}
for kkey in kenv:
os.environ[kkey] = kenv[kkey]
sp_list = generate_sp_list()
for sp in sp_list:
krb = False
spname = sp['nameid']
spurl = 'https://%s:%s' % (sp['addr'], sp['port'])
sess = HttpSessions()
sess.add_server(idpname, 'https://%s:45080' % WRAP_HOSTNAME, user,
'ipsilon')
sess.add_server(spname, spurl)
TC.info('Testing NameID format %s' % spname)
if spname == 'kerberos':
krb = True
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname, krb=krb)
with TC.case('Add SP Metadata to IdP'):
sess.add_sp_metadata(idpname, spname)
with TC.case('Set supported Name ID formats'):
sess.set_sp_default_nameids(idpname, spname, [spname])
with TC.case('Access SP Protected Area',
should_fail=bool(expected[spname])):
def test_upgrade_from(self, env, old_version, with_readonly):
# Setup IDP Server
TC.info("Installing IDP server to test upgrade from %i" % old_version)
name = 'idp_v%i' % old_version
if with_readonly:
name = name + '_readonly'
addr = '127.0.0.%i' % (10 + old_version)
port = str(45080 + old_version)
idp = self.generate_profile(idp_g, idp_a, name, addr, port)
conf = self.setup_idp_server(idp, name, addr, port, env)
# Move database of old_version into place
cfgfile = os.path.join(self.testdir, 'etc', name, 'ipsilon.conf')
db_indir = os.path.join(self.rootdir, 'tests', 'blobs', 'old_dbs',
'v%i' % old_version)
db_outdir = os.path.join(self.testdir, 'lib', name)
if with_readonly:
self.use_readonly_adminconfig(name)
if old_version > 0:
for database in [
'adminconfig', 'openid', 'saml2.sessions.db',
'transactions', 'userprefs'
]:
db_in = os.path.join(db_indir, '%s.sqlite.dump' % database)
db_out = os.path.join(db_outdir, '%s.sqlite' % database)
os.unlink(db_out)
if database not in ['adminconfig', 'openid'
] or not with_readonly:
cmd = ['/usr/bin/sqlite3', db_out, '.read %s' % db_in]
subprocess.check_call(cmd,
stdout=self.stdout,
stderr=self.stderr)
# Upgrade that database
cmd = [
os.path.join(self.rootdir,
'ipsilon/install/ipsilon-upgrade-database'),
cfgfile
]
subprocess.check_call(cmd,
cwd=os.path.join(self.testdir, 'lib', name),
env=env,
stdout=self.stdout,
stderr=self.stderr)
# Check some version-specific changes, to see if the upgrade went OK
if old_version == 0:
# Check all features in a newly created database
# Let's verify if at least one index was created
output = self.dump_db(db_outdir, with_readonly)
if 'CREATE INDEX' not in output:
raise Exception('Database upgrade did not introduce index')
if 'PRIMARY KEY' not in output:
raise Exception('Database upgrade did not introduce primary ' +
'key')
elif old_version == 1:
# In 1 -> 2, we added indexes and primary keys
# Let's verify if at least one index was created
output = self.dump_db(db_outdir, with_readonly)
if 'CREATE INDEX' not in output:
raise Exception('Database upgrade did not introduce index')
# SQLite did not support creating primary keys, so we can't test
elif old_version == 2 and not with_readonly:
# Version 3 added the authz_config table
# Make sure it exists
output = self.dump_db(db_outdir, with_readonly)
if 'TABLE authz_config' not in output:
raise Exception('Database upgrade did not introduce ' +
'authz_config table')
# Start the httpd server
http_server = self.start_http_server(conf, env)
# Now attempt to use the upgraded database
exe = self.execname
if exe.endswith('c'):
exe = exe[:-1]
exe = [exe]
exe.append(str(old_version))
if with_readonly:
exe.append('readonly')
else:
exe.append('no-readonly')
exe.append(name)
exe.append('%s:%s' % (addr, port))
result = self.run_and_collect(exe, env=env)
# Now kill the last http server
os.killpg(http_server.pid, signal.SIGTERM)
self.processes.remove(http_server)
return result