To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos-ctl
- browse files at revision 237.7.623
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.623
- Committer: Teddy Hogeborn
- Date: 2019-03-16 05:49:56 UTC
- mto: This revision was merged to the branch mainline in revision 382.
- Revision ID: teddy@recompile.se-20190316054956-ikjmjulma6jea5fa
mandos-ctl: Refactor and fix bug in tests.
* mandos-ctl (Test_check_option_syntax): Refactor and add more tests.
* mandos-ctl (Test_check_option_syntax): Refactor and add more tests.
- files modified:
- mandos-ctl
added
removed
mandos-ctl
64
64
65
65
locale.setlocale(locale.LC_ALL, "")
66
66
67
domain = "se.recompile"
68
busname = domain + ".Mandos"
69
server_path = "/"
70
server_interface = domain + ".Mandos"
71
client_interface = domain + ".Mandos.Client"
67
dbus_busname_domain = "se.recompile"
68
dbus_busname = dbus_busname_domain + ".Mandos"
69
server_dbus_path = "/"
70
server_dbus_interface = dbus_busname_domain + ".Mandos"
71
client_dbus_interface = dbus_busname_domain + ".Mandos.Client"
72
del dbus_busname_domain
72
73
version = "1.8.3"
73
74
74
75
78
79
dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"
79
80
80
81
81
def milliseconds_to_string(ms):
82
td = datetime.timedelta(0, 0, 0, ms)
83
return ("{days}{hours:02}:{minutes:02}:{seconds:02}"
84
.format(days="{}T".format(td.days) if td.days else "",
85
hours=td.seconds // 3600,
86
minutes=(td.seconds % 3600) // 60,
87
seconds=td.seconds % 60))
82
def main():
83
parser = argparse.ArgumentParser()
84
85
add_command_line_options(parser)
86
87
options = parser.parse_args()
88
89
check_option_syntax(parser, options)
90
91
clientnames = options.client
92
93
if options.debug:
94
log.setLevel(logging.DEBUG)
95
96
bus = dbus.SystemBus()
97
98
mandos_dbus_object = get_mandos_dbus_object(bus)
99
100
mandos_serv = dbus.Interface(
101
mandos_dbus_object, dbus_interface=server_dbus_interface)
102
mandos_serv_object_manager = dbus.Interface(
103
mandos_dbus_object, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
104
105
managed_objects = get_managed_objects(mandos_serv_object_manager)
106
107
all_clients = {}
108
for path, ifs_and_props in managed_objects.items():
109
try:
110
all_clients[path] = ifs_and_props[client_dbus_interface]
111
except KeyError:
112
pass
113
114
# Compile dict of (clientpath: properties) to process
115
if not clientnames:
116
clients = all_clients
117
else:
118
clients = {}
119
for name in clientnames:
120
for objpath, properties in all_clients.items():
121
if properties["Name"] == name:
122
clients[objpath] = properties
123
break
124
else:
125
log.critical("Client not found on server: %r", name)
126
sys.exit(1)
127
128
# Run all commands on clients
129
commands = commands_from_options(options)
130
for command in commands:
131
command.run(clients, bus, mandos_serv)
132
133
134
def add_command_line_options(parser):
135
parser.add_argument("--version", action="version",
136
version="%(prog)s {}".format(version),
137
help="show version number and exit")
138
parser.add_argument("-a", "--all", action="store_true",
139
help="Select all clients")
140
parser.add_argument("-v", "--verbose", action="store_true",
141
help="Print all fields")
142
parser.add_argument("-j", "--dump-json", action="store_true",
143
help="Dump client data in JSON format")
144
enable_disable = parser.add_mutually_exclusive_group()
145
enable_disable.add_argument("-e", "--enable", action="store_true",
146
help="Enable client")
147
enable_disable.add_argument("-d", "--disable",
148
action="store_true",
149
help="disable client")
150
parser.add_argument("-b", "--bump-timeout", action="store_true",
151
help="Bump timeout for client")
152
start_stop_checker = parser.add_mutually_exclusive_group()
153
start_stop_checker.add_argument("--start-checker",
154
action="store_true",
155
help="Start checker for client")
156
start_stop_checker.add_argument("--stop-checker",
157
action="store_true",
158
help="Stop checker for client")
159
parser.add_argument("-V", "--is-enabled", action="store_true",
160
