def test_create_with_checksum(self): # skip if server is older than 4.2 if self.server_version < (4, 2, 0): self.skipTest('Expects iRODS 4.2 server-side configuration') # server config server_config_dir = '/etc/irods' test_re_file = os.path.join(server_config_dir, 'test.re') server_config_file = os.path.join( server_config_dir, 'server_config.json') try: with helpers.file_backed_up(server_config_file): # make pep rule test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}" # write pep rule into test_re with open(test_re_file, 'w') as f: f.write(test_rule) # make new server configuration with additional re file new_server_config = self.make_new_server_config_json( server_config_file) # repave the existing server_config.json to add test_re with open(server_config_file, 'w') as f: f.write(new_server_config) # must make a new connection for the agent to pick up the # updated configuration self.sess.cleanup() # test object collection = self.coll_path filename = 'checksum_test_file' obj_path = "{collection}/{filename}".format(**locals()) contents = 'blah' * 100 checksum = base64.b64encode( hashlib.sha256(contents).digest()).decode() # make object in test collection options = {kw.OPR_TYPE_KW: 1} # PUT_OPR obj = helpers.make_object(self.sess, obj_path, content=contents, options=options) # verify object's checksum self.assertEqual( obj.checksum, "sha2:{checksum}".format(**locals())) # cleanup os.unlink(test_re_file) except IOError as e: # a likely fail scenario if e.errno == 13: self.skipTest("No permission to modify server configuration") raise except: raise
def test_create_with_checksum(self): # skip if server is older than 4.2 if self.server_version < (4, 2, 0): self.skipTest('Expects iRODS 4.2 server-side configuration') # server config server_config_dir = '/etc/irods' test_re_file = os.path.join(server_config_dir, 'test.re') server_config_file = os.path.join(server_config_dir, 'server_config.json') try: with helpers.file_backed_up(server_config_file): # make pep rule test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}" # write pep rule into test_re with open(test_re_file, 'w') as f: f.write(test_rule) # make new server configuration with additional re file new_server_config = self.make_new_server_config_json( server_config_file) # repave the existing server_config.json to add test_re with open(server_config_file, 'w') as f: f.write(new_server_config) # must make a new connection for the agent to pick up the # updated configuration self.sess.cleanup() # test object collection = self.coll_path filename = 'checksum_test_file' obj_path = "{collection}/{filename}".format(**locals()) contents = 'blah' * 100 checksum = base64.b64encode( hashlib.sha256(contents).digest()).decode() # make object in test collection obj = helpers.make_object(self.sess, obj_path, contents) # verify object's checksum self.assertEqual(obj.checksum, "sha2:{checksum}".format(**locals())) # cleanup os.unlink(test_re_file) except IOError as e: # a likely fail scenario if e.errno == 13: self.fail("No permission to modify server configuration") raise except: raise
def test_ssl_with_server_verify_set_to_none_281(self): env_file = os.path.expanduser('~/.irods/irods_environment.json') with helpers.file_backed_up(env_file): with open(env_file) as env_file_handle: env = json.load(env_file_handle) env.update({ "irods_client_server_negotiation": "request_server_negotiation", "irods_client_server_policy": "CS_NEG_REQUIRE", "irods_ssl_ca_certificate_file": "/path/to/some/file.crt", # does not need to exist "irods_ssl_verify_server": "none", "irods_encryption_key_size": 32, "irods_encryption_salt_size": 8, "irods_encryption_num_hash_rounds": 16, "irods_encryption_algorithm": "AES-256-CBC" }) with open(env_file, 'w') as f: json.dump(env, f) with helpers.make_session() as session: session.collections.get( '/{session.zone}/home/{session.username}'.format( **locals()))
def test_put_file_trigger_pep(self): # skip if server is remote if self.sess.host not in ('localhost', socket.gethostname()): self.skipTest('Requires access to server-side file(s)') # skip if server is older than 4.2 if self.sess.server_version < (4, 2, 0): self.skipTest('Expects iRODS 4.2 server-side configuration') # server config server_config_dir = '/etc/irods' test_re_file = os.path.join(server_config_dir, 'test.re') server_config_file = os.path.join(server_config_dir, 'server_config.json') try: with helpers.file_backed_up(server_config_file): # make pep rule test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}" # write pep rule into test_re with open(test_re_file, 'w') as f: f.write(test_rule) # make new server configuration with additional re file new_server_config = self.make_new_server_config_json( server_config_file) # repave the existing server_config.json to add test_re with