class TestAccountClient(unittest.TestCase):
def setUp(self):
self.client = AccountClient()
def test_add_account_success(self):
""" ACCOUNT (CLIENTS): create a new account and get information about account."""
account = account_name_generator()
type, email = 'USER', '*****@*****.**'
ret = self.client.add_account(account, type, email)
assert ret
with pytest.raises(Duplicate):
self.client.add_account(account, type, email)
with pytest.raises(InvalidObject):
self.client.add_account('BAD_ACCOUNT_NAME', type, email)
with pytest.raises(InvalidObject):
self.client.add_account('toooooooloooooonaccounnnnnnnntnammmmme', type, email)
acc_info = self.client.get_account(account)
assert acc_info['account'] == account
def test_get_account_notfound(self):
""" ACCOUNT (CLIENTS): try to get information about not existing account."""
account = str(uuid())
with pytest.raises(AccountNotFound):
self.client.get_account(account)
def test_list_accounts(self):
""" ACCOUNT (CLIENTS): get list of all accounts."""
dn = config_get('bootstrap', 'x509_identity')
acc_list = [account_name_generator() for _ in range(5)]
for account in acc_list:
self.client.add_account(account, 'USER', '*****@*****.**')
svr_list = [a['account'] for a in self.client.list_accounts(account_type='SERVICE', identity=dn)]
assert 'root' in svr_list
svr_list = [a['account'] for a in self.client.list_accounts(account_type='USER')]
for account in acc_list:
assert account in svr_list
def test_update_account(self):
""" ACCOUNT (CLIENTS): create a new account and update it."""
account = account_name_generator()
type, email = 'USER', '*****@*****.**'
ret = self.client.add_account(account, type, email)
assert ret
self.client.update_account(account=account, key='status', value='SUSPENDED')
status = self.client.get_account(account=account)['status']
assert status == 'SUSPENDED'
self.client.update_account(account=account, key='status', value='ACTIVE')
status = self.client.get_account(account=account)['status']
assert status == 'ACTIVE'
self.client.update_account(account=account, key='email', value='test')
email = self.client.get_account(account=account)['email']
assert email == 'test'
class TestScopeClient(unittest.TestCase):
def setUp(self):
self.account_client = AccountClient()
self.scope_client = ScopeClient()
def test_create_scope(self):
""" SCOPE (CLIENTS): create a new scope."""
account = 'jdoe'
scope = scope_name_generator()
ret = self.scope_client.add_scope(account, scope)
assert ret
with pytest.raises(InvalidObject):
self.scope_client.add_scope(account,
'tooooolooooongscooooooooooooope')
with pytest.raises(InvalidObject):
self.scope_client.add_scope(account, '$?!')
def test_create_scope_no_account(self):
""" SCOPE (CLIENTS): try to create scope for not existing account."""
account = str(uuid()).lower()[:30]
scope = scope_name_generator()
with pytest.raises(AccountNotFound):
self.scope_client.add_scope(account, scope)
def test_create_scope_duplicate(self):
""" SCOPE (CLIENTS): try to create a duplicate scope."""
account = 'jdoe'
scope = scope_name_generator()
self.scope_client.add_scope(account, scope)
with pytest.raises(Duplicate):
self.scope_client.add_scope(account, scope)
def test_list_scopes(self):
""" SCOPE (CLIENTS): try to list scopes for an account."""
account = 'jdoe'
scope_list = [scope_name_generator() for _ in range(5)]
for scope in scope_list:
self.scope_client.add_scope(account, scope)
svr_list = self.scope_client.list_scopes_for_account(account)
for scope in scope_list:
if scope not in svr_list:
assert False
def test_list_scopes_account_not_found(self):
""" SCOPE (CLIENTS): try to list scopes for a non existing account."""
account = account_name_generator()
with pytest.raises(AccountNotFound):
self.scope_client.list_scopes_for_account(account)
def test_list_scopes_no_scopes(self):
""" SCOPE (CLIENTS): try to list scopes for an account without scopes."""
account = account_name_generator()
self.account_client.add_account(account, 'USER', '*****@*****.**')
with pytest.raises(ScopeNotFound):
self.scope_client.list_scopes_for_account(account)
class TestScopeClient():
def setup(self):
self.account_client = AccountClient()
self.scope_client = ScopeClient()
def test_create_scope(self):
""" SCOPE (CLIENTS): create a new scope."""
account = 'jdoe'
scope = scope_name_generator()
ret = self.scope_client.add_scope(account, scope)
assert_true(ret)
with assert_raises(InvalidObject):
self.scope_client.add_scope(account, 'tooooolooooongscooooooooooooope')
with assert_raises(InvalidObject):
self.scope_client.add_scope(account, '$?!')