help="Check if client is enabled")
161
parser.add_argument("-r", "--remove", action="store_true",
162
help="Remove client")
163
parser.add_argument("-c", "--checker",
164
help="Set checker command for client")
165
parser.add_argument("-t", "--timeout", type=string_to_delta,
166
help="Set timeout for client")
167
parser.add_argument("--extended-timeout", type=string_to_delta,
168
help="Set extended timeout for client")
169
parser.add_argument("-i", "--interval", type=string_to_delta,
170
help="Set checker interval for client")
171
approve_deny_default = parser.add_mutually_exclusive_group()
172
approve_deny_default.add_argument(
173
"--approve-by-default", action="store_true",
174
default=None, dest="approved_by_default",
175
help="Set client to be approved by default")
176
approve_deny_default.add_argument(
177
"--deny-by-default", action="store_false",
178
dest="approved_by_default",
179
help="Set client to be denied by default")
180
parser.add_argument("--approval-delay", type=string_to_delta,
181
help="Set delay before client approve/deny")
182
parser.add_argument("--approval-duration", type=string_to_delta,
183
help="Set duration of one client approval")
184
parser.add_argument("-H", "--host", help="Set host for client")
185
parser.add_argument("-s", "--secret",
186
type=argparse.FileType(mode="rb"),
187
help="Set password blob (file) for client")
188
approve_deny = parser.add_mutually_exclusive_group()
189
approve_deny.add_argument(
190
"-A", "--approve", action="store_true",
191
help="Approve any current client request")
192
approve_deny.add_argument("-D", "--deny", action="store_true",
193
help="Deny any current client request")
194
parser.add_argument("--debug", action="store_true",
195
help="Debug mode (show D-Bus commands)")
196
parser.add_argument("--check", action="store_true",
197
help="Run self-test")
198
parser.add_argument("client", nargs="*", help="Client name")
199
200
201
def string_to_delta(interval):
202
"""Parse a string and return a datetime.timedelta"""
203
204
try:
205
return rfc3339_duration_to_delta(interval)
206
except ValueError as e:
207
log.warning("%s - Parsing as pre-1.6.1 interval instead",
208
' '.join(e.args))
209
return parse_pre_1_6_1_interval(interval)
88
210
89
211
90
212
def rfc3339_duration_to_delta(duration):
217
339
return value
218
340
219
341
220
def string_to_delta(interval):
221
"""Parse a string and return a datetime.timedelta"""
222
223
try:
224
return rfc3339_duration_to_delta(interval)
225
except ValueError as e:
226
log.warning("%s - Parsing as pre-1.6.1 interval instead",
227
' '.join(e.args))
228
return parse_pre_1_6_1_interval(interval)
229
230
231
342
def parse_pre_1_6_1_interval(interval):
232
343
"""Parse an interval string as documented by Mandos before 1.6.1,
233
344
and return a datetime.timedelta
271
382
return value
272
383
273
384
274
## Classes for commands.
275
276
# Abstract classes first
385
def check_option_syntax(parser, options):
386
"""Apply additional restrictions on options, not expressible in
387
argparse"""
388
389
def has_actions(options):
390
return any((options.enable,
391
options.disable,
392
options.bump_timeout,
393
options.start_checker,
394
options.stop_checker,
395
options.is_enabled,
396
options.remove,
397
options.checker is not None,
398
options.timeout is not None,
399
options.extended_timeout is not None,
400
options.interval is not None,
401
options.approved_by_default is not None,
402
options.approval_delay is not None,
403
options.approval_duration is not None,
404
options.host is not None,
405
options.secret is not None,
406
options.approve,
407
options.deny))
408
409
if has_actions(options) and not (options.client or options.all):
410
parser.error("Options require clients names or --all.")
411
if options.verbose and has_actions(options):
412
parser.error("--verbose can only be used alone.")
413
if options.dump_json and (options.verbose
414
or has_actions(options)):
415
parser.error("--dump-json can only be used alone.")
416
if options.all and not has_actions(options):
417
parser.error("--all requires an action.")
