def test_auth_superuser_token(client, db_name, root_password, secret):
token = generate_jwt(secret)
db = client.db("_system", superuser_token=token)
bad_db = client.db("_system", superuser_token="bad_token")
assert isinstance(db.conn, JwtSuperuserConnection)
assert isinstance(db.version(), str)
assert isinstance(db.properties(), dict)
# # Test get JWT secrets
# secrets = db.jwt_secrets()
# assert 'active' in secrets
# assert 'passive' in secrets
# Test get JWT secrets with bad database
with assert_raises(JWTSecretListError) as err:
bad_db.jwt_secrets()
assert err.value.error_code == FORBIDDEN
# # Test reload JWT secrets
# secrets = db.reload_jwt_secrets()
# assert 'active' in secrets
# assert 'passive' in secrets
# Test reload JWT secrets with bad database
with assert_raises(JWTSecretReloadError) as err:
bad_db.reload_jwt_secrets()
assert err.value.error_code == FORBIDDEN
# Test get TLS data
result = db.tls()
assert isinstance(result, dict)
# Test get TLS data with bad database
with assert_raises(ServerTLSError) as err:
bad_db.tls()
assert err.value.error_code == FORBIDDEN
# Test reload TLS
result = db.reload_tls()
assert isinstance(result, dict)
# Test reload TLS with bad database
with assert_raises(ServerTLSReloadError) as err:
bad_db.reload_tls()
assert err.value.error_code == FORBIDDEN
# # Test get encryption
# result = db.encryption()
# assert isinstance(result, dict)
# Test reload user-defined encryption keys.
with assert_raises(ServerEncryptionError) as err:
bad_db.encryption()
assert err.value.error_code == FORBIDDEN
def test_auth_jwt_expiry(client, db_name, root_password, secret):
# Test automatic token refresh on expired token.
db = client.db("_system", "root", root_password, auth_method="jwt")
expired_token = generate_jwt(secret, exp=-1000)
db.conn._token = expired_token
db.conn._auth_header = f"bearer {expired_token}"
assert isinstance(db.version(), str)
# Test correct error on token expiry.
db = client.db("_system", superuser_token=expired_token)
with assert_raises(ServerVersionError) as err:
db.version()
assert err.value.error_code == FORBIDDEN
def test_auth_jwt_expiry(client, db_name, root_password, secret):
# Test automatic token refresh on expired token.
db = client.db('_system', 'root', root_password, auth_method='jwt')
expired_token = generate_jwt(secret, exp=0)
db.conn._token = expired_token
db.conn._auth_header = 'bearer {}'.format(expired_token)
assert isinstance(db.version(), string_types)
# Test correct error on token expiry.
db = client.db('_system', superuser_token=expired_token)
with assert_raises(ServerVersionError) as err:
db.version()
assert err.value.error_code == FORBIDDEN
def pytest_configure(config):
url = 'http://{}:{}'.format(config.getoption('host'),
config.getoption('port'))
secret = config.getoption('secret')
client = ArangoClient(hosts=[url, url, url])
sys_db = client.db(name='_system',
username='******',
password=config.getoption('passwd'),
superuser_token=generate_jwt(secret))
# Create a user and non-system database for testing.
username = generate_username()
password = generate_string()
tst_db_name = generate_db_name()
bad_db_name = generate_db_name()
sys_db.create_database(name=tst_db_name,
users=[{
'active': True,
'username': username,
'password': password,
}])
tst_db = client.db(tst_db_name, username, password)
bad_db = client.db(bad_db_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_db.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(['val'])
tst_col.add_fulltext_index(['text'])
geo_index = tst_col.add_geo_index(['loc'])
# Create a legacy edge collection for testing.
icol_name = generate_col_name()
tst_db.create_collection(icol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_db.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name])
# noinspection PyProtectedMember
global_data.update({
'url': url,
'client': client,
'username': username,
'password': password,
'db_name': tst_db_name,
'sys_db': sys_db,
'tst_db': tst_db,
'bad_db': bad_db,
'geo_index': geo_index,
'col_name': col_name,
'icol_name': icol_name,
'graph_name': graph_name,
'ecol_name': ecol_name,
'fvcol_name': fvcol_name,
'tvcol_name': tvcol_name,
'cluster': config.getoption('cluster'),
'complete': config.getoption('complete'),
'replication': config.getoption('replication'),
'secret': secret,
'root_password': config.getoption('passwd')
})
def pytest_configure(config):
url = f"http://{config.getoption('host')}:{config.getoption('port')}"
secret = config.getoption("secret")
client = ArangoClient(hosts=[url, url, url])
sys_db = client.db(
name="_system",
username="******",
password=config.getoption("passwd"),
superuser_token=generate_jwt(secret),
)
sys_db.version()
# Create a user and non-system database for testing.
username = generate_username()
password = generate_string()
tst_db_name = generate_db_name()
bad_db_name = generate_db_name()
sys_db.create_database(
name=tst_db_name,
users=[
{
"active": True,
"username": username,
"password": password,
}
],
)
tst_db = client.db(tst_db_name, username, password)
bad_db = client.db(bad_db_name, username, password)
# Create a standard collection for testing.
col_name = generate_col_name()
tst_col = tst_db.create_collection(col_name, edge=False)
tst_col.add_skiplist_index(["val"])
tst_col.add_fulltext_index(["text"])
geo_index = tst_col.add_geo_index(["loc"])
# Create a legacy edge collection for testing.
icol_name = generate_col_name()
tst_db.create_collection(icol_name, edge=True)
# Create test vertex & edge collections and graph.
graph_name = generate_graph_name()
ecol_name = generate_col_name()
fvcol_name = generate_col_name()
tvcol_name = generate_col_name()
tst_graph = tst_db.create_graph(graph_name)
tst_graph.create_vertex_collection(fvcol_name)
tst_graph.create_vertex_collection(tvcol_name)
tst_graph.create_edge_definition(
edge_collection=ecol_name,
from_vertex_collections=[fvcol_name],
to_vertex_collections=[tvcol_name],
)
# Update global config
global_data.url = url
global_data.client = client
global_data.username = username
global_data.password = password
global_data.db_name = tst_db_name
global_data.sys_db = sys_db
global_data.tst_db = tst_db
global_data.bad_db = bad_db
global_data.geo_index = geo_index
global_data.col_name = col_name
global_data.icol_name = icol_name
global_data.graph_name = graph_name
global_data.ecol_name = ecol_name
global_data.fvcol_name = fvcol_name
global_data.tvcol_name = tvcol_name
global_data.cluster = config.getoption("cluster")
global_data.complete = config.getoption("complete")
global_data.replication = config.getoption("replication")
global_data.enterprise = config.getoption("enterprise")
global_data.secret = secret
global_data.root_password = config.getoption("passwd")