def setUp(self):
"""
Sets up Cobbler API connection and logs in
"""
self.url_api = utils.local_get_cobbler_api_url()
self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url()
self.remote = xmlrpclib.Server(self.url_api)
self.shared_secret = utils.get_shared_secret()
self.token = self.remote.login("", self.shared_secret)
if not self.token:
self.server.stop()
sys.exit(1)
# Create temp dir
self.topdir = "/tmp/cobbler_test"
try:
os.makedirs(self.topdir)
except:
pass
self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD)
self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2)
self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3)
self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL)
self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2)
self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3)
create = [self.fk_initrd, self.fk_initrd2, self.fk_initrd3, self.fk_kernel, self.fk_kernel2, self.fk_kernel3]
for fn in create:
f = open(fn, "w+")
f.close()
def check_auth(request):
"""
A method to enable authentication by authn_passthru. Checks the
proper headers and ensures that the environment is setup.
"""
global remote
global token
global username
global url_cobbler_api
if url_cobbler_api is None:
url_cobbler_api = utils.local_get_cobbler_api_url()
remote = xmlrpclib.Server(url_cobbler_api, allow_none=True)
if token is not None:
try:
token_user = remote.get_user_from_token(token)
except:
token_user = None
else:
token_user = None
if request.META.has_key('REMOTE_USER'):
if token_user == request.META['REMOTE_USER']:
return
username = request.META['REMOTE_USER']
#REMOTE_USER is set, so no credentials are going to be available
#So we get the shared secret and let authn_passthru authenticate us
password = utils.get_shared_secret()
# Load server ip and port from local config
token = remote.login(username, password)
remote.update(token)
def __init__(self):
# FIXME: should load server ip and ports from local config
# FIXME: allow specifying other endpoints, and user+pass
self.url_cobbler_xmlrpc = "http://127.0.0.1:25151/cobbler_api"
self.parser = optparse.OptionParser()
self.remote = xmlrpclib.Server(self.url_cobbler_xmlrpc)
self.shared_secret = utils.get_shared_secret()
def setup_profile(try_connect, create_kernel_initrd, fk_kernel, fk_initrd):
cobbler_api = try_connect("http://localhost/cobbler_api")
shared_secret = get_shared_secret()
token = cobbler_api.login("", shared_secret)
folder = create_kernel_initrd(fk_kernel, fk_initrd)
kernel_path = os.path.join(folder, fk_kernel)
initrd_path = os.path.join(folder, fk_kernel)
# Create a test Distro
distro = cobbler_api.new_distro(token)
cobbler_api.modify_distro(distro, "name", "security_test_distro", token)
cobbler_api.modify_distro(distro, "arch", "x86_64", token)
cobbler_api.modify_distro(distro, "kernel", str(kernel_path), token)
cobbler_api.modify_distro(distro, "initrd", str(initrd_path), token)
cobbler_api.save_distro(distro, token)
# Create a test Profile
profile = cobbler_api.new_profile(token)
cobbler_api.modify_profile(profile, "name", "security_test_profile", token)
cobbler_api.modify_profile(profile, "distro", "security_test_distro",
token)
cobbler_api.save_profile(profile, token)
yield
cobbler_api.remove_profile("security_test_profile", token)
cobbler_api.remove_distro("security_test_distro", token)
def check_auth(request):
"""
A method to enable authentication by authn_passthru. Checks the
proper headers and ensures that the environment is setup.
"""
global remote
global token
global username
global url_cobbler_api
if url_cobbler_api is None:
url_cobbler_api = utils.local_get_cobbler_api_url()
remote = xmlrpclib.Server(url_cobbler_api, allow_none=True)
if token is not None:
try:
token_user = remote.get_user_from_token(token)
except:
token_user = None
else:
token_user = None
if request.META.has_key('REMOTE_USER'):
if token_user == request.META['REMOTE_USER']:
return
username = request.META['REMOTE_USER']
#REMOTE_USER is set, so no credentials are going to be available
#So we get the shared secret and let authn_passthru authenticate us
password = utils.get_shared_secret()
# Load server ip and port from local config
token = remote.login(username, password)
remote.update(token)
def test_get_shared_secret():
