def test_managed_global_internal(monkeypatch): # this test uses the internal mechanics of the user endpoint monkeypatch.setattr( "cmk.gui.watolib.global_settings.rulebased_notifications_enabled", lambda: True) edit_users({ "user": { "attributes": { "ui_theme": None, "ui_sidebar_position": None, "nav_hide_icons_title": None, "icons_per_item": None, "show_mode": None, "start_url": None, "force_authuser": False, "enforce_pw_change": False, "alias": "User Name", "locked": False, "pager": "", "roles": [], "contactgroups": [], "customer": None, # None represents global internally "email": "", "fallback_contact": False, "disable_notifications": {}, }, "is_new_user": True, } }) user_internal = _load_user("user") user_endpoint_attrs = complement_customer( _internal_to_api_format(user_internal)) assert user_endpoint_attrs["customer"] == "global"
def test_managed_idle_internal(wsgi_app, with_automation_user, monkeypatch): # this test uses the internal mechanics of the user endpoint monkeypatch.setattr( "cmk.gui.watolib.global_settings.rulebased_notifications_enabled", lambda: True) username, secret = with_automation_user wsgi_app.set_authorization(('Bearer', username + " " + secret)) edit_users({ 'user': { 'attributes': { 'ui_theme': None, 'ui_sidebar_position': None, 'nav_hide_icons_title': None, 'icons_per_item': None, 'show_mode': None, 'start_url': None, 'force_authuser': False, 'enforce_pw_change': False, 'alias': 'User Name', 'locked': False, 'pager': '', 'roles': [], 'contactgroups': [], 'customer': None, # None represents global internally 'email': '', 'fallback_contact': False, 'disable_notifications': {} }, 'is_new_user': True } }) user_internal = _load_user("user") user_endpoint_attrs = complement_customer( _internal_to_api_format(user_internal)) assert "idle_timeout" not in _load_user(username) assert user_endpoint_attrs["idle_timeout"] == {"option": "global"}
def test_openapi_user_internal_auth_handling(monkeypatch, run_as_superuser): monkeypatch.setattr( "cmk.gui.watolib.global_settings.rulebased_notifications_enabled", lambda: True) monkeypatch.setattr( "cmk.gui.plugins.userdb.htpasswd.hash_password", lambda x: "$5$rounds=535000$eUtToQgKz6n7Qyqk$hh5tq.snoP4J95gVoswOep4LbUxycNG1QF1HI7B4d8C", ) name = UserId("foo") user_data = { name: { "attributes": { "ui_theme": None, "ui_sidebar_position": None, "nav_hide_icons_title": None, "icons_per_item": None, "show_mode": None, "start_url": None, "force_authuser": False, "enforce_pw_change": True, "alias": "Foo Bar", "locked": False, "pager": "", "roles": ["user"], "contactgroups": [], "email": "", "fallback_contact": False, "password": "******", "last_pw_change": 1265011200, "serial": 1, "disable_notifications": {}, }, "is_new_user": True, } } with run_as_superuser(): edit_users(user_data) assert _load_internal_attributes(name) == { "alias": "Foo Bar", "customer": "provider", "email": "", "pager": "", "contactgroups": [], "fallback_contact": False, "disable_notifications": {}, "user_scheme_serial": 0, "locked": False, "roles": ["user"], "password": "******", "serial": 1, "last_pw_change": 1265011200, "enforce_pw_change": True, "num_failed_logins": 0, } with freeze_time("2010-02-01 08:30:00"): updated_internal_attributes = _api_to_internal_format( _load_user(name), { "auth_option": { "secret": "QWXWBFUCSUOXNCPJUMS@", "auth_type": "automation" } }, ) with run_as_superuser(): edit_users({ name: { "attributes": updated_internal_attributes, "is_new_user": False, } }) assert _load_internal_attributes(name) == { "alias": "Foo Bar", "customer": "provider", "email": "", "pager": "", "contactgroups": [], "fallback_contact": False, "disable_notifications": {}, "user_scheme_serial": 