def test_help_command_line_arg_works_for_supported_commands(self): shell = Shell() for command in self.COMMANDS: # First test longhang notation argv = command + ['--help'] try: result = shell.run(argv) except SystemExit as e: self.assertEqual(e.code, 0) else: self.assertEqual(result, 0) stdout = self.stdout.getvalue() self.assertTrue('usage:' in stdout) self.assertTrue(' '.join(command) in stdout) # self.assertTrue('positional arguments:' in stdout) self.assertTrue('optional arguments:' in stdout) # Reset stdout and stderr after each iteration self._reset_output_streams() # Then shorthand notation argv = command + ['-h'] try: result = shell.run(argv) except SystemExit as e: self.assertEqual(e.code, 0) else: self.assertEqual(result, 0) stdout = self.stdout.getvalue() self.assertTrue('usage:' in stdout) self.assertTrue(' '.join(command) in stdout) # self.assertTrue('positional arguments:' in stdout) self.assertTrue('optional arguments:' in stdout) # Verify that the actual help usage string was triggered and not the invalid # "too few arguments" which would indicate command doesn't actually correctly handle # --help flag self.assertTrue('too few arguments' not in stdout) self._reset_output_streams()
def test_cache_auth_token_invalid_permissions(self): shell = Shell() username = '******' cached_token_path = shell._get_cached_token_path_for_user( username=username) expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=30) token_db = TokenDB(user=username, token='fyeah', expiry=expiry) cached_token_path = shell._get_cached_token_path_for_user( username=username) data = { 'token': 'yayvalid', 'expire_timestamp': (int(time.time()) + 20) } with open(cached_token_path, 'w') as fp: fp.write(json.dumps(data)) # 1. Current user has no write access to the parent directory os.chmod(self._mock_config_directory_path, 0o000) shell.LOG = mock.Mock() shell._cache_auth_token(token_obj=token_db) self.assertEqual(shell.LOG.warn.call_count, 1) log_message = shell.LOG.warn.call_args[0][0] expected_msg = ( 'Unable to write token to .*? doesn\'t have write access to the parent ' 'directory') self.assertRegexpMatches(log_message, expected_msg) # 2. Current user has no write access to the cached token file os.chmod(self._mock_config_directory_path, 0o777) # nosec os.chmod(cached_token_path, 0o000) shell.LOG = mock.Mock() shell._cache_auth_token(token_obj=token_db) self.assertEqual(shell.LOG.warn.call_count, 1) log_message = shell.LOG.warn.call_args[0][0] expected_msg = ( 'Unable to write token to .*? doesn\'t have write access to this file' ) self.assertRegexpMatches(log_message, expected_msg)
def test_cache_auth_token_success(self): client = Client() shell = Shell() username = '******' password = '******' expiry = datetime.datetime.utcnow() + datetime.timedelta(seconds=30) result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, None) token_db = TokenDB(user=username, token='fyeah', expiry=expiry) shell._cache_auth_token(token_obj=token_db) result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, 'fyeah')
def test_get_cached_auth_token_valid_token_in_cache_file(self): client = Client() shell = Shell() username = '******' password = '******' cached_token_path = shell._get_cached_token_path_for_user(username=username) data = { 'token': 'yayvalid', 'expire_timestamp': (int(time.time()) + 20) } with open(cached_token_path, 'w') as fp: fp.write(json.dumps(data)) result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, 'yayvalid')
def test_get_cached_auth_token_corrupted_token_cache_file(self): client = Client() shell = Shell() username = '******' password = '******' cached_token_path = shell._get_cached_token_path_for_user( username=username) with open(cached_token_path, 'w') as fp: fp.write('CORRRRRUPTED!') expected_msg = 'File (.+) with cached token is corrupted or invalid' self.assertRaisesRegexp(ValueError, expected_msg, shell._get_cached_auth_token, client=client, username=username, password=password)
def test_get_cached_auth_token_valid_token_in_cache_file(self): client = Client() shell = Shell() username = "******" password = "******" cached_token_path = shell._get_cached_token_path_for_user( username=username) data = { "token": "yayvalid", "expire_timestamp": (int(time.time()) + 20) } with open(cached_token_path, "w") as fp: fp.write(json.dumps(data)) result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, "yayvalid")
