def test_add_role_name(self):
user = User("foo-user")
user.add_role_name(u'manage-user')
role = user.role_names()[0]
self.assertEqual(u'manage-user', role)
def test_add_role_name(self):
user = User("foo-user")
user.add_role_name(u'manage-user')
role = user.role_names()[0]
assert u'manage-user' == role
def test_add_role_name(self):
user = User("foo-user")
user.add_role_name(u'manage-user')
role = user.role_names()[0]
self.assertEqual(u'manage-user', role)
def get(self, args, config, connection):
user = User(args['name'], connection=connection)
if not user.exists():
print("Error: User does not exist: {0}".format(args['name']))
sys.exit(1)
user.read()
self.jprint(user)
def user(self, user_name, password=None, connection=None):
if connection is None:
connection = self.connection
user = User(user_name, password, self.connection, self.save_connection)
else:
user = User(user_name, password, connection, False)
return user.read(connection)
def get(self, args, config, connection):
user = User(args['name'], connection=connection)
if not user.exists():
print("Error: User does not exist: {0}".format(args['name']))
sys.exit(1)
user.read()
self.jprint(user)
def user(self, user_name, password=None, connection=None):
if connection is None:
connection = self.connection
user = User(user_name, password, self.connection,
self.save_connection)
else:
user = User(user_name, password, connection, False)
return user.read(connection)
def test_create_remove_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin, tc.password)
user = User("foo-user", "password")
user.create(connection)
the_user = User.lookup(connection, "foo-user")
self.assertIsNotNone(the_user)
the_user.delete(connection)
the_user = User.lookup(connection, "foo-user")
self.assertIsNone(the_user)
def test_save_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin, tc.password)
user = User("foo-user", "password")
self.assertIsNone(user.create(connection).description())
user.set_description("This is the foo user")
user.update(connection)
user = User.lookup(connection, "foo-user")
self.assertEqual("This is the foo user", user.description())
user.delete(connection)
def create(self, args, config, connection):
name = args['name']
password = args['password']
if args['json'] is not None:
user = self._read(name,
password,
args['json'],
connection=connection)
name = user.user_name()
else:
user = User(name, password, connection=connection)
if 'password' not in user._config:
user._config['password'] = str(b2a_hqx(urandom(64)))
if user.exists():
print("Error: User already exists: {0}".format(args['name']))
sys.exit(1)
self.roles = []
self._properties(user, args)
if len(self.roles) > 0:
user.set_role_names(self.roles)
print("Create user {0}...".format(args['name']))
user.create()
def test_list(self):
connection = Connection.make_connection(tc.hostname, tc.admin, tc.password)
users = User.list(connection)
self.assertGreater(len(users), 2)
self.assertIn("nobody", users)
def test_lookup(self):
connection = Connection.make_connection(tc.hostname, tc.admin, tc.password)
user = User.lookup(connection, "nobody")
self.assertIsNotNone(user)
self.assertEqual(user.user_name(), "nobody")
def delete(self, args, config, connection):
user = User.lookup(connection, args['name'])
if user is None:
return
print("Delete user {0}...".format(args['name']))
user.delete(connection)
def delete(self, args, config, connection):
user = User.lookup(connection, args['name'])
if user is None:
return
print("Delete user {0}...".format(args['name']))
user.delete(connection)
def users(self, connection=None):
"""
Get a list of the users in the local cluster.
"""
if connection is None:
connection = self.connection
return User.list(connection)
def role(self, role_name, connection=None):
if connection is None:
connection = self.connection
role = Role(role_name, connection)
else:
role = User(role_name, connection, False)
return role.read(connection)
def users(self, connection=None):
"""
Get a list of the users in the local cluster.
