def test_unable_to_save(json_db_dir):
bogus_dir = '/___inexisting_directory___'
with pytest.raises(BackendIOException):
Cork(bogus_dir,
initialize=True,
preferred_hashing_algorithm='PBKDF2sha1',
pbkdf2_iterations=100000)
def populate_conf_directory():
cork = Cork("example_conf", initialize=True)
cork._store.roles["admin"] = 100
cork._store.roles["editor"] = 60
cork._store.roles["user"] = 50
cork._store.save_roles()
tstamp = str(datetime.utcnow())
username = password = "******"
cork._store.users[username] = {
"role": "admin",
"hash": cork._hash(username, password),
"email_addr": username + "@localhost.local",
"desc": username + " test user",
"creation_date": tstamp,
}
username = password = ""
cork._store.users[username] = {
"role": "user",
"hash": cork._hash(username, password),
"email_addr": username + "@localhost.local",
"desc": username + " test user",
"creation_date": tstamp,
}
cork._store.save_users()
def populate_conf_directory(self, auth_dir):
"""
Creation of basic auth files.
"""
logger.info("Creating new authentication files, check STDOUT for the generated admin password.")
cork = Cork(auth_dir, initialize=True)
cork._store.roles['admin'] = 100
cork._store.roles['access_all'] = 70
cork._store.roles['access_normalized'] = 60
cork._store.roles['public'] = 10
cork._store.save_roles()
tstamp = str(datetime.utcnow())
#default admin combo: admin/admin
username = '******'
password = str(uuid.uuid4())
cork._store.users[username] = {
'role': 'admin',
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': 'Default administrative account',
'creation_date': tstamp
}
cork._store.save_users()
#for security reasons we fdo not want this in the log files.
print "A 'admin' account has been created with the password '{0}'".format(password)
return cork
def populate_conf_directory():
cork = Cork('example_conf', initialize=True)
cork._store.roles['admin'] = 100
cork._store.roles['editor'] = 60
cork._store.roles['user'] = 50
cork._store._savejson('roles', cork._store.roles)
tstamp = str(datetime.utcnow())
username = password = '******'
cork._store.users[username] = {
'role': 'admin',
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': tstamp
}
username = password = ''
cork._store.users[username] = {
'role': 'user',
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': tstamp
}
cork._store._save_users()
def run(*args):
#cork (app auth)
client = pymongo.MongoClient(app_settings.DATABASE_URI)
db = client[app_settings.DATABASE_CORK]
db.authenticate(app_settings.DATABASE_USERNAME,
app_settings.DATABASE_PASSWORD, app_settings.DATABASE_MAIN)
existing = db.users.find_one({"login": "******"})
if existing:
return
mb = MongoDBBackend(db_name=app_settings.DATABASE_CORK,
username=app_settings.DATABASE_USERNAME,
password=app_settings.DATABASE_PASSWORD,
authdb=app_settings.DATABASE_MAIN,
initialize=True)
cork = Cork(backend=mb, preferred_hashing_algorithm='scrypt')
admin_hash = cork._hash("admin", app_settings.ADMIN_PASSWORD)
mb.users._coll.insert({
"login": "******",
"email_addr": "*****@*****.**",
"desc": "admin user",
"role": "admin",
"hash": admin_hash,
"creation_date": "2012-10-28 20:50:26.286723"
})
mb.roles._coll.insert({'role': 'admin', 'val': 100})
#mb.roles._coll.insert({'role': 'editor', 'val': 60})
mb.roles._coll.insert({'role': 'user', 'val': 50})
def populate_conf_directory(out_dir, non_interactive):
cork = Cork(out_dir, initialize=True)
cork._store.roles['admin'] = 101
cork._store.roles['portal'] = 100
cork._store.roles['experimenter'] = 60
cork._store.save_roles()
tstamp = str(datetime.utcnow())
stop = False
while not stop:
if non_interactive:
choice = 'y'
stop = True
else:
choice = input('do you want to add one user? [Y/n]')
if choice.lower() == 'y' or choice.lower() == 'yes' or not choice:
username, password, role = get_username_and_password(
non_interactive)
user_cork = {
'role': role,
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': tstamp
}
cork._store.users[username] = user_cork
print("Cork user is: %s, password is %s" % (username, password))
else:
stop = True
cork._store.save_users()
def getAAA(userdb_dir):
"""
Gets an authentication object for use with cork/bottle.
