class SecurityContextTestCase(unittest.TestCase):
logger = getLogger("SecurityContextTestCase")
file = "security.xml.sample"
def setUp(self):
self.context = Context()
self.logger.debug(str(len(self.context.roles)))
def tearDown(self):
del self.context
def testPermissions(self):
self.assertTrue(len(self.context.permissions) == 5)
self.assertEqual(self.context.permissions[0].id, "allow-all")
self.assertEqual(self.context.permissions[2].id, "deny-localhost")
self.assertEqual(len(self.context.permissions[2].constraints), 2)
def testRoles(self):
self.assertTrue(len(self.context.roles) == 2)
self.assertEqual(self.context.roles[1].id, "administrator")
def testUsers(self):
self.assertTrue(len(self.context.users) == 2)
u = self.context.get_user("user1", "123")
self.assertTrue(u is not None)
command = "nmap -v localhost"
self.assertFalse(u.is_permitted(command))
class SecurityContextTestCase(unittest.TestCase):
logger = getLogger("SecurityContextTestCase")
file = "security.xml.sample"
def setUp(self):
self.context = Context()
self.logger.debug(str(len(self.context.roles)))
def tearDown(self):
del self.context
def testPermissions(self):
self.assertTrue(len(self.context.permissions) == 5)
self.assertEqual(self.context.permissions[0].id, "allow-all")
self.assertEqual(self.context.permissions[2].id, "deny-localhost")
self.assertEqual(len(self.context.permissions[2].constraints), 2)
def testRoles(self):
self.assertTrue(len(self.context.roles) == 2)
self.assertEqual(self.context.roles[1].id, "administrator")
def testUsers(self):
self.assertTrue(len(self.context.users) == 2)
u = self.context.get_user("user1", "123")
self.assertTrue(u is not None)
command = "nmap -v localhost"
self.assertFalse(u.is_permitted(command))
def get_user(req, id):
ctx = Context()
user = ctx.get_user(id=id)
if not user:
raise Http404
resp = []
resp.append("'name': '%s'" % user.name.replace("'", "\\'"))
resp.append("'login': '******'" % user.login.replace("'", "\\'"))
resp.append("'superuser': %s" % str(user.superuser).lower())
resp.append("'roles': ['%s']" % "','".join([r.id for r in user.roles]))
return HttpResponse("{%s}" % ",".join(resp))
def get_user(req, id):
ctx = Context()
user = ctx.get_user(id=id)
if not user:
raise Http404
resp = []
resp.append("'name': '%s'" % user.name.replace("'", "\\'"))
resp.append("'login': '******'" % user.login.replace("'", "\\'"))
resp.append("'superuser': %s" % str(user.superuser).lower())
resp.append("'roles': ['%s']" % "','".join([r.id for r in user.roles]))
return HttpResponse("{%s}" % ",".join(resp))
def login(req):
logger.debug("aeeeeeeeee")
response = HttpResponse()
error = ""
errorclass = "hide"
if req.POST:
ctx = Context()
user = ctx.get_user(req.POST['login'], req.POST['password'])
if user:
req.session['umit_user'] = user
return HttpResponseRedirect("/html/")
else:
error = "Incorrect username or password"
errorclass = ""
response.loadTemplate("html/login.html")
return response % {"error": error, "errorclass": errorclass}
def login(req):
logger.debug("aeeeeeeeee")
response = HttpResponse()
error = ""
errorclass = "hide"
if req.POST:
ctx = Context()
user = ctx.get_user(req.POST['login'], req.POST['password'])
if user:
req.session['umit_user'] = user
return HttpResponseRedirect("/html/")
else:
error = "Incorrect username or password"
errorclass = ""
response.loadTemplate("html/login.html")
return response % {"error": error, "errorclass": errorclass}
def login(req):
resp = HttpResponse()
ctx = Context()
if req.POST:
resp['Content-type'] = "text/plain"
user = ctx.get_user(req.POST['login'], req.POST['password'])
if req.GET.has_key("json"):
if user:
req.session['umit_user'] = user
resp.write('OK')
else:
resp.write('FAIL')
return resp
else:
if user:
req.session['umit_user'] = user
return HttpResponseRedirect("/")
else:
resp.loadTemplate("login.html")
return resp
def edit_user(req, id):
ctx = Context()
user = ctx.get_user(id=id)
if not user:
raise Http404
user.name = req.POST['name']
user.roles = []
for id in (req.POST['roles'].strip() and req.POST['roles'].split(",") or []):
user.roles.append(ctx.get_role(id))
user.superuser = (req.POST['superuser'] == "yes")
if req.POST['password'].strip():
password = req.POST['password']
for i in xrange(len(ctx.users)):
if ctx.users[i].login == id:
ctx.users[i] = user
break
ctx.write_xml()
return HttpResponse("{'result': 'OK'}")
def edit_user(req, id):
ctx = Context()
user = ctx.get_user(id=id)
if not user:
raise Http404
user.name = req.POST['name']
user.roles = []
for id in (req.POST['roles'].strip() and req.POST['roles'].split(",")
or []):
user.roles.append(ctx.get_role(id))
user.superuser = (req.POST['superuser'] == "yes")
if req.POST['password'].strip():
password = req.POST['password']
for i in xrange(len(ctx.users)):
if ctx.users[i].login == id:
ctx.users[i] = user
break
ctx.write_xml()
return HttpResponse("{'result': 'OK'}")
