def setUp(self): """ Sets up Cobbler API connection and logs in """ self.url_api = utils.local_get_cobbler_api_url() self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url() self.remote = xmlrpclib.Server(self.url_api) self.shared_secret = utils.get_shared_secret() self.token = self.remote.login("", self.shared_secret) if not self.token: self.server.stop() sys.exit(1) # Create temp dir self.topdir = "/tmp/cobbler_test" try: os.makedirs(self.topdir) except: pass self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD) self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2) self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3) self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL) self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2) self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3) create = [self.fk_initrd, self.fk_initrd2, self.fk_initrd3, self.fk_kernel, self.fk_kernel2, self.fk_kernel3] for fn in create: f = open(fn, "w+") f.close()
def check_auth(request): """ A method to enable authentication by authn_passthru. Checks the proper headers and ensures that the environment is setup. """ global remote global token global username global url_cobbler_api if url_cobbler_api is None: url_cobbler_api = utils.local_get_cobbler_api_url() remote = xmlrpclib.Server(url_cobbler_api, allow_none=True) if token is not None: try: token_user = remote.get_user_from_token(token) except: token_user = None else: token_user = None if request.META.has_key('REMOTE_USER'): if token_user == request.META['REMOTE_USER']: return username = request.META['REMOTE_USER'] #REMOTE_USER is set, so no credentials are going to be available #So we get the shared secret and let authn_passthru authenticate us password = utils.get_shared_secret() # Load server ip and port from local config token = remote.login(username, password) remote.update(token)
def __init__(self): # FIXME: should load server ip and ports from local config # FIXME: allow specifying other endpoints, and user+pass self.url_cobbler_xmlrpc = "http://127.0.0.1:25151/cobbler_api" self.parser = optparse.OptionParser() self.remote = xmlrpclib.Server(self.url_cobbler_xmlrpc) self.shared_secret = utils.get_shared_secret()
def setup_profile(try_connect, create_kernel_initrd, fk_kernel, fk_initrd): cobbler_api = try_connect("http://localhost/cobbler_api") shared_secret = get_shared_secret() token = cobbler_api.login("", shared_secret) folder = create_kernel_initrd(fk_kernel, fk_initrd) kernel_path = os.path.join(folder, fk_kernel) initrd_path = os.path.join(folder, fk_kernel) # Create a test Distro distro = cobbler_api.new_distro(token) cobbler_api.modify_distro(distro, "name", "security_test_distro", token) cobbler_api.modify_distro(distro, "arch", "x86_64", token) cobbler_api.modify_distro(distro, "kernel", str(kernel_path), token) cobbler_api.modify_distro(distro, "initrd", str(initrd_path), token) cobbler_api.save_distro(distro, token) # Create a test Profile profile = cobbler_api.new_profile(token) cobbler_api.modify_profile(profile, "name", "security_test_profile", token) cobbler_api.modify_profile(profile, "distro", "security_test_distro", token) cobbler_api.save_profile(profile, token) yield cobbler_api.remove_profile("security_test_profile", token) cobbler_api.remove_distro("security_test_distro", token)
def test_get_shared_secret(): # Arrange # TODO: Test the case where the file is there. # Act result = utils.get_shared_secret() # Assert assert result == -1
def __init__(self): # Load server ip and ports from local config self.url_cobbler_api = utils.local_get_cobbler_api_url() self.url_cobbler_xmlrpc = utils.local_get_cobbler_xmlrpc_url() # FIXME: allow specifying other endpoints, and user+pass self.parser = optparse.OptionParser() self.remote = xmlrpc.client.Server(self.url_cobbler_api) self.shared_secret = utils.get_shared_secret()
def authenticate(api_handle, username, password) -> bool: """ Validate a username/password combo. Uses cobbler_auth_helper :param api_handle: This parameter is not used currently. :param username: This parameter is not used currently. :param password: This should be the internal Cobbler secret. :return: True if the password is the secret, otherwise false. """ return password == utils.get_shared_secret()
def authenticate(api_handle, username, password): """ Validate a username/password combo, returning True/False Uses cobbler_auth_helper """ ss = utils.get_shared_secret() if password == ss: rc = True else: rc = False return rc