418
if options.is_enabled and len(options.client) > 1:
419
parser.error("--is-enabled requires exactly one client")
420
if options.remove:
421
options.remove = False
422
if has_actions(options) and not options.deny:
423
parser.error("--remove can only be combined with --deny")
424
options.remove = True
425
426
427
def get_mandos_dbus_object(bus):
428
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
429
dbus_busname, server_dbus_path)
430
with if_dbus_exception_log_with_exception_and_exit(
431
"Could not connect to Mandos server: %s"):
432
mandos_dbus_object = bus.get_object(dbus_busname,
433
server_dbus_path)
434
return mandos_dbus_object
435
436
437
@contextlib.contextmanager
438
def if_dbus_exception_log_with_exception_and_exit(*args, **kwargs):
439
try:
440
yield
441
except dbus.exceptions.DBusException as e:
442
log.critical(*(args + (e,)), **kwargs)
443
sys.exit(1)
444
445
446
def get_managed_objects(object_manager):
447
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,
448
server_dbus_path, dbus.OBJECT_MANAGER_IFACE)
449
with if_dbus_exception_log_with_exception_and_exit(
450
"Failed to access Mandos server through D-Bus:\n%s"):
451
with SilenceLogger("dbus.proxies"):
452
managed_objects = object_manager.GetManagedObjects()
453
return managed_objects
454
455
456
class SilenceLogger(object):
457
"Simple context manager to silence a particular logger"
458
def __init__(self, loggername):
459
self.logger = logging.getLogger(loggername)
460
461
def __enter__(self):
462
self.logger.addFilter(self.nullfilter)
463
return self
464
465
class NullFilter(logging.Filter):
466
def filter(self, record):
467
return False
468
469
nullfilter = NullFilter()
470
471
def __exit__(self, exc_type, exc_val, exc_tb):
472
self.logger.removeFilter(self.nullfilter)
473
474
475
def commands_from_options(options):
476
477
commands = []
478
479
if options.is_enabled:
480
commands.append(IsEnabledCmd())
481
482
if options.approve:
483
commands.append(ApproveCmd())
484
485
if options.deny:
486
commands.append(DenyCmd())
487
488
if options.remove:
489
commands.append(RemoveCmd())
490
491
if options.dump_json:
492
commands.append(DumpJSONCmd())
493
494
if options.enable:
495
commands.append(EnableCmd())
496
497
if options.disable:
498
commands.append(DisableCmd())
499
500
if options.bump_timeout:
501
commands.append(BumpTimeoutCmd())
502
503
if options.start_checker:
504
commands.append(StartCheckerCmd())
505
506
if options.stop_checker:
507
commands.append(StopCheckerCmd())
508
509
if options.approved_by_default is not None:
510
if options.approved_by_default:
511
commands.append(ApproveByDefaultCmd())
512
else:
513
commands.append(DenyByDefaultCmd())
514
515
if options.checker is not None:
516
commands.append(SetCheckerCmd(options.checker))
517
518
if options.host is not None:
519
commands.append(SetHostCmd(options.host))
520
521
if options.secret is not None:
522
commands.append(SetSecretCmd(options.secret))
523
524
if options.timeout is not None:
525
commands.append(SetTimeoutCmd(options.timeout))
526
527
if options.extended_timeout:
528
commands.append(
529
SetExtendedTimeoutCmd(options.extended_timeout))
530
531
if options.interval is not None:
532
commands.append(SetIntervalCmd(options.interval))
533
534
if options.approval_delay is not None:
535
commands.append(SetApprovalDelayCmd(options.approval_delay))
536
537
if options.approval_duration is not None:
538
commands.append(
539
SetApprovalDurationCmd(options.approval_duration))
540
541
# If no command option has been given, show table of clients,
542
# optionally verbosely
543
if not commands:
544
commands.append(PrintTableCmd(verbose=options.verbose))
545
546
return commands
547
548
277
549
class Command(object):
278
550
"""Abstract class for commands"""
279
def run(self, mandos, clients):
551
def run(self, clients, bus=None, mandos=None):
280
552
"""Normal commands should implement run_on_one_client(), but
281
553
commands which want to operate on all clients at the same time
282
554
can override this run() method instead."""
283
555
self.mandos = mandos
284
for client, properties in clients.items():
556
for clientpath, properties in clients.items():
557
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
558
dbus_busname, str(clientpath))
559
client = bus.get_object(dbus_busname, clientpath)
285
560
self.run_on_one_client(client, properties)
286
561
287
class PrintCmd(Command):
288
"""Abstract class for commands printing client details"""
562
563
class IsEnabledCmd(Command):
564
def run(self, clients, bus=None, mandos=None):
565
client, properties = next(iter(clients.items()))
566
if self.is_enabled(client, properties):
567
sys.exit(0)
568
sys.exit(1)
569
def is_enabled(self, client, properties):
570
return properties["Enabled"]
571
572
573
class ApproveCmd(Command):
574
def run_on_one_client(self, client, properties):
575
log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,
576
client.__dbus_object_path__, client_dbus_interface)
577
client.Approve(dbus.Boolean(True),
578
dbus_interface=client_dbus_interface)
579
580
581
class DenyCmd(Command):
582
def run_on_one_client(self, client, properties):
583
log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,
584
client.__dbus_object_path__, client_dbus_interface)
585
client.Approve(dbus.Boolean(False),
586
dbus_interface=client_dbus_interface)
587
588
589
class RemoveCmd(Command):
590
def run_on_one_client(self, client, properties):
591
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,
592
server_dbus_path, server_dbus_interface,
593
str(client.__dbus_object_path__))
594
self.mandos.RemoveClient(client.__dbus_object_path__)
595
596
597
class OutputCmd(Command):
598
"""Abstract class for commands outputting client details"""
289
599
all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
290
600
"Created", "Interval", "Host", "KeyID",
291
601
"Fingerprint", "CheckerRunning", "LastEnabled",
293
603
"LastApprovalRequest", "ApprovalDelay",
294
604
"ApprovalDuration", "Checker", "ExtendedTimeout",
295
605
"Expires", "LastCheckerStatus")
296
def run(self, mandos, clients):
297
print(self.output(clients))
298
299
class PropertyCmd(Command):
300
"""Abstract class for Actions for setting one client property"""
301
def run_on_one_client(self, client, properties):
302
"""Set the Client's D-Bus property"""
303
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", busname,
304
client.__dbus_object_path__,
305
dbus.PROPERTIES_IFACE, client_interface,
306
self.property, self.value_to_set
307
if not isinstance(self.value_to_set, dbus.Boolean)
308
else bool(self.value_to_set))
309
client.Set(client_interface, self.property, self.value_to_set,
310
dbus_interface=dbus.PROPERTIES_IFACE)
311
312
class ValueArgumentMixIn(object):
313
"""Mixin class for commands taking a value as argument"""
314
def __init__(self, value):
315
self.value_to_set = value
316
317
class MillisecondsValueArgumentMixIn(ValueArgumentMixIn):
318
"""Mixin class for commands taking a value argument as
319
milliseconds."""