"""
if connection is None:
connection = self.connection
return User.list(connection)
def test_lookup(self):
connection = Connection.make_connection(tc.hostname, tc.admin,
tc.password)
user = User.lookup(connection, "nobody")
self.assertIsNotNone(user)
self.assertEqual(user.user_name(), "nobody")
def test_list(self):
connection = Connection.make_connection(tc.hostname, tc.admin,
tc.password)
users = User.list(connection)
self.assertGreater(len(users), 2)
self.assertIn("nobody", users)
def test_create_user(self):
new_user = User("foo-user", "password")
assert "foo-user" == new_user.user_name()
new_user.create(self.connection)
users = User.list(self.connection)
assert "foo-user" in users
new_user.delete(self.connection)
def test_create_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin,
tc.password)
new_user = User("foo-user", "password")
self.assertEqual(new_user.user_name(), "foo-user")
new_user.create(connection)
users = User.list(connection)
self.assertIn("foo-user", users)
new_user.delete(connection)
def test_create_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin, tc.password)
new_user = User("foo-user", "password")
self.assertEqual(new_user.user_name(), "foo-user")
new_user.create(connection)
users = User.list(connection)
self.assertIn("foo-user", users)
new_user.delete(connection)
def modify(self, args, config, connection):
name = args['name']
user = User(name, connection=connection)
if not user.exists():
print("Error: User does not exist: {0}".format(args['name']))
sys.exit(1)
if args['json'] is not None:
user = self._read(None, None, args['json'], connection=connection)
user.name = name
self.roles = []
self._properties(user, args)
if len(self.roles) > 0:
user.set_role_names(self.roles)
print("Modify user {0}...".format(args['name']))
user.update(connection)
def test_create_remove_user(self):
user = User("foo-user", "password")
user.create(self.connection)
the_user = User.lookup(self.connection, "foo-user")
assert the_user is not None
the_user.delete(self.connection)
the_user = User.lookup(self.connection, "foo-user")
assert the_user is None
def create(self, args, config, connection):
user = User(args['name'], args['password'], connection=connection)
if user.exists():
print("Error: User already exists: {0}".format(args['name']))
sys.exit(1)
if args['json'] is not None:
user = self._read(args['name'], args['json'])
self.roles = []
self._properties(user, args)
if len(self.roles) > 0:
user.set_role_names(self.roles)
print("Create user {0}...".format(args['name']))
user.create()
def _read(self,
name,
password,
jsonfile,
connection=None,
save_connection=True):
jf = open(jsonfile).read()
data = json.loads(jf)
if name is not None:
data['user-name'] = name
if password is not None:
data['password'] = password
user = User.unmarshal(data,
connection=connection,
save_connection=save_connection)
return user
def test_create_remove_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin,
tc.password)
user = User("foo-user", "password")
user.create(connection)
the_user = User.lookup(connection, "foo-user")
self.assertIsNotNone(the_user)
the_user.delete(connection)
the_user = User.lookup(connection, "foo-user")
self.assertIsNone(the_user)
def modify(self, args, config, connection):
user = User(args['name'], connection=connection)
if not user.exists():
print("Error: User does not exist: {0}".format(args['name']))
sys.exit(1)
if args['json'] is not None:
user = self._read(args['name'], args['json'])
self.roles = []
self._properties(user, args)
if len(self.roles) > 0:
user.set_role_names(self.roles)
print("Modify user {0}...".format(args['name']))
user.update(connection)
def create(self, args, config, connection):
user = User(args['name'], args['password'], connection=connection)
if user.exists():
print("Error: User already exists: {0}".format(args['name']))
sys.exit(1)
if args['json'] is not None:
user = self._read(args['name'], args['json'])
self.roles = []
self._properties(user, args)
if len(self.roles) > 0:
user.set_role_names(self.roles)
print("Create user {0}...".format(args['name']))
user.create()
def test_description(self):
user = User("foo-user")
user.set_description("This is the foo user")
assert "This is the foo user" == user.description()
def list(self, args, config, connection):
names = User.list(connection)
print(json.dumps(names, sort_keys=True, indent=2))
def test_save_user(self):
connection = Connection.make_connection(tc.hostname, tc.admin,
tc.password)
user = User("foo-user", "password")
self.assertIsNone(user.create(connection).description())
user.set_description("This is the foo user")
user.update(connection)
user = User.lookup(connection, "foo-user")
self.assertEqual("This is the foo user", user.description())
user.delete(connection)
priv = Privilege.lookup(conn, name, kind)
if priv is None:
verb = "Creating"
priv = Privilege.unmarshal(config)
print("{0} privilege: {1}".format(verb, name))
priv.create(conn)
else:
verb = "Updating"
priv = Privilege.unmarshal(config)
print("{0} {1} privilege: {2}".format(verb, kind, name))
priv.update(conn)
# Update users
for config in data['users']:
name = config['user-name']
user = User.lookup(conn, name)
if user is None:
verb = "Creating"
user = User.unmarshal(config)
# Must assign some sort of password
user.set_password(base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8'))