0, "locked": False, "roles": ["user"], "automation_secret": "QWXWBFUCSUOXNCPJUMS@", "password": "******", "serial": 1, # this is 2 internally but the function is not invoked here "last_pw_change": 1265011200, "enforce_pw_change": True, "num_failed_logins": 0, } with freeze_time("2010-02-01 09:00:00"): updated_internal_attributes = _api_to_internal_format( _load_user(name), {"auth_option": { "auth_type": "remove" }}) with run_as_superuser(): edit_users({ name: { "attributes": updated_internal_attributes, "is_new_user": False, } }) assert _load_internal_attributes(name) == { "alias": "Foo Bar", "customer": "provider", "email": "", "pager": "", "contactgroups": [], "fallback_contact": False, "disable_notifications": {}, "user_scheme_serial": 0, "locked": False, "roles": ["user"], "serial": 1, "last_pw_change": 1265011200, # no change in time from previous edit "enforce_pw_change": True, "num_failed_logins": 0, }
def _load_internal_attributes(username): return complement_customer(_internal_attributes(_load_user(username)))
def test_openapi_user_internal_auth_handling(wsgi_app, with_automation_user, monkeypatch): monkeypatch.setattr( "cmk.gui.watolib.global_settings.rulebased_notifications_enabled", lambda: True) monkeypatch.setattr( "cmk.gui.plugins.userdb.htpasswd.hash_password", lambda x: '$5$rounds=535000$eUtToQgKz6n7Qyqk$hh5tq.snoP4J95gVoswOep4LbUxycNG1QF1HI7B4d8C' ) username, secret = with_automation_user wsgi_app.set_authorization(('Bearer', username + " " + secret)) name = "foo" edit_users({ name: { "attributes": { 'ui_theme': None, 'ui_sidebar_position': None, 'nav_hide_icons_title': None, 'icons_per_item': None, 'show_mode': None, 'start_url': None, 'force_authuser': False, 'enforce_pw_change': True, 'alias': 'Foo Bar', 'locked': False, 'pager': '', 'roles': ['user'], 'contactgroups': [], 'email': '', 'fallback_contact': False, 'password': '******', 'last_pw_change': 1265011200, 'serial': 1, 'disable_notifications': {} }, "is_new_user": True } }) assert _load_internal_attributes(name) == { 'alias': 'Foo Bar', 'customer': 'provider', 'email': '', 'pager': '', 'contactgroups': [], 'fallback_contact': False, 'disable_notifications': {}, 'user_scheme_serial': 0, 'locked': False, 'roles': ['user'], 'password': '******', 'serial': 1, 'last_pw_change': 1265011200, 'enforce_pw_change': True, } with freeze_time("2010-02-01 08:30:00"): updated_internal_attributes = _api_to_internal_format( _load_user(name), { 'auth_option': { 'secret': 'QWXWBFUCSUOXNCPJUMS@', 'auth_type': 'automation' } }) edit_users({ name: { "attributes": updated_internal_attributes, "is_new_user": False, } }) assert _load_internal_attributes(name) == { 'alias': 'Foo Bar', 'customer': 'provider', 'email': '', 'pager': '', 'contactgroups': [], 'fallback_contact': False, 'disable_notifications': {}, 'user_scheme_serial': 0, 'locked': False, 'roles': ['user'], 'automation_secret': 'QWXWBFUCSUOXNCPJUMS@', 'password': '******', 'serial': 1, # this is 2 internally but the function is not invoked here 'last_pw_change': 1265011200, 'enforce_pw_change': True } with freeze_time("2010-02-01 09:00:00"): updated_internal_attributes = _api_to_internal_format( _load_user(name), {'auth_option': { 'auth_type': 'remove' }}) edit_users({ name: { "attributes": updated_internal_attributes, "is_new_user": False, } }) assert _load_internal_attributes(name) == { 'alias': 'Foo Bar', 'customer': 'provider', 'email': '', 'pager': '', 'contactgroups': [], 'fallback_contact': False, 'disable_notifications': {}, 'user_scheme_serial': 0, 'locked': False, 'roles': ['user'], 'serial': 1, 'last_pw_change': 1265011200, # no change in time from previous edit 'enforce_pw_change': True }