def updateProxyStore(self, store): """ Move the XML file proxies over to the store database. """ directory = store.directoryService() txn = store.newTransaction(label="xmlDelegatesToStore") for item in self.items: guid, write_proxies, read_proxies = item delegatorRecord = yield directory.recordWithUID(guid) if delegatorRecord is None: continue for proxy in write_proxies: delegateRecord = yield directory.recordWithUID(proxy) if delegateRecord is None: continue yield Delegates.addDelegate(txn, delegatorRecord, delegateRecord, True) for proxy in read_proxies: delegateRecord = yield directory.recordWithUID(proxy) if delegateRecord is None: continue yield Delegates.addDelegate(txn, delegatorRecord, delegateRecord, False) yield txn.commit()
def test_proxyFor(self): """ Test that L{DirectoryPrincipalResource.proxyFor} returns the correct results. """ principal01 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user01"))) principal02 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user02"))) principal03 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user03"))) # Check proxy for proxies = yield principal01.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal01.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(True) self.assertEqual(proxies, set()) # Make user02 a read-only proxy for user01, and user03 a read-write proxy for user01 yield Delegates.addDelegate(self.transactionUnderTest(), principal01.record, principal02.record, False) yield Delegates.addDelegate(self.transactionUnderTest(), principal01.record, principal03.record, True) yield self.commit() # Check proxy for proxies = yield principal01.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal01.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(False) self.assertEqual(proxies, set((principal01,))) proxies = yield principal02.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(True) self.assertEqual(proxies, set((principal01,))) # Remove user02 as read-only proxy for user01, and user03 as read-write proxy for user01 yield Delegates.removeDelegate(self.transactionUnderTest(), principal01.record, principal02.record, False) yield Delegates.removeDelegate(self.transactionUnderTest(), principal01.record, principal03.record, True) yield self.commit() # Check proxy for proxies = yield principal01.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal01.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(True) self.assertEqual(proxies, set())
def test_hideDisabledProxies(self): """ Make sure users that are missing or not enabled for calendaring are removed from the proxyFor list. """ # Check proxies empty right now principal01 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user01"))) self.assertTrue(len((yield principal01.proxyFor(False))) == 0) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) principal02 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user02"))) self.assertTrue(len((yield principal02.proxyFor(False))) == 0) self.assertTrue(len((yield principal02.proxyFor(True))) == 0) principal03 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user03"))) self.assertTrue(len((yield principal03.proxyFor(False))) == 0) self.assertTrue(len((yield principal03.proxyFor(True))) == 0) # Make user01 a read-only proxy for user02 and user03 yield Delegates.addDelegate(self.transactionUnderTest(), principal02.record, principal01.record, False) yield Delegates.addDelegate(self.transactionUnderTest(), principal03.record, principal01.record, False) yield self.commit() self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now disable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, False) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now enable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, True) self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now remove user02 yield self.directory.removeRecords((principal02.record.uid,)) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Remove user01 as read-only proxy for user02 and user03 yield Delegates.removeDelegate(self.transactionUnderTest(), principal02.record, principal01.record, False) yield Delegates.removeDelegate(self.transactionUnderTest(), principal03.record, principal01.record, False) yield self.commit() self.assertTrue(len((yield principal01.proxyFor(False))) == 0) self.assertTrue(len((yield principal01.proxyFor(True))) == 0)
def test_noDuplication(self): """ Make sure addDelegate( ) is idempotent """ delegator = yield self.directory.recordWithUID(u"__wsanchez1__") # Delegate users: delegate1 = yield self.directory.recordWithUID(u"__sagen1__") txn = self.store.newTransaction(label="test_noDuplication") yield Delegates.addDelegate(txn, delegator, delegate1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") yield Delegates.addDelegate(txn, delegator, delegate1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") results = yield DelegateRecord.query( txn, (DelegateRecord.delegator == delegator.uid.encode("utf-8")).And( DelegateRecord.readWrite == 1 ) ) yield txn.commit() self.assertEquals(["__sagen1__", ], [record.delegate for record in results]) # Delegate groups: group1 = yield self.directory.recordWithUID(u"__top_group_1__") txn = self.store.newTransaction(label="test_noDuplication") yield Delegates.addDelegate(txn, delegator, group1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") yield Delegates.addDelegate(txn, delegator, group1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") results = yield DelegateGroupsRecord.delegateGroups( txn, delegator.uid, True, ) yield txn.commit() self.assertEquals(["__top_group_1__", ], [record.groupUID for record in results])