"""
# Create default json files for users if not present
if not isdir(userdb_dir):
makedirs(userdb_dir)
if not isfile(userdb_dir + '/register.json'):
with open(userdb_dir + '/register.json', 'w') as f:
f.write('{}')
if not isfile(userdb_dir + '/users.json'):
with open(userdb_dir + '/users.json', 'w') as f:
now = datetime.now().strftime('%Y-%m-%dT%H:%M:%S.%f')
f.write(
'{"admin": {"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=", "email_addr": "*****@*****.**", "role": "admin", "creation_date": "'
+ now + '", "desc": "admin test user"}}')
if not isfile(userdb_dir + '/roles.json'):
with open(userdb_dir + '/roles.json', 'w') as f:
f.write('{"admin": 100}')
aaa = Cork(userdb_dir)
return aaa
def __initialize_cork_role(role_name, role_level):
cork = Cork(directory=get_config("api", "cork-files-path",
"/etc/softfire/users"),
initialize=False)
cork._store.roles[role_name] = role_level
cork._store.save_roles()
logger.debug('Created cork role: {} with level {}.'.format(
role_name, role_level))
def setup(engine):
Role.metadata.create_all(engine)
User.metadata.create_all(engine)
# setup cork auth
backend = SqlAlchemyBackend(engine.url)
aaa = Cork(backend=backend)
setattr(__import__(__name__), 'aaa', aaa)
def aaa(mytmpdir):
aaa = Cork(
mytmpdir,
smtp_server="localhost",
email_sender="test@localhost",
preferred_hashing_algorithm="argon2",
)
return aaa
def aaa(mytmpdir):
aaa = Cork(
mytmpdir,
smtp_server="localhost",
email_sender="test@localhost",
preferred_hashing_algorithm="PBKDF2sha1",
pbkdf2_iterations=100000,
)
return aaa
def change_pass(pwd):
sqlalchemy_backend = Cork(backend=SqlAlchemyBackend(config.db_url))
metadata = MetaData()
engine = create_engine(config.db_url)
metadata.bind = engine
users = Table("users",
metadata,
extend_existing=True,
autoload=True,
autoload_with=engine)
users.update().where(users.c.username == "transito").values(
hash=sqlalchemy_backend._hash("transito", pwd)).execute()
def make_user_admin(*args):
username = input("Username: "******"login": username},
{"$set": {
"role": "admin"
}})
def add_user(Base, session):
Users = Base.classes.users
sqlalchemy_backend = Cork(backend=SqlAlchemyBackend(config.db_url))
session.add(
Users(username="******",
role="admin",
hash=sqlalchemy_backend._hash("transito", "transito"),
email_addr="*****@*****.**",
desc="operario",
creation_date=str(datetime.now()),
last_login=str(datetime.now())))
session.commit()
session.close()
def test_initialize_storage():
aaa = Cork(testdir, initialize=True)
with open("%s/users.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/roles.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/register.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/views/registration_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}']
with open("%s/views/password_reset_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}']
def __initialize_cork_user(username, role, password):
cork = Cork(directory=get_config("api", "cork-files-path",
"/etc/softfire/users"),
initialize=False)
user_cork = {
'role': role,
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': '{:%Y-%m-%d %H:%M:%S}'.format(datetime.datetime.now())
}
cork._store.users[username] = user_cork
cork._store.save_users()
logger.debug('Created cork user {} with role {}.'.format(username, role))
def get_cork_instance():
smtp_url = 'ssl://{}:{}@smtp.gmail.com:465'.format(
app_settings.SMTP_USERNAME, app_settings.SMTP_PASSWORD)
cork = Cork(
backend=MongoDBBackend(db_name=app_settings.DATABASE_CORK,
username=app_settings.DATABASE_USERNAME,
password=app_settings.DATABASE_PASSWORD,
authdb=app_settings.DATABASE_MAIN,
initialize=False),
email_sender=app_settings.SMTP_USERNAME + "@gmail.com",
smtp_url=smtp_url,
preferred_hashing_algorithm='scrypt',
pbkdf2_iterations=10,
)
return cork
def test_initialize_storage():
jb = JsonBackend(testdir, initialize=True)
Cork(backend=jb, preferred_hashing_algorithm='scrypt')
with open("%s/users.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/roles.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/register.json" % testdir) as f:
assert f.readlines() == ['{}']
with open("%s/views/registration_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}']
with open("%s/views/password_reset_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}']
