def test_single_change(self):
name = "/file/name"
old_base = "/OLD"
new_base = "/NEW"
data = "/etc/group"
key = old_base + data
file1 = File.create_file(self.db, name, self.user1, key,
pynimbusauthz.object_type_s3)
self.db.commit()
rc = pynimbusauthz.rebase.main([old_base, new_base])
self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))
f2a = File.find_files_from_data(self.db, key)
f2a = list(f2a)
self.assertEqual(
len(f2a), 0,
"should be no values with key %s len is %d" % (old_base, len(f2a)))
key = new_base + data
f2a = File.find_files_from_data(self.db, key)
f2a = list(f2a)
self.assertNotEqual(
len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a)))
found = False
for f2 in f2a:
tst_key = f2.get_data_key()
if tst_key == key:
found = True
self.assertTrue(found, "key not found")
def test_many_change_but_not_all(self):
name = "/file/name"
old_base = "/OLD"
new_base = "/NEW"
other_base = "/NOTHERE"
count = 10
for i in range(0, count):
keyname = str(uuid.uuid1())
oldkey = old_base + "/" + keyname
File.create_file(self.db, name + oldkey, self.user1, oldkey,
pynimbusauthz.object_type_s3)
for i in range(0, count * 2):
keyname = str(uuid.uuid1())
oldkey = other_base + "/" + keyname
File.create_file(self.db, name + oldkey, self.user1, oldkey,
pynimbusauthz.object_type_s3)
self.db.commit()
rc = pynimbusauthz.rebase.main([old_base, new_base])
self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))
f2a = File.find_files_from_data(self.db, new_base + "%")
f2a = list(f2a)
self.assertEqual(
len(f2a), count,
"length of the new items should be %d is %s" % (count, len(f2a)))
def test_change_key(self):
user1 = User(self.db)
name = "/file/name"
old_base = "/old/path/base"
fname = "/etc/group"
new_base = "/new/base/location/dir"
f = File.create_file(self.db, name, user1, old_base + fname,
pynimbusauthz.object_type_s3)
self.assertEqual(old_base + fname, f.get_data_key(),
"old value not euqal")
new_key = new_base + fname
f.set_data_key(new_key)
self.db.commit()
tst_new_key = f.get_data_key()
self.assertEqual(tst_new_key, new_key,
"%s should equal %s" % (tst_new_key, new_key))
f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3)
tst_new_key = f2.get_data_key()
self.assertEqual(tst_new_key, new_key,
"%s should equal %s" % (tst_new_key, new_key))
def test_file_and_bucket(self):
user1 = User(self.db)
fname = "NAME"
data = "data"
b1 = File.create_file(self.db, "bucket", user1, data,
pynimbusauthz.object_type_s3)
f1 = File.create_file(self.db,
fname,
user1,
data,
pynimbusauthz.object_type_s3,
parent=b1)
f2 = File.create_file(self.db, fname, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
self.assertNotEqual(f1.get_id(), f2.get_id())
f3 = File.get_file(self.db,
fname,
pynimbusauthz.object_type_s3,
parent=b1)
f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertEqual(f1.get_id(), f3.get_id())
self.assertEqual(f2.get_id(), f4.get_id())
self.assertNotEqual(f3.get_id(), f4.get_id())
self.db.commit()
def test_file_children(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
child1 = File.create_file(self.db,
"kid",
user1,
data,
pynimbusauthz.object_type_s3,
parent=file1)
self.db.commit()
p2 = child1.get_parent()
self.assertEqual(p2, file1, "parent not set properly")
x = child1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
x = file1.get_all_children()
found = False
for f in x:
if f == child1:
found = True
self.assertTrue(found, "We should have found that kid!")