320
@property
321
def value_to_set(self):
322
return self._vts
323
@value_to_set.setter
324
def value_to_set(self, value):
325
"""When setting, convert value to a datetime.timedelta"""
326
self._vts = int(round(value.total_seconds() * 1000))
327
328
# Actual (non-abstract) command classes
329
330
class PrintTableCmd(PrintCmd):
606
607
def run(self, clients, bus=None, mandos=None):
608
print(self.output(clients.values()))
609
610
def output(self, clients):
611
raise NotImplementedError()
612
613
614
class DumpJSONCmd(OutputCmd):
615
def output(self, clients):
616
data = {client["Name"]:
617
{key: self.dbus_boolean_to_bool(client[key])
618
for key in self.all_keywords}
619
for client in clients}
620
return json.dumps(data, indent=4, separators=(',', ': '))
621
622
@staticmethod
623
def dbus_boolean_to_bool(value):
624
if isinstance(value, dbus.Boolean):
625
value = bool(value)
626
return value
627
628
629
class PrintTableCmd(OutputCmd):
331
630
def __init__(self, verbose=False):
332
631
self.verbose = verbose
333
632
334
633
def output(self, clients):
335
default_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
634
default_keywords = ("Name", "Enabled", "Timeout",
635
"LastCheckedOK")
336
636
keywords = default_keywords
337
637
if self.verbose:
338
638
keywords = self.all_keywords
339
return str(self.TableOfClients(clients.values(), keywords))
639
return str(self.TableOfClients(clients, keywords))
340
640
341
641
class TableOfClients(object):
342
642
tableheaders = {
362
662
"LastCheckerStatus": "Last Checker Status",
363
663
}
364
664
365
def __init__(self, clients, keywords, tableheaders=None):
665
def __init__(self, clients, keywords):
366
666
self.clients = clients
367
667
self.keywords = keywords
368
if tableheaders is not None:
369
self.tableheaders = tableheaders
370
668
371
669
def __str__(self):
372
670
return "\n".join(self.rows())
395
693
def string_from_client(self, client, key):
396
694
return self.valuetostring(client[key], key)
397
695
398
@staticmethod
399
def valuetostring(value, keyword):
696
@classmethod
697
def valuetostring(cls, value, keyword):
400
698
if isinstance(value, dbus.Boolean):
401
699
return "Yes" if value else "No"
402
700
if keyword in ("Timeout", "Interval", "ApprovalDelay",
403
701
"ApprovalDuration", "ExtendedTimeout"):
404
return milliseconds_to_string(value)
702
return cls.milliseconds_to_string(value)
405
703
return str(value)
406
704
407
705
def header_line(self, format_string):
412
710
**{key: self.string_from_client(client, key)
413
711
for key in self.keywords})
414
712
415
416
417
class DumpJSONCmd(PrintCmd):
418
def output(self, clients):
419
data = {client["Name"]:
420
{key: self.dbus_boolean_to_bool(client[key])
421
for key in self.all_keywords}
422
for client in clients.values()}
423
return json.dumps(data, indent=4, separators=(',', ': '))
424
@staticmethod
425
def dbus_boolean_to_bool(value):
426
if isinstance(value, dbus.Boolean):
427
value = bool(value)
428
return value
429
430
class IsEnabledCmd(Command):
431
def run_on_one_client(self, client, properties):
432
if self.is_enabled(client, properties):
433
sys.exit(0)
434
sys.exit(1)
435
def is_enabled(self, client, properties):
436
return bool(properties["Enabled"])
437
438
class RemoveCmd(Command):
439
def run_on_one_client(self, client, properties):
440
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", busname,
441
server_path, server_interface,
442
str(client.__dbus_object_path__))
443
self.mandos.RemoveClient(client.__dbus_object_path__)
444
445
class ApproveCmd(Command):
446
def run_on_one_client(self, client, properties):
447
log.debug("D-Bus: %s:%s.Approve(True)",
448
client.__dbus_object_path__, client_interface)
449
client.Approve(dbus.Boolean(True),
450
dbus_interface=client_interface)
451
452
class DenyCmd(Command):
453
def run_on_one_client(self, client, properties):
454
log.debug("D-Bus: %s:%s.Approve(False)",
455
client.__dbus_object_path__, client_interface)
456
client.Approve(dbus.Boolean(False),
457
dbus_interface=client_interface)
713
@staticmethod
714
def milliseconds_to_string(ms):
