def test_get_default_user(self): """Test that default user is correctly added by get_user_list().""" users_module_mock = Mock() users_module_mock.Users = [] user_data_list = get_user_list(users_module_mock, add_default=True) default_added_user_data = UserData() default_added_user_data.set_admin_priviledges(True) assert len(user_data_list) == 1 assert isinstance(user_data_list[0], UserData) assert compare_data(user_data_list[0], default_added_user_data)
def get_default_user_test(self): """Test that default user is correctly added by get_user_list().""" users_module_mock = Mock() users_module_mock.Users = [] user_data_list = get_user_list(users_module_mock, add_default=True) self.assertEqual(len(user_data_list), 1) self.assertIsInstance(user_data_list[0], UserData) self.assertTrue(compare_data(user_data_list[0], UserData()))
def get_user_list(users_module, add_default=False, add_if_not_empty=False): """Get list of users from the Users DBus module. If add_default is True we will add an empty UserData instance as the first element of the list, so that the UIs don't have to handle that themselves. :param users_module: Users DBus module proxy :param bool add_default: if True add default user as first list element :returns: list of users from the Users DBus module :rtype: list """ user_data_list = UserData.from_structure_list(users_module.Users) if add_default: # we only add default user to an empty list, to add default user to # a populated list the add_if_not_empty option needs to be used if not user_data_list or add_if_not_empty: user_data_list.insert(0, UserData()) return user_data_list
def Users(self) -> List[Structure]: """List of users, each describing a single user. :return: a list of user describing DBus Structures """ # internally we hold the data about users as a list of structures, # which we need to turn into a list of dicts before returning it # over DBus user_dicts = [] for user_data in self.implementation.users: user_dicts.append(UserData.to_structure(user_data)) return user_dicts
def set_user_list(users_module, user_data_list, remove_unset=False): """Properly set the user list in the Users DBus module. Internally we are working with a list of UserData instances, while the SetUsers DBus API requires a list of DBus structures. Doing the conversion each time we need to set a new user list would be troublesome so this method takes a list of UserData instances, converts them to list of DBus structs and then forwards the list to the Users module. Also if remove_unset is True we will drop any UserData instances from the list before forwarding it to the Users DBus module. Missing name is used as an indicator that the given user has been unset by one of the UIs and should be discarded. :param users_module: Users DBus module proxy :param list user_data_list: list of user data objects :param bool remove_unset: remove all users without name from the list before setting it :type user_data_list: list of UserData instances """ if remove_unset: user_data_list = [user for user in user_data_list if user.name] users_module.Users = UserData.to_structure_list(user_data_list)
def test_eq(self): """Test that the __eq__() method works correctly for UserData instances.""" # the comparison is name based user_data_1 = UserData() user_data_1.name = "foo" user_data_2 = UserData() user_data_2.name = "bar" user_data_3 = UserData() user_data_3.name = "foo" assert user_data_1 == user_data_3 assert not (user_data_1 == user_data_2) assert not (user_data_2 == user_data_1) assert not (user_data_2 == user_data_3) # now try changing the name on existing instance user_data_1.name = "bar" user_data_2.name = "foo" user_data_3.name = "foo" assert not (user_data_1 == user_data_2) assert not (user_data_1 == user_data_3) assert user_data_2 == user_data_3 assert user_data_3 == user_data_2 # only name is used, other attributes should not influence the comparison user_data_a = UserData() user_data_a.name = "foo" user_data_a.uid = 1 user_data_a.gid = 1 user_data_a.homedir = "/foo" user_data_b = UserData() user_data_b.name = "foo" user_data_b.uid = 2 user_data_b.gid = 2 user_data_b.homedir = "/bar" assert user_data_a == user_data_b
def test_admin_user_detection_6(self): """Test that admin user detection works correctly - 1 admin (case 5).""" # 2 users, unlocked root user1 = UserData() user1.name = "user1" user1.groups = ["foo", "bar"] user1.lock = False user2 = UserData() user2.name = "user2" user2.groups = ["baz", "bar"] user2.lock = False self.users_interface.SetUsers(UserData.to_structure_list([user1, user2])) self.users_interface.SetCryptedRootPassword("abc") self.users_interface.SetRootAccountLocked(False) assert self.users_interface.CheckAdminUserExists()
