Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Thomas Leymonerie
slapos.core
Commits
2d770e24
Commit
2d770e24
authored
12 years ago
by
Łukasz Nowak
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Test group assignments.
parent
5f4321c3
No related merge requests found
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
229 additions
and
59 deletions
+229
-59
master/bt5/slapos_cloud/TestTemplateItem/testSlapOSSecurityGroup.py
.../slapos_cloud/TestTemplateItem/testSlapOSSecurityGroup.py
+218
-0
master/bt5/slapos_cloud/TestTemplateItem/testSlapOSShadow.py
master/bt5/slapos_cloud/TestTemplateItem/testSlapOSShadow.py
+9
-58
master/bt5/slapos_cloud/bt/revision
master/bt5/slapos_cloud/bt/revision
+1
-1
master/bt5/slapos_cloud/bt/template_test_id_list
master/bt5/slapos_cloud/bt/template_test_id_list
+1
-0
No files found.
master/bt5/slapos_cloud/TestTemplateItem/testSlapOSSecurityGroup.py
0 → 100644
View file @
2d770e24
# -*- coding: utf-8 -*-
##############################################################################
#
# Copyright (c) 2012 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly advised to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import
unittest
import
random
import
transaction
from
AccessControl
import
getSecurityManager
from
Products.SlapOS.tests.testSlapOSMixin
import
testSlapOSMixin
class
TestSlapOSSecurityMixin
(
testSlapOSMixin
):
def
_generateRandomUniqueReference
(
self
,
portal_type
):
reference
=
None
while
reference
is
None
:
random_reference
=
"test_%s"
%
random
.
random
()
result_list
=
self
.
portal
.
portal_catalog
(
portal_type
=
portal_type
,
reference
=
random_reference
,
)
if
not
len
(
result_list
):
reference
=
random_reference
return
reference
def
_assertUserExists
(
self
,
login
,
password
):
"""Checks that a user with login and password exists and can log in to the
system.
"""
from
Products.PluggableAuthService.interfaces.plugins
import
\
IAuthenticationPlugin
uf
=
self
.
getUserFolder
()
self
.
assertNotEquals
(
uf
.
getUserById
(
login
,
None
),
None
)
for
plugin_name
,
plugin
in
uf
.
_getOb
(
'plugins'
).
listPlugins
(
IAuthenticationPlugin
):
if
plugin
.
authenticateCredentials
(
{
'login'
:
login
,
'password'
:
password
,
'machine_login'
:
login
})
is
not
None
:
break
else
:
self
.
fail
(
"No plugin could authenticate '%s' with password '%s'"
%
(
login
,
password
))
def
_assertUserDoesNotExists
(
self
,
login
,
password
):
"""Checks that a user with login and password does not exists and cannot
log in to the system.
"""
from
Products.PluggableAuthService.interfaces.plugins
import
\
IAuthenticationPlugin
uf
=
self
.
getUserFolder
()
for
plugin_name
,
plugin
in
uf
.
_getOb
(
'plugins'
).
listPlugins
(
IAuthenticationPlugin
):
if
plugin
.
authenticateCredentials
(
{
'login'
:
login
,
'password'
:
password
,
'machine_login'
:
login
})
is
not
None
:
self
.
fail
(
"Plugin %s should not have authenticated '%s' with password '%s'"
%
(
plugin_name
,
login
,
password
))
class
TestSlapOSComputerSecurity
(
TestSlapOSSecurityMixin
):
def
test_active
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
'Computer'
)
computer
=
self
.
portal
.
computer_module
.
newContent
(
portal_type
=
'Computer'
,
reference
=
reference
)
computer
.
validate
()
computer
.
recursiveImmediateReindexObject
()
self
.
_assertUserExists
(
reference
,
None
)
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([
'R-COMPUTER'
],
user
.
getGroups
())
def
test_inactive
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
'Computer'
)
computer
=
self
.
portal
.
computer_module
.
newContent
(
portal_type
=
'Computer'
,
reference
=
reference
)
computer
.
recursiveImmediateReindexObject
()
self
.
_assertUserDoesNotExists
(
reference
,
None
)
class
TestSlapOSSoftwareInstanceSecurity
(
TestSlapOSSecurityMixin
):
portal_type
=
'Software Instance'
def
test_active
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
self
.
portal_type
)
instance
=
self
.
portal
.
getDefaultModule
(
portal_type
=
self
.
portal_type
)
\
.
newContent
(
portal_type
=
self
.
portal_type
,
reference
=
reference
)
instance
.
validate
()
instance
.
recursiveImmediateReindexObject
()
self
.
