def test_handle_remote_access_multiple_users_one_removed(self, _):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil",
return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_10_accounts.xml')
remote_access = RemoteAccess(data_str)
count = 0
for user in remote_access.user_list.users:
count += 1
user.name = "tstuser{0}".format(count)
expiration_date = datetime.utcnow() + timedelta(days=count)
user.expiration = expiration_date.strftime(
"%a, %d %b %Y %H:%M:%S ") + "UTC"
rah._remote_access = remote_access
rah._handle_remote_access()
users = rah._os_util.get_users()
self.assertEqual(10, len(users))
# now remove the user from RemoteAccess
deleted_user = rah._remote_access.user_list.users[3]
del rah._remote_access.user_list.users[3]
rah._handle_remote_access()
users = rah._os_util.get_users()
self.assertTrue(deleted_user not in users,
"{0} still in users".format(deleted_user))
self.assertEqual(9, len(users))
def test_handle_remote_access_deleted_user_readded(self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
tstuser = remote_access.user_list.users[0].name
expiration_date = datetime.utcnow() + timedelta(days=1)
expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertTrue(tstuser in users,
"{0} missing from users".format(tstuser))
os_util = rah.os_util
os_util.__class__ = MockOSUtil
os_util.all_users.clear()
# refresh users
users = get_user_dictionary(rah.os_util.get_users())
self.assertTrue(tstuser not in users)
rah.handle_remote_access()
# refresh users
users = get_user_dictionary(rah.os_util.get_users())
self.assertTrue(tstuser in users,
"{0} missing from users".format(tstuser))
def test_parse_two_remote_access_accounts(self):
data_str = load_data('wire/remote_access_two_accounts.xml')
remote_access = RemoteAccess(data_str)
self.assertNotEquals(None, remote_access)
self.assertEquals("1", remote_access.incarnation)
self.assertEquals(2, len(remote_access.user_list.users),
"User count does not match.")
self.assertEquals("testAccount1",
remote_access.user_list.users[0].name,
"Account name does not match")
self.assertEquals("encryptedPasswordString",
remote_access.user_list.users[0].encrypted_password,
"Encrypted password does not match.")
self.assertEquals("2019-01-01",
remote_access.user_list.users[0].expiration,
"Expiration does not match.")
self.assertEquals("testAccount2",
remote_access.user_list.users[1].name,
"Account name does not match")
self.assertEquals("encryptedPasswordString",
remote_access.user_list.users[1].encrypted_password,
"Encrypted password does not match.")
self.assertEquals("2019-01-01",
remote_access.user_list.users[1].expiration,
"Expiration does not match.")
def test_handle_remote_access_remove_and_add(self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_10_accounts.xml')
remote_access = RemoteAccess(data_str)
count = 0
for user in remote_access.user_list.users:
count += 1
user.name = "tstuser{0}".format(count)
expiration_date = datetime.utcnow() + timedelta(days=count)
user.expiration = expiration_date.strftime(
"%a, %d %b %Y %H:%M:%S ") + "UTC"
rah.remote_access = remote_access
rah.handle_remote_access()
users = rah.os_util.get_users()
self.assertEqual(10, len(users))
# now remove the user from RemoteAccess
new_user = "******"
deleted_user = rah.remote_access.user_list.users[3]
rah.remote_access.user_list.users[3].name = new_user
rah.handle_remote_access()
users = rah.os_util.get_users()
self.assertTrue(deleted_user not in users,
"{0} still in users".format(deleted_user))
self.assertTrue(new_user in [u[0] for u in users],
"user {0} not in users".format(new_user))
self.assertEqual(10, len(users))
def test_handle_remote_access_no_users(self):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_no_accounts.xml')
remote_access = RemoteAccess(data_str)
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertEqual(0, len(users.keys()))
def test_handle_remote_access_no_users(self):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_no_accounts.xml')
remote_access = RemoteAccess(data_str)
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertEqual(0, len(users.keys()))
def test_do_not_add_expired_user(self):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
expiration = (datetime.utcnow() - timedelta(days=2)).strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertFalse("testAccount" in users)
def test_do_not_add_expired_user(self):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
expiration = (datetime.utcnow() - timedelta(days=2)
).strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertFalse("testAccount" in users)
def test_handle_remote_access_ten_users(self, _):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_10_accounts.xml')
remote_access = RemoteAccess(data_str)
count = 0
for user in remote_access.user_list.users:
count += 1
user.name = "tstuser{0}".format(count)
expiration_date = datetime.utcnow() + timedelta(days=count)
user.expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertEqual(10, len(users.keys()))
def test_handle_remote_access_ten_users(self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_10_accounts.xml')
remote_access = RemoteAccess(data_str)