# Arrange
# TODO: Test the case where the file is there.
# Act
result = utils.get_shared_secret()
# Assert
assert result == -1
def __init__(self):
# Load server ip and ports from local config
self.url_cobbler_api = utils.local_get_cobbler_api_url()
self.url_cobbler_xmlrpc = utils.local_get_cobbler_xmlrpc_url()
# FIXME: allow specifying other endpoints, and user+pass
self.parser = optparse.OptionParser()
self.remote = xmlrpc.client.Server(self.url_cobbler_api)
self.shared_secret = utils.get_shared_secret()
def __init__(self):
# Load server ip and ports from local config
self.url_cobbler_api = utils.local_get_cobbler_api_url()
self.url_cobbler_xmlrpc = utils.local_get_cobbler_xmlrpc_url()
# FIXME: allow specifying other endpoints, and user+pass
self.parser = optparse.OptionParser()
self.remote = xmlrpc.client.Server(self.url_cobbler_api)
self.shared_secret = utils.get_shared_secret()
def authenticate(api_handle, username, password) -> bool:
"""
Validate a username/password combo. Uses cobbler_auth_helper
:param api_handle: This parameter is not used currently.
:param username: This parameter is not used currently.
:param password: This should be the internal Cobbler secret.
:return: True if the password is the secret, otherwise false.
"""
return password == utils.get_shared_secret()
def authenticate(api_handle, username, password):
"""
Validate a username/password combo, returning True/False
Uses cobbler_auth_helper
"""
ss = utils.get_shared_secret()
if password == ss:
rc = True
else:
rc = False
return rc
def test_user_authenticated(request):
global remote
global username
global url_cobbler_api
if url_cobbler_api is None:
url_cobbler_api = utils.local_get_cobbler_api_url()
remote = xmlrpclib.Server(url_cobbler_api, allow_none=True)
token = remote.login("", utils.get_shared_secret())
if ( (remote.get_authn_module_name(token) == 'authn_passthru' and
request.META.has_key('REMOTE_USER')) and
( (request.session.has_key('username') and
request.META['REMOTE_USER'] != request.session['username']) or
(not request.session.has_key('username')))):
try:
username = request.META['REMOTE_USER']
password = utils.get_shared_secret()
token = remote.login(username, password)
except:
token = None
if token:
request.session['username'] = username
request.session['token'] = token
# if we have a token, get the associated username from
# the remote server via XMLRPC. We then compare that to
# the value stored in the session. If everything matches up,
# the user is considered successfully authenticated
if request.session.has_key('token') and request.session['token'] != '':
try:
if remote.token_check(request.session['token']):
token_user = remote.get_user_from_token(request.session['token'])
if request.session.has_key('username') and request.session['username'] == token_user:
username = request.session['username']
return True
except:
# just let it fall through to the 'return False' below
pass
return False
def accept_remote_user(request, nextsite):
global username
username = request.META['REMOTE_USER']
token = remote.login(username, utils.get_shared_secret())
request.session['username'] = username
request.session['token'] = token
if nextsite:
return HttpResponseRedirect(nextsite)
else:
return HttpResponseRedirect("/cobbler_web")
def accept_remote_user(request, nextsite):
global username
username = request.META['REMOTE_USER']
token = remote.login(username, utils.get_shared_secret())
request.session['username'] = username
request.session['token'] = token
if nextsite:
return HttpResponseRedirect(nextsite)
else:
return HttpResponseRedirect("/cobbler_web")
def test_logout(self, remote):
# Arrange
shared_secret = get_shared_secret()
newtoken = remote.login("", shared_secret)
# Act
resultlogout = remote.logout(newtoken)
resulttokencheck = remote.token_check(newtoken)
# Assert
assert resultlogout
assert not resulttokencheck
def login(request, next=None, message=None, expired=False):
global use_passthru
if use_passthru < 0:
token = remote.login("", utils.get_shared_secret())
auth_module = remote.get_authn_module_name(token)
use_passthru = auth_module == 'authn_passthru'
if use_passthru:
return accept_remote_user(request, next)
if expired and not message:
message = "Sorry, either you need to login or your session expired."
