def test_deletePorts(self):
"""
I{axiomatic port delete} deletes each ports with a C{storeID} which is
specified.
"""
store = Store(filesdir=self.mktemp())
factory = DummyFactory(store=store)
deleteTCP = TCPPort(
store=store, factory=factory, portNumber=10, interface=u"foo")
keepTCP = TCPPort(
store=store, factory=factory, portNumber=10, interface=u"bar")
deleteSSL = SSLPort(
store=store, factory=factory, portNumber=10, interface=u"baz",
certificatePath=store.filesdir.child("baz"))
keepSSL = SSLPort(
store=store, factory=factory, portNumber=10, interface=u"quux",
certificatePath=store.filesdir.child("quux"))
deleteEndpoint = StringEndpointPort(
store=store, factory=factory, description=u'tcp:1234')
keepEndpoint = StringEndpointPort(
store=store, factory=factory, description=u'tcp:1235')
self.assertSuccessStatus(
self._makeConfig(store),
["delete",
"--port-identifier", str(deleteTCP.storeID),
"--port-identifier", str(deleteSSL.storeID),
"--port-identifier", str(deleteEndpoint.storeID)])
self.assertEqual("Deleted.\n", sys.stdout.getvalue())
self.assertEqual(list(store.query(TCPPort)), [keepTCP])
self.assertEqual(list(store.query(SSLPort)), [keepSSL])
self.assertEqual(list(store.query(StringEndpointPort)), [keepEndpoint])
def pop3listener2to3(oldPOP3):
"""
Create TCPPort and SSLPort items as appropriate.
"""
newPOP3 = oldPOP3.upgradeVersion(POP3Listener.typeName,
2,
3,
userbase=oldPOP3.userbase,
certificateFile=oldPOP3.certificateFile)
if oldPOP3.portNumber is not None:
port = TCPPort(store=newPOP3.store,
portNumber=oldPOP3.portNumber,
factory=newPOP3)
installOn(port, newPOP3.store)
securePortNumber = oldPOP3.securePortNumber
certificateFile = oldPOP3.certificateFile
if securePortNumber is not None and certificateFile:
oldCertPath = newPOP3.store.dbdir.preauthChild(certificateFile)
if oldCertPath.exists():
newCertPath = newPOP3.store.newFilePath('pop3.pem')
oldCertPath.copyTo(newCertPath)
port = SSLPort(store=newPOP3.store,
portNumber=oldPOP3.securePortNumber,
certificatePath=newCertPath,
factory=newPOP3)
installOn(port, newPOP3.store)
newPOP3.store.powerDown(newPOP3, IService)
return newPOP3
def installSite(self, siteStore, domain, publicURL, generateCert=True):
"""
Create the necessary items to run an HTTP server and an SSH server.
"""
certPath = siteStore.filesdir.child("server.pem")
if generateCert and not certPath.exists():
certPath.setContent(self._createCert(domain, genSerial()))
# Install the base Mantissa offering.
IOfferingTechnician(siteStore).installOffering(baseOffering)
# Make the HTTP server baseOffering includes listen somewhere.
site = siteStore.findUnique(SiteConfiguration)
site.hostname = domain
installOn(TCPPort(store=siteStore, factory=site, portNumber=8080),
siteStore)
installOn(
SSLPort(store=siteStore,
factory=site,
portNumber=8443,
certificatePath=certPath), siteStore)
# Make the SSH server baseOffering includes listen somewhere.
shell = siteStore.findUnique(SecureShellConfiguration)
installOn(TCPPort(store=siteStore, factory=shell, portNumber=8022),
siteStore)
# Install a front page on the top level store so that the
# developer will have something to look at when they start up
# the server.
fp = siteStore.findOrCreate(publicweb.FrontPage, prefixURL=u'')
installOn(fp, siteStore)
def createPort(self, portNumber, ssl, certPath, factory, interface=u''):
"""
Create a new listening port.
@type portNumber: C{int}
@param portNumber: Port number on which to listen.
@type ssl: C{bool}
@param ssl: Indicates whether this should be an SSL port or not.
@type certPath: C{str}
@param ssl: If C{ssl} is true, a path to a certificate file somewhere
within the site store's files directory. Ignored otherwise.
@param factory: L{Item} which provides L{IProtocolFactoryFactory} which
will be used to get a protocol factory to associate with this port.