print("{0} user: {1}".format(verb, name))
user.create(conn)
else:
verb = "Updating"
user = User.unmarshal(config)
print("{0} user: {1}".format(verb, name))
user.update(conn)
# Create forests
for config in data['forests']:
def test_save_user(self):
user = User("foo-user", "password")
assert user.create(self.connection).description() is None
user.set_description("This is the foo user")
user.update(self.connection)
user = User.lookup(self.connection, "foo-user")
assert "This is the foo user" == user.description()
user.delete(self.connection)
def _read(self, name, jsonfile):
jf = open(jsonfile).read()
data = json.loads(jf)
data['user-name'] = name
user = User.unmarshal(data)
return user
def _read(self, name, jsonfile):
jf = open(jsonfile).read()
data = json.loads(jf)
data['user-name'] = name
user = User.unmarshal(data)
return user
def test_description(self):
user = User("foo-user")
user.set_description("This is the foo user")
self.assertEqual(user.description(), "This is the foo user")
def test_lookup(self):
user = User.lookup(self.connection, "nobody")
assert user is not None
assert "nobody" == user.user_name()
def test_list(self):
users = User.list(self.connection)
assert len(users) > 2
assert "nobody" in users
def close(self, conn, group='Default'):
closed = False
while not closed:
closed = True
newitems = []
for key in self.servers:
item = self.servers[key]
if item is None:
closed = False
newitems.append(Server.lookup(conn, key, group))
for server in newitems:
self._close_over_server(server)
newitems = []
for key in self.databases:
item = self.databases[key]
if item is None:
closed = False
newitems.append(Database.lookup(conn, key))
for database in newitems:
self._close_over_database(database)
newitems = []
for key in self.forests:
item = self.forests[key]
if item is None:
closed = False
newitems.append(Forest.lookup(conn, key))
for forest in newitems:
self._close_over_forest(forest)
newitems = []
for key in self.users:
item = self.users[key]
if item is None:
closed = False
newitems.append(User.lookup(conn, key))
for user in newitems:
self._close_over_user(user)
newitems = []
for key in self.roles:
item = self.roles[key]
if item is None:
closed = False
newitems.append(Role.lookup(conn, key))
for role in newitems:
self._close_over_role(role)
delitems = []
newitems = []
for key in self.privileges:
item = self.privileges[key]
parts = key.split("|")
kind = parts[0]
name = parts[1]
if isinstance(item, str):
closed = False
if "//" in key:
# Assume it's an action
priv = Privilege.lookup(conn, action=name, kind=kind)
delitems.append(key)
else:
priv = Privilege.lookup(conn, name, kind)
newitems.append(priv)
for item in delitems:
del self.privileges[item]
for priv in newitems:
self._close_over_privilege(priv)
conn = Connection(args.host, HTTPDigestAuth(args.username, args.password))
if args.server:
for name in args.server:
server = Server.lookup(conn, name)
closure.add_server(server)
if args.database:
for name in args.database:
database = Database.lookup(conn, name)
closure.add_database(database)
if args.user:
for name in args.user:
user = User.lookup(conn, name)
closure.add_user(user)
if args.role:
for name in args.role:
role = Role.lookup(conn, name)
closure.add_role(server)
if args.execute_privilege:
for name in args.execute_privilege:
closure.add_privilege(name, "execute")
if args.uri_privilege:
for name in args.uri_privilege:
closure.add_privilege(name, "uri")
def close(self, conn, group='Default'):
closed = False
while not closed:
closed = True
newitems = []
for key in self.servers:
item = self.servers[key]
if item is None:
closed = False
newitems.append(Server.lookup(conn, key, group))
for server in newitems:
self._close_over_server(server)
newitems = []
for key in self.databases:
item = self.databases[key]
if item is None:
closed = False
newitems.append(Database.lookup(conn, key))
for database in newitems:
self._close_over_database(database)
newitems = []
for key in self.users:
item = self.users[key]
if item is None:
closed = False
newitems.append(User.lookup(conn, key))
for user in newitems:
self._close_over_user(user)
newitems = []
for key in self.roles:
item = self.roles[key]
if item is None:
closed = False
newitems.append(Role.lookup(conn, key))
for role in newitems:
self._close_over_role(role)
delitems = []
newitems = []
for key in self.privileges:
item = self.privileges[key]
parts = key.split("|")
kind = parts[0]
name = parts[1]
if isinstance(item, str):
closed = False
if self.PRIVILEGES is None:
self.PRIVILEGES = Privilege.list(conn)
for priv in self.PRIVILEGES:
parts = priv.split("|")
if parts[0] == kind and parts[2] == name:
delitems.append(key)
name = parts[1]
newitems.append(Privilege.lookup(conn, name, kind))
for item in delitems:
del self.privileges[item]
for priv in newitems:
self._close_over_privilege(priv)
def list(self, args, config, connection):
names = User.list(connection)
print(json.dumps(names,sort_keys=True, indent=2))
def test_description(self):
user = User("foo-user")
user.set_description("This is the foo user")
self.assertEqual(user.description(), "This is the foo user")
def users(self, connection=None):
if connection is None:
connection = self.connection
return User.list(connection)
def users(self, connection=None):
if connection is None:
connection = self.connection
return User.list(connection)