def _addProxy(self, command, proxyType): record = yield recordForPrincipalID(self.dir, command['Principal']) if record is None: self.respondWithError("Principal not found: %s" % (command['Principal'],)) returnValue(None) proxyRecord = yield recordForPrincipalID(self.dir, command['Proxy']) if proxyRecord is None: self.respondWithError("Proxy not found: %s" % (command['Proxy'],)) returnValue(None) txn = self.store.newTransaction() yield Delegates.addDelegate(txn, record, proxyRecord, (proxyType == "write")) yield txn.commit() yield self.respondWithProxies(command, record, proxyType)
def test_directDelegation(self): txn = self.store.newTransaction(label="test_directDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add 1 delegate yield Delegates.addDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals([u"__sagen1__"], [d.uid for d in delegates]) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) yield txn.commit() # So delegateService will see the changes txn = self.store.newTransaction(label="test_directDelegation") # The "proxy-write" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-write") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__sagen1__"] ) # The "proxy-read" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-read") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # The "proxy-write-for" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-write-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__wsanchez1__"] ) # The "proxy-read-for" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-read-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # Add another delegate yield Delegates.addDelegate(txn, delegator, delegate2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) delegators = (yield Delegates.delegatedTo(txn, delegate2, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Remove 1 delegate yield Delegates.removeDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals([u"__cdaboo1__"], [d.uid for d in delegates]) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals(0, len(delegators)) # Remove the other delegate yield Delegates.removeDelegate(txn, delegator, delegate2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals(0, len(delegates)) delegators = (yield Delegates.delegatedTo(txn, delegate2, True)) self.assertEquals(0, len(delegators)) yield txn.commit() # So delegateService will see the changes # Now set delegate assignments by using pseudoGroup.setMembers() pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) yield pseudoGroup.setMembers([delegate1, delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit() # Set a different group of assignments: yield pseudoGroup.setMembers([delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit()
def test_addRemoveDelegation(self): delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add delegate yield Delegates.addDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Notifications self.assertEqual(set(Delegates.cacheNotifier.history), set((u"/principals/__uids__/__wsanchez1__/", u"/principals/__uids__/__sagen1__/",))) # @UndefinedVariable Delegates.cacheNotifier.clear() # @UndefinedVariable # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [delegate1], None, None) yield self._memcacherAllMemberResults(delegate1, None, None, None, None) yield self._memcacherAllMemberResults(delegate2, None, None, None, None) yield self._memcacherAllMembershipResults(delegator, None, None) yield self._memcacherAllMembershipResults(delegate1, None, None) yield self._memcacherAllMembershipResults(delegate2, None, None) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [delegate1], [delegate1], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [delegator], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [delegate1], [delegate1], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [delegator], []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Remove delegate yield Delegates.removeDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Notifications self.assertEqual(set(Delegates.cacheNotifier.history), set((u"/principals/__uids__/__wsanchez1__/", u"/principals/__uids__/__sagen1__/",))) # @UndefinedVariable Delegates.cacheNotifier.clear() # @UndefinedVariable # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, None, []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [], [], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [], [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [], []) yield self._memcacherAllMembershipResults(delegate2, [], [])