@raises(AccountNotFound)
def test_create_scope_no_account(self):
""" SCOPE (CLIENTS): try to create scope for not existing account."""
account = str(uuid()).lower()[:30]
scope = scope_name_generator()
self.scope_client.add_scope(account, scope)
@raises(Duplicate)
def test_create_scope_duplicate(self):
""" SCOPE (CLIENTS): try to create a duplicate scope."""
account = 'jdoe'
scope = scope_name_generator()
self.scope_client.add_scope(account, scope)
self.scope_client.add_scope(account, scope)
def test_list_scopes(self):
""" SCOPE (CLIENTS): try to list scopes for an account."""
account = 'jdoe'
scope_list = [scope_name_generator() for i in xrange(5)]
for scope in scope_list:
self.scope_client.add_scope(account, scope)
svr_list = self.scope_client.list_scopes_for_account(account)
for scope in scope_list:
if scope not in svr_list:
assert_true(False)
@raises(AccountNotFound)
def test_list_scopes_account_not_found(self):
""" SCOPE (CLIENTS): try to list scopes for a non existing account."""
account = account_name_generator()
self.scope_client.list_scopes_for_account(account)
@raises(ScopeNotFound)
def test_list_scopes_no_scopes(self):
""" SCOPE (CLIENTS): try to list scopes for an account without scopes."""
account = account_name_generator()
self.account_client.add_account(account, 'USER')
self.scope_client.list_scopes_for_account(account)
def create_accounts(account_list, user_type):
""" Registers a set of accounts
:param account_list: the list of accounts to be added
:param user_type: the type of accounts
"""
account_client = AccountClient()
for account in account_list:
try:
account_client.add_account(account, user_type, email=None)
except exception.Duplicate:
pass # Account already exists, no need to create it
class TestBoolean(unittest.TestCase):
def setUp(self):
self.account_client = AccountClient()
self.rse_client = RSEClient()
self.account = generate_uuid()[:10]
self.rse = rse_name_generator()
self.account_client.add_account(self.account, 'SERVICE',
'*****@*****.**')
self.rse_client.add_rse(self.rse)
def tearDown(self):
self.account_client.delete_account(self.account)
self.rse_client.delete_rse(self.rse)
def test_booleanstring_account_attribute(self):
self.account_client.add_account_attribute(self.account,
'teststringtrue', 'true')
self.account_client.add_account_attribute(self.account, 'testinttrue',
'1')
self.account_client.add_account_attribute(self.account,
'teststringfalse', 'false')
self.account_client.add_account_attribute(self.account, 'testintfalse',
'0')
result = {}
for account in self.account_client.list_account_attributes(
self.account):
for res in account:
result[res['key']] = res['value']
assert result['teststringtrue'] is True
assert result['testinttrue'] == '1'
assert result['teststringfalse'] is False
assert result['testintfalse'] == '0'
def test_booleanstring_rse_attribute(self):
self.rse_client.add_rse_attribute(self.rse, 'teststringtrue', 'true')
self.rse_client.add_rse_attribute(self.rse, 'testinttrue', '1')
self.rse_client.add_rse_attribute(self.rse, 'teststringfalse', 'false')
self.rse_client.add_rse_attribute(self.rse, 'testintfalse', '0')
result = self.rse_client.list_rse_attributes(self.rse)
assert result['teststringtrue'] is True
assert result['testinttrue'] == '1'
assert result['teststringfalse'] is False
assert result['testintfalse'] == '0'
def test_accounts_at_different_vos(self):
""" MULTI VO (CLIENT): Test that accounts from 2nd vo don't interfere """
account_client = AccountClient()
usr_uuid = str(generate_uuid()).lower()[:16]
tst = 'tst-%s' % usr_uuid
new = 'new-%s' % usr_uuid
shr = 'shr-%s' % usr_uuid
account_client.add_account(tst, 'USER', '*****@*****.**')
account_client.add_account(shr, 'USER', '*****@*****.**')
add_account(new, 'USER', '*****@*****.**', 'root', **self.new_vo)
add_account(shr, 'USER', '*****@*****.**', 'root', **self.new_vo)
account_list_tst = [a['account'] for a in account_client.list_accounts()]
account_list_new = [a['account'] for a in list_accounts(filter={}, **self.new_vo)]
assert_true(tst in account_list_tst)
assert_false(new in account_list_tst)
assert_true(shr in account_list_tst)
assert_false(tst in account_list_new)
assert_true(new in account_list_new)
assert_true(shr in account_list_new)
class TestAccountClient():
def setup(self):
self.client = AccountClient()
def test_add_account_success(self):
""" ACCOUNT (CLIENTS): create a new account and get information about account."""
