def test_03_radiusserver_user(self): # The user must be able to call GET /radiusserver/ # But not POST and not DELETE # delete server self.setUp_user_realms() self.authenticate_selfservice_user() # User is not allowed to delete a radiusserver with self.app.test_request_context( '/radiusserver/server1', method='DELETE', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) # User is not allowed to create a radius server with self.app.test_request_context( '/radiusserver/server1', method='POST', data={ "secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer" }, headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) with self.app.test_request_context('/radiusserver/server1', method='POST', data={ "secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer" }, headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = res.json self.assertEqual(data.get("result").get("value"), True) # Users are not allowed to list the radius servers with self.app.test_request_context( '/radiusserver/', method='GET', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertEquals(res.status_code, 401) result = res.json.get("result") self.assertIn("do not have the necessary role", result["error"]["message"]) delete_radius("server1")
def test_03_radiusserver_user(self): # The user must be able to call GET /radiusserver/ # But not POST and not DELETE # delete server self.setUp_user_realms() self.authenticate_selfserive_user() # User is not allowed to delete a radiusserver with self.app.test_request_context('/radiusserver/server1', method='DELETE', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) # User is not allowed to create a radius server with self.app.test_request_context('/radiusserver/server1', method='POST', data={"secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer"}, headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) with self.app.test_request_context('/radiusserver/server1', method='POST', data={"secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer"}, headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) self.assertEqual(data.get("result").get("value"), True) # User is allowed to list the radius servers with self.app.test_request_context('/radiusserver/', method='GET', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data) server_list = data.get("result").get("value") self.assertEqual(len(server_list), 1) # The user does not get any information about the server! server1 = server_list.get("server1") self.assertEqual(server1.get("port"), "") self.assertEqual(server1.get("server"), "") self.assertEqual(server1.get("dictionary"), "") self.assertEqual(server1.get("description"), "") delete_radius("server1")
def test_03_radiusserver_user(self): # The user must be able to call GET /radiusserver/ # But not POST and not DELETE # delete server self.setUp_user_realms() self.authenticate_selfservice_user() # User is not allowed to delete a radiusserver with self.app.test_request_context('/radiusserver/server1', method='DELETE', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) # User is not allowed to create a radius server with self.app.test_request_context('/radiusserver/server1', method='POST', data={"secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer"}, headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 401, res) with self.app.test_request_context('/radiusserver/server1', method='POST', data={"secret": "testing123", "port": "1812", "server": "1.2.3.4", "description": "myServer"}, headers={'Authorization': self.at}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data.decode('utf8')) self.assertEqual(data.get("result").get("value"), True) # User is allowed to list the radius servers with self.app.test_request_context('/radiusserver/', method='GET', headers={'Authorization': self.at_user}): res = self.app.full_dispatch_request() self.assertTrue(res.status_code == 200, res) data = json.loads(res.data.decode('utf8')) server_list = data.get("result").get("value") self.assertEqual(len(server_list), 1) # The user does not get any information about the server! server1 = server_list.get("server1") self.assertEqual(server1.get("port"), "") self.assertEqual(server1.get("server"), "") self.assertEqual(server1.get("dictionary"), "") self.assertEqual(server1.get("description"), "") delete_radius("server1")
def test_01_create_radius(self): r = add_radius(identifier="myserver", server="1.2.3.4", secret="testing123") self.assertTrue(r > 0) r = add_radius(identifier="myserver1", server="1.2.3.4", secret="testing123") r = add_radius(identifier="myserver2", server="1.2.3.4", secret="testing123") server_list = get_radiusservers() self.assertTrue(server_list) self.assertEqual(len(server_list), 3) server_list = get_radiusservers(identifier="myserver") self.assertTrue(server_list[0].config.identifier, "myserver") self.assertTrue(server_list[0].config.port, 1812) for server in ["myserver", "myserver1", "myserver2"]: r = delete_radius(server) self.assertTrue(r > 0) server_list = get_radiusservers() self.assertEqual(len(server_list), 0)
def delete_server(identifier=None): """ This call deletes the specified RADIUS server configuration :param identifier: The unique name of the RADIUS server definition """ r = delete_radius(identifier) g.audit_object.log({'success': r > 0, 'info': r}) return send_result(r > 0)