return render_to_response('login.tmpl', RequestContext(request,{'next':next,'message':message}))
def login(request, next=None, message=None, expired=False):
global use_passthru
if use_passthru < 0:
token = remote.login("", utils.get_shared_secret())
auth_module = remote.get_authn_module_name(token)
use_passthru = auth_module == 'authn_passthru'
if use_passthru:
return accept_remote_user(request, next)
if expired and not message:
message = "Sorry, either you need to login or your session expired."
return render_to_response('login.tmpl', RequestContext(request, {'next': next, 'message': message}))
def cobbler_xmlrpc_base():
"""
Initialises the api object and makes it available to the test.
"""
# create logger
logging.basicConfig(stream=sys.stderr)
logger = logging.getLogger("xobbler_xmlrpc_base")
logger.setLevel(logging.DEBUG)
# create XML-RPC client and connect to server
api_url = local_get_cobbler_api_url()
remote = xmlrpcclient.Server(api_url, allow_none=True)
shared_secret = get_shared_secret()
token = remote.login("", shared_secret)
if not token:
sys.exit(1)
yield (remote, token)
def setUp(self):
"""
Setup Cobbler XML-RPC connection and login
"""
# create logger
logging.basicConfig( stream=sys.stderr )
self.logger = logging.getLogger( self.__class__.__name__ )
self.logger.setLevel( logging.DEBUG )
# create XML-RPC client and connect to server
api_url = local_get_cobbler_api_url()
self.remote = xmlrpclib.Server(api_url, allow_none=True)
shared_secret = get_shared_secret()
self.token = self.remote.login("", shared_secret)
if not self.token:
sys.exit(1)
def setUp(self):
"""
Setup Cobbler XML-RPC connection and login
"""
# create logger
logging.basicConfig(stream=sys.stderr)
self.logger = logging.getLogger(self.__class__.__name__)
self.logger.setLevel(logging.DEBUG)
# create XML-RPC client and connect to server
api_url = local_get_cobbler_api_url()
self.remote = xmlrpcclient.Server(api_url, allow_none=True)
shared_secret = get_shared_secret()
self.token = self.remote.login("", shared_secret)
if not self.token:
sys.exit(1)
def cobbler_xmlrpc_base():
"""
Initialises the api object and makes it available to the test.
"""
# create logger
logging.basicConfig(stream=sys.stderr)
logger = logging.getLogger("xobbler_xmlrpc_base")
logger.setLevel(logging.DEBUG)
# create XML-RPC client and connect to server
api_url = local_get_cobbler_api_url()
remote = xmlrpcclient.Server(api_url, allow_none=True)
shared_secret = get_shared_secret()
token = remote.login("", shared_secret)
if not token:
sys.exit(1)
yield (remote, token)
def setUp(self):
"""
Sets up Cobbler API connection and logs in
"""
self.url_api = utils.local_get_cobbler_api_url()
self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url()
self.remote = xmlrpclib.Server(self.url_api)
self.shared_secret = utils.get_shared_secret()
self.token = self.remote.login("", self.shared_secret)
if not self.token:
self.server.stop()
sys.exit(1)
# Create temp dir
self.topdir = "/tmp/cobbler_test"
try:
os.makedirs(self.topdir)
except:
pass
self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD)
self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2)
self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3)
self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL)
self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2)
self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3)
create = [
self.fk_initrd,
self.fk_initrd2,
self.fk_initrd3,
self.fk_kernel,
self.fk_kernel2,
self.fk_kernel3,
]
for fn in create:
f = open(fn, "w+")
f.close()
def setUp(self):
"""
Sets up Cobbler API connection and logs in