def test_indirectDelegation(self): txn = self.store.newTransaction(label="test_indirectDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") group1 = yield self.directory.recordWithUID(u"__top_group_1__") group2 = yield self.directory.recordWithUID(u"__sub_group_1__") # Add group delegate yield Delegates.addDelegate(txn, delegator, group1, True) # Passing expanded=False will return the group delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=False)) self.assertEquals(1, len(delegates)) self.assertEquals(delegates[0].uid, u"__top_group_1__") # Passing expanded=True will return not the group -- it only returns # non-groups delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Verify we can ask for all delegated-to groups yield Delegates.addDelegate(txn, delegator, group2, True) groups = (yield txn.allGroupDelegates()) self.assertEquals( set([u'__sub_group_1__', u'__top_group_1__']), set(groups) ) # Delegate to a user who is already indirectly delegated-to yield Delegates.addDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) # Add a member to the group; they become a delegate newSet = set() for name in (u"wsanchez1", u"cdaboo1", u"sagen1", u"glyph1", u"dre1"): record = ( yield self.directory.recordWithShortName(RecordType.user, name) ) newSet.add(record.uid) group = yield txn.groupByUID(group1.uid) _ignore_added, _ignore_removed = ( yield self.groupCacher.synchronizeMembers(txn, group.groupID, newSet) ) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__", u"__dre1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the top group yield Delegates.removeDelegate(txn, delegator, group1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the sub group yield Delegates.removeDelegate(txn, delegator, group2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__"]), set([d.uid for d in delegates]) ) yield txn.commit()
def test_addRemoveDelegation(self): delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add delegate yield Delegates.addDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [delegate1], None, None) yield self._memcacherAllMemberResults(delegate1, None, None, None, None) yield self._memcacherAllMemberResults(delegate2, None, None, None, None) yield self._memcacherAllMembershipResults(delegator, None, None) yield self._memcacherAllMembershipResults(delegate1, None, None) yield self._memcacherAllMembershipResults(delegate2, None, None) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [delegate1], [delegate1], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [delegator], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [delegate1], [delegate1], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [delegator], []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Remove delegate yield Delegates.removeDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, None, []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [], [], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [], [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [], []) yield self._memcacherAllMembershipResults(delegate2, [], [])
def test_indirectDelegation(self): txn = self.store.newTransaction(label="test_indirectDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") group1 = yield self.directory.recordWithUID(u"__top_group_1__") group2 = yield self.directory.recordWithUID(u"__sub_group_1__") # Add group delegate yield Delegates.addDelegate(txn, delegator, group1, True) # Passing expanded=False will return the group delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=False)) self.assertEquals(1, len(delegates)) self.assertEquals(delegates[0].uid, u"__top_group_1__") # Passing expanded=True will return not the group -- it only returns # non-groups delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Verify we can ask for all delegated-to groups yield Delegates.addDelegate(txn, delegator, group2, True) groups = (yield txn.allGroupDelegates()) self.assertEquals( set([u'__sub_group_1__', u'__top_group_1__']), set(groups) ) # Delegate to a user who is already indirectly delegated-to yield Delegates.addDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) # Add a member to the group; they become a delegate newSet = set() for name in (u"wsanchez1", u"cdaboo1", u"sagen1", u"glyph1", u"dre1"): record = ( yield self.directory.recordWithShortName(RecordType.user, name) ) newSet.add(record.uid) group = yield txn.groupByUID(group1.uid) _ignore_added, _ignore_removed = ( yield self.groupCacher.synchronizeMembers(txn, group.groupID, newSet) ) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__", u"__dre1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the top group yield Delegates.removeDelegate(txn, delegator, group1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the sub group yield Delegates.removeDelegate(txn, delegator, group2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__"]), set([d.uid for d in delegates]) ) yield txn.commit()