def test_get_cached_auth_token_corrupted_token_cache_file(self): client = Client() shell = Shell() username = "******" password = "******" cached_token_path = shell._get_cached_token_path_for_user(username=username) with open(cached_token_path, "w") as fp: fp.write("CORRRRRUPTED!") expected_msg = "File (.+) with cached token is corrupted or invalid" self.assertRaisesRegexp( ValueError, expected_msg, shell._get_cached_auth_token, client=client, username=username, password=password, )
def test_dont_warn_multiple_times(self): mock_temp_dir_path = tempfile.mkdtemp() mock_config_dir_path = os.path.join(mock_temp_dir_path, "testconfig") mock_config_path = os.path.join(mock_config_dir_path, "config") # Make the temporary config directory os.makedirs(mock_config_dir_path) old_perms = os.stat(mock_config_dir_path).st_mode new_perms = old_perms | 0o7 os.chmod(mock_config_dir_path, new_perms) # Make the temporary config file shutil.copyfile(CONFIG_FILE_PATH_FULL, mock_config_path) os.chmod(mock_config_path, 0o777) # nosec shell = Shell() shell.LOG = mock.Mock() # Test without token. shell.run(["--config-file", mock_config_path, "action", "list"]) self.assertEqual(shell.LOG.warn.call_count, 2) self.assertEqual( shell.LOG.warn.call_args_list[0][0][0][:63], "The StackStorm configuration directory permissions are insecure", ) self.assertEqual( shell.LOG.warn.call_args_list[1][0][0][:58], "The StackStorm configuration file permissions are insecure", ) self.assertEqual(shell.LOG.info.call_count, 2) self.assertEqual( shell.LOG.info.call_args_list[0][0][0], "The SGID bit is not " "set on the StackStorm configuration directory.", ) self.assertEqual(shell.LOG.info.call_args_list[1][0][0], "Skipping parsing CLI config")
def __init__(self, *args, **kwargs): super(TestShell, self).__init__(*args, **kwargs) self.shell = Shell()
def __init__(self, *args, **kwargs): super(ShellTestCase, self).__init__(*args, **kwargs) self.shell = Shell()
def test_get_cached_auth_token_invalid_permissions(self): shell = Shell() client = Client() username = '******' password = '******' cached_token_path = shell._get_cached_token_path_for_user( username=username) data = { 'token': 'yayvalid', 'expire_timestamp': (int(time.time()) + 20) } with open(cached_token_path, 'w') as fp: fp.write(json.dumps(data)) # 1. Current user doesn't have read access to the config directory os.chmod(self._mock_config_directory_path, 0o000) shell.LOG = mock.Mock() result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, None) self.assertEqual(shell.LOG.warn.call_count, 1) log_message = shell.LOG.warn.call_args[0][0] expected_msg = ( 'Unable to retrieve cached token from .*? read access to the parent ' 'directory') self.assertRegexpMatches(log_message, expected_msg) # 2. Read access on the directory, but not on the cached token file os.chmod(self._mock_config_directory_path, 0o777) # nosec os.chmod(cached_token_path, 0o000) shell.LOG = mock.Mock() result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, None) self.assertEqual(shell.LOG.warn.call_count, 1) log_message = shell.LOG.warn.call_args[0][0] expected_msg = ( 'Unable to retrieve cached token from .*? read access to this file' ) self.assertRegexpMatches(log_message, expected_msg) # 3. Other users also have read access to the file os.chmod(self._mock_config_directory_path, 0o777) # nosec os.chmod(cached_token_path, 0o444) shell.LOG = mock.Mock() result = shell._get_cached_auth_token(client=client, username=username, password=password) self.assertEqual(result, 'yayvalid') self.assertEqual(shell.LOG.warn.call_count, 1) log_message = shell.LOG.warn.call_args[0][0] expected_msg = ( 'Permissions .*? for cached token file .*? are too permissive.*') self.assertRegexpMatches(log_message, expected_msg)
def __init__(self, *args, **kwargs): super(ActionExecutionTailCommandTestCase, self).__init__(*args, **kwargs) self.shell = Shell()
def test_non_unicode_encoding_locale_warning_is_printed(self, mock_logger): shell = Shell() shell.run(argv=['trigger', 'list']) call_args = mock_logger.warn.call_args[0][0] self.assertTrue('Locale en_US with encoding iso which is not UTF-8 is used.' in call_args)