def test_admin_user_detection_2(self): """Test that admin user detection works correctly - 0 admins (case 1).""" # 2 locked admin users, locked root user1 = UserData() user1.name = "user1" user1.groups = ["foo", "wheel", "bar"] user1.lock = True user2 = UserData() user2.name = "user2" user2.groups = ["baz", "bar", "wheel"] user2.lock = True self.users_interface.SetUsers(UserData.to_structure_list([user1, user2])) self.users_interface.SetCryptedRootPassword("abc") self.users_interface.SetRootAccountLocked(True) assert not self.users_interface.CheckAdminUserExists()
def test_set_user_list(self): """Test the shared set_user_list() method.""" user1 = UserData() user1.name = "user1" user1.uid = 123 user1.groups = ["foo", "bar"] user1.gid = 321 user1.homedir = "user1_home" user1.password = "******" user1.is_crypted = False user1.lock = False user1.shell = "zsh" user1.gecos = "some stuff" user2 = UserData() user2.name = "user2" user2.uid = 456 user2.groups = ["baz", "bar"] user2.gid = 654 user2.homedir = "user2_home" user2.password = "******" user2.is_crypted = True user2.lock = False user2.shell = "csh" user2.gecos = "some other stuff" users_module_mock = Mock() set_user_list(users_module_mock, [user1, user2]) user_data_list = users_module_mock.SetUsers.call_args[0][0] assert len(user_data_list) == 2 assert user_data_list[0] == UserData.to_structure(user1) assert user_data_list[1] == UserData.to_structure(user2) user1.name = "" set_user_list(users_module_mock, [user1, user2], remove_unset=True) user_data_list = users_module_mock.SetUsers.call_args[0][0] assert len(user_data_list) == 1 assert user_data_list[0] == UserData.to_structure(user2)
def test_getter_setter(self): """Test getters and setters for the User UID and GID values.""" user_data = UserData() user_data.name = "user" # everything should be unset by default assert user_data.uid == 0 assert user_data.uid_mode == ID_MODE_USE_DEFAULT assert user_data.get_uid() is None assert user_data.gid == 0 assert user_data.gid_mode == ID_MODE_USE_DEFAULT assert user_data.get_gid() is None user_data.set_uid(123) user_data.set_gid(456) # now everything is set assert user_data.uid == 123 assert user_data.uid_mode == ID_MODE_USE_VALUE assert user_data.get_uid() == 123 assert user_data.gid == 456 assert user_data.gid_mode == ID_MODE_USE_VALUE assert user_data.get_gid() == 456 user_data.uid_mode = ID_MODE_USE_DEFAULT user_data.gid_mode = ID_MODE_USE_DEFAULT # mode should decide whether numbers are used, regardless of being stored assert user_data.uid_mode == ID_MODE_USE_DEFAULT assert user_data.uid == 123 assert user_data.get_uid() is None assert user_data.gid_mode == ID_MODE_USE_DEFAULT assert user_data.gid == 456 assert user_data.get_gid() is None user_data.set_uid(None) user_data.set_gid(None) # setting None resets everything assert user_data.uid == 0 assert user_data.uid_mode == ID_MODE_USE_DEFAULT assert user_data.get_uid() is None assert user_data.gid == 0 assert user_data.gid_mode == ID_MODE_USE_DEFAULT assert user_data.get_gid() is None
def admin_user_detection_5_test(self): """Test that admin user detection works correctly - 1 admin (case 4).""" # 1 user, 1 unlocked admin user, locked root user1 = UserData() user1.name = "user1" user1.groups = ["foo", "bar"] user1.lock = False user2 = UserData() user2.name = "user2" user2.groups = ["baz", "bar", "wheel"] user2.lock = False self.users_interface.SetUsers( UserData.to_structure_list([user1, user2])) self.users_interface.SetCryptedRootPassword("abc") self.users_interface.SetRootAccountLocked(True) self.assertTrue(self.users_interface.CheckAdminUserExists())
def Users(self, users: List[Structure]): """Set a list of users, each corresponding to a single user. :param users: a list of user describing DBus structures """ self.implementation.set_users(UserData.from_structure_list(users))
def Users(self) -> List[Structure]: """List of users, each describing a single user. :return: a list of user describing DBus Structures """ return UserData.to_structure_list(self.implementation.users)
def test_admin_user_detection_1(self): """Test that admin user detection works correctly - 3 admins.""" # 2 admin users, unlocked root user1 = UserData() user1.name = "user1" user1.groups = ["foo", "wheel", "bar"] user1.lock = False user2 = UserData() user2.name = "user2" user2.groups = ["baz", "bar", "wheel"] user2.lock = False self.users_interface.Users = UserData.to_structure_list([user1, user2]) self.users_interface.SetCryptedRootPassword("abc") self.users_interface.IsRootAccountLocked = False assert self.users_interface.CheckAdminUserExists()