def test_proxyMode(self): """ Test that L{DirectoryPrincipalResource.proxyMode} returns the correct results. """ principal01 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user01"))) principal02 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user02"))) principal03 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user03"))) # Check proxy mode mode = yield principal02.proxyMode(principal01) self.assertEqual(mode, "none") mode = yield principal01.proxyMode(principal02) self.assertEqual(mode, "none") mode = yield principal03.proxyMode(principal01) self.assertEqual(mode, "none") mode = yield principal01.proxyMode(principal03) self.assertEqual(mode, "none") # Make user02 a read-only proxy for user01, and user03 a read-write proxy for user01 yield Delegates.addDelegate(self.transactionUnderTest(), principal01.record, principal02.record, False) yield Delegates.addDelegate(self.transactionUnderTest(), principal01.record, principal03.record, True) yield self.commit() # Check proxy mode mode = yield principal02.proxyMode(principal01) self.assertEqual(mode, "read") mode = yield principal01.proxyMode(principal02) self.assertEqual(mode, "none") mode = yield principal03.proxyMode(principal01) self.assertEqual(mode, "write") mode = yield principal01.proxyMode(principal03) self.assertEqual(mode, "none") # Remove user02 as read-only proxy for user01, and user03 as read-write proxy for user01 yield Delegates.removeDelegate(self.transactionUnderTest(), principal01.record, principal02.record, False) yield Delegates.removeDelegate(self.transactionUnderTest(), principal01.record, principal03.record, True) yield self.commit() # Check proxy for proxies = yield principal01.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal01.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal02.proxyFor(True) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(False) self.assertEqual(proxies, set()) proxies = yield principal03.proxyFor(True) self.assertEqual(proxies, set())
def test_hideDisabledProxies(self): """ Make sure users that are missing or not enabled for calendaring are removed from the proxyFor list. """ # Check proxies empty right now principal01 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user01"))) self.assertTrue(len((yield principal01.proxyFor(False))) == 0) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) principal02 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user02"))) self.assertTrue(len((yield principal02.proxyFor(False))) == 0) self.assertTrue(len((yield principal02.proxyFor(True))) == 0) principal03 = yield self.principalRootResource.principalForUID( (yield self.userUIDFromShortName("user03"))) self.assertTrue(len((yield principal03.proxyFor(False))) == 0) self.assertTrue(len((yield principal03.proxyFor(True))) == 0) # Make user01 a read-only proxy for user02 and user03 yield Delegates.addDelegate(self.transactionUnderTest(), principal02.record, principal01.record, False) yield Delegates.addDelegate(self.transactionUnderTest(), principal03.record, principal01.record, False) yield self.commit() self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now disable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, False) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now enable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, True) self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now remove user02 yield self.directory.removeRecords((principal02.record.uid, )) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Remove user01 as read-only proxy for user02 and user03 yield Delegates.removeDelegate(self.transactionUnderTest(), principal02.record, principal01.record, False) yield Delegates.removeDelegate(self.transactionUnderTest(), principal03.record, principal01.record, False) yield self.commit() self.assertTrue(len((yield principal01.proxyFor(False))) == 0) self.assertTrue(len((yield principal01.proxyFor(True))) == 0)
def copyAssignments(assignments, pod, directory, store): """ Go through the list of assignments from the old db, and selectively copy them into the new store. @param assignments: the assignments from the old db @type assignments: a list of (delegator group, delegate) tuples @param pod: the name of the pod you want to migrate assignments for; assignments for delegators who don't reside on this pod will be ignored. Set this to None to copy all assignments. @param directory: the directory service @param store: the store """ delegatorsMissingPodInfo = set() numCopied = 0 numOtherPod = 0 numDirectoryBased = 0 numExamined = 0 # If locations and resources' delegate assignments come from the directory, # then we're only interested in copying assignments where the delegator is a # user. if config.GroupCaching.Enabled and config.GroupCaching.UseDirectoryBasedDelegates: delegatorRecordTypes = (RecordType.user, ) else: delegatorRecordTypes = None # When faulting in delegates, only worry about users and groups. delegateRecordTypes = (RecordType.user, RecordType.group) total = len(assignments) for groupname, delegateUID in assignments: numExamined += 1 if numExamined % 100 == 0: print("Processed: {} of {}...".format(numExamined, total)) if "#" in groupname: delegatorUID, permission = groupname.split("#") try: delegatorRecords = yield directory.recordsFromExpression( MatchExpression(FieldName.uid, delegatorUID, matchType=MatchType.equals), recordTypes=delegatorRecordTypes) delegatorRecord = uniqueResult(delegatorRecords) except Exception, e: print("Failed to look up record for {}: {}".format( delegatorUID, str(e))) continue if delegatorRecord is None: continue if config.GroupCaching.Enabled and config.GroupCaching.UseDirectoryBasedDelegates: if delegatorRecord.recordType != RecordType.user: print("Skipping non-user") numDirectoryBased += 1 continue if pod: try: if delegatorRecord.serviceNodeUID != pod: numOtherPod += 1 continue except AttributeError: print("Record missing serviceNodeUID", delegatorRecord.fullNames) delegatorsMissingPodInfo.add(delegatorUID) continue try: delegateRecords = yield directory.recordsFromExpression( MatchExpression(FieldName.uid, delegateUID, matchType=MatchType.equals), recordTypes=delegateRecordTypes) delegateRecord = uniqueResult(delegateRecords) except Exception, e: print("Failed to look up record for {}: {}".format( delegateUID, str(e))) continue if delegateRecord is None: continue txn = store.newTransaction(label="DelegatesMigrationService") yield Delegates.addDelegate(txn, delegatorRecord, delegateRecord, (permission == "calendar-proxy-write")) numCopied += 1 yield txn.commit()
def test_directDelegation(self): txn = self.store.newTransaction(label="test_directDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add 1 delegate yield Delegates.addDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals([u"__sagen1__"], [d.uid for d in delegates]) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) yield txn.commit() # So delegateService will see the changes txn = self.store.newTransaction(label="test_directDelegation") # The "proxy-write" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-write") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__sagen1__"] ) # The "proxy-read" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-read") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # The "proxy-write-for" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-write-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__wsanchez1__"] ) # The "proxy-read-for" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-read-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # Add another delegate yield Delegates.addDelegate(txn, delegator, delegate2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) delegators = (yield Delegates.delegatedTo(txn, delegate2, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Remove 1 delegate yield Delegates.removeDelegate(txn, delegator, delegate1, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals([u"__cdaboo1__"], [d.uid for d in delegates]) delegators = (yield Delegates.delegatedTo(txn, delegate1, True)) self.assertEquals(0, len(delegators)) # Remove the other delegate yield Delegates.removeDelegate(txn, delegator, delegate2, True) delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals(0, len(delegates)) delegators = (yield Delegates.delegatedTo(txn, delegate2, True)) self.assertEquals(0, len(delegators)) yield txn.commit() # So delegateService will see the changes # Now set delegate assignments by using pseudoGroup.setMembers() pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) yield pseudoGroup.setMembers([delegate1, delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit() # Set a different group of assignments: yield pseudoGroup.setMembers([delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield Delegates.delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit()
def test_addRemoveDelegation(self): delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add delegate yield Delegates.addDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [delegate1], None, None) yield self._memcacherAllMemberResults(delegate1, None, None, None, None) yield self._memcacherAllMemberResults(delegate2, None, None, None, None) yield self._memcacherAllMembershipResults(delegator, None, None) yield self._memcacherAllMembershipResults(delegate1, None, None) yield self._memcacherAllMembershipResults(delegate2, None, None) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [delegate1], [delegate1], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [delegator], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [delegate1], [delegate1], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [delegator], []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Remove delegate yield Delegates.removeDelegate(self.transactionUnderTest(), delegator, delegate1, True) yield self.commit() # Some cache entries invalid yield self._memcacherAllMemberResults(delegator, None, [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, None, []) yield self._memcacherAllMembershipResults(delegate2, [], []) # Read the delegate information twice - first time should be without cache, second with for _ignore in range(2): yield self._delegatesOfAllResults( delegator, [], [], [], [], ) yield self._delegatesOfAllResults( delegate1, [], [], [], [], ) yield self._delegatesOfAllResults( delegate2, [], [], [], [], ) yield self._delegatedToAllResults( delegator, [], [], ) yield self._delegatedToAllResults( delegate1, [], [], ) yield self._delegatedToAllResults( delegate2, [], [], ) # Check cache yield self._memcacherAllMemberResults(delegator, [], [], [], []) yield self._memcacherAllMemberResults(delegate1, [], [], [], []) yield self._memcacherAllMemberResults(delegate2, [], [], [], []) yield self._memcacherAllMembershipResults(delegator, [], []) yield self._memcacherAllMembershipResults(delegate1, [], []) yield self._memcacherAllMembershipResults(delegate2, [], [])
def initialState(self): """ Setup the server with an initial set of data user01 - migrating user user02 - has a calendar shared with user01 user03 - shared to by user01 puser01 - user on other pod puser02 - has a calendar shared with user01 puser03 - shared to by user01 """ # Data for user01 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(0), name="user01", create=True) self.stash["user01_pod0_home_id"] = home.id() calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("01_1.ics", Component.fromString(self.data01_1)) yield calendar.createCalendarObjectWithName("01_2.ics", Component.fromString(self.data01_2)) obj3 = yield calendar.createCalendarObjectWithName("01_3.ics", Component.fromString(self.data01_3)) attachment, _ignore_location = yield obj3.addAttachment(None, MimeType.fromString("text/plain"), "test.txt", MemoryStream("Here is some text #1.")) self.stash["user01_attachment_id"] = attachment.id() self.stash["user01_attachment_md5"] = attachment.md5() self.stash["user01_attachment_mid"] = attachment.managedID() yield self.commitTransaction(0) # Data for user02 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(0), name="user02", create=True) calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("02_1.ics", Component.fromString(self.data02_1)) yield calendar.createCalendarObjectWithName("02_2.ics", Component.fromString(self.data02_2)) yield calendar.createCalendarObjectWithName("02_3.ics", Component.fromString(self.data02_3)) yield self.commitTransaction(0) # Data for puser02 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(1), name="puser02", create=True) calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("p02_1.ics", Component.fromString(self.datap02_1)) yield calendar.createCalendarObjectWithName("p02_2.ics", Component.fromString(self.datap02_2)) yield calendar.createCalendarObjectWithName("p02_3.ics", Component.fromString(self.datap02_3)) yield self.commitTransaction(1) # Share calendars self.stash["sharename_user01_to_user03"] = yield self._createShare("user01", "user03") self.stash["sharename_user01_to_puser03"] = yield self._createShare("user01", "puser03") self.stash["sharename_user02_to_user01"] = yield self._createShare("user02", "user01") self.stash["sharename_puser02_to_user01"] = yield self._createShare("puser02", "user01") # Add some delegates txn = self.theTransactionUnderTest(0) record01 = yield txn.directoryService().recordWithUID(u"user01") record02 = yield txn.directoryService().recordWithUID(u"user02") record03 = yield txn.directoryService().recordWithUID(u"user03") precord01 = yield txn.directoryService().recordWithUID(u"puser01") group02 = yield txn.directoryService().recordWithUID(u"group02") group03 = yield txn.directoryService().recordWithUID(u"group03") # Add user02 and user03 as individual delegates yield Delegates.addDelegate(txn, record01, record02, True) yield Delegates.addDelegate(txn, record01, record03, False) yield Delegates.addDelegate(txn, record01, precord01, False) # Add group delegates yield Delegates.addDelegate(txn, record01, group02, True) yield Delegates.addDelegate(txn, record01, group03, False) # Add external delegates yield txn.assignExternalDelegates(u"user02", None, None, u"external1", u"external2") yield self.commitTransaction(0) yield self.waitAllEmpty()
def initialState(self): """ Setup the server with an initial set of data user01 - migrating user user02 - has a calendar shared with user01 user03 - shared to by user01 puser01 - user on other pod puser02 - has a calendar shared with user01 puser03 - shared to by user01 """ # Data for user01 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(0), name="user01", create=True) self.stash["user01_pod0_home_id"] = home.id() calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("01_1.ics", Component.fromString(self.data01_1)) yield calendar.createCalendarObjectWithName("01_2.ics", Component.fromString(self.data01_2)) obj3 = yield calendar.createCalendarObjectWithName("01_3.ics", Component.fromString(self.data01_3)) attachment, _ignore_location = yield obj3.addAttachment(None, MimeType.fromString("text/plain"), "test.txt", MemoryStream("Here is some text #1.")) self.stash["user01_attachment_id"] = attachment.id() self.stash["user01_attachment_md5"] = attachment.md5() self.stash["user01_attachment_mid"] = attachment.managedID() yield self.commitTransaction(0) # Data for user02 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(0), name="user02", create=True) calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("02_1.ics", Component.fromString(self.data02_1)) yield calendar.createCalendarObjectWithName("02_2.ics", Component.fromString(self.data02_2)) yield calendar.createCalendarObjectWithName("02_3.ics", Component.fromString(self.data02_3)) yield self.commitTransaction(0) # Data for puser02 home = yield self.homeUnderTest(txn=self.theTransactionUnderTest(1), name="puser02", create=True) calendar = yield home.childWithName("calendar") yield calendar.createCalendarObjectWithName("p02_1.ics", Component.fromString(self.datap02_1)) yield calendar.createCalendarObjectWithName("p02_2.ics", Component.fromString(self.datap02_2)) yield calendar.createCalendarObjectWithName("p02_3.ics", Component.fromString(self.datap02_3)) yield self.commitTransaction(1) # Share calendars self.stash["sharename_user01_to_user03"] = yield self._createShare("user01", "user03") self.stash["sharename_user01_to_puser03"] = yield self._createShare("user01", "puser03") self.stash["sharename_user02_to_user01"] = yield self._createShare("user02", "user01") self.stash["sharename_puser02_to_user01"] = yield self._createShare("puser02", "user01") # Add some delegates txn = self.theTransactionUnderTest(0) record01 = yield txn.directoryService().recordWithUID(u"user01") record02 = yield txn.directoryService().recordWithUID(u"user02") record03 = yield txn.directoryService().recordWithUID(u"user03") precord01 = yield txn.directoryService().recordWithUID(u"puser01") group02 = yield txn.directoryService().recordWithUID(u"group02") group03 = yield txn.directoryService().recordWithUID(u"group03") # Add user02 and user03 as individual delegates yield Delegates.addDelegate(txn, record01, record02, True) yield Delegates.addDelegate(txn, record01, record03, False) yield Delegates.addDelegate(txn, record01, precord01, False) # Add group delegates yield Delegates.addDelegate(txn, record01, group02, True) yield Delegates.addDelegate(txn, record01, group03, False) # Add external delegates yield txn.assignExternalDelegates(u"user01", None, None, u"external1", u"external2") yield self.commitTransaction(0) yield self.waitAllEmpty()
def copyAssignments(assignments, pod, directory, store): """ Go through the list of assignments from the old db, and selectively copy them into the new store. @param assignments: the assignments from the old db @type assignments: a list of (delegator group, delegate) tuples @param pod: the name of the pod you want to migrate assignments for; assignments for delegators who don't reside on this pod will be ignored. Set this to None to copy all assignments. @param directory: the directory service @param store: the store """ delegatorsMissingPodInfo = set() numCopied = 0 numOtherPod = 0 numDirectoryBased = 0 numExamined = 0 # If locations and resources' delegate assignments come from the directory, # then we're only interested in copying assignments where the delegator is a # user. if config.GroupCaching.Enabled and config.GroupCaching.UseDirectoryBasedDelegates: delegatorRecordTypes = (RecordType.user,) else: delegatorRecordTypes = None # When faulting in delegates, only worry about users and groups. delegateRecordTypes = (RecordType.user, RecordType.group) total = len(assignments) for groupname, delegateUID in assignments: numExamined += 1 if numExamined % 100 == 0: print("Processed: {} of {}...".format(numExamined, total)) if "#" in groupname: delegatorUID, permission = groupname.split("#") try: delegatorRecords = yield directory.recordsFromExpression( MatchExpression(FieldName.uid, delegatorUID, matchType=MatchType.equals), recordTypes=delegatorRecordTypes ) delegatorRecord = uniqueResult(delegatorRecords) except Exception, e: print("Failed to look up record for {}: {}".format(delegatorUID, str(e))) continue if delegatorRecord is None: continue if config.GroupCaching.Enabled and config.GroupCaching.UseDirectoryBasedDelegates: if delegatorRecord.recordType != RecordType.user: print("Skipping non-user") numDirectoryBased += 1 continue if pod: try: if delegatorRecord.serviceNodeUID != pod: numOtherPod += 1 continue except AttributeError: print("Record missing serviceNodeUID", delegatorRecord.fullNames) delegatorsMissingPodInfo.add(delegatorUID) continue try: delegateRecords = yield directory.recordsFromExpression( MatchExpression(FieldName.uid, delegateUID, matchType=MatchType.equals), recordTypes=delegateRecordTypes ) delegateRecord = uniqueResult(delegateRecords) except Exception, e: print("Failed to look up record for {}: {}".format(delegateUID, str(e))) continue if delegateRecord is None: continue txn = store.newTransaction(label="DelegatesMigrationService") yield Delegates.addDelegate( txn, delegatorRecord, delegateRecord, (permission == "calendar-proxy-write") ) numCopied += 1 yield txn.commit()