715
td = datetime.timedelta(0, 0, 0, ms)
716
return ("{days}{hours:02}:{minutes:02}:{seconds:02}"
717
.format(days="{}T".format(td.days)
718
if td.days else "",
719
hours=td.seconds // 3600,
720
minutes=(td.seconds % 3600) // 60,
721
seconds=td.seconds % 60))
722
723
724
class PropertyCmd(Command):
725
"""Abstract class for Actions for setting one client property"""
726
727
def run_on_one_client(self, client, properties):
728
"""Set the Client's D-Bus property"""
729
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", dbus_busname,
730
client.__dbus_object_path__,
731
dbus.PROPERTIES_IFACE, client_dbus_interface,
732
self.propname, self.value_to_set
733
if not isinstance(self.value_to_set, dbus.Boolean)
734
else bool(self.value_to_set))
735
client.Set(client_dbus_interface, self.propname,
736
self.value_to_set,
737
dbus_interface=dbus.PROPERTIES_IFACE)
738
739
@property
740
def propname(self):
741
raise NotImplementedError()
742
458
743
459
744
class EnableCmd(PropertyCmd):
460
property = "Enabled"
745
propname = "Enabled"
461
746
value_to_set = dbus.Boolean(True)
462
747
748
463
749
class DisableCmd(PropertyCmd):
464
property = "Enabled"
750
propname = "Enabled"
465
751
value_to_set = dbus.Boolean(False)
466
752
753
467
754
class BumpTimeoutCmd(PropertyCmd):
468
property = "LastCheckedOK"
755
propname = "LastCheckedOK"
469
756
value_to_set = ""
470
757
758
471
759
class StartCheckerCmd(PropertyCmd):
472
property = "CheckerRunning"
760
propname = "CheckerRunning"
473
761
value_to_set = dbus.Boolean(True)
474
762
763
475
764
class StopCheckerCmd(PropertyCmd):
476
property = "CheckerRunning"
765
propname = "CheckerRunning"
477
766
value_to_set = dbus.Boolean(False)
478
767
768
479
769
class ApproveByDefaultCmd(PropertyCmd):
480
property = "ApprovedByDefault"
770
propname = "ApprovedByDefault"
481
771
value_to_set = dbus.Boolean(True)
482
772
773
483
774
class DenyByDefaultCmd(PropertyCmd):
484
property = "ApprovedByDefault"
775
propname = "ApprovedByDefault"
485
776
value_to_set = dbus.Boolean(False)
486
777
487
class SetCheckerCmd(PropertyCmd, ValueArgumentMixIn):
488
property = "Checker"
489
490
class SetHostCmd(PropertyCmd, ValueArgumentMixIn):
491
property = "Host"
492
493
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
778
779
class PropertyValueCmd(PropertyCmd):
780
"""Abstract class for PropertyCmd recieving a value as argument"""
781
def __init__(self, value):
782
self.value_to_set = value
783
784
785
class SetCheckerCmd(PropertyValueCmd):
786
propname = "Checker"
787
788
789
class SetHostCmd(PropertyValueCmd):
790
propname = "Host"
791
792
793
class SetSecretCmd(PropertyValueCmd):
794
propname = "Secret"
795
494
796
@property
495
797
def value_to_set(self):
496
798
return self._vts
799
497
800
@value_to_set.setter
498
801
def value_to_set(self, value):
499
802
"""When setting, read data from supplied file object"""
500
803
self._vts = value.read()
501
804
value.close()
502
property = "Secret"
503
504
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
505
property = "Timeout"
506
507
class SetExtendedTimeoutCmd(PropertyCmd,
508
MillisecondsValueArgumentMixIn):
509
property = "ExtendedTimeout"
510
511
class SetIntervalCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
512
property = "Interval"
513
514
class SetApprovalDelayCmd(PropertyCmd,
515
MillisecondsValueArgumentMixIn):
516
property = "ApprovalDelay"
517
518
class SetApprovalDurationCmd(PropertyCmd,
519
MillisecondsValueArgumentMixIn):
520
property = "ApprovalDuration"
521
522
def add_command_line_options(parser):
523
parser.add_argument("--version", action="version",
524
version="%(prog)s {}".format(version),
525
help="show version number and exit")
526
parser.add_argument("-a", "--all", action="store_true",
527
help="Select all clients")
528
parser.add_argument("-v", "--verbose", action="store_true",
529
help="Print all fields")
530
parser.add_argument("-j", "--dump-json", action="store_true",
531
help="Dump client data in JSON format")
532
enable_disable = parser.add_mutually_exclusive_group()
533
enable_disable.add_argument("-e", "--enable", action="store_true",
