def DELETE(self, account):
""" disable account with given account name.
HTTP Success:
200 OK
HTTP Error:
401 Unauthorized
404 Not Found
500 InternalError
:param Rucio-Account: Account identifier.
:param Rucio-Auth-Token: as an 32 character hex string.
"""
try:
del_account(account,
issuer=ctx.env.get('issuer'),
vo=ctx.env.get('vo'))
except AccessDenied as error:
raise generate_http_error(401, 'AccessDenied', error.args[0])
except AccountNotFound as error:
raise generate_http_error(404, 'AccountNotFound', error.args[0])
except Exception as error:
raise InternalError(error)
raise OK()
def delete(self, account):
""" disable account with given account name.
.. :quickref: AccountParameter; Delete account information.
:param account: The account identifier.
:status 200: OK.
:status 401: Invalid auth token.
:status 404: Account not found.
:status 500: Database exception.
"""
try:
del_account(account,
issuer=request.environ.get('issuer'),
vo=request.environ.get('vo'))
except AccessDenied as error:
return generate_http_error_flask(401, 'AccessDenied',
error.args[0])
except AccountNotFound as error:
return generate_http_error_flask(404, 'AccountNotFound',
error.args[0])
except Exception as error:
print(format_exc())
return str(error), 500
return '', 200
def delete(self, account):
"""
---
summary: Delete
description: Delete an account.
tags:
- Account
parameters:
- name: account
in: path
description: The account identifier.
schema:
type: string
style: simple
responses:
201:
description: OK
401:
description: Invalid Auth Token
404:
description: Account not found
"""
try:
del_account(account,
issuer=request.environ.get('issuer'),
vo=request.environ.get('vo'))
except AccessDenied as error:
return generate_http_error_flask(401, error)
except AccountNotFound as error:
return generate_http_error_flask(404, error)
return '', 200
def test_create_and_check_for_user(self):
""" ACCOUNT (CORE): Test the creation, query, and deletion of an account """
usr = account_name_generator()
invalid_usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root')
assert_equal(account_exists(usr), True)
assert_equal(account_exists(invalid_usr), False)
del_account(usr, 'root')
def test_create_and_check_for_user(self):
""" ACCOUNT (CORE): Test the creation, query, and deletion of an account """
usr = account_name_generator()
invalid_usr = account_name_generator()
add_account(usr, 'USER', 'root')
assert_equal(account_exists(usr), True)
assert_equal(account_exists(invalid_usr), False)
del_account(usr, 'root')
def test_account_status(self):
""" ACCOUNT (CORE): Test changing and quering account status """
usr = account_name_generator()
add_account(usr, 'USER', 'root')
assert_equal(get_account_status(usr), AccountStatus.ACTIVE) # Should be active by default
set_account_status(usr, AccountStatus.SUSPENDED)
assert_equal(get_account_status(usr), AccountStatus.SUSPENDED)
set_account_status(usr, AccountStatus.ACTIVE)
assert_equal(get_account_status(usr), AccountStatus.ACTIVE)
del_account(usr, 'root')
def test_account_status(self):
""" ACCOUNT (CORE): Test changing and quering account status """
usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root')
assert_equal(get_account_status(usr),
AccountStatus.ACTIVE) # Should be active by default
set_account_status(usr, AccountStatus.SUSPENDED)
assert_equal(get_account_status(usr), AccountStatus.SUSPENDED)
set_account_status(usr, AccountStatus.ACTIVE)
assert_equal(get_account_status(usr), AccountStatus.ACTIVE)
del_account(usr, 'root')
def test_update_account(self):
""" ACCOUNT (CORE): Test changing and quering account parameters """
usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root', **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.ACTIVE # Should be active by default
update_account(account=usr, key='status', value=AccountStatus.SUSPENDED, **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.SUSPENDED
update_account(account=usr, key='status', value=AccountStatus.ACTIVE, **self.vo)
assert get_account_info(usr, **self.vo)['status'] == AccountStatus.ACTIVE
update_account(account=usr, key='email', value='test', **self.vo)
email = get_account_info(account=usr, **self.vo)['email']
assert email == 'test'
del_account(usr, 'root', **self.vo)
def test_update_account(self):
""" ACCOUNT (CORE): Test changing and quering account parameters """
usr = account_name_generator()
add_account(usr, 'USER', '*****@*****.**', 'root')
assert_equal(get_account_info(usr)['status'], AccountStatus.ACTIVE) # Should be active by default
update_account(account=usr, key='status', value=AccountStatus.SUSPENDED)
assert_equal(get_account_info(usr)['status'], AccountStatus.SUSPENDED)
update_account(account=usr, key='status', value=AccountStatus.ACTIVE)
assert_equal(get_account_info(usr)['status'], AccountStatus.ACTIVE)
update_account(account=usr, key='email', value='test')
email = get_account_info(account=usr)['email']
assert_equal(email, 'test')
del_account(usr, 'root')
def DELETE(self, account):
""" disable account with given account name.
HTTP Success:
200 OK
HTTP Error:
401 Unauthorized
404 Not Found
500 InternalError
:param Rucio-Account: Account identifier.
:param Rucio-Auth-Token: as an 32 character hex string.
"""
try:
del_account(account, issuer=ctx.env.get('issuer'))
except AccessDenied, e:
raise generate_http_error(401, 'AccessDenied', e.args[0][0])
def test_oauthmanager(self, mock_oidc_client):
""" OAuth Manager: Testing deletion of expired tokens, session parameters and refresh of access tokens.
Assumes that the OAuth manager first runs token refresh and only then
attempts to delete expired tokens and session parameters.
setUp function (above) is supposed to run first
(nose does this automatically):
- inserts several tokens and OAuth session parameters in the DB
Runs the Test:
- running oauthmanager
End:
- checks that only the expired session parameters
and expired tokens (without or with expired refresh token) were deleted
- checks if only the expected tokens were refreshed
"""
mock_oidc_client.side_effect = side_effect
# Run replica recoverer once
try:
run(once=True, max_rows=100, loop_rate=600)
except KeyboardInterrupt:
stop()
# Checking the outcome
assert_true(get_oauth_session_param_count(self.accountstring) == 2)
assert_true(get_token_count(self.accountstring) == 20)
assert_true(check_deleted_tokens(self.accountstring) is True)
assert_true(count_kept_tokens(self.accountstring) == 16)
assert_true(get_token_count_with_refresh_true(self.accountstring) == 8)
assert_true(new_tokens_ok(self.accountstring) is True)
assert_true(count_expired_tokens(self.accountstring) == 2)
assert_true(
count_refresh_tokens_expired_or_none(self.accountstring) == 8)
# = 6 from the original setup + 2 original ones that were set expired after refresh
del_account(self.accountstring, 'root')
