예제 #1
0
    def Run(self):
        with test_lib.FakeTime(42):
            self.CreateAdminUser("approver")

            cron_manager = aff4_cronjobs.CronManager()
            cron_args = aff4_cronjobs.CreateCronJobFlowArgs(
                periodicity="1d", allow_overruns=False)
            cron1_urn = cron_manager.ScheduleFlow(cron_args=cron_args,
                                                  token=self.token)
            cron2_urn = cron_manager.ScheduleFlow(cron_args=cron_args,
                                                  token=self.token)

        with test_lib.FakeTime(44):
            approval_urn = security.CronJobApprovalRequestor(
                reason="foo",
                subject_urn=cron1_urn,
                approver="approver",
                token=self.token).Request()
            approval1_id = approval_urn.Basename()

        with test_lib.FakeTime(45):
            approval_urn = security.CronJobApprovalRequestor(
                reason="bar",
                subject_urn=cron2_urn,
                approver="approver",
                token=self.token).Request()
            approval2_id = approval_urn.Basename()

        with test_lib.FakeTime(84):
            approver_token = access_control.ACLToken(username="******")
            security.CronJobApprovalGrantor(reason="bar",
                                            delegate=self.token.username,
                                            subject_urn=cron2_urn,
                                            token=approver_token).Grant()

        with test_lib.FakeTime(126):
            self.Check("GetCronJobApproval",
                       args=user_plugin.ApiGetCronJobApprovalArgs(
                           username=self.token.username,
                           cron_job_id=cron1_urn.Basename(),
                           approval_id=approval1_id),
                       replace={
                           cron1_urn.Basename(): "CronJob_123456",
                           approval1_id: "approval:111111"
                       })
            self.Check("GetCronJobApproval",
                       args=user_plugin.ApiGetCronJobApprovalArgs(
                           username=self.token.username,
                           cron_job_id=cron2_urn.Basename(),
                           approval_id=approval2_id),
                       replace={
                           cron2_urn.Basename(): "CronJob_567890",
                           approval2_id: "approval:222222"
                       })
예제 #2
0
    def Run(self):
        with test_lib.FakeTime(42):
            self.CreateAdminUser("approver")

            cron_manager = aff4_cronjobs.CronManager()
            cron_args = aff4_cronjobs.CreateCronJobFlowArgs(
                periodicity="1d", allow_overruns=False)
            cron1_urn = cron_manager.ScheduleFlow(cron_args=cron_args,
                                                  token=self.token)
            cron2_urn = cron_manager.ScheduleFlow(cron_args=cron_args,
                                                  token=self.token)

        with test_lib.FakeTime(44):
            flow_urn = flow.GRRFlow.StartFlow(
                flow_name="RequestCronJobApprovalFlow",
                reason="foo",
                subject_urn=cron1_urn,
                approver="approver",
                token=self.token)
            flow_fd = aff4.FACTORY.Open(flow_urn,
                                        aff4_type=flow.GRRFlow,
                                        token=self.token)
            approval1_id = flow_fd.state.approval_id

        with test_lib.FakeTime(45):
            flow_urn = flow.GRRFlow.StartFlow(
                flow_name="RequestCronJobApprovalFlow",
                reason="bar",
                subject_urn=cron2_urn,
                approver="approver",
                token=self.token)
            flow_fd = aff4.FACTORY.Open(flow_urn,
                                        aff4_type=flow.GRRFlow,
                                        token=self.token)
            approval2_id = flow_fd.state.approval_id

        with test_lib.FakeTime(84):
            approver_token = access_control.ACLToken(username="******")
            flow.GRRFlow.StartFlow(flow_name="GrantCronJobApprovalFlow",
                                   reason="bar",
                                   delegate=self.token.username,
                                   subject_urn=cron2_urn,
                                   token=approver_token)

        with test_lib.FakeTime(126):
            self.Check("GetCronJobApproval",
                       args=user_plugin.ApiGetCronJobApprovalArgs(
                           username=self.token.username,
                           cron_job_id=cron1_urn.Basename(),
                           approval_id=approval1_id),
                       replace={
                           cron1_urn.Basename(): "CronJob_123456",
                           approval1_id: "approval:111111"
                       })
            self.Check("GetCronJobApproval",
                       args=user_plugin.ApiGetCronJobApprovalArgs(
                           username=self.token.username,
                           cron_job_id=cron2_urn.Basename(),
                           approval_id=approval2_id),
                       replace={
                           cron2_urn.Basename(): "CronJob_567890",
                           approval2_id: "approval:222222"
                       })