534
help="Enable client")
535
enable_disable.add_argument("-d", "--disable",
536
action="store_true",
537
help="disable client")
538
parser.add_argument("-b", "--bump-timeout", action="store_true",
539
help="Bump timeout for client")
540
start_stop_checker = parser.add_mutually_exclusive_group()
541
start_stop_checker.add_argument("--start-checker",
542
action="store_true",
543
help="Start checker for client")
544
start_stop_checker.add_argument("--stop-checker",
545
action="store_true",
546
help="Stop checker for client")
547
parser.add_argument("-V", "--is-enabled", action="store_true",
548
help="Check if client is enabled")
549
parser.add_argument("-r", "--remove", action="store_true",
550
help="Remove client")
551
parser.add_argument("-c", "--checker",
552
help="Set checker command for client")
553
parser.add_argument("-t", "--timeout", type=string_to_delta,
554
help="Set timeout for client")
555
parser.add_argument("--extended-timeout", type=string_to_delta,
556
help="Set extended timeout for client")
557
parser.add_argument("-i", "--interval", type=string_to_delta,
558
help="Set checker interval for client")
559
approve_deny_default = parser.add_mutually_exclusive_group()
560
approve_deny_default.add_argument(
561
"--approve-by-default", action="store_true",
562
default=None, dest="approved_by_default",
563
help="Set client to be approved by default")
564
approve_deny_default.add_argument(
565
"--deny-by-default", action="store_false",
566
dest="approved_by_default",
567
help="Set client to be denied by default")
568
parser.add_argument("--approval-delay", type=string_to_delta,
569
help="Set delay before client approve/deny")
570
parser.add_argument("--approval-duration", type=string_to_delta,
571
help="Set duration of one client approval")
572
parser.add_argument("-H", "--host", help="Set host for client")
573
parser.add_argument("-s", "--secret",
574
type=argparse.FileType(mode="rb"),
575
help="Set password blob (file) for client")
576
approve_deny = parser.add_mutually_exclusive_group()
577
approve_deny.add_argument(
578
"-A", "--approve", action="store_true",
579
help="Approve any current client request")
580
approve_deny.add_argument("-D", "--deny", action="store_true",
581
help="Deny any current client request")
582
parser.add_argument("--debug", action="store_true",
583
help="Debug mode (show D-Bus commands)")
584
parser.add_argument("--check", action="store_true",
585
help="Run self-test")
586
parser.add_argument("client", nargs="*", help="Client name")
587
588
589
def commands_from_options(options):
590
591
commands = []
592
593
if options.dump_json:
594
commands.append(DumpJSONCmd())
595
596
if options.enable:
597
commands.append(EnableCmd())
598
599
if options.disable:
600
commands.append(DisableCmd())
601
602
if options.bump_timeout:
603
commands.append(BumpTimeoutCmd())
604
605
if options.start_checker:
606
commands.append(StartCheckerCmd())
607
608
if options.stop_checker:
609
commands.append(StopCheckerCmd())
610
611
if options.is_enabled:
612
commands.append(IsEnabledCmd())
613
614
if options.remove:
615
commands.append(RemoveCmd())
616
617
if options.checker is not None:
618
commands.append(SetCheckerCmd(options.checker))
619
620
if options.timeout is not None:
621
commands.append(SetTimeoutCmd(options.timeout))
622
623
if options.extended_timeout:
624
commands.append(
625
SetExtendedTimeoutCmd(options.extended_timeout))
626
627
if options.interval is not None:
628
commands.append(SetIntervalCmd(options.interval))
629
630
if options.approved_by_default is not None:
631
if options.approved_by_default:
632
commands.append(ApproveByDefaultCmd())
633
else:
634
commands.append(DenyByDefaultCmd())
635
636
if options.approval_delay is not None:
637
commands.append(SetApprovalDelayCmd(options.approval_delay))
638
639
if options.approval_duration is not None:
640
commands.append(
641
SetApprovalDurationCmd(options.approval_duration))
642
643
if options.host is not None:
644
commands.append(SetHostCmd(options.host))
645
646
if options.secret is not None:
647
commands.append(SetSecretCmd(options.secret))
648
649
if options.approve:
650
commands.append(ApproveCmd())
651
652
if options.deny:
653
commands.append(DenyCmd())
654
655
# If no command option has been given, show table of clients,
656
# optionally verbosely
657
if not commands:
658
commands.append(PrintTableCmd(verbose=options.verbose))
659
660
return commands
661
662
663
def check_option_syntax(parser, options):
664
"""Apply additional restrictions on options, not expressible in
665
argparse"""
666
667
def has_actions(options):
668
return any((options.enable,
669
options.disable,
670
options.bump_timeout,
671
options.start_checker,
672
options.stop_checker,
673
options.is_enabled,
674
options.remove,
675
options.checker is not None,
676
options.timeout is not None,
677
options.extended_timeout is not None,
678
options.interval is not None,
679
options.approved_by_default is not None,
680
options.approval_delay is not None,
681
options.approval_duration is not None,
682
options.host is not None,
683
options.secret is not None,
684
options.approve,
685
options.deny))
686
687
if has_actions(options) and not (options.client or options.all):
688
parser.error("Options require clients names or --all.")
689
if options.verbose and has_actions(options):
690
parser.error("--verbose can only be used alone.")
691
if options.dump_json and (options.verbose
692
or has_actions(options)):
693
parser.error("--dump-json can only be used alone.")
694
if options.all and not has_actions(options):
695
parser.error("--all requires an action.")
696
if options.is_enabled and len(options.client) > 1:
697
parser.error("--is-enabled requires exactly one client")
698
699
700
def main():
701
parser = argparse.ArgumentParser()
702
703
add_command_line_options(parser)
704
705
options = parser.parse_args()
706
707
check_option_syntax(parser, options)
708
709
clientnames = options.client
710
711
if options.debug:
712
log.setLevel(logging.DEBUG)
713
714
try:
715
bus = dbus.SystemBus()
716
log.debug("D-Bus: Connect to: (name=%r, path=%r)", busname,
717
server_path)
718
mandos_dbus_objc = bus.get_object(busname, server_path)
719
except dbus.exceptions.DBusException:
720
log.critical("Could not connect to Mandos server")
721
sys.exit(1)
722
723
mandos_serv = dbus.Interface(mandos_dbus_objc,
724
dbus_interface=server_interface)
725
mandos_serv_object_manager = dbus.Interface(
726
mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
727
728
# Filter out log message from dbus module
729
dbus_logger = logging.getLogger("dbus.proxies")
730
class NullFilter(logging.Filter):
731
def filter(self, record):
732
return False
733
dbus_filter = NullFilter()
734
try:
735
dbus_logger.addFilter(dbus_filter)
736
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", busname,
737
server_path, dbus.OBJECT_MANAGER_IFACE)
738
mandos_clients = {path: ifs_and_props[client_interface]
739
for path, ifs_and_props in
740
mandos_serv_object_manager
741
.GetManagedObjects().items()
742
if client_interface in ifs_and_props}
743
except dbus.exceptions.DBusException as e:
744
log.critical("Failed to access Mandos server through D-Bus:"
745
"\n%s", e)
746
sys.exit(1)
747
finally:
748
# restore dbus logger
749
dbus_logger.removeFilter(dbus_filter)
750
751
# Compile dict of (clients: properties) to process
752
clients = {}
753
754
if not clientnames:
755
clients = {bus.get_object(busname, path): properties
756
for path, properties in mandos_clients.items()}
757
else:
758
for name in clientnames:
759
for path, client in mandos_clients.items():
760
if client["Name"] == name:
761
client_objc = bus.get_object(busname, path)
762
clients[client_objc] = client
763
break
764
else:
765
log.critical("Client not found on server: %r", name)
766
sys.exit(1)
767
768
# Run all commands on clients
769
commands = commands_from_options(options)
770
for command in commands:
771
command.run(mandos_serv, clients)
805
806
807
class MillisecondsPropertyValueArgumentCmd(PropertyValueCmd):
808
"""Abstract class for PropertyValueCmd taking a value argument as
809
a datetime.timedelta() but should store it as milliseconds."""