def _ksdata_to_user_data(self, user_ksdata): """Apply kickstart user command data to UserData instance. :param user_ksdata: data for the kickstart user command :return: UserData instance with kickstart data applied """ user_data = UserData() user_data.name = user_ksdata.name user_data.groups = user_ksdata.groups user_data.set_uid(user_ksdata.uid) user_data.set_gid(user_ksdata.gid) user_data.homedir = user_ksdata.homedir user_data.password = user_ksdata.password user_data.is_crypted = user_ksdata.isCrypted user_data.lock = user_ksdata.lock # make sure the user account is locked by default unless a password # is set in kickstart if not user_ksdata.password: log.debug( "user (%s) specified in kickstart without password, locking account", user_ksdata.name) user_data.lock = True user_data.shell = user_ksdata.shell user_data.gecos = user_ksdata.gecos return user_data
def test_has_admin_priviledges(self): """Test the has_admin_priviledges() method works correctly.""" user_data = UserData() user_data.groups = ["wheel"] assert user_data.has_admin_priviledges() user_data = UserData() user_data.groups = ["foo"] assert not user_data.has_admin_priviledges() user_data = UserData() user_data.groups = ["foo", "wheel", "bar"] assert user_data.has_admin_priviledges() # multiple wheels user_data = UserData() user_data.groups = ["foo", "wheel", "bar", "wheel", "baz"] assert user_data.has_admin_priviledges() # group name is case sensitive user_data = UserData() user_data.groups = ["WHEEL", "Wheel"] assert not user_data.has_admin_priviledges()
def test_set_admin_priviledges(self): """Test setting user admin privileges works correctly.""" user_data = UserData() assert not user_data.has_admin_priviledges() assert "wheel" not in user_data.groups # turn it on user_data.set_admin_priviledges(True) assert user_data.has_admin_priviledges() assert "wheel" in user_data.groups # turn it off user_data.set_admin_priviledges(False) assert not user_data.has_admin_priviledges() assert "wheel" not in user_data.groups # existing groups - turn in on user_data = UserData() user_data.groups = ["foo", "bar"] user_data.set_admin_priviledges(True) assert user_data.has_admin_priviledges() assert "wheel" in user_data.groups assert "foo" in user_data.groups assert "bar" in user_data.groups # existing groups - turn in off user_data.set_admin_priviledges(False) assert not user_data.has_admin_priviledges() assert "wheel" not in user_data.groups assert "foo" in user_data.groups assert "bar" in user_data.groups # group wheel added externally user_data = UserData() user_data.groups = ["foo", "bar", "wheel"] assert user_data.has_admin_priviledges() assert "wheel" in user_data.groups assert "foo" in user_data.groups assert "bar" in user_data.groups # now remove the wheel group via API user_data.set_admin_priviledges(False) assert not user_data.has_admin_priviledges() assert "wheel" not in user_data.groups assert "foo" in user_data.groups assert "bar" in user_data.groups
def has_admin_priviledges_test(self): """Test the has_admin_priviledges() method works correctly.""" user_data = UserData() user_data.groups = ["wheel"] self.assertTrue(user_data.has_admin_priviledges()) user_data = UserData() user_data.groups = ["foo"] self.assertFalse(user_data.has_admin_priviledges()) user_data = UserData() user_data.groups = ["foo", "wheel", "bar"] self.assertTrue(user_data.has_admin_priviledges()) # multiple wheels user_data = UserData() user_data.groups = ["foo", "wheel", "bar", "wheel", "baz"] self.assertTrue(user_data.has_admin_priviledges()) # group name is case sensitive user_data = UserData() user_data.groups = ["WHEEL", "Wheel"] self.assertFalse(user_data.has_admin_priviledges())
def test_get_user_list(self): """Test the shared get_user_list() method.""" user1 = UserData() user1.name = "user1" user1.uid = 123 user1.groups = ["foo", "bar"] user1.gid = 321 user1.homedir = "user1_home" user1.password = "******" user1.is_crypted = False user1.lock = False user1.shell = "zsh" user1.gecos = "some stuff" user2 = UserData() user2.name = "user2" user2.uid = 456 user2.groups = ["baz", "bar"] user2.gid = 654 user2.homedir = "user2_home" user2.password = "******" user2.is_crypted = True user2.lock = False user2.shell = "csh" user2.gecos = "some other stuff" users_module_mock = Mock() users_module_mock.Users = UserData.to_structure_list([user1, user2]) user_data_list = get_user_list(users_module_mock) assert len(user_data_list) == 2 assert isinstance(user_data_list[0], UserData) assert isinstance(user_data_list[1], UserData) assert compare_data(user_data_list[0], user1) assert compare_data(user_data_list[1], user2) user_data_list = get_user_list(users_module_mock, add_default=True) assert len(user_data_list) == 2 assert isinstance(user_data_list[0], UserData) assert isinstance(user_data_list[1], UserData) assert compare_data(user_data_list[0], user1) assert compare_data(user_data_list[1], user2) user_data_list = get_user_list(users_module_mock, add_default=True, add_if_not_empty=True) assert len(user_data_list) == 3 assert isinstance(user_data_list[0], UserData) assert isinstance(user_data_list[1], UserData) assert isinstance(user_data_list[2], UserData) assert compare_data(user_data_list[0], UserData()) assert compare_data(user_data_list[1], user1) assert compare_data(user_data_list[2], user2)