open(server_config_file, 'w') as f: f.write(new_server_config) # must make a new connection for the agent to pick up the # updated configuration self.sess.cleanup() # make pseudo-random test file filename = 'test_put_file_trigger_pep.txt' test_file = os.path.join('/tmp', filename) contents = ''.join( random.choice(string.printable) for _ in range(1024)) with open(test_file, 'wb') as f: f.write(contents) # compute test file's checksum checksum = base64.b64encode( hashlib.sha256(contents).digest()).decode() # put object in test collection collection = self.coll.path self.sess.data_objects.put(test_file, '{collection}/'.format(**locals())) # get object to confirm checksum obj = self.sess.data_objects.get( '{collection}/{filename}'.format(**locals())) # verify object's checksum self.assertEqual(obj.checksum, "sha2:{checksum}".format(**locals())) # cleanup os.unlink(test_re_file) os.unlink(test_file) except IOError as e: # a likely fail scenario if e.errno == 13: self.skipTest("No permission to modify server configuration") raise except: raise
def test_put_file_trigger_pep(self): # skip if server is remote if self.sess.host not in ('localhost', socket.gethostname()): self.skipTest('Requires access to server-side file(s)') # skip if server is older than 4.2 if self.sess.server_version < (4, 2, 0): self.skipTest('Expects iRODS 4.2 server-side configuration') # server config server_config_dir = '/etc/irods' test_re_file = os.path.join(server_config_dir, 'test.re') server_config_file = os.path.join( server_config_dir, 'server_config.json') try: with helpers.file_backed_up(server_config_file): # make pep rule test_rule = "acPostProcForPut { msiDataObjChksum ($objPath, 'forceChksum=', *out )}" # write pep rule into test_re with open(test_re_file, 'w') as f: f.write(test_rule) # make new server configuration with additional re file new_server_config = self.make_new_server_config_json( server_config_file) # repave the existing server_config.json to add test_re with open(server_config_file, 'w') as f: f.write(new_server_config) # must make a new connection for the agent to pick up the # updated configuration self.sess.cleanup() # make pseudo-random test file filename = 'test_put_file_trigger_pep.txt' test_file = os.path.join('/tmp', filename) contents = ''.join(random.choice(string.printable) for _ in range(1024)) with open(test_file, 'wb') as f: f.write(contents) # compute test file's checksum checksum = base64.b64encode(hashlib.sha256(contents).digest()).decode() # put object in test collection collection = self.coll.path self.sess.data_objects.put(test_file, '{collection}/'.format(**locals())) # get object to confirm checksum obj = self.sess.data_objects.get('{collection}/{filename}'.format(**locals())) # verify object's checksum self.assertEqual(obj.checksum, "sha2:{checksum}".format(**locals())) # cleanup os.unlink(test_re_file) os.unlink(test_file) except IOError as e: # a likely fail scenario if e.errno == 13: self.skipTest("No permission to modify server configuration") raise except: raise
def tst0(self, ssl_opt, auth_opt, env_opt): auth_opt_explicit = 'native' if auth_opt == '' else auth_opt verbosity = False #verbosity='' # -- debug - sanity check by printing out options applied out = {'': ''} if env_opt: with self.setenv('IRODS_ENVIRONMENT_FILE', json_env_fullpath(auth_opt_explicit)) as env_file,\ self.setenv('IRODS_AUTHENTICATION_FILE', secrets_fullpath(auth_opt_explicit)): cli_env_extras = {} if not ( ssl_opt) else dict(CLIENT_OPTIONS_FOR_SSL) if auth_opt: cli_env_extras.update(irods_authentication_scheme=auth_opt) remove = [] else: remove = [regex('authentication_')] with helpers.file_backed_up(env_file): json_file_update(env_file, keys_to_delete=remove, **cli_env_extras) session = iRODSSession(irods_env_file=env_file) out = json.load(open(env_file)) self.validate_session(session, verbose=verbosity, ssl=ssl_opt) session.cleanup() out['ARGS'] = 'no' else: session_options = {} if auth_opt: session_options.update(authentication_scheme=auth_opt) if ssl_opt: SSL_cert = CLIENT_OPTIONS_FOR_SSL[ "irods_ssl_ca_certificate_file"] session_options.update(ssl_context=ssl.create_default_context( purpose=ssl.Purpose.SERVER_AUTH, capath=None, cadata=None, cafile=SSL_cert), **CLIENT_OPTIONS_FOR_SSL) lookup = self.user_auth_envs[ '.irods.' + ('native' if not (auth_opt) else auth_opt)] session = iRODSSession(host=gethostname(), user=lookup['USER'], zone='tempZone', password=lookup['PASSWORD'], port=1247, **session_options) out = session_options self.validate_session(session, verbose=verbosity, ssl=ssl_opt) session.cleanup() out['ARGS'] = 'yes' if verbosity == '': print('--- ssl:', ssl_opt, '/ auth:', repr(auth_opt), '/ env:', env_opt) print( '--- > ', json.dumps( {k: v for k, v in out.items() if k != 'ssl_context'}, indent=4)) print('---')