def test_initialize_storage(json_db_dir):
jb = JsonBackend(json_db_dir.strpath, initialize=True)
Cork(backend=jb)
assert json_db_dir.join('users.json').read() == '{}'
assert json_db_dir.join('roles.json').read() == '{}'
assert json_db_dir.join('register.json').read() == '{}'
return
with open("%s/views/registration_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}'
]
with open("%s/views/password_reset_email.tpl" % testdir) as f:
assert f.readlines() == [
'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}'
]
def initiate_authmgr(self):
''' Internal function to intiate authentication manager '''
self.authBackend = MongoDBBackend(db_name=CONF.mongo_conf['db'],
hostname=CONF.mongo_conf['host'],
port=CONF.mongo_conf['port'],
initialize=False,
username=CONF.mongo_conf['username'],
password=CONF.mongo_conf['password'])
smtp_url = CONF.smtp_url
self.authmgr = Cork(backend=self.authBackend,
email_sender='*****@*****.**',
smtp_url=smtp_url)
return self.authmgr
def populate_conf_directory():
cork = Cork('auth', initialize=True)
cork._store.roles['admin'] = 100
cork._store.roles['editor'] = 60
cork._store.roles['user'] = 50
cork._store._savejson('roles', cork._store.roles)
tstamp = str(datetime.utcnow())
print "Change the usernames and passwords in the code"
exit()
makeuser(cork, 'admin', 'CHANGEME', tstamp)
makeuser(cork, 'someuser', 'CHANGEME', tstamp)
makeuser(cork, 'woohoo', 'CHANGEME', tstamp)
cork._store._save_users()
def test_initialize_storage(json_db_dir):
jb = JsonBackend(json_db_dir.strpath, initialize=True)
Cork(backend=jb,
preferred_hashing_algorithm="PBKDF2sha1",
pbkdf2_iterations=100000)
assert json_db_dir.join("users.json").read() == "{}"
assert json_db_dir.join("roles.json").read() == "{}"
assert json_db_dir.join("register.json").read() == "{}"
return
with open("%s/views/registration_email.tpl" % testdir) as f:
assert f.readlines() == [
"Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}"
]
with open("%s/views/password_reset_email.tpl" % testdir) as f:
assert f.readlines() == [
"Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}"
]
def create_test_databases(*args):
create_databases_with_auth(app_settings.DATABASE_CORK)
create_databases_with_auth(app_settings.DATABASE_MAIN)
mb = MongoDBBackend(db_name=app_settings.DATABASE_CORK,
username=app_settings.DATABASE_USERNAME,
password=app_settings.DATABASE_PASSWORD,
authdb=app_settings.DATABASE_MAIN,
initialize=True)
cork = Cork(backend=mb, preferred_hashing_algorithm='scrypt')
testuser_hash = cork._hash("testuser", "testuser")
mb.users._coll.insert({
"login": "******",
"email_addr": "*****@*****.**",
"desc": "test user",
"role": "user",
"hash": testuser_hash,
"creation_date": "2012-10-28 20:50:26.286723"
})
def populate_conf_directory():
cork = Cork('.', initialize=True)
cork._store.roles['admin'] = 100
cork._store._savejson('roles', cork._store.roles)
tstamp = str(datetime.utcnow())
username = ""
while not username:
username = raw_input("Enter admin username: "******""
while not password:
password = raw_input("Enter admin password: ")
cork._store.users[username] = {
'role': 'admin',
'hash': cork._hash(username, password),
'creation_date': tstamp
}
cork._store._save_users()
def populate_conf_directory(self):
"""Populate a directory with valid configuration files, to be run just once
The files are not modified by each test
"""
self._tmpdir = os.path.join(self._tmproot,
"cork_functional_test_source")
# only do this once, as advertised
if os.path.exists(self._tmpdir):
return
os.mkdir(self._tmpdir)
os.mkdir(self._tmpdir + "/example_conf")
cork = Cork(os.path.join(self._tmpdir, "example_conf"),
initialize=True)
cork._store.roles['admin'] = 100
cork._store.roles['editor'] = 60
cork._store.roles['user'] = 50
cork._store.save_roles()
tstamp = str(datetime.utcnow())
username = password = '******'
cork._store.users[username] = {
'role': 'admin',
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': tstamp
}
username = password = ''
cork._store.users[username] = {
'role': 'user',
'hash': cork._hash(username, password),
'email_addr': username + '@localhost.local',
'desc': username + ' test user',
'creation_date': tstamp
}
cork._store.save_users()
def populate_conf_directory(self):
"""Populate a directory with valid configuration files, to be run just once
The files are not modified by each test