def set_admin_priviledges_test(self): """Test setting user admin privileges works correctly.""" user_data = UserData() self.assertFalse(user_data.has_admin_priviledges()) self.assertNotIn("wheel", user_data.groups) # turn it on user_data.set_admin_priviledges(True) self.assertTrue(user_data.has_admin_priviledges()) self.assertIn("wheel", user_data.groups) # turn it off user_data.set_admin_priviledges(False) self.assertFalse(user_data.has_admin_priviledges()) self.assertNotIn("wheel", user_data.groups) # existing groups - turn in on user_data = UserData() user_data.groups = ["foo", "bar"] user_data.set_admin_priviledges(True) self.assertTrue(user_data.has_admin_priviledges()) self.assertIn("wheel", user_data.groups) self.assertIn("foo", user_data.groups) self.assertIn("bar", user_data.groups) # existing groups - turn in off user_data.set_admin_priviledges(False) self.assertFalse(user_data.has_admin_priviledges()) self.assertNotIn("wheel", user_data.groups) self.assertIn("foo", user_data.groups) self.assertIn("bar", user_data.groups) # group wheel added externally user_data = UserData() user_data.groups = ["foo", "bar", "wheel"] self.assertTrue(user_data.has_admin_priviledges()) self.assertIn("wheel", user_data.groups) self.assertIn("foo", user_data.groups) self.assertIn("bar", user_data.groups) # now remove the wheel group via API user_data.set_admin_priviledges(False) self.assertFalse(user_data.has_admin_priviledges()) self.assertNotIn("wheel", user_data.groups) self.assertIn("foo", user_data.groups) self.assertIn("bar", user_data.groups)
def _ksdata_to_user_data(self, user_ksdata): """Apply kickstart user command data to UserData instance. :param user_ksdata: data for the kickstart user command :return: UserData instance with kickstart data applied """ user_data = UserData() user_data.name = user_ksdata.name user_data.groups = user_ksdata.groups # To denote that a value has not been set: # - kickstart uses None # - our DBus API uses -1 # -> as user data is -1 by default ve only set it if kickstart has something, # that is not None # We need to make sure we correctly convert between these two. if user_ksdata.uid is not None: user_data.uid = user_ksdata.uid if user_ksdata.gid is not None: user_data.gid = user_ksdata.gid user_data.homedir = user_ksdata.homedir user_data.password = user_ksdata.password user_data.is_crypted = user_ksdata.isCrypted user_data.lock = user_ksdata.lock # make sure the user account is locked by default unless a password # is set in kickstart if not user_ksdata.password: log.debug( "user (%s) specified in kickstart without password, locking account", user_ksdata.name) user_data.lock = True user_data.shell = user_ksdata.shell user_data.gecos = user_ksdata.gecos return user_data
def getter_setter_test(self): """Test getters and setters for the User UID and GID values.""" user_data = UserData() user_data.name = "user" # everything should be unset by default self.assertEqual(user_data.uid, 0) self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.get_uid(), None) self.assertEqual(user_data.gid, 0) self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.get_gid(), None) user_data.set_uid(123) user_data.set_gid(456) # now everything is set self.assertEqual(user_data.uid, 123) self.assertEqual(user_data.uid_mode, ID_MODE_USE_VALUE) self.assertEqual(user_data.get_uid(), 123) self.assertEqual(user_data.gid, 456) self.assertEqual(user_data.gid_mode, ID_MODE_USE_VALUE) self.assertEqual(user_data.get_gid(), 456) user_data.uid_mode = ID_MODE_USE_DEFAULT user_data.gid_mode = ID_MODE_USE_DEFAULT # mode should decide whether numbers are used, regardless of being stored self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.uid, 123) self.assertEqual(user_data.get_uid(), None) self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.gid, 456) self.assertEqual(user_data.get_gid(), None) user_data.set_uid(None) user_data.set_gid(None) # setting None resets everything self.assertEqual(user_data.uid, 0) self.assertEqual(user_data.uid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.get_uid(), None) self.assertEqual(user_data.gid, 0) self.assertEqual(user_data.gid_mode, ID_MODE_USE_DEFAULT) self.assertEqual(user_data.get_gid(), None)