def setUp(self):
# anonymous user
self.anonymous = User(id=1, username='******')
self.anonymous.save()
settings.ANONYMOUS_USER_ID = self.anonymous.id
# user
user = User(id=2, username='******')
user.set_password('secret')
user.save()
# user1
user1 = User(id=3, username='******')
user1.set_password('secret')
user1.save()
# admin == superuser
admin = User(id=4, username='******', is_superuser=True)
admin.set_password("secret")
admin.save()
# key
key = SSHKey(key="ssh-rsa test tester0@testing", user=user)
key.save()
self.user = user
self.user1 = user1
self.admin = admin
self.key = key
self.c = Client()
def test_deletion(self):
"""
Tests key_delete view
Verifies:
* thrown 404 for non-existing objects
* successfully deleted objects
"""
for u in [self.user, self.admin]:
key1 = SSHKey(key="ssh-rsa test tester0@testing", user=u)
key1.save()
key_id = key1.id
self.c.login(username=u.username, password="******")
# 404 for non-existing objects
response = self.c.get(reverse("key-delete", args=[key_id+10]))
self.assertEqual(404, response.status_code)
# successful deletion
response = self.c.delete(reverse("key-delete", args=[key_id]))
self.assertEqual(200, response.status_code)
self.assertEquals("application/json", response['content-type'])
self.assertContains(response, "1", count=1)
self.assertEqual(0, len(SSHKey.objects.filter(id=key_id)))
def setUp(self):
self.tearDown()
# anonymous user
User(id=1, username="******").save()
settings.ANONYMOUS_USER_ID = 1
# user
user = User(id=2, username="******")
user.set_password("secret")
user.save()
# user1
user1 = User(id=3, username="******")
user1.set_password("secret")
user1.save()
# admin == superuser
admin = User(id=4, username="******", is_superuser=True)
admin.set_password("secret")
admin.save()
# key
key = SSHKey(key="ssh-rsa test tester0@testing", user=user)
key.save()
dict_ = globals()
dict_["user"] = user
dict_["user1"] = user1
dict_["admin"] = admin
dict_["key"] = key
dict_["c"] = Client()
def key_save(request, key_id=None):
if request.is_ajax:
# get key's user id
if key_id:
key_edit = get_object_or_404(SSHKey, pk=key_id)
owner_id = key_edit.user.id
else:
key_edit = SSHKey(user=request.user)
owner_id = request.user.id
# check if the user has appropriate permissions
user = request.user
if not (user.is_superuser or user.id == owner_id):
return HttpResponseForbidden(
_("Only superuser or owner can save user's SSH key."))
form = SSHKeyForm(data=request.POST, instance=key_edit)
if form.is_valid():
obj = form.save()
return render_to_response("ganeti/ssh_keys/row.html", {"key": obj},
context_instance=RequestContext(request))
else:
return HttpResponse(json.dumps(form.errors),
mimetype="application/json")
return HttpResponse(_("Cannot retrieve information"))
def test_view_ssh_keys(self):
"""
Test getting SSH keys belonging to users, who have admin permission on
specified virtual machine
"""
# second virtual machine created
vm1, cluster1 = self.create_virtual_machine(self.cluster, 'vm2.example.bak')
# grant admin permission to first user
self.user.grant("admin", self.vm)
# add some keys
key = SSHKey(key="ssh-rsa test test@test", user=self.user)
key.save()
key1 = SSHKey(key="ssh-dsa test asd@asd", user=self.user)
key1.save()
# get API key
import settings
key = settings.WEB_MGR_API_KEY
# forbidden
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname, key+"a"]))
self.assertEqual(403, response.status_code)
# not found
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname+"a", key]))
self.assertEqual(404, response.status_code)
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug+"a",
self.vm.hostname, key]))
self.assertEqual(404, response.status_code)
# vm with users who have admin perms
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname, key]))
self.assertEqual(200, response.status_code)
self.assertEquals("application/json", response["content-type"])
self.assertEqual(len(json.loads(response.content)), 2)
self.assertContains(response, "test@test", count=1)
self.assertContains(response, "asd@asd", count=1)
# vm without users who have admin perms
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug, vm1.hostname,
key]))
self.assertEqual(200, response.status_code)
self.assertEquals("application/json", response["content-type"])
self.assertEqual(len(json.loads(response.content)), 0 )
self.assertNotContains(response, "test@test")
self.assertNotContains(response, "asd@asd")
def test_view_ssh_keys(self):
"""
Test getting SSH keys belonging to users, who have admin permission on
specified virtual machine
"""
# second virtual machine created
vm1, cluster1 = self.create_virtual_machine(self.cluster,
'vm2.example.bak')
# grant admin permission to first user
self.user.grant("admin", self.vm)
# add some keys
key = SSHKey(key="ssh-rsa test test@test", user=self.user)
key.save()
key1 = SSHKey(key="ssh-dsa test asd@asd", user=self.user)
key1.save()
# get API key
import settings
key = settings.WEB_MGR_API_KEY
# forbidden
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname, key+"a"]))
self.assertEqual(403, response.status_code)
# not found
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname+"a", key]))
self.assertEqual(404, response.status_code)
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug+"a",
self.vm.hostname, key]))
self.assertEqual(404, response.status_code)
# vm with users who have admin perms
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug,
self.vm.hostname, key]))
self.assertEqual(200, response.status_code)
self.assertEquals("application/json", response["content-type"])
self.assertEqual(len(json.loads(response.content)), 2)
self.assertContains(response, "test@test", count=1)
self.assertContains(response, "asd@asd", count=1)
# vm without users who have admin perms
response = self.c.get(reverse("instance-keys",
args=[self.cluster.slug, vm1.hostname,
key]))
self.assertEqual(200, response.status_code)
self.assertEquals("application/json", response["content-type"])
self.assertEqual(len(json.loads(response.content)), 0)
self.assertNotContains(response, "test@test")
self.assertNotContains(response, "asd@asd")