_assertUserExists
(
reference
,
None
)
# instance w/o subscription is loggable and it has some roles
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([
'R-INSTANCE'
],
user
.
getGroups
())
self
.
login
()
subscription_reference
=
self
.
_generateRandomUniqueReference
(
'Hosting Suscription'
)
subscription
=
self
.
portal
.
hosting_subscription_module
.
newContent
(
portal_type
=
'Hosting Subscription'
,
reference
=
subscription_reference
)
subscription
.
validate
()
instance
.
setSpecialise
(
subscription
.
getRelativeUrl
())
subscription
.
recursiveImmediateReindexObject
()
instance
.
recursiveImmediateReindexObject
()
# clear cache in order to reset calculation
self
.
portal
.
portal_caches
.
clearAllCache
()
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([
'R-INSTANCE'
,
subscription_reference
],
user
.
getGroups
())
def
test_inactive
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
self
.
portal_type
)
instance
=
self
.
portal
.
getDefaultModule
(
portal_type
=
self
.
portal_type
)
\
.
newContent
(
portal_type
=
self
.
portal_type
,
reference
=
reference
)
instance
.
recursiveImmediateReindexObject
()
self
.
_assertUserDoesNotExists
(
reference
,
None
)
class
TestSlapOSPersonSecurity
(
TestSlapOSSecurityMixin
):
def
test_active
(
self
):
self
.
login
()
password
=
str
(
random
.
random
())
reference
=
self
.
_generateRandomUniqueReference
(
'Person'
)
person
=
self
.
portal
.
person_module
.
newContent
(
portal_type
=
'Person'
,
reference
=
reference
,
password
=
password
)
person
.
newContent
(
portal_type
=
'Assignment'
).
open
()
transaction
.
commit
()
person
.
recursiveImmediateReindexObject
()
self
.
_assertUserExists
(
reference
,
password
)
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([],
user
.
getGroups
())
# add to group category
self
.
login
()
person
.
newContent
(
portal_type
=
'Assignment'
,
group
=
'vifib'
).
open
()
person
.
recursiveImmediateReindexObject
()
self
.
portal
.
portal_caches
.
clearAllCache
()
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([
'G-VIFIB'
],
user
.
getGroups
())
# add to role category
self
.
login
()
person
.
newContent
(
portal_type
=
'Assignment'
,
role
=
'member'
).
open
()
person
.
recursiveImmediateReindexObject
()
self
.
portal
.
portal_caches
.
clearAllCache
()
self
.
login
(
reference
)
user
=
getSecurityManager
().
getUser
()
self
.
assertTrue
(
'Authenticated'
in
user
.
getRoles
())
self
.
assertSameSet
([
'R-MEMBER'
,
'G-VIFIB'
],
user
.
getGroups
())
def
test_inactive
(
self
):
self
.
login
()
password
=
str
(
random
.
random
())
reference
=
self
.
_generateRandomUniqueReference
(
'Person'
)
person
=
self
.
portal
.
person_module
.
newContent
(
portal_type
=
'Person'
,
reference
=
reference
,
password
=
password
)
transaction
.
commit
()
person
.
recursiveImmediateReindexObject
()
self
.
_assertUserDoesNotExists
(
reference
,
password
)
def
test_suite
():
suite
=
unittest
.
TestSuite
()
suite
.
addTest
(
unittest
.
makeSuite
(
TestSlapOSComputerSecurity
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestSlapOSSoftwareInstanceSecurity
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestSlapOSPersonSecurity
))
return
suite
This diff is collapsed.
Click to expand it.
master/bt5/slapos_cloud/TestTemplateItem/testSlapOSShadow.py
View file @
2d770e24
...
...
@@ -30,59 +30,10 @@ import unittest
import
random
import
transaction
from
AccessControl
import
getSecurityManager
from
Products.SlapOS.tests.testSlapOSMixin
import
testSlapOSMixin
class
TestSlapOSShadow
(
testSlapOSMixin
):
def
_generateRandomUniqueReference
(
self
,
portal_type
):
reference
=
None
while
reference
is
None
:
random_reference
=
"test_%s"
%
random
.
random
()
result_list
=
self
.
portal
.
portal_catalog
(
portal_type
=
portal_type
,
reference
=
random_reference
,
)
if
not
len
(
result_list
):
reference
=
random_reference
return
reference
def
_assertUserExists
(
self
,
login
,
password
):
"""Checks that a user with login and password exists and can log in to the
system.
"""
from
Products.PluggableAuthService.interfaces.plugins
import
\
IAuthenticationPlugin
uf
=
self
.
getUserFolder
()
self
.
assertNotEquals
(
uf
.
getUserById
(
login
,
None
),
None
)
for
plugin_name
,
plugin
in
uf
.
