示例#1
0
def is_ip_whitelisted_machine():
    """Returns True if the call is made from IP whitelisted machine."""
    # TODO(vadimsh): Get rid of this. It's blocked on fixing /bot_code calls in
    # bootstrap code everywhere to use service accounts and switching all Swarming
    # Tasks API calls made from bots to use proper authentication.
    return auth.is_in_ip_whitelist(auth.bots_ip_whitelist(),
                                   auth.get_peer_ip(), False)
示例#2
0
    def setUp(self):
        super(BotAuthTest, self).setUp()

        # Mock this out, otherwise it tries to fetch settings.cfg.
        self.mock(srv_cfg, 'get_ui_client_id', lambda: None)

        self.logs = []
        self.mock(logging, 'error',
                  lambda l, *_args: self.logs.append(l % _args))

        auth.bootstrap_ip_whitelist(auth.bots_ip_whitelist(),
                                    ['1.2.3.4', '1.2.3.5'])
        auth.bootstrap_ip_whitelist('ip_whitelist', ['1.1.1.1', '1.2.3.4'])

        auth_testing.reset_local_state()
示例#3
0
def _default_bot_groups():
    return _BotGroups(digest='none',
                      rev='none',
                      direct_matches={},
                      prefix_matches=[],
                      machine_types={},
                      machine_types_raw={},
                      default_group=BotGroupConfig(
                          version='default',
                          require_luci_machine_token=False,
                          require_service_account=None,
                          ip_whitelist=auth.bots_ip_whitelist(),
                          owners=(),
                          dimensions={},
                          bot_config_script='',
                          bot_config_script_content='',
                          system_service_account=''))
示例#4
0
def _default_bot_groups():
    return _BotGroups(digest='none',
                      rev='none',
                      direct_matches={},
                      prefix_matches=[],
                      default_group=BotGroupConfig(
                          version='default',
                          owners=(),
                          auth=(BotAuth(
                              log_if_failed=False,
                              require_luci_machine_token=False,
                              require_service_account=None,
                              require_gce_vm_token=None,
                              ip_whitelist=auth.bots_ip_whitelist()), ),
                          dimensions={},
                          bot_config_script='',
                          bot_config_script_rev='',
                          bot_config_script_content='',
                          system_service_account='',
                          is_default=True))
示例#5
0
 def set_as_anonymous(self):
     self.testbed.setup_env(USER_EMAIL='', overwrite=True)
     auth.ip_whitelist_key(auth.bots_ip_whitelist()).delete()
     auth_testing.reset_local_state()
示例#6
0
 def set_as_anonymous(self):
     """Removes all IPs from the whitelist."""
     self.testbed.setup_env(USER_EMAIL='', overwrite=True)
     auth.ip_whitelist_key(auth.bots_ip_whitelist()).delete()
     auth_testing.reset_local_state()
     auth_testing.mock_get_current_identity(self, auth.Anonymous)
示例#7
0
 def set_as_bot(self):
     self.set_as_anonymous()
     auth.bootstrap_ip_whitelist(auth.bots_ip_whitelist(), [self.source_ip])
     auth_testing.reset_local_state()
     auth_testing.mock_get_current_identity(self,
                                            auth.IP_WHITELISTED_BOT_ID)
示例#8
0
def is_ip_whitelisted_machine():
  """Returns True if the call is made from IP whitelisted machine."""
  return auth.is_in_ip_whitelist(auth.bots_ip_whitelist(), auth.get_peer_ip(),
                                 False)