"""
logging.basicConfig( stream=sys.stderr )
self.logger = logging.getLogger( self.__class__.__name__ )
self.logger.setLevel( logging.DEBUG )
self.url_api = utils.local_get_cobbler_api_url()
self.url_xmlrpc = utils.local_get_cobbler_xmlrpc_url()
self.remote = xmlrpclib.Server(self.url_api)
self.shared_secret = utils.get_shared_secret()
self.token = self.remote.login("", self.shared_secret)
if not self.token:
self.server.stop()
sys.exit(1)
# Create temp dir
self.topdir = "/tmp/cobbler_test"
try:
os.makedirs(self.topdir)
except:
pass
self.fk_initrd = os.path.join(self.topdir, FAKE_INITRD)
self.fk_initrd2 = os.path.join(self.topdir, FAKE_INITRD2)
self.fk_initrd3 = os.path.join(self.topdir, FAKE_INITRD3)
self.fk_kernel = os.path.join(self.topdir, FAKE_KERNEL)
self.fk_kernel2 = os.path.join(self.topdir, FAKE_KERNEL2)
self.fk_kernel3 = os.path.join(self.topdir, FAKE_KERNEL3)
self.redhat_kickstart = os.path.join(self.topdir, "test.ks")
self.ubuntu_preseed = os.path.join(self.topdir, "test.seed")
create = [
self.fk_initrd, self.fk_initrd2, self.fk_initrd3,
self.fk_kernel, self.fk_kernel2, self.fk_kernel3,
self.redhat_kickstart, self.ubuntu_preseed,
]
for fn in create:
f = open(fn,"w+")
f.close()
self.distro_fields = [
# TODO: fetchable files, boot files, etc.
# field_name, good value(s), bad value(s)
# ["",["",],["",]],
["name",["testdistro0",],[]],
["kernel",[self.fk_kernel,],["",]],
["initrd",[self.fk_initrd,],["",]],
["breed",["generic",],["badversion",]],
["os_version",["generic26",],["bados",]],
["arch",["i386","x86_64","ppc","ppc64"],["badarch",]],
["comment",["test comment",],[]],
["owners",["user1 user2 user3",],[]],
["kernel_options",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["kernel_options_post",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["ks_meta",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["mgmt_classes",["one two three",],[]],
["redhat_management_key",["abcd1234",],[]],
["redhat_management_server",["1.1.1.1",],[]],
]
self.profile_fields = [
# TODO: fetchable files, boot files, etc.
# repos, which have to exist
# field_name, good value(s), bad value(s)
# ["",["",],["",]],
["name",["testprofile0",],[]],
["distro",["testdistro0",],["baddistro",]],
["enable_gpxe",["yes","YES","1","0","no"],[]],
["enable_menu",["yes","YES","1","0","no"],[]],
["comment",["test comment",],[]],
["owners",["user1 user2 user3",],[]],
["kernel_options",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["kernel_options_post",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["ks_meta",["a=1 b=2 c=3 c=4 c=5 d e",],[]],
["kickstart",[self.redhat_kickstart,self.ubuntu_preseed],["/path/to/bad/kickstart",]],
["proxy",["testproxy",],[]],
["virt_auto_boot",["1","0"],["yes","no"]],
["virt_cpus",["<<inherit>>","1","2"],["a",]],
["virt_file_size",["<<inherit>>","5","10"],["a",]],
["virt_disk_driver",["<<inherit>>","raw","qcow2","vmdk"],[]],
["virt_ram",["<<inherit>>","256","1024"],["a",]],
["virt_type",["<<inherit>>","xenpv","xenfv","qemu","kvm","vmware","openvz"],["bad",]],
["virt_bridge",["<<inherit>>","br0","virbr0","xenbr0"],[]],
["virt_path",["<<inherit>>","/path/to/test",],[]],
["dhcp_tag",["","foo"],[]],
["server",["1.1.1.1",],[]],
["name_servers",["1.1.1.1 1.1.1.2 1.1.1.3",],[]],
["name_servers_search",["example.com foo.bar.com",],[]],
["mgmt_classes",["one two three",],[]],
["mgmt_parameters",["<<inherit>>",],["badyaml",]], # needs more test cases that are valid yaml
["redhat_management_key",["abcd1234",],[]],
["redhat_management_server",["1.1.1.1",],[]],
["template_remote_kickstarts",["yes","YES","1","0","no"],[]],
]
