예제 #1
0
 def setUp(self):
     super(MacaroonTests, self).setUp()
     self.issuer = DummyMacaroonIssuer()
     self.useFixture(
         ZopeUtilityFixture(self.issuer, IMacaroonIssuer, name='test'))
     private_root = getUtility(IPrivateApplication)
     self.authserver = AuthServerAPIView(private_root.authserver,
                                         TestRequest())
 def test_issueMacaroon_not_via_authserver(self):
     build = self.factory.makeBinaryPackageBuild(
         archive=self.factory.makeArchive(private=True))
     private_root = getUtility(IPrivateApplication)
     authserver = AuthServerAPIView(private_root.authserver, TestRequest())
     self.assertEqual(
         faults.PermissionDenied(),
         authserver.issueMacaroon(
             "binary-package-build", "BinaryPackageBuild", build))
예제 #3
0
 def test_issueMacaroon_via_authserver(self):
     build = self.factory.makeSnapBuild(snap=self.factory.makeSnap(
         private=True))
     private_root = getUtility(IPrivateApplication)
     authserver = AuthServerAPIView(private_root.authserver, TestRequest())
     macaroon = Macaroon.deserialize(
         authserver.issueMacaroon("snap-build", "SnapBuild", build.id))
     self.assertThat(
         macaroon,
         MatchesStructure(location=Equals("launchpad.dev"),
                          identifier=Equals("snap-build"),
                          caveats=MatchesListwise([
                              MatchesStructure.byEquality(
                                  caveat_id="lp.snap-build %s" % build.id),
                          ])))
예제 #4
0
class GetUserAndSSHKeysTests(TestCaseWithFactory):
    """Tests for the implementation of `IAuthServer.getUserAndSSHKeys`.
    """

    layer = DatabaseFunctionalLayer

    def setUp(self):
        TestCaseWithFactory.setUp(self)
        private_root = getUtility(IPrivateApplication)
        self.authserver = AuthServerAPIView(
            private_root.authserver, TestRequest())

    def test_user_not_found(self):
        # getUserAndSSHKeys returns the NoSuchPersonWithName fault if there is
        # no Person of the given name.
        self.assertEqual(
            faults.NoSuchPersonWithName('no-one'),
            self.authserver.getUserAndSSHKeys('no-one'))

    def test_user_no_keys(self):
        # getUserAndSSHKeys returns a dict with keys ['id', 'name', 'keys'].
        # 'keys' refers to a list of SSH public keys in LP, which is empty for
        # a freshly created user.
        new_person = self.factory.makePerson()
        self.assertEqual(
            dict(id=new_person.id, name=new_person.name, keys=[]),
            self.authserver.getUserAndSSHKeys(new_person.name))

    def test_user_with_keys(self):
        # For a user with registered SSH keys, getUserAndSSHKeys returns the
        # name of the key type (RSA or DSA) and the text of the keys under
        # 'keys' in the dict.
        new_person = self.factory.makePerson()
        with person_logged_in(new_person):
            key = self.factory.makeSSHKey(person=new_person)
            self.assertEqual(
                dict(id=new_person.id, name=new_person.name,
                     keys=[(key.keytype.title, key.keytext)]),
                self.authserver.getUserAndSSHKeys(new_person.name))
예제 #5
0
class GetUserAndSSHKeysTests(TestCaseWithFactory):
    """Tests for the implementation of `IAuthServer.getUserAndSSHKeys`.
    """

    layer = DatabaseFunctionalLayer

    def setUp(self):
        TestCaseWithFactory.setUp(self)
        private_root = getUtility(IPrivateApplication)
        self.authserver = AuthServerAPIView(private_root.authserver,
                                            TestRequest())

    def test_user_not_found(self):
        # getUserAndSSHKeys returns the NoSuchPersonWithName fault if there is
        # no Person of the given name.
        self.assertEqual(faults.NoSuchPersonWithName('no-one'),
                         self.authserver.getUserAndSSHKeys('no-one'))

    def test_user_no_keys(self):
        # getUserAndSSHKeys returns a dict with keys ['id', 'name', 'keys'].
        # 'keys' refers to a list of SSH public keys in LP, which is empty for
        # a freshly created user.
        new_person = self.factory.makePerson()
        self.assertEqual(dict(id=new_person.id, name=new_person.name, keys=[]),
                         self.authserver.getUserAndSSHKeys(new_person.name))

