示例#1
0
    def test_sudo_cmd_call(self, mock_subproc_run):
        AuthUtils.sudo_cmd('test')
        mock_subproc_run.assert_called_once_with(['sudo', 'test'],
                                                 check=True,
                                                 timeout=ANY)

        mock_subproc_run.reset_mock()
        AuthUtils.sudo_cmd('test', ['my', 'args'])
        mock_subproc_run.assert_called_once_with(
            ['sudo', 'test', 'my', 'args'], check=True, timeout=ANY)
示例#2
0
    def handle_user_state(self, user, state, acct_session):
        # remember attributes to match with post_auth call
        self._user = user
        self._state = state
        self._session = acct_session

        return AuthUtils.reject_only_when_blocked(user, state)
示例#3
0
 def _run_disassoc(self, mock_subproc_run):
     result = AuthUtils.disassociate_user('AA-BB-CC')
     mock_subproc_run.assert_called_once_with(
         ['sudo', 'hostapd_cli', 'disassociate', 'aa:bb:cc'],
         check=True,
         timeout=ANY)
     self.assertIsInstance(result, str)
示例#4
0
    def test_reject_only_when_blocked(self):
        user = UserIdentifier('user', '')
        user.password = '******'

        expected_reject = (auth.REJECT, None)
        expected_accept = (auth.ALLOW, {'control:Cleartext-Password': '******'})

        result_block = AuthUtils.reject_only_when_blocked(
            user, UserData.JOIN_STATE_BLOCKED)
        result_waiting = AuthUtils.reject_only_when_blocked(
            user, UserData.JOIN_STATE_WAITING)
        result_ok = AuthUtils.reject_only_when_blocked(
            user, UserData.JOIN_STATE_ALLOWED)

        self.assertEqual(expected_reject, result_block)
        self.assertEqual(expected_accept, result_waiting)
        self.assertEqual(expected_accept, result_ok)
示例#5
0
    def _run_cmd(self, cmd, device_id=None):
        full_cmd = '/etc/radguestauth/fw_%s.sh' % cmd
        args = None
        if device_id:
            args = [UserIdentifier.format_mac(device_id)]

        return AuthUtils.sudo_cmd(full_cmd,
                                  additional_args=args,
                                  error_return='Command failed: %s' % cmd)
示例#6
0
    def handle_user_state(self, user, state, acct_session):
        if state == UserData.JOIN_STATE_WAITING:
            # ensure that the user is not in the whitelist.
            # This occurs when the user was previously allowed and the
            # timeout/join numbers expire.
            self._run_cmd('user_drop', user.device_id)
            self._last_session_waiting = acct_session
        else:
            self._last_session_waiting = None

        return AuthUtils.reject_only_when_blocked(user, state)
示例#7
0
    def on_host_deny(self, user):
        res_msg = self._run_cmd('user_drop', user.device_id)
        # force re-connect in case of blocking.
        if (user.user_data
                and user.user_data.join_state == UserData.JOIN_STATE_BLOCKED):
            if res_msg:
                res_msg += '\n'
            else:
                # could be None, so set to empty str
                res_msg = ''
            res_msg += AuthUtils.disassociate_user(user.device_id)

        return res_msg
示例#8
0
 def _reconnect_user(self, device_id):
     return ('Trying to re-connect user to update VLAN...\n%s' %
             AuthUtils.disassociate_user(device_id))
示例#9
0
 def _run_assert(expected_msg):
     result = AuthUtils.sudo_cmd('test',
                                 success_return='mymessage',
                                 error_return='myerror')
     mock_subproc_run.assert_called_once()
     self.assertEqual(result, expected_msg)