def test_user_authenticated(request): global remote global username global url_cobbler_api if url_cobbler_api is None: url_cobbler_api = utils.local_get_cobbler_api_url() remote = xmlrpclib.Server(url_cobbler_api, allow_none=True) token = remote.login("", utils.get_shared_secret()) if ( (remote.get_authn_module_name(token) == 'authn_passthru' and request.META.has_key('REMOTE_USER')) and ( (request.session.has_key('username') and request.META['REMOTE_USER'] != request.session['username']) or (not request.session.has_key('username')))): try: username = request.META['REMOTE_USER'] password = utils.get_shared_secret() token = remote.login(username, password) except: token = None if token: request.session['username'] = username request.session['token'] = token # if we have a token, get the associated username from # the remote server via XMLRPC. We then compare that to # the value stored in the session. If everything matches up, # the user is considered successfully authenticated if request.session.has_key('token') and request.session['token'] != '': try: if remote.token_check(request.session['token']): token_user = remote.get_user_from_token(request.session['token']) if request.session.has_key('username') and request.session['username'] == token_user: username = request.session['username'] return True except: # just let it fall through to the 'return False' below pass return False
def accept_remote_user(request, nextsite): global username username = request.META['REMOTE_USER'] token = remote.login(username, utils.get_shared_secret()) request.session['username'] = username request.session['token'] = token if nextsite: return HttpResponseRedirect(nextsite) else: return HttpResponseRedirect("/cobbler_web")
def test_logout(self, remote): # Arrange shared_secret = get_shared_secret() newtoken = remote.login("", shared_secret) # Act resultlogout = remote.logout(newtoken) resulttokencheck = remote.token_check(newtoken) # Assert assert resultlogout assert not resulttokencheck
def login(request, next=None, message=None, expired=False): global use_passthru if use_passthru < 0: token = remote.login("", utils.get_shared_secret()) auth_module = remote.get_authn_module_name(token) use_passthru = auth_module == 'authn_passthru' if use_passthru: return accept_remote_user(request, next) if expired and not message: message = "Sorry, either you need to login or your session expired." return render_to_response('login.tmpl', RequestContext(request,{'next':next,'message':message}))
def login(request, next=None, message=None, expired=False): global use_passthru if use_passthru < 0: token = remote.login("", utils.get_shared_secret()) auth_module = remote.get_authn_module_name(token) use_passthru = auth_module == 'authn_passthru' if use_passthru: return accept_remote_user(request, next) if expired and not message: message = "Sorry, either you need to login or your session expired." return render_to_response('login.tmpl', RequestContext(request, {'next': next, 'message': message}))
def cobbler_xmlrpc_base(): """ Initialises the api object and makes it available to the test. """ # create logger logging.basicConfig(stream=sys.stderr) logger = logging.getLogger("xobbler_xmlrpc_base") logger.setLevel(logging.DEBUG) # create XML-RPC client and connect to server api_url = local_get_cobbler_api_url() remote = xmlrpcclient.Server(api_url, allow_none=True) shared_secret = get_shared_secret() token = remote.login("", shared_secret) if not token: sys.exit(1) yield (remote, token)
def setUp(self): """ Setup Cobbler XML-RPC connection and login """ # create logger logging.basicConfig( stream=sys.stderr ) self.logger = logging.getLogger( self.__class__.__name__ ) self.logger.setLevel( logging.DEBUG ) # create XML-RPC client and connect to server api_url = local_get_cobbler_api_url() self.remote = xmlrpclib.Server(api_url, allow_none=True) shared_secret = get_shared_secret() self.token = self.remote.login("", shared_secret) if not self.token: sys.exit(1)
def setUp(self): """ Setup Cobbler XML-RPC connection and login """ # create logger logging.basicConfig(stream=sys.stderr) self.logger = logging.getLogger(self.__class__.__name__) self.logger.setLevel(logging.DEBUG) # create XML-RPC client and connect to server api_url = local_get_cobbler_api_url() self.remote = xmlrpcclient.Server(api_url, allow_none=True) shared_secret = get_shared_secret() self.token = self.remote.login("", shared_secret) if not self.token: sys.exit(1)
def setUp(self): """ Sets up Cobbler API connection and logs in """ self.url_api = utils.local_get_cobbler_api_url() self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url() self.remote = xmlrpclib.Server(self.url_api) self.shared_secret = utils.get_shared_secret() self.token = self.remote.login("", self.shared_secret) if not self.token: self.server.stop() sys.exit(1) # Create temp dir self.topdir = "/tmp/cobbler_test" try: os.makedirs(self.topdir) except: pass self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD) self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2) self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3) self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL) self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2) self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3) create = [ self.fk_initrd, self.fk_initrd2, self.fk_initrd3, self.fk_kernel, self.fk_kernel2, self.fk_kernel3, ] for fn in create: f = open(fn, "w+") f.close()
def setUp(self): """ Sets up Cobbler API connection and logs in """ logging.basicConfig( stream=sys.stderr ) self.logger = logging.getLogger( self.__class__.__name__ ) self.logger.setLevel( logging.DEBUG ) self.url_api = utils.local_get_cobbler_api_url() self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url() self.remote = xmlrpclib.Server(self.url_api) self.shared_secret = utils.get_shared_secret() self.token = self.remote.login("", self.shared_secret) if not self.token: self.server.stop() sys.exit(1) # Create temp dir self.topdir = "/tmp/cobbler_test" try: os.makedirs(self.topdir) except: pass self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD) self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2) self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3) self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL) self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2) self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3) self.redhat_kickstart = os.path.join(self.topdir, "test.ks") self.ubuntu_preseed = os.path.join(self.topdir, "test.seed") create = [ self.fk_initrd, self.fk_initrd2, self.fk_initrd3, self.fk_kernel, self.fk_kernel2, self.fk_kernel3, self.redhat_kickstart, self.ubuntu_preseed, ] for fn in create: f = open(fn,"w+") f.close() self.distro_fields = [ # TODO: fetchable files, boot files, etc. # field_name, good value(s), bad value(s) # ["",["",],["",]], ["name",["testdistro0",],[]], ["kernel",[self.fk_kernel,],["",]], ["initrd",[self.fk_initrd,],["",]], ["breed",["generic",],["badversion",]], ["os_version",["generic26",],["bados",]], ["arch",["i386","x86_64","ppc","ppc64"],["badarch",]], ["comment",["test comment",],[]], ["owners",["user1 user2 user3",],[]], ["kernel_options",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["kernel_options_post",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["ks_meta",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["mgmt_classes",["one two three",],[]], ["redhat_management_key",["abcd1234",],[]], ["redhat_management_server",["1.1.1.1",],[]], ] self.profile_fields = [ # TODO: fetchable files, boot files, etc. # repos, which have to exist # field_name, good value(s), bad value(s) # ["",["",],["",]], ["name",["testprofile0",],[]], ["distro",["testdistro0",],["baddistro",]], ["enable_gpxe",["yes","YES","1","0","no"],[]], ["enable_menu",["yes","YES","1","0","no"],[]], ["comment",["test comment",],[]], ["owners",["user1 user2 user3",],[]], ["kernel_options",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["kernel_options_post",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["ks_meta",["a=1 b=2 c=3 c=4 c=5 d e",],[]], ["kickstart",[self.redhat_kickstart,self.ubuntu_preseed],["/path/to/bad/kickstart",]], ["proxy",["testproxy",],[]], ["virt_auto_boot",["1","0"],["yes","no"]], ["virt_cpus",["<<inherit>>","1","2"],["a",]], ["virt_file_size",["<<inherit>>","5","10"],["a",]], ["virt_disk_driver",["<<inherit>>","raw","qcow2","vmdk"],[]], ["virt_ram",["<<inherit>>","256","1024"],["a",]], ["virt_type",["<<inherit>>","xenpv","xenfv","qemu","kvm","vmware","openvz"],["bad",]], ["virt_bridge",["<<inherit>>","br0","virbr0","xenbr0"],[]], ["virt_path",["<<inherit>>","/path/to/test",],[]], ["dhcp_tag",["","foo"],[]], ["server",["1.1.1.1",],[]], ["name_servers",["1.1.1.1 1.1.1.2 1.1.1.3",],[]], ["name_servers_search",["example.com foo.bar.com",],[]], ["mgmt_classes",["one two three",],[]], ["mgmt_parameters",["<<inherit>>",],["badyaml",]], # needs more test cases that are valid yaml ["redhat_management_key",["abcd1234",],[]], ["redhat_management_server",["1.1.1.1",],[]], ["template_remote_kickstarts",["yes","YES","1","0","no"],[]], ]