    def test_user_with_keys(self):
        # For a user with registered SSH keys, getUserAndSSHKeys returns the
        # name of the key type (RSA or DSA) and the text of the keys under
        # 'keys' in the dict.
        new_person = self.factory.makePerson()
        with person_logged_in(new_person):
            key = self.factory.makeSSHKey(person=new_person)
            self.assertEqual(
                dict(id=new_person.id,
                     name=new_person.name,
                     keys=[(key.keytype.title, key.keytext)]),
                self.authserver.getUserAndSSHKeys(new_person.name))
 def __init__(self, *args, **kwargs):
     xmlrpc.XMLRPC.__init__(self, *args, **kwargs)
     private_root = getUtility(IPrivateApplication)
     self.authserver = AuthServerAPIView(private_root.authserver,
                                         TestRequest())
예제 #7
0
 def setUp(self):
     TestCaseWithFactory.setUp(self)
     private_root = getUtility(IPrivateApplication)
     self.authserver = AuthServerAPIView(
         private_root.authserver, TestRequest())
예제 #8
0
 def setUp(self):
     TestCaseWithFactory.setUp(self)
     private_root = getUtility(IPrivateApplication)
     self.authserver = AuthServerAPIView(private_root.authserver,
                                         TestRequest())
예제 #9
0
class MacaroonTests(TestCaseWithFactory):

    layer = ZopelessDatabaseLayer

    def setUp(self):
        super(MacaroonTests, self).setUp()
        self.issuer = DummyMacaroonIssuer()
        self.useFixture(
            ZopeUtilityFixture(self.issuer, IMacaroonIssuer, name='test'))
        private_root = getUtility(IPrivateApplication)
        self.authserver = AuthServerAPIView(private_root.authserver,
                                            TestRequest())

    def test_issue_unknown_issuer(self):
        self.assertEqual(
            faults.PermissionDenied(),
            self.authserver.issueMacaroon('unknown-issuer', 'LibraryFileAlias',
                                          1))

    def test_issue_wrong_context_type(self):
        self.assertEqual(
            faults.PermissionDenied(),
            self.authserver.issueMacaroon('unknown-issuer', 'nonsense', 1))

    def test_issue_not_issuable_via_authserver(self):
        self.issuer.issuable_via_authserver = False
        self.assertEqual(
            faults.PermissionDenied(),
            self.authserver.issueMacaroon('test', 'LibraryFileAlias', 1))

    def test_issue_bad_context(self):
        build = self.factory.makeSnapBuild()
        self.assertEqual(
            faults.PermissionDenied(),
            self.authserver.issueMacaroon('test', 'SnapBuild', build.id))

    def test_issue_success(self):
        macaroon = Macaroon.deserialize(
            self.authserver.issueMacaroon('test', 'LibraryFileAlias', 1))
        self.assertThat(
            macaroon,
            MatchesStructure(
                location=Equals(config.vhost.mainsite.hostname),
                identifier=Equals('test'),
                caveats=MatchesListwise([
                    MatchesStructure.byEquality(caveat_id='lp.test 1'),
                ])))

    def test_verify_nonsense_macaroon(self):
        self.assertEqual(
            faults.Unauthorized(),
            self.authserver.verifyMacaroon('nonsense', 'LibraryFileAlias', 1))

    def test_verify_unknown_issuer(self):
        macaroon = Macaroon(location=config.vhost.mainsite.hostname,
                            identifier='unknown-issuer',
                            key='test')
        self.assertEqual(
            faults.Unauthorized(),
            self.authserver.verifyMacaroon(macaroon.serialize(),
                                           'LibraryFileAlias', 1))

    def test_verify_wrong_context_type(self):
        lfa = getUtility(ILibraryFileAliasSet)[1]
        macaroon = self.issuer.issueMacaroon(lfa)
        self.assertEqual(
            faults.Unauthorized(),
            self.authserver.verifyMacaroon(macaroon.serialize(), 'nonsense',
                                           lfa.id))

    def test_verify_wrong_context(self):
        lfa = getUtility(ILibraryFileAliasSet)[1]
        macaroon = self.issuer.issueMacaroon(lfa)
        self.assertEqual(
            faults.Unauthorized(),
            self.authserver.verifyMacaroon(macaroon.serialize(),
                                           'LibraryFileAlias', 2))

    def test_verify_nonexistent_lfa(self):
        macaroon = self.issuer.issueMacaroon(
            getUtility(ILibraryFileAliasSet)[1])
        # Pick a large ID that doesn't exist in sampledata.
        lfa_id = 1000000
        self.assertRaises(SQLObjectNotFound,
                          getUtility(ILibraryFileAliasSet).__getitem__, lfa_id)
        self.assertEqual(
            faults.Unauthorized(),
            self.authserver.verifyMacaroon(macaroon.serialize(),
                                           'LibraryFileAlias', lfa_id))

    def test_verify_success(self):
        lfa = getUtility(ILibraryFileAliasSet)[1]
        macaroon = self.issuer.issueMacaroon(lfa)
        self.assertThat(
            self.authserver.verifyMacaroon(macaroon.serialize(),
                                           'LibraryFileAlias', lfa.id),
            Is(True))