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename and a datakey\nTry --help"
)
user_name = args[0]
object_name = args[1]
data = args[2]
user = User(db_obj, uu=user_name)
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
File.create_file(db_obj,
object_name,
user,
data,
opts.type,
parent=parent)
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException(['FILE_EXISTS'], "parent %s not found" % (opts.parent))
if opts.type == "all":
types = pynimbusauthz.object_types.keys()
else:
types = [opts.type]
for t in types:
files = File.find_files(db_obj, u_pattern, t, parent)
for f in files:
print_file(opts, f)
except AuthzException, ae:
print ae
return ae.get_rc()
def get_file_obj(self, bucketName, objectName=None):
file = File.get_file(self.db_obj, bucketName, pynimbusauthz.object_type_s3)
if file == None:
return None
if objectName != None:
file = File.get_file(self.db_obj, objectName, pynimbusauthz.object_type_s3, file)
return file
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException(['FILE_EXISTS'],
"parent %s not found" % (opts.parent))
if opts.type == "all":
types = pynimbusauthz.object_types.keys()
else:
types = [opts.type]
for t in types:
files = File.find_files(db_obj, u_pattern, t, parent)
for f in files:
print_file(opts, f)
except AuthzException, ae:
print ae
return ae.get_rc()
def test_single_change(self):
name = "/file/name"
old_base = "/OLD"
new_base = "/NEW"
data = "/etc/group"
key = old_base + data
file1 = File.create_file(self.db, name, self.user1, key, pynimbusauthz.object_type_s3)
self.db.commit()
rc = pynimbusauthz.rebase.main([old_base, new_base])
self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))
f2a = File.find_files_from_data(self.db, key)
f2a = list(f2a)
self.assertEqual(len(f2a), 0, "should be no values with key %s len is %d" % (old_base, len(f2a)))
key = new_base + data
f2a = File.find_files_from_data(self.db, key)
f2a = list(f2a)
self.assertNotEqual(len(f2a), 0, "length should be greater than 0 is %d" % (len(f2a)))
found = False
for f2 in f2a:
tst_key = f2.get_data_key()
if tst_key == key:
found = True
self.assertTrue(found, "key not found")
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException("CLI_PARAMETER", "You must specify a username filename and a datakey\nTry --help")
user_name = args[0]
object_name = args[1]
data = args[2]
user = User(db_obj, uu=user_name)
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException("FILE_EXISTS", "parent %s not found" % (opts.parent))
File.create_file(db_obj, object_name, user, data, opts.type, parent=parent)
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) != 3:
raise AuthzException('CLI_PARAMETER', "You must specify a username filename permssions")
user_name = args[0]
object_name = args[1]
requested_perms = args[2]
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent))
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
raise AuthzException('FILE_EXISTS', "file %s:%s not found" % (opts.type, object_name))
user = User(db_obj, uu=user_name)
uf = UserFile(file1) # create a uesrfile with owner so we can chmod
uf.chmod(requested_perms, user=user)
pynimbusauthz.print_msg(opts, 0, "changed %s to %s for %s" % (str(file1), requested_perms, str(user)))
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def get_file_obj(self, bucketName, objectName=None):
file = File.get_file(self.db_obj, bucketName,
pynimbusauthz.object_type_s3)
if file == None:
return None
if objectName != None:
file = File.get_file(self.db_obj, objectName,
pynimbusauthz.object_type_s3, file)
return file
def test_bucket(self):
# create a file and a bucket
b1 = File.create_file(self.db, "bucket", self.user1, self.data, pynimbusauthz.object_type_s3)
f2 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3, parent=b1)
self.db.commit()
new_perms = "WR"
rc = pynimbusauthz.chmod.main(["-t", f2.get_object_type(), "-p", b1.get_name(), self.user1.get_id(), f2.get_name(), new_perms])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
def test_basic_touch(self):
fname = str(uuid.uuid1())
data = str(uuid.uuid1())
f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertEqual(f, None)
rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertNotEqual(f, None)
def test_basic_touch(self):
fname = str(uuid.uuid1())
data = str(uuid.uuid1())
f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertEqual(f, None)
rc = pynimbusauthz.touch.main([self.user1.get_id(), fname, data])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
f = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertNotEqual(f, None)
def get_file_obj(self, bucketName, objectName=None):
pycb.log(logging.INFO, "===== def get_file_obj of cbAuthzSecurity.py")
file = File.get_file(self.db_obj, bucketName, pynimbusauthz.object_type_s3)
pycb.log(logging.INFO, "=====## file is %s"%file)
if file == None:
return None
if objectName != None:
file = File.get_file(self.db_obj, objectName, pynimbusauthz.object_type_s3, file)
pycb.log(logging.INFO, "=====## file is %s"%file)
return file
def test_under_bucket_touch(self):
bname = str(uuid.uuid1())
fname = str(uuid.uuid1())
data = str(uuid.uuid1())
rc = pynimbusauthz.touch.main(["-t", pynimbusauthz.object_type_s3, self.user1.get_id(), bname, data])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
rc = pynimbusauthz.touch.main(["-p", bname, self.user1.get_id(), fname, data])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3)
f1 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)
self.assertNotEqual(b1, None)
self.assertNotEqual(f1, None)
def test_find_by_key(self):
user1 = User(self.db)
name = "/file/name"
key = "/old/path/base"
f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3)
self.db.commit()
f2a = File.find_files_from_data(self.db, key)
found = False
for f2 in f2a:
tst_key = f2.get_data_key()
if tst_key == key:
found = True
self.assertTrue(found, "key not found")
def test_find_by_key(self):
user1 = User(self.db)
name = "/file/name"
key = "/old/path/base"
f = File.create_file(self.db, name, user1, key, pynimbusauthz.object_type_s3)
self.db.commit()
f2a = File.find_files_from_data(self.db, key)
found = False
for f2 in f2a:
tst_key = f2.get_data_key()
if tst_key == key:
found = True
self.assertTrue(found, "key not found")
def list_bucket(self, bucketName, args):
clause = " ORDER BY name"
prefix = None
if 'prefix' in args:
prefix = args['prefix'][0]
prefix = "%s%%" % (prefix)
limit = None
if 'max-keys' in args:
max_a = args['max-keys']
limit = int(max_a[0])
if 'delimiter' in args:
pass
if 'key-marker' in args:
km = args['key-marker'][0]
clause = " and name > '%s'" % (km)
try:
bucket = File.get_file(self.db_obj, bucketName,
pynimbusauthz.alias_type_s3)
iter = bucket.get_all_children(limit=limit,
match_str=prefix,
clause=clause)
new_it = itertools.imap(
lambda r: _convert_File_to_cbObject(self, r), iter)
return list(new_it)
finally:
self.db_obj.commit()
def xtest_international_file(self):
user1 = User(self.db)
name = os.environ['CUMULUS_WORD']
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data,
pynimbusauthz.object_type_s3)
self.db.commit()
def validate_perms(self, new):
f = File.get_file_from_db_id(self.db, self.file1.get_id())
uf = UserFile(f, self.user1)
perms = uf.get_perms(force=True)
for p in new:
self.assertTrue(p in perms, "bad perms set %s != %s" % (new, perms))
self.assertEqual(len(perms), len(new), "perms dont match %s != %s" % (new, perms))
def get_my_buckets(self):
try:
file_iterater = File.get_user_files(self.db_obj, self.user, root=True)
new_it = itertools.imap(lambda r: _convert_bucket_to_cbObject(self, r), file_iterater)
return list(new_it)
finally:
self.db_obj.commit()
def list_bucket(self, bucketName, args):
clause = " ORDER BY name"
prefix = None
if 'prefix' in args:
prefix = args['prefix'][0]
prefix = "%s%%" % (prefix)
limit = None
if 'max-keys' in args:
max_a = args['max-keys']
limit = int(max_a[0])
if 'delimiter' in args:
pass
if 'key-marker' in args:
km = args['key-marker'][0]
clause = " and name > '%s'" % (km)
try:
bucket = File.get_file(self.db_obj, bucketName, pynimbusauthz.alias_type_s3)
iter = bucket.get_all_children(limit=limit, match_str=prefix, clause=clause)
new_it = itertools.imap(lambda r: _convert_File_to_cbObject(self, r), iter)
return list(new_it)
finally:
self.db_obj.commit()
def main(argv=sys.argv[1:]):
try:
repo_dir = argv[0]
