The name "' + name + \ '" is already used by another target ', 417) t = target.Target(name=name, hostname=hostname, targettype=targettype, login=login, port=port, sshoptions=sshoptions, comment=comment, changepwd=changepwd, sessiondur=sessiondur) db.session.add(t) # Try to add the target on the database try: db.session.commit() except exc.SQLAlchemyError as e: return utils.response('ERROR: "' + name + '" -> ' + e.message, 409) return utils.response('OK: "' + name + '" -> created', 200)
def test_edit(self): """Target edition in database succeeds""" targetname = "clever_server" hostname = "127.0.0.1" port = 54 sshoptions = "--zap" comment = "Magnificent target" new_targetname = "cleverer_super_server" new_hostname = "192.135.23.54" new_port = 80 new_sshoptions = "--plop" new_comment = "Marvellous target" username = "******" sshkey = "railway" comment_user = "******" username2 = "*****@*****.**" sshkey2 = "rough tell" comment_user2 = "slow" user_list = [] usergroupname = "Chevaliers_du_zodiaque" comment_usergroup = "Energie_du_cosmos" usergroupname2 = "Chevaliers d'or" comment_usergroup2 = "COSMOOOOS" usergroup_list = [] u = user.User(name=username, sshkey=sshkey, comment=comment_user) user_list.append(u) ug = usergroup.Usergroup(name=usergroupname, comment=comment_usergroup) usergroup_list.append(ug) t = target.Target(name=targetname, hostname=hostname, port=port, sshoptions=sshoptions, comment=comment, members=user_list, gmembers=usergroup_list) db.session.add(t) db.session.commit() u = user.User(name=username2, sshkey=sshkey2, comment=comment_user2) user_list.append(u) ug = usergroup.Usergroup(name=usergroupname2, comment=comment_usergroup2) usergroup_list.append(ug) target_to_edit = db.session.query( target.Target).filter_by(name="clever_server") updated_rows = target_to_edit.update({ "name": new_targetname, "hostname": new_hostname, "port": new_port, "sshoptions": new_sshoptions, "comment": new_comment }) db.session.commit() t_edit = db.session.query( target.Target).filter_by(name=new_targetname).first() assert_equal(updated_rows, 1) assert_equal(t.id, t_edit.id) assert_equal(t_edit.name, new_targetname) assert_equal(t_edit.hostname, new_hostname) assert_equal(t_edit.port, new_port) assert_equal(t_edit.sshoptions, new_sshoptions) assert_equal(t_edit.comment, new_comment)