account = account_name_generator()
type = 'USER'
ret = self.client.add_account(account, type)
assert_true(ret)
with assert_raises(Duplicate):
self.client.add_account(account, type)
with assert_raises(InvalidObject):
self.client.add_account('BAD_ACCOUNT_NAME', type)
with assert_raises(InvalidObject):
self.client.add_account('toooooooloooooonaccounnnnnnnntnammmmme', type)
acc_info = self.client.get_account(account)
assert_equal(acc_info['account'], account)
@raises(AccountNotFound)
def test_get_account_notfound(self):
""" ACCOUNT (CLIENTS): try to get information about not existing account."""
account = str(uuid())
self.client.get_account(account)
def test_list_accounts(self):
""" ACCOUNT (CLIENTS): get list of all accounts."""
dn = '/C=CH/ST=Geneva/O=CERN/OU=PH-ADP-CO/CN=DDMLAB Client Certificate/[email protected]'
acc_list = [account_name_generator() for i in xrange(5)]
for account in acc_list:
self.client.add_account(account, 'USER')
svr_list = [a['account'] for a in self.client.list_accounts(account_type='SERVICE', identity=dn)]
assert_true('root' in svr_list)
svr_list = [a['account'] for a in self.client.list_accounts(account_type='USER')]
for account in acc_list:
assert_true(account in svr_list)
def test_subscriptions_at_different_vos(self):
""" MULTI VO (CLIENT): Test that subscriptions from 2nd vo don't interfere """
account_client = AccountClient()
usr_uuid = str(generate_uuid()).lower()[:16]
shr_acc = 'shr-%s' % usr_uuid
account_client.add_account(shr_acc, 'USER', '*****@*****.**')
add_account(shr_acc, 'USER', '*****@*****.**', 'root', **self.new_vo)
scope_client = ScopeClient()
scope_uuid = str(generate_uuid()).lower()[:16]
tst_scope = 'tst_%s' % scope_uuid
new_scope = 'new_%s' % scope_uuid
scope_client.add_scope('root', tst_scope)
add_scope(new_scope, 'root', 'root', **self.new_vo)
did_client = DIDClient()
did_uuid = str(generate_uuid()).lower()[:16]
tst_did = 'tstset_%s' % did_uuid
new_did = 'newset_%s' % did_uuid
rse_client = RSEClient()
rse_str = ''.join(choice(ascii_uppercase) for x in range(10))
tst_rse1 = 'TST1_%s' % rse_str
tst_rse2 = 'TST2_%s' % rse_str
new_rse1 = 'NEW1_%s' % rse_str
new_rse2 = 'NEW2_%s' % rse_str
rse_client.add_rse(tst_rse1)
rse_client.add_rse(tst_rse2)
add_rse(new_rse1, 'root', **self.new_vo)
add_rse(new_rse2, 'root', **self.new_vo)
acc_lim_client = AccountLimitClient()
acc_lim_client.set_local_account_limit(shr_acc, tst_rse1, 10)
acc_lim_client.set_local_account_limit(shr_acc, tst_rse2, 10)
set_local_account_limit(shr_acc, new_rse1, 10, 'root', **self.new_vo)
set_local_account_limit(shr_acc, new_rse2, 10, 'root', **self.new_vo)
did_client.add_did(tst_scope, tst_did, 'DATASET', rse=tst_rse1)
add_did(new_scope, new_did, 'DATASET', 'root', rse=new_rse1, **self.new_vo)
sub_client = SubscriptionClient()
sub_str = generate_uuid()
tst_sub = 'tstsub_' + sub_str
new_sub = 'newsub_' + sub_str
shr_sub = 'shrsub_' + sub_str
tst_sub_id = sub_client.add_subscription(tst_sub, shr_acc, {'scope': [tst_scope]},
[{'copies': 1, 'rse_expression': tst_rse2, 'weight': 0,
'activity': 'User Subscriptions'}],
'', None, 0, 0)
shr_tst_sub_id = sub_client.add_subscription(shr_sub, shr_acc, {'scope': [tst_scope]},
[{'copies': 1, 'rse_expression': tst_rse2, 'weight': 0,
'activity': 'User Subscriptions'}],
'', None, 0, 0)
new_sub_id = add_subscription(new_sub, shr_acc, {'scope': [new_scope]},
[{'copies': 1, 'rse_expression': new_rse2, 'weight': 0, 'activity': 'User Subscriptions'}],
'', False, 0, 0, 3, 'root', **self.new_vo)
shr_new_sub_id = add_subscription(shr_sub, shr_acc, {'scope': [new_scope]},
[{'copies': 1, 'rse_expression': new_rse2, 'weight': 0, 'activity': 'User Subscriptions'}],
'', False, 0, 0, 3, 'root', **self.new_vo)
tst_subs = [s['id'] for s in sub_client.list_subscriptions()]
assert_in(tst_sub_id, tst_subs)
assert_in(shr_tst_sub_id, tst_subs)
assert_not_in(new_sub_id, tst_subs)
assert_not_in(shr_new_sub_id, tst_subs)