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
user = User(db_obj, uu="CumulusPublicUser")
if user == None:
raise Exception("No public user")
File.create_file(db_obj, repo_dir, user, repo_dir, pynimbusauthz.alias_type_s3)
db_obj.commit()
except:
raise
return 0
def test_file_and_bucket(self):
user1 = User(self.db)
fname = "NAME"
data = "data"
b1 = File.create_file(self.db, "bucket", user1, data, pynimbusauthz.object_type_s3)
f1 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3, parent=b1)
f2 = File.create_file(self.db, fname, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
self.assertNotEqual(f1.get_id(), f2.get_id())
f3 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3, parent=b1)
f4 = File.get_file(self.db, fname, pynimbusauthz.object_type_s3)
self.assertEqual(f1.get_id(), f3.get_id())
self.assertEqual(f2.get_id(), f4.get_id())
self.assertNotEqual(f3.get_id(), f4.get_id())
self.db.commit()
def get_my_buckets(self):
pycb.log(logging.INFO, "===== def get_my_buckets of cbAuthzSecurity.py")
try:
file_iterater = File.get_user_files(self.db_obj, self.user, root=True)
new_it = itertools.imap(lambda r: _convert_bucket_to_cbObject(self, r), file_iterater)
return list(new_it)
finally:
self.db_obj.commit()
def test_many_change(self):
name = "/file/name"
old_base = "/OLD"
new_base = "/NEW"
count = 10
for i in range(0, count):
keyname = str(uuid.uuid1())
oldkey = old_base + "/" + keyname
File.create_file(self.db, name+oldkey, self.user1, oldkey, pynimbusauthz.object_type_s3)
self.db.commit()
rc = pynimbusauthz.rebase.main([old_base, new_base])
self.assertEqual(rc, 0, "rc should be 0, is %d" % (rc))
f2a = File.find_files_from_data(self.db, new_base + "%")
f2a = list(f2a)
self.assertEqual(len(f2a), count, "length of the new items should be %d is %s" % (count, len(f2a)))
def validate_perms(self, new):
f = File.get_file_from_db_id(self.db, self.file1.get_id())
uf = UserFile(f, self.user1)
perms = uf.get_perms(force=True)
for p in new:
self.assertTrue(p in perms,
"bad perms set %s != %s" % (new, perms))
self.assertEqual(len(perms), len(new),
"perms dont match %s != %s" % (new, perms))
def setUp(self):
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
def test_add_file_usage_one_file(self):
size1 = 100
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, self.user, data, pynimbusauthz.object_type_s3, size=size1)
self.db.commit()
u = self.user.get_quota_usage()
self.assertEqual(u, size1)
def setUp(self):
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
def get_my_buckets(self):
try:
file_iterater = File.get_user_files(self.db_obj,
self.user,
root=True)
new_it = itertools.imap(
lambda r: _convert_bucket_to_cbObject(self, r), file_iterater)
return list(new_it)
finally:
self.db_obj.commit()
def main(argv=sys.argv[1:]):
try:
repo_dir = argv[0]
repo_dir = str(repo_dir).strip()
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
user = User(db_obj, uu="CumulusPublicUser")
if user == None:
raise Exception("No public user")
File.create_file(db_obj, repo_dir, user, repo_dir,
pynimbusauthz.alias_type_s3)
db_obj.commit()
except:
raise
return 0
def test_under_bucket_touch(self):
bname = str(uuid.uuid1())
fname = str(uuid.uuid1())
data = str(uuid.uuid1())
rc = pynimbusauthz.touch.main([
"-t", pynimbusauthz.object_type_s3,
self.user1.get_id(), bname, data
])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
rc = pynimbusauthz.touch.main(
["-p", bname, self.user1.get_id(), fname, data])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
b1 = File.get_file(self.db, bname, pynimbusauthz.object_type_s3)
f1 = File.get_file(self.db,
fname,
pynimbusauthz.object_type_s3,
parent=b1)
self.assertNotEqual(b1, None)
self.assertNotEqual(f1, None)
def test_change_key(self):
user1 = User(self.db)
name = "/file/name"
old_base = "/old/path/base"
fname = "/etc/group"
new_base = "/new/base/location/dir"
f = File.create_file(self.db, name, user1, old_base + fname, pynimbusauthz.object_type_s3)
self.assertEqual(old_base + fname, f.get_data_key(), "old value not euqal")
new_key = new_base + fname
f.set_data_key(new_key)
self.db.commit()
tst_new_key = f.get_data_key()
self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))