_getOb
(
'plugins'
).
listPlugins
(
IAuthenticationPlugin
):
if
plugin
.
authenticateCredentials
(
{
'login'
:
login
,
'password'
:
password
,
'machine_login'
:
login
})
is
not
None
:
break
else
:
self
.
fail
(
"No plugin could authenticate '%s' with password '%s'"
%
(
login
,
password
))
def
_assertUserDoesNotExists
(
self
,
login
,
password
):
"""Checks that a user with login and password does not exists and cannot
log in to the system.
"""
from
Products.PluggableAuthService.interfaces.plugins
import
\
IAuthenticationPlugin
uf
=
self
.
getUserFolder
()
for
plugin_name
,
plugin
in
uf
.
_getOb
(
'plugins'
).
listPlugins
(
IAuthenticationPlugin
):
if
plugin
.
authenticateCredentials
(
{
'login'
:
login
,
'password'
:
password
,
'machine_login'
:
login
})
is
not
None
:
self
.
fail
(
"Plugin %s should not have authenticated '%s' with password '%s'"
%
(
plugin_name
,
login
,
password
))
class
TestSlapOSShadowPerson
(
TestSlapOSShadow
):
def
test_shadow_Person
(
self
):
from
testSlapOSSecurityGroup
import
TestSlapOSSecurityMixin
class
TestSlapOSShadowPerson
(
TestSlapOSSecurityMixin
):
def
test_active
(
self
):
self
.
login
()
password
=
str
(
random
.
random
())
reference
=
self
.
_generateRandomUniqueReference
(
'Person'
)
...
...
@@ -103,7 +54,7 @@ class TestSlapOSShadowPerson(TestSlapOSShadow):
self
.
assertSameSet
([
'R-SHADOW-PERSON'
,
'SHADOW-%s'
%
reference
],
user
.
getGroups
())
def
test_
shadow_Person_
inactive
(
self
):
def
test_inactive
(
self
):
self
.
login
()
password
=
str
(
random
.
random
())
reference
=
self
.
_generateRandomUniqueReference
(
'Person'
)
...
...
@@ -117,8 +68,8 @@ class TestSlapOSShadowPerson(TestSlapOSShadow):
self
.
_assertUserDoesNotExists
(
reference
,
password
)
self
.
_assertUserDoesNotExists
(
shadow_reference
,
None
)
class
TestSlapOSShadowComputer
(
TestSlapOSS
hadow
):
def
test_
shadow_Computer
(
self
):
class
TestSlapOSShadowComputer
(
TestSlapOSS
ecurityMixin
):
def
test_
active
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
'Computer'
)
shadow_reference
=
'SHADOW-%s'
%
reference
...
...
@@ -137,7 +88,7 @@ class TestSlapOSShadowComputer(TestSlapOSShadow):
self
.
assertSameSet
([
'R-SHADOW-COMPUTER'
,
'SHADOW-%s'
%
reference
],
user
.
getGroups
())
def
test_
shadow_Computer_
inactive
(
self
):
def
test_inactive
(
self
):
self
.
login
()
reference
=
self
.
_generateRandomUniqueReference
(
'Computer'
)
shadow_reference
=
'SHADOW-%s'
%
reference
...
...
@@ -149,7 +100,7 @@ class TestSlapOSShadowComputer(TestSlapOSShadow):
self
.
_assertUserDoesNotExists
(
reference
,
None
)
self
.
_assertUserDoesNotExists
(
shadow_reference
,
None
)
class
TestSlapOSShadowSoftwareInstance
(
TestSlapOSS
hadow
):
class
TestSlapOSShadowSoftwareInstance
(
TestSlapOSS
ecurityMixin
):
portal_type
=
'Software Instance'
def
test_active
(
self
):
self
.
login
()
...
...
This diff is collapsed.
Click to expand it.
master/bt5/slapos_cloud/bt/revision
View file @
2d770e24
222
\ No newline at end of file
223
\ No newline at end of file
This diff is collapsed.
Click to expand it.
master/bt5/slapos_cloud/bt/template_test_id_list
View file @
2d770e24
...
...
@@ -10,4 +10,5 @@ testSlapOSCoreSlapOSCloudInteractionWorkflow
testSlapOSCoreSlapOSFreeComputerPartitionAlarm
testSlapOSCoreSlapOSGarbageCollectDestroyedRootTreeAlarm
testSlapOSCoreSlapOSUpdateComputerCapacityScopeAlarm
testSlapOSSecurityGroup
testSlapOSShadow
\ No newline at end of file
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment