diff options
author | Simo Sorce <simo@redhat.com> | 2015-10-19 15:38:14 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-10-23 14:10:59 -0400 |
commit | 5e94ab9a37a94db1a66d2db25d16a87d8e0a997a (patch) | |
tree | cd2b8c9d278b0f65369db9a2a4bb3a678f25f482 | |
parent | dd552a022da0dbea04d3eb210b1df0ea33d4c686 (diff) | |
download | custodia-5e94ab9a37a94db1a66d2db25d16a87d8e0a997a.tar.gz custodia-5e94ab9a37a94db1a66d2db25d16a87d8e0a997a.tar.xz custodia-5e94ab9a37a94db1a66d2db25d16a87d8e0a997a.zip |
Change tests to be more self contained
Use custom configuration and databases, do not rely on in-tree data.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Christian Heimes <cheimes@redhat.com>
-rw-r--r-- | custodia/forwarder.py | 3 | ||||
-rw-r--r-- | custodia/httpd/server.py | 2 | ||||
-rw-r--r-- | tests/custodia.py | 130 |
3 files changed, 107 insertions, 28 deletions
diff --git a/custodia/forwarder.py b/custodia/forwarder.py index e5028c5..47dda59 100644 --- a/custodia/forwarder.py +++ b/custodia/forwarder.py @@ -14,7 +14,8 @@ class Forwarder(HTTPConsumer): super(Forwarder, self).__init__(*args, **kwargs) self.client = CustodiaHTTPClient(self.config['forward_uri']) self.headers = json.loads(self.config.get('forward_headers', '{}')) - self.use_prefix = self.config.get('prefix_remote_user', True) + self.use_prefix = self.config.get('prefix_remote_user', + 'True').lower() == 'true' self.uuid = str(uuid.uuid4()) self.headers['X-LOOP-CUSTODIA'] = self.uuid diff --git a/custodia/httpd/server.py b/custodia/httpd/server.py index c1df0cb..b1440ab 100644 --- a/custodia/httpd/server.py +++ b/custodia/httpd/server.py @@ -377,8 +377,6 @@ class HTTPServer(object): if url.scheme == 'http+unix': # Unix socket serverclass = ForkingUnixHTTPServer - if address[0] != '/': - raise ValueError('Must use absolute unix socket name') if os.path.exists(address): os.remove(address) elif url.scheme == 'http': diff --git a/tests/custodia.py b/tests/custodia.py index dc4a662..0817d81 100644 --- a/tests/custodia.py +++ b/tests/custodia.py @@ -2,16 +2,87 @@ from __future__ import absolute_import +import errno import os import subprocess import time import unittest +from string import Template + from requests.exceptions import HTTPError from custodia.client import CustodiaClient +TEST_CUSTODIA_CONF = """ +[global] +server_version = "Secret/0.0.7" +server_url = ${SOCKET_URL} +auditlog = test_audit.log +debug = True + +[auth:header] +handler = custodia.httpd.authenticators.SimpleHeaderAuth +name = REMOTE_USER + +[authz:paths] +handler = custodia.httpd.authorizers.SimplePathAuthz +paths = /. /secrets + +[authz:namespaces] +handler = custodia.httpd.authorizers.UserNameSpace +path = /secrets/uns +store = simple + +[store:simple] +handler = custodia.store.sqlite.SqliteStore +dburi = test_secrets.db +table = secrets + +[/secrets] +handler = custodia.secrets.Secrets +store = simple + +[/secrets/uns] +handler = custodia.secrets.Secrets +store = simple + +# Forward +[auth:forwarder] +handler = custodia.httpd.authenticators.SimpleAuthKeys +store_namespace = keys/sak +store = simple + +[authz:forwarders] +handler = custodia.httpd.authorizers.SimplePathAuthz +paths = /forwarder /forwarder_loop + +[/forwarder] +handler = custodia.forwarder.Forwarder +prefix_remote_user = False +forward_uri = ${SOCKET_URL}/secrets/fwd +forward_headers = {"CUSTODIA_AUTH_ID": "${TEST_AUTH_ID}", \ +"CUSTODIA_AUTH_KEY": "${TEST_AUTH_KEY}"} + +[/forwarder_loop] +handler = custodia.forwarder.Forwarder +forward_uri = ${SOCKET_URL}/forwarder_loop +forward_headers = {"REMOTE_USER": "test"} +""" + + +TEST_SOCKET_URL = "http+unix://%2E%2Ftest_socket" + + +def unlink_if_exists(filename): + try: + os.unlink(filename) + except OSError as err: + if err.errno != errno.ENOENT: + raise + + class CustodiaTests(unittest.TestCase): @classmethod @@ -19,31 +90,49 @@ class CustodiaTests(unittest.TestCase): env = os.environ.copy() env['PYTHONPATH'] = './' pexec = env.get('CUSTODIAPYTHON', 'python') - try: - os.unlink('secrets.db') - except OSError: - pass - with (open('testlog.txt', 'a')) as logfile: - p = subprocess.Popen([pexec, 'custodia/custodia'], env=env, + unlink_if_exists('test_socket') + unlink_if_exists('test_secrets.db') + unlink_if_exists('test_custodia.conf') + unlink_if_exists('test_log.txt') + unlink_if_exists('test_audit.log') + cls.socket_url = TEST_SOCKET_URL + cls.test_auth_id = "test_user" + cls.test_auth_key = "cd54b735-e756-4f12-aa18-d85509baef36" + with (open('test_custodia.conf', 'w+')) as conffile: + t = Template(TEST_CUSTODIA_CONF) + conf = t.substitute({'SOCKET_URL': cls.socket_url, + 'TEST_AUTH_ID': cls.test_auth_id, + 'TEST_AUTH_KEY': cls.test_auth_key}) + conffile.write(conf) + with (open('test_log.txt', 'a')) as logfile: + p = subprocess.Popen([pexec, 'custodia/custodia', + 'test_custodia.conf'], env=env, stdout=logfile, stderr=logfile) time.sleep(1) if p.poll() is not None: raise AssertionError( - "Premature termination of Custodia server, see testlog.txt") + "Premature termination of Custodia server, see test_log.txt") cls.custodia_process = p - cls.client = CustodiaClient('http+unix://%2E%2Fserver_socket/secrets') + cls.client = CustodiaClient(cls.socket_url + '/secrets/uns') cls.client.headers['REMOTE_USER'] = 'test' - cls.fwd = CustodiaClient('http+unix://%2E%2Fserver_socket/forwarder') + cls.admin = CustodiaClient(cls.socket_url + '/secrets') + cls.admin.headers['REMOTE_USER'] = 'admin' + cls.fwd = CustodiaClient(cls.socket_url + '/forwarder') cls.fwd.headers['REMOTE_USER'] = 'test' + cls.loop = CustodiaClient(cls.socket_url + '/forwarder_loop') + cls.loop.headers['REMOTE_USER'] = 'test' @classmethod def tearDownClass(cls): cls.custodia_process.kill() cls.custodia_process.wait() - try: - os.unlink('server_socket') - except OSError: - pass + + def test_0_0_setup(self): + self.admin.create_container('fwd') + self.admin.create_container('sak') + self.admin.set_simple_key('sak/' + self.test_auth_id, + self.test_auth_key) + self.admin.create_container('test') def test_0_create_container(self): self.client.create_container('test/container') @@ -75,27 +164,18 @@ class CustodiaTests(unittest.TestCase): def test_6_create_forwarded_container(self): self.fwd.create_container('dir') - r = self.client.list_container('test/dir') + r = self.admin.list_container('fwd/dir') self.assertEqual(r.json(), []) def test_7_delete_forwarded_container(self): self.fwd.delete_container('dir') try: - self.client.list_container('test/dir') - except HTTPError as e: - self.assertEqual(e.response.status_code, 404) - - def test_8_delete_container(self): - self.client.delete_container('test') - try: - self.client.list_container('test') + self.admin.list_container('fwd/dir') except HTTPError as e: self.assertEqual(e.response.status_code, 404) def test_9_loop(self): - loop = CustodiaClient('http+unix://%2E%2Fserver_socket/forwarder_loop') - loop.headers['REMOTE_USER'] = 'test' try: - loop.list_container('test') + self.loop.list_container('test') except HTTPError as e: self.assertEqual(e.response.status_code, 502) |