f2 = File.get_file(self.db, name, pynimbusauthz.object_type_s3)
tst_new_key = f2.get_data_key()
self.assertEqual(tst_new_key, new_key, "%s should equal %s" % (tst_new_key, new_key))
def test_bucket(self):
# create a file and a bucket
b1 = File.create_file(self.db, "bucket", self.user1, self.data,
pynimbusauthz.object_type_s3)
f2 = File.create_file(self.db,
self.name,
self.user1,
self.data,
pynimbusauthz.object_type_s3,
parent=b1)
self.db.commit()
new_perms = "WR"
rc = pynimbusauthz.chmod.main([
"-t",
f2.get_object_type(), "-p",
b1.get_name(),
self.user1.get_id(),
f2.get_name(), new_perms
])
self.assertEqual(rc, 0, "CLI should return success %d" % (rc))
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) == 0:
raise AuthzException('CLI_PARAMETER',
"You must specify a filename")
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"bucket %s not found" % (opts.parent))
object_name = args[0]
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
pynimbusauthz.print_msg(opts, 0, "File not found")
return
uf = UserFile(file1)
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner",
"user", "perms")
pynimbusauthz.print_msg(opts, 1, msg)
n = uf.get_file().get_name()
t = uf.get_file().get_object_type()
stat_print_uf(opts, uf, n, t)
if opts.all:
user_list = uf.get_file().get_all_users()
for u in user_list:
uf = UserFile(uf.get_file(), u)
stat_print_uf(opts, uf, " ", " ")
except AuthzException, ae:
print ae
return ae.get_rc()
def test_add_file_usage_many_files(self):
size1 = 100
name = "/file/name"
data = "/etc/group"
total = 0
for i in range(0, 10):
file1 = File.create_file(self.db, name+str(i), self.user, data, pynimbusauthz.object_type_s3, size=size1)
total = total + size1
self.db.commit()
u = self.user.get_quota_usage()
self.assertEqual(u, total)
def test_children(self):
child1 = File.create_file(self.db, "kid", self.user1, self.data, pynimbusauthz.object_type_s3, parent=self.file1)
self.db.commit()
x = child1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
x = self.uf.get_all_children()
found = False
for f in x:
if f.get_file() == child1:
found = True
self.assertTrue(found, "We should have found that kid!")
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename permssions")
user_name = args[0]
object_name = args[1]
requested_perms = args[2]
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
raise AuthzException(
'FILE_EXISTS',
"file %s:%s not found" % (opts.type, object_name))
user = User(db_obj, uu=user_name)
uf = UserFile(file1) # create a uesrfile with owner so we can chmod
uf.chmod(requested_perms, user=user)
pynimbusauthz.print_msg(
opts, 0, "changed %s to %s for %s" %
(str(file1), requested_perms, str(user)))
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ["NIMBUS_AUTHZ_DB"] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
self.db.commit()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) == 0:
raise AuthzException('CLI_PARAMETER', "You must specify a filename")
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS', "bucket %s not found" % (opts.parent))
object_name = args[0]
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
pynimbusauthz.print_msg(opts, 0, "File not found")
return
uf = UserFile(file1)
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner", "user", "perms")
pynimbusauthz.print_msg(opts, 1, msg)
n = uf.get_file().get_name()
t = uf.get_file().get_object_type()
stat_print_uf(opts, uf, n, t)
if opts.all:
user_list = uf.get_file().get_all_users()
for u in user_list:
uf = UserFile(uf.get_file(), u)
stat_print_uf(opts, uf, " ", " ")
except AuthzException, ae:
print ae
return ae.get_rc()
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
self.db.commit()
def test_file_children(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
child1 = File.create_file(self.db, "kid", user1, data, pynimbusauthz.object_type_s3, parent=file1)
self.db.commit()
p2 = child1.get_parent()
self.assertEqual(p2, file1, "parent not set properly")
x = child1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
x = file1.get_all_children()
found = False
for f in x:
if f == child1:
found = True
self.assertTrue(found, "We should have found that kid!")
def put_object(self, data_obj, bucketName, objectName):
data_key = data_obj.get_data_key()
md5sum = data_obj.get_md5()
fsize = data_obj.get_size()
try:
# it is ok for someone to put to an existing object
# we just need to delete the existing one
file = self.get_file_obj(bucketName, objectName)
if file != None:
pycb.config.bucket.delete_object(file.get_data_key())
file.delete()
bf = self.get_file_obj(bucketName)
f = File.create_file(self.db_obj, objectName, self.user, data_key, pynimbusauthz.alias_type_s3, parent=bf, size=fsize, md5sum=md5sum)
finally:
self.db_obj.commit()
def test_children(self):
child1 = File.create_file(self.db,
"kid",
self.user1,
self.data,
pynimbusauthz.object_type_s3,
parent=self.file1)
self.db.commit()
x = child1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
x = self.uf.get_all_children()
found = False
for f in x:
if f.get_file() == child1:
found = True
self.assertTrue(found, "We should have found that kid!")
def test_basic_file(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
x = file1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
n2 = file1.get_name()
self.assertEqual(name, n2, "Names not equal")
d2 = file1.get_data_key()
self.assertEqual(data, d2, "Data not equal")
o2 = file1.get_owner()
self.assertEqual(user1, o2, "Owner not equal")
p2 = file1.get_parent()
self.assertEqual(None, p2, "There should be no parent")
b2 = file1.get_object_type()
self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")
def test_basic_file(self):
user1 = User(self.db)
name = "/file/name"
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
x = file1.get_all_children()
self.assertEqual(len(list(x)), 0, "The file should have no children")
n2 = file1.get_name()
self.assertEqual(name, n2, "Names not equal")
d2 = file1.get_data_key()
self.assertEqual(data, d2, "Data not equal")
o2 = file1.get_owner()
self.assertEqual(user1, o2, "Owner not equal")
p2 = file1.get_parent()
self.assertEqual(None, p2, "There should be no parent")
b2 = file1.get_object_type()
self.assertEqual(pynimbusauthz.object_type_s3, b2, "Type wrong")
def put_object(self, data_obj, bucketName, objectName):
data_key = data_obj.get_data_key()
md5sum = data_obj.get_md5()
fsize = data_obj.get_size()
try:
# it is ok for someone to put to an existing object
# we just need to delete the existing one
file = self.get_file_obj(bucketName, objectName)
if file != None:
pycb.config.bucket.delete_object(file.get_data_key())
file.delete()
bf = self.get_file_obj(bucketName)
f = File.create_file(self.db_obj,
objectName,
self.user,
data_key,
pynimbusauthz.alias_type_s3,
parent=bf,
size=fsize,
md5sum=md5sum)
finally:
self.db_obj.commit()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
old_path = args[0]
new_path = args[1]
pattern = old_path + "%"
files = list(File.find_files_from_data(db_obj, pattern))
for f in files:
old_key = f.get_data_key()
new_key = old_key.replace(old_path, new_path, 1)
f.set_data_key(new_key)
db_obj.commit()
print "done - %d files rebased" % len(files)
except AuthzException, ae:
print ae
return ae.get_rc()
def test_find_no_file(self):
f = File.get_file_from_db_id(self.db, 1000)
self.assertEqual(f, None, "We should not have found that file")
f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3)
self.assertEqual(f, None, "We should not have found that file")
def put_bucket(self, bucketName):
try:
f = File.create_file(self.db_obj, bucketName, self.user,
bucketName, pynimbusauthz.alias_type_s3)
finally:
self.db_obj.commit()
def test_find_no_file(self):
f = File.get_file_from_db_id(self.db, 1000)
self.assertEqual(f, None, "We should not have found that file")
f = File.get_file(self.db, "nofile", pynimbusauthz.object_type_s3)
self.assertEqual(f, None, "We should not have found that file")
def xtest_international_file(self):
user1 = User(self.db)
name = os.environ["CUMULUS_WORD"]
data = "/etc/group"
file1 = File.create_file(self.db, name, user1, data, pynimbusauthz.object_type_s3)
self.db.commit()