"""
self._tmpdir = os.path.join(self._tmproot,
"cork_functional_test_source")
# only do this once, as advertised
if os.path.exists(self._tmpdir):
return
os.mkdir(self._tmpdir)
os.mkdir(self._tmpdir + "/example_conf")
cork = Cork(os.path.join(self._tmpdir, "example_conf"),
initialize=True)
cork._store.roles["admin"] = 100
cork._store.roles["editor"] = 60
cork._store.roles["user"] = 50
cork._store.save_roles()
tstamp = str(datetime.utcnow())
username = password = "******"
cork._store.users[username] = {
"role": "admin",
"hash": cork._hash(username, password),
"email_addr": username + "@localhost.local",
"desc": username + " test user",
"creation_date": tstamp,
}
username = password = ""
cork._store.users[username] = {
"role": "user",
"hash": cork._hash(username, password),
"email_addr": username + "@localhost.local",
"desc": username + " test user",
"creation_date": tstamp,
}
cork._store.save_users()
# admin/admin, demo/demo
import bottle
from beaker.middleware import SessionMiddleware
from cork import Cork
from cork.backends import SQLiteBackend
import logging
logging.basicConfig(format='localhost - - [%(asctime)s] %(message)s',
level=logging.DEBUG)
log = logging.getLogger(__name__)
bottle.debug(True)
# Use users.json and roles.json in the local example_conf directory
aaa = Cork('example_conf',
email_sender='*****@*****.**',
smtp_url='smtp://smtp.magnet.ie')
def populate_backend():
b = SQLiteBackend('example.db', initialize=True)
b.connection.executescript("""
INSERT INTO users (username, email_addr, desc, role, hash, creation_date) VALUES
(
'admin',
'*****@*****.**',
'admin test user',
'admin',
'cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=',
'2012-10-28 20:50:26.286723'
);
def test_init():
Cork(testdir)
def __init__(self, datebase_name, static_file_path=None, data_dir='./data', loggly_token=None):
cork_dir = os.path.join(data_dir, 'cork')
beaker_dir = os.path.join(data_dir, 'beaker')
bottle.TEMPLATE_PATH.insert(0,'webapi/views/')
#vars which must be visible across all webapi modules
shared.static_dir = static_file_path
shared.plug = bottle.ext.mongo.MongoPlugin(uri="localhost", db=datebase_name, json_mongo=True)
#install mongo plugin for root app
install(shared_state.plug)
#check if cork files exists
cork_files = ['users.json', 'roles.json', 'register.json']
if not set(cork_files).issubset(set(os.listdir(cork_dir))):
#if not, create them
logger.info('Cork authentication files not found, creating new files.')
shared.auth = self.populate_conf_directory(cork_dir)
else:
shared.auth = Cork(cork_dir)
#admin depends on shared.auth
import admin
#import and mount api version 1 (stable)
from webapi.api.v1 import app as api_v1
mount('/api/v1/', api_v1.app)
#import and mount development version (unstable)
from webapi.api.d import app as api_d
mount('/api/d/', api_d.app)
#must be imported AFTER mounts.
if shared.static_dir is not None:
import default_routes
#wrap root app in beaker middleware
session_opts = {
'session.type': 'file',
'session.cookie_expires': False,
'session.data_dir': beaker_dir,
'session.auto': True,
#set secure attribute on cookie
'session.secure': True
}
self.app = bottle.app()
if loggly_token:
self.app = Loggly(bottle.app(), loggly_token)
self.app = SessionMiddleware(self.app, session_opts)
root_app = bottle.app()
#setup logging hooks
@root_app.hook('before_request')
@api_d.app.hook('before_request')
@api_v1.app.hook('before_request')
def log_request():
user_agent = ""
if 'HTTP_USER_AGENT' in bottle.request.environ:
user_agent = bottle.request.environ['HTTP_USER_AGENT']
if 'REMOTE_ADDR' in bottle.request.environ:
remote_addr = bottle.request.environ['REMOTE_ADDR']
else:
remote_addr = ""
if 'beaker.session' in bottle.request.environ:
session = bottle.request.environ.get('beaker.session')
username = session.get('username', None)
else:
username = "******"
logger.info("[{0}/{1}] {2} {3} ({4})".format(remote_addr, username, request.method, request.fullpath, user_agent))
def return_text(self, e):
return e.status
#make sure error pages for API are pure text
api_d.app.default_error_handler = types.MethodType(return_text, self)
api_v1.app.default_error_handler = types.MethodType(return_text, self)
def test_unable_to_save():
bogus_dir = '/___inexisting_directory___'
Cork(bogus_dir, initialize=True)