@return: C{None}
"""
store = self.store.parent
if ssl:
port = SSLPort(store=store, portNumber=portNumber,
certificatePath=FilePath(certPath), factory=factory,
interface=interface)
else:
port = TCPPort(store=store, portNumber=portNumber, factory=factory,
interface=interface)
installOn(port, store)
def test_listSSLPortWithoutAttributes(self):
"""
If there is an L{SSLPort} with no certificate or no port number (a
rather invalid configuration), I{axiomatic port list} should show this
in its output without producing an error.
"""
store = Store()
factory = DummyFactory(store=store)
port = SSLPort(store=store, factory=factory)
self.assertSuccessStatus(self._makeConfig(store), ["list"])
self.assertEqual(
"%d) %r listening on:\n" % (factory.storeID, factory) +
" %d) SSL, any interface, NO PORT, NO CERTIFICATE\n" %
(port.storeID, ), sys.stdout.getvalue())
def test_renderHTTPNeedsSecure(self):
"""
L{SecuringWrapper.renderHTTP} returns a L{URL} pointing at the same
location as the request URI but with an https scheme if the wrapped
resource has a C{needsSecure} attribute with a true value and the
request is over http.
"""
SSLPort(store=self.store, factory=self.urlGenerator, portNumber=443)
request = FakeRequest(isSecure=False,
uri='/bar/baz',
currentSegments=['bar', 'baz'])
self.resource.needsSecure = True
result = self.wrapper.renderHTTP(request)
self.assertEqual(
result, URL('https', self.urlGenerator.hostname, ['bar', 'baz']))
def test_loginOverHTTPS(self):
"""
The login page is displayed over HTTPS even if it is initially
requested over HTTP, if there is an SSL server available.
"""
# Create the necessary SSL server
SSLPort(store=self.store, factory=self.site, portNumber=443)
page = getWithSession(self.factory, 3, '/login',
{'host': self.domain.encode('ascii')})
def rendered(request):
self.assertTrue(request.isSecure(), "Page not served over HTTPS.")
self.assertIn("login-form", request.accumulator)
page.addCallback(rendered)
return page
def test_listSSLPort(self):
"""
When I{axiomatic port list} is invoked for a L{Store} which has an
L{SSLPort} in it, the details of that port, including its factory, are
written to stdout.
"""
store = Store(filesdir=self.mktemp())
factory = DummyFactory(store=store)
port = SSLPort(
store=store, factory=factory, portNumber=1234, interface=u"foo",
certificatePath=store.filesdir.child("bar"))
self.assertSuccessStatus(self._makeConfig(store), ["list"])
self.assertEqual(
"%d) %r listening on:\n" % (factory.storeID, factory) +
" %d) SSL, interface %s, port %d, certificate %s\n" % (
port.storeID, port.interface, port.portNumber,
port.certificatePath.path),
sys.stdout.getvalue())
def test_userInfoSignupOverHTTPS(self):
"""
The signup page is displayed over HTTPS even if it is initially
requested over HTTP, if there is an SSL server available.
"""
# Create the necessary SSL server
SSLPort(store=self.store, factory=self.site, portNumber=443)
self._createSignup(u'barbaz-signup')
page = getWithSession(self.factory, 3, '/barbaz-signup',
{'host': self.domain.encode('ascii')})
def rendered(request):
self.assertTrue(request.isSecure(), "Page not served over HTTPS.")
self.assertIn("Create Account", request.accumulator)
page.addCallback(rendered)
return page
def createDatabase(siteStore):
"""
Populate the given Store with a TCPPort and SSLPort.
"""
factory = WebSite(store=siteStore)
installOn(factory, siteStore)
installOn(TCPPort(store=siteStore, portNumber=TCP_PORT, factory=factory),
siteStore)
certificatePath = siteStore.newFilePath('certificate')
key = KeyPair.generate()
cert = key.selfSignedCert(1)
certificatePath.setContent(
cert.dump(FILETYPE_PEM) + key.dump(FILETYPE_PEM))
installOn(
SSLPort(store=siteStore,
portNumber=SSL_PORT,
certificatePath=certificatePath,
factory=factory), siteStore)
def test_login(self):
"""
L{AnonymousSite} has a I{login} child which returns a L{LoginPage}
instance.
