def setUp(self): # anonymous user self.anonymous = User(id=1, username='******') self.anonymous.save() settings.ANONYMOUS_USER_ID = self.anonymous.id # user user = User(id=2, username='******') user.set_password('secret') user.save() # user1 user1 = User(id=3, username='******') user1.set_password('secret') user1.save() # admin == superuser admin = User(id=4, username='******', is_superuser=True) admin.set_password("secret") admin.save() # key key = SSHKey(key="ssh-rsa test tester0@testing", user=user) key.save() self.user = user self.user1 = user1 self.admin = admin self.key = key self.c = Client()
def test_deletion(self): """ Tests key_delete view Verifies: * thrown 404 for non-existing objects * successfully deleted objects """ for u in [self.user, self.admin]: key1 = SSHKey(key="ssh-rsa test tester0@testing", user=u) key1.save() key_id = key1.id self.c.login(username=u.username, password="******") # 404 for non-existing objects response = self.c.get(reverse("key-delete", args=[key_id+10])) self.assertEqual(404, response.status_code) # successful deletion response = self.c.delete(reverse("key-delete", args=[key_id])) self.assertEqual(200, response.status_code) self.assertEquals("application/json", response['content-type']) self.assertContains(response, "1", count=1) self.assertEqual(0, len(SSHKey.objects.filter(id=key_id)))
def setUp(self): self.tearDown() # anonymous user User(id=1, username="******").save() settings.ANONYMOUS_USER_ID = 1 # user user = User(id=2, username="******") user.set_password("secret") user.save() # user1 user1 = User(id=3, username="******") user1.set_password("secret") user1.save() # admin == superuser admin = User(id=4, username="******", is_superuser=True) admin.set_password("secret") admin.save() # key key = SSHKey(key="ssh-rsa test tester0@testing", user=user) key.save() dict_ = globals() dict_["user"] = user dict_["user1"] = user1 dict_["admin"] = admin dict_["key"] = key dict_["c"] = Client()
def key_save(request, key_id=None): if request.is_ajax: # get key's user id if key_id: key_edit = get_object_or_404(SSHKey, pk=key_id) owner_id = key_edit.user.id else: key_edit = SSHKey(user=request.user) owner_id = request.user.id # check if the user has appropriate permissions user = request.user if not (user.is_superuser or user.id == owner_id): return HttpResponseForbidden( _("Only superuser or owner can save user's SSH key.")) form = SSHKeyForm(data=request.POST, instance=key_edit) if form.is_valid(): obj = form.save() return render_to_response("ganeti/ssh_keys/row.html", {"key": obj}, context_instance=RequestContext(request)) else: return HttpResponse(json.dumps(form.errors), mimetype="application/json") return HttpResponse(_("Cannot retrieve information"))
def test_view_ssh_keys(self): """ Test getting SSH keys belonging to users, who have admin permission on specified virtual machine """ # second virtual machine created vm1, cluster1 = self.create_virtual_machine(self.cluster, 'vm2.example.bak') # grant admin permission to first user self.user.grant("admin", self.vm) # add some keys key = SSHKey(key="ssh-rsa test test@test", user=self.user) key.save() key1 = SSHKey(key="ssh-dsa test asd@asd", user=self.user) key1.save() # get API key import settings key = settings.WEB_MGR_API_KEY # forbidden response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname, key+"a"])) self.assertEqual(403, response.status_code) # not found response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname+"a", key])) self.assertEqual(404, response.status_code) response = self.c.get(reverse("instance-keys", args=[self.cluster.slug+"a", self.vm.hostname, key])) self.assertEqual(404, response.status_code) # vm with users who have admin perms response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname, key])) self.assertEqual(200, response.status_code) self.assertEquals("application/json", response["content-type"]) self.assertEqual(len(json.loads(response.content)), 2) self.assertContains(response, "test@test", count=1) self.assertContains(response, "asd@asd", count=1) # vm without users who have admin perms response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, vm1.hostname, key])) self.assertEqual(200, response.status_code) self.assertEquals("application/json", response["content-type"]) self.assertEqual(len(json.loads(response.content)), 0 ) self.assertNotContains(response, "test@test") self.assertNotContains(response, "asd@asd")
def test_view_ssh_keys(self): """ Test getting SSH keys belonging to users, who have admin permission on specified virtual machine """ # second virtual machine created vm1, cluster1 = self.create_virtual_machine(self.cluster, 'vm2.example.bak') # grant admin permission to first user self.user.grant("admin", self.vm) # add some keys key = SSHKey(key="ssh-rsa test test@test", user=self.user) key.save() key1 = SSHKey(key="ssh-dsa test asd@asd", user=self.user) key1.save() # get API key import settings key = settings.WEB_MGR_API_KEY # forbidden response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname, key+"a"])) self.assertEqual(403, response.status_code) # not found response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname+"a", key])) self.assertEqual(404, response.status_code) response = self.c.get(reverse("instance-keys", args=[self.cluster.slug+"a", self.vm.hostname, key])) self.assertEqual(404, response.status_code) # vm with users who have admin perms response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, self.vm.hostname, key])) self.assertEqual(200, response.status_code) self.assertEquals("application/json", response["content-type"]) self.assertEqual(len(json.loads(response.content)), 2) self.assertContains(response, "test@test", count=1) self.assertContains(response, "asd@asd", count=1) # vm without users who have admin perms response = self.c.get(reverse("instance-keys", args=[self.cluster.slug, vm1.hostname, key])) self.assertEqual(200, response.status_code) self.assertEquals("application/json", response["content-type"]) self.assertEqual(len(json.loads(response.content)), 0) self.assertNotContains(response, "test@test") self.assertNotContains(response, "asd@asd")