new_subs = [s['id'] for s in list_subscriptions(**self.new_vo)]
assert_in(new_sub_id, new_subs)
assert_in(shr_new_sub_id, new_subs)
assert_not_in(tst_sub_id, new_subs)
assert_not_in(shr_tst_sub_id, new_subs)
shr_tst_subs = [s['id'] for s in sub_client.list_subscriptions(name=shr_sub)]
assert_in(shr_tst_sub_id, shr_tst_subs)
assert_not_in(shr_new_sub_id, shr_tst_subs)
shr_new_subs = [s['id'] for s in list_subscriptions(name=shr_sub, **self.new_vo)]
assert_in(shr_new_sub_id, shr_new_subs)
assert_not_in(shr_tst_sub_id, shr_new_subs)
acc_tst_subs = [s['id'] for s in sub_client.list_subscriptions(account=shr_acc)]
assert_in(tst_sub_id, acc_tst_subs)
assert_in(shr_tst_sub_id, acc_tst_subs)
assert_not_in(new_sub_id, acc_tst_subs)
assert_not_in(shr_new_sub_id, acc_tst_subs)
acc_new_subs = [s['id'] for s in list_subscriptions(account=shr_acc, **self.new_vo)]
assert_in(new_sub_id, acc_new_subs)
assert_in(shr_new_sub_id, acc_new_subs)
assert_not_in(tst_sub_id, acc_new_subs)
assert_not_in(shr_tst_sub_id, acc_new_subs)
class TestAccountClient():
def __init__(self):
self.client = AccountClient()
def test_add_account_success(self):
""" ACCOUNT (CLIENTS): create a new account and get information about account."""
account = account_name_generator()
type, email = 'USER', '*****@*****.**'
ret = self.client.add_account(account, type, email)
assert_true(ret)
with assert_raises(Duplicate):
self.client.add_account(account, type, email)
with assert_raises(InvalidObject):
self.client.add_account('BAD_ACCOUNT_NAME', type, email)
with assert_raises(InvalidObject):
self.client.add_account('toooooooloooooonaccounnnnnnnntnammmmme',
type, email)
acc_info = self.client.get_account(account)
assert_equal(acc_info['account'], account)
@raises(AccountNotFound)
def test_get_account_notfound(self):
""" ACCOUNT (CLIENTS): try to get information about not existing account."""
account = str(uuid())
self.client.get_account(account)
def test_list_accounts(self):
""" ACCOUNT (CLIENTS): get list of all accounts."""
dn = config_get('bootstrap', 'x509_identity')
acc_list = [account_name_generator() for _ in xrange(5)]
for account in acc_list:
self.client.add_account(account, 'USER', '*****@*****.**')
svr_list = [
a['account']
for a in self.client.list_accounts(account_type='SERVICE',
identity=dn)
]
assert_true('root' in svr_list)
svr_list = [
a['account']
for a in self.client.list_accounts(account_type='USER')
]
for account in acc_list:
assert_true(account in svr_list)
def test_ban_unban_account(self):
""" ACCOUNT (CLIENTS): create a new account and ban/unban it."""
account = account_name_generator()
type, email = 'USER', '*****@*****.**'
ret = self.client.add_account(account, type, email)
assert_true(ret)
self.client.set_account_status(account=account, status='SUSPENDED')
status = self.client.get_account(account=account)['status']
assert_equal(status, 'SUSPENDED')
self.client.set_account_status(account=account, status='ACTIVE')
status = self.client.get_account(account=account)['status']
assert_equal(status, 'ACTIVE')
# And the email for each DN
for email, record in cric_users.items():
if record['dn'] in current_dns:
email_map[record['dn']] = email
# Now we have new_accounts which tells us which accounts to create
# and identity_map which tells us how to map the identites to those accounts
ac = AccountClient()
# Make all the accounts from this list
for account in new_accounts:
try:
print('Add account %s' % account)
ac.add_account(account=account, type='USER', email=None)
except (Duplicate, InvalidObject):
print(' Account %s already exists or invalid' % account)
# Add all the identities to the list
for dn, accounts in identity_map.items():
email = email_map.get(dn, '*****@*****.**')
for account in accounts:
try:
print('Add identity %s for %s' % (dn, account))
ac.add_identity(account=account,
identity=dn,
authtype='X509',
email=email,
default=False)
except (Duplicate, InvalidObject, AccountNotFound):