"""
host = 'example.org'
port = 1234
netloc = '%s:%d' % (host, port)
request = FakeRequest(headers={'host': netloc},
uri='/login/foo',
currentSegments=[],
isSecure=False)
self.site.hostname = host.decode('ascii')
SSLPort(store=self.store, portNumber=port, factory=self.site)
resource, segments = self.resource.locateChild(request, ("login", ))
self.assertTrue(isinstance(resource, LoginPage))
self.assertIdentical(resource.store, self.store)
self.assertEqual(resource.segments, ())
self.assertEqual(resource.arguments, {})
self.assertEqual(segments, ())
def upgradeMailTransferAgent3to4(oldMTA):
"""
Create TCPPort and SSLPort items as appropriate.
"""
if isinstance(oldMTA, MailDeliveryAgent):
return oldMTA
newMTA = oldMTA.upgradeVersion(MailTransferAgent.typeName,
3,
4,
userbase=oldMTA.userbase,
certificateFile=oldMTA.certificateFile,
messageCount=oldMTA.messageCount,
domain=oldMTA.domain)
if oldMTA.portNumber is not None:
port = TCPPort(store=newMTA.store,
portNumber=oldMTA.portNumber,
factory=newMTA)
installOn(port, newMTA.store)
securePortNumber = oldMTA.securePortNumber
certificateFile = oldMTA.certificateFile
if securePortNumber is not None and certificateFile:
oldCertPath = newMTA.store.dbdir.preauthChild(certificateFile)
if oldCertPath.exists():
newCertPath = newMTA.store.newFilePath('mta.pem')
oldCertPath.copyTo(newCertPath)
port = SSLPort(store=newMTA.store,
portNumber=securePortNumber,
certificatePath=newCertPath,
factory=newMTA)
installOn(port, newMTA.store)
newMTA.store.powerDown(newMTA, IService)
return newMTA
def _makeSiteConfiguration(currentVersion, oldSite, couldHavePorts):
from xmantissa.publicweb import AnonymousSite
newSite = oldSite.upgradeVersion(
'mantissa_web_powerup', currentVersion, 6,
hitCount=oldSite.hitCount)
if newSite.store.parent is not None:
return newSite
# SiteConfiguration dependsOn LoginSystem. LoginSystem was probably
# installed by the mantissa axiomatic command. During the dependency
# system conversion, that command was changed to use installOn on the
# LoginSystem. However, no upgrader was supplied to create the new
# dependency state. Consequently, there may be none. Consequently, a new
# LoginSystem will be created if an item which dependsOn LoginSystem is
# installed. This would be bad. So, set up the necessary dependency state
# here, before instantiating SiteConfiguration. -exarkun
# Addendum: it is almost certainly the case that there are not legitimate
# configurations which lack a LoginSystem. However, a large number of
# database upgrade tests construct unrealistic databases. One aspect of
# the unrealism is that they lack a LoginSystem. Therefore, rather than
# changing all the bogus stubs and regenerating the stubs, I will just
# support the case where LoginSystem is missing. However, note that a
# LoginSystem upgrader may invalidate this check and result in a duplicate
# being created anyway. -exarkun
loginSystem = oldSite.store.findUnique(LoginSystem, default=None)
if loginSystem is not None and installedOn(loginSystem) is None:
installOn(loginSystem, oldSite.store)
uninstallFrom(oldSite.store, oldSite)
site = SiteConfiguration(
store=oldSite.store,
httpLog=oldSite.store.filesdir.child('httpd.log'),
hostname=getattr(oldSite, "hostname", None) or u"localhost")
installOn(site, site.store)
anonymousAvatar = AnonymousSite(store=oldSite.store)
installOn(anonymousAvatar, oldSite.store)
if couldHavePorts:
for tcp in site.store.query(TCPPort, TCPPort.factory == oldSite):
tcp.factory = site
for ssl in site.store.query(SSLPort, SSLPort.factory == oldSite):
ssl.factory = site
else:
if oldSite.portNumber is not None:
port = TCPPort(
store=oldSite.store,
portNumber=oldSite.portNumber,
factory=site)
installOn(port, oldSite.store)
securePortNumber = oldSite.securePortNumber
certificateFile = oldSite.certificateFile
if securePortNumber is not None and certificateFile:
oldCertPath = site.store.dbdir.preauthChild(certificateFile)
newCertPath = site.store.newFilePath('server.pem')
oldCertPath.moveTo(newCertPath)
port = SSLPort(
store=site.store,
portNumber=oldSite.securePortNumber,
certificatePath=newCertPath,
factory=site)
installOn(port, site.store)
newSite.deleteFromStore()