def test_shadowGetByName(self): """ L{_shadowGetByName} returns a tuple of items from the UNIX /etc/shadow database if the L{spwd} is present. """ userdb = ShadowDatabase() userdb.addUser("bob", "passphrase", 1, 2, 3, 4, 5, 6, 7) self.patch(checkers, "spwd", userdb) self.mockos.euid = 2345 self.mockos.egid = 1234 self.patch(util, "os", self.mockos) self.assertEqual(checkers._shadowGetByName("bob"), userdb.getspnam("bob")) self.assertEqual(self.mockos.seteuidCalls, [0, 2345]) self.assertEqual(self.mockos.setegidCalls, [0, 1234])
def test_shadowGetByNameWithoutSpwd(self): """ L{_shadowGetByName} uses the C{shadow} module to return a tuple of items from the UNIX /etc/shadow database if the C{spwd} module is not present and the C{shadow} module is. """ userdb = ShadowDatabase() userdb.addUser('bob', 'passphrase', 1, 2, 3, 4, 5, 6, 7) self.patch(checkers, 'spwd', None) self.patch(checkers, 'shadow', userdb) self.patch(util, 'os', self.mockos) self.mockos.euid = 2345 self.mockos.egid = 1234 self.assertEqual(checkers._shadowGetByName('bob'), userdb.getspnam('bob')) self.assertEqual(self.mockos.seteuidCalls, [0, 2345]) self.assertEqual(self.mockos.setegidCalls, [0, 1234])
def test_defaultCheckers(self): """ L{UNIXPasswordDatabase} with no arguments has checks the C{pwd} database and then the C{spwd} database. """ checker = checkers.UNIXPasswordDatabase() def crypted(username, password): salt = crypt.crypt(password, username) crypted = crypt.crypt(password, '$1$' + salt) return crypted pwd = UserDatabase() pwd.addUser('alice', crypted('alice', 'password'), 1, 2, 'foo', '/foo', '/bin/sh') # x and * are convention for "look elsewhere for the password" pwd.addUser('bob', 'x', 1, 2, 'bar', '/bar', '/bin/sh') spwd = ShadowDatabase() spwd.addUser('alice', 'wrong', 1, 2, 3, 4, 5, 6, 7) spwd.addUser('bob', crypted('bob', 'password'), 8, 9, 10, 11, 12, 13, 14) self.patch(checkers, 'pwd', pwd) self.patch(checkers, 'spwd', spwd) mockos = MockOS() self.patch(checkers, 'os', mockos) self.patch(util, 'os', mockos) mockos.euid = 2345 mockos.egid = 1234 cred = UsernamePassword("alice", "password") self.assertLoggedIn(checker.requestAvatarId(cred), 'alice') self.assertEquals(mockos.seteuidCalls, []) self.assertEquals(mockos.setegidCalls, []) cred.username = "******" self.assertLoggedIn(checker.requestAvatarId(cred), 'bob') self.assertEquals(mockos.seteuidCalls, [0, 2345]) self.assertEquals(mockos.setegidCalls, [0, 1234])
def test_defaultCheckers(self): """ L{UNIXPasswordDatabase} with no arguments has checks the C{pwd} database and then the C{spwd} database. """ checker = checkers.UNIXPasswordDatabase() def crypted(username, password): salt = crypt.crypt(password, username) crypted = crypt.crypt(password, "$1$" + salt) return crypted pwd = UserDatabase() pwd.addUser("alice", crypted("alice", "password"), 1, 2, "foo", "/foo", "/bin/sh") # x and * are convention for "look elsewhere for the password" pwd.addUser("bob", "x", 1, 2, "bar", "/bar", "/bin/sh") spwd = ShadowDatabase() spwd.addUser("alice", "wrong", 1, 2, 3, 4, 5, 6, 7) spwd.addUser("bob", crypted("bob", "password"), 8, 9, 10, 11, 12, 13, 14) self.patch(checkers, "pwd", pwd) self.patch(checkers, "spwd", spwd) mockos = MockOS() self.patch(util, "os", mockos) mockos.euid = 2345 mockos.egid = 1234 cred = UsernamePassword(b"alice", b"password") self.assertLoggedIn(checker.requestAvatarId(cred), b"alice") self.assertEqual(mockos.seteuidCalls, []) self.assertEqual(mockos.setegidCalls, []) cred.username = b"bob" self.assertLoggedIn(checker.requestAvatarId(cred), b"bob") self.assertEqual(mockos.seteuidCalls, [0, 2345]) self.assertEqual(mockos.setegidCalls, [0, 1234])
def setUp(self): """ Create a L{ShadowDatabase} with no user data in it. """ self.database = ShadowDatabase() self._counter = 0