count = 0
for user in remote_access.user_list.users:
count += 1
user.name = "tstuser{0}".format(count)
expiration_date = datetime.utcnow() + timedelta(days=count)
user.expiration = expiration_date.strftime(
"%a, %d %b %Y %H:%M:%S ") + "UTC"
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertEqual(10, len(users.keys()))
def test_handle_new_user(self, _):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
tstuser = remote_access.user_list.users[0].name
expiration_date = datetime.utcnow() + timedelta(days=1)
expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertTrue(tstuser in users, "{0} missing from users".format(tstuser))
actual_user = users[tstuser]
expected_expiration = (expiration_date + timedelta(days=1)).strftime("%Y-%m-%d")
self.assertEqual(actual_user[7], expected_expiration)
self.assertEqual(actual_user[4], "JIT_Account")
def test_handle_remote_access_multiple_users(self, _):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_two_accounts.xml')
remote_access = RemoteAccess(data_str)
testusers = []
count = 0
while count < 2:
user = remote_access.user_list.users[count].name
expiration_date = datetime.utcnow() + timedelta(days=count + 1)
expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[count].expiration = expiration
testusers.append(user)
count += 1
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertTrue(testusers[0] in users, "{0} missing from users".format(testusers[0]))
self.assertTrue(testusers[1] in users, "{0} missing from users".format(testusers[1]))
def test_handle_new_user(self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
tstuser = remote_access.user_list.users[0].name
expiration_date = datetime.utcnow() + timedelta(days=1)
expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertTrue(tstuser in users,
"{0} missing from users".format(tstuser))
actual_user = users[tstuser]
expected_expiration = (expiration_date +
timedelta(days=1)).strftime("%Y-%m-%d")
self.assertEqual(actual_user[7], expected_expiration)
self.assertEqual(actual_user[4], "JIT_Account")
def test_handle_remote_access_multiple_users_error_with_null_remote_access(
self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_10_accounts.xml')
remote_access = RemoteAccess(data_str)
count = 0
for user in remote_access.user_list.users:
count += 1
user.name = "tstuser{0}".format(count)
expiration_date = datetime.utcnow() + timedelta(days=count)
user.expiration = expiration_date.strftime(
"%a, %d %b %Y %H:%M:%S ") + "UTC"
rah.remote_access = remote_access
rah.handle_remote_access()
users = rah.os_util.get_users()
self.assertEqual(10, len(users))
# now remove the user from RemoteAccess
rah.remote_access = None
rah.handle_remote_access()
users = rah.os_util.get_users()
self.assertEqual(0, len(users))
def test_handle_remote_access_multiple_users(self, _):
rah = RemoteAccessHandler(Mock())
rah.os_util = MockOSUtil()
data_str = load_data('wire/remote_access_two_accounts.xml')
remote_access = RemoteAccess(data_str)
testusers = []
count = 0
while count < 2:
user = remote_access.user_list.users[count].name
expiration_date = datetime.utcnow() + timedelta(days=count + 1)
expiration = expiration_date.strftime(
"%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[count].expiration = expiration
testusers.append(user)
count += 1
rah.remote_access = remote_access
rah.handle_remote_access()
users = get_user_dictionary(rah.os_util.get_users())
self.assertTrue(testusers[0] in users,
"{0} missing from users".format(testusers[0]))
self.assertTrue(testusers[1] in users,
"{0} missing from users".format(testusers[1]))
def test_handle_remote_access_deleted_user_readded(self, _):
with patch("azurelinuxagent.ga.remoteaccess.get_osutil", return_value=MockOSUtil()):
rah = RemoteAccessHandler(Mock())
data_str = load_data('wire/remote_access_single_account.xml')
remote_access = RemoteAccess(data_str)
tstuser = remote_access.user_list.users[0].name
expiration_date = datetime.utcnow() + timedelta(days=1)
expiration = expiration_date.strftime("%a, %d %b %Y %H:%M:%S ") + "UTC"
remote_access.user_list.users[0].expiration = expiration
rah._remote_access = remote_access # pylint: disable=protected-access
rah._handle_remote_access() # pylint: disable=protected-access
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertTrue(tstuser in users, "{0} missing from users".format(tstuser))
os_util = rah._os_util # pylint: disable=protected-access
os_util.__class__ = MockOSUtil
os_util.all_users.clear() # pylint: disable=no-member
# refresh users
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertTrue(tstuser not in users)
rah._handle_remote_access() # pylint: disable=protected-access
# refresh users
users = get_user_dictionary(rah._os_util.get_users()) # pylint: disable=protected-access
self.assertTrue(tstuser in users, "{0} missing from users".format(tstuser))
def test_parse_zero_remote_access_accounts(self):
data_str = load_data('wire/remote_access_no_accounts.xml')
remote_access = RemoteAccess(data_str)
self.assertNotEqual(None, remote_access)
self.assertEqual(0, len(remote_access.user_list.users),
"User count does not match.")