810
811
@property
812
def value_to_set(self):
813
return self._vts
814
815
@value_to_set.setter
816
def value_to_set(self, value):
817
"""When setting, convert value from a datetime.timedelta"""
818
self._vts = int(round(value.total_seconds() * 1000))
819
820
821
class SetTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
822
propname = "Timeout"
823
824
825
class SetExtendedTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
826
propname = "ExtendedTimeout"
827
828
829
class SetIntervalCmd(MillisecondsPropertyValueArgumentCmd):
830
propname = "Interval"
831
832
833
class SetApprovalDelayCmd(MillisecondsPropertyValueArgumentCmd):
834
propname = "ApprovalDelay"
835
836
837
class SetApprovalDurationCmd(MillisecondsPropertyValueArgumentCmd):
838
propname = "ApprovalDuration"
839
772
840
773
841
774
class Test_milliseconds_to_string(unittest.TestCase):
775
def test_all(self):
776
self.assertEqual(milliseconds_to_string(93785000),
777
"1T02:03:05")
778
def test_no_days(self):
779
self.assertEqual(milliseconds_to_string(7385000), "02:03:05")
780
def test_all_zero(self):
781
self.assertEqual(milliseconds_to_string(0), "00:00:00")
782
def test_no_fractional_seconds(self):
783
self.assertEqual(milliseconds_to_string(400), "00:00:00")
784
self.assertEqual(milliseconds_to_string(900), "00:00:00")
785
self.assertEqual(milliseconds_to_string(1900), "00:00:01")
786
787
class Test_string_to_delta(unittest.TestCase):
842
class TestCaseWithAssertLogs(unittest.TestCase):
843
"""unittest.TestCase.assertLogs only exists in Python 3.4"""
844
845
if not hasattr(unittest.TestCase, "assertLogs"):
846
@contextlib.contextmanager
847
def assertLogs(self, logger, level=logging.INFO):
848
capturing_handler = self.CapturingLevelHandler(level)
849
old_level = logger.level
850
old_propagate = logger.propagate
851
logger.addHandler(capturing_handler)
852
logger.setLevel(level)
853
logger.propagate = False
854
try:
855
yield capturing_handler.watcher
856
finally:
857
logger.propagate = old_propagate
858
logger.removeHandler(capturing_handler)
859
logger.setLevel(old_level)
860
self.assertGreater(len(capturing_handler.watcher.records),
861
0)
862
863
class CapturingLevelHandler(logging.Handler):
864
def __init__(self, level, *args, **kwargs):
865
logging.Handler.__init__(self, *args, **kwargs)
866
self.watcher = self.LoggingWatcher([], [])
867
def emit(self, record):
868
self.watcher.records.append(record)
869
self.watcher.output.append(self.format(record))
870
871
LoggingWatcher = collections.namedtuple("LoggingWatcher",
872
("records",
873
"output"))
874
875
class Test_string_to_delta(TestCaseWithAssertLogs):
788
876
def test_handles_basic_rfc3339(self):
789
877
self.assertEqual(string_to_delta("PT0S"),
790
878
datetime.timedelta())
794
882
datetime.timedelta(0, 1))
795
883
self.assertEqual(string_to_delta("PT2H"),
796
884
datetime.timedelta(0, 7200))
885
797
886
def test_falls_back_to_pre_1_6_1_with_warning(self):
798
# assertLogs only exists in Python 3.4
799
if hasattr(self, "assertLogs"):
800
with self.assertLogs(log, logging.WARNING):
801
value = string_to_delta("2h")
802
else:
803
class WarningFilter(logging.Filter):
804
"""Don't show, but record the presence of, warnings"""
805
def filter(self, record):
806
is_warning = record.levelno >= logging.WARNING
807
self.found = is_warning or getattr(self, "found",
808
False)
809
return not is_warning
810
warning_filter = WarningFilter()
811
log.addFilter(warning_filter)
812
try:
813
value = string_to_delta("2h")
814
finally:
815
log.removeFilter(warning_filter)
816
self.assertTrue(getattr(warning_filter, "found", False))
887
with self.assertLogs(log, logging.WARNING):
888
value = string_to_delta("2h")
817
889
self.assertEqual(value, datetime.timedelta(0, 7200))
818
890
819
891
892
class Test_check_option_syntax(unittest.TestCase):
893
def setUp(self):
894
self.parser = argparse.ArgumentParser()
895
add_command_line_options(self.parser)
896
897
def test_actions_requires_client_or_all(self):
898
for action, value in self.actions.items():
899
options = self.parser.parse_args()
900
setattr(options, action, value)
901
with self.assertParseError():
902
self.check_option_syntax(options)
903
904
# This mostly corresponds to the definition from has_actions() in
905
# check_option_syntax()
906
actions = {
907
# The actual values set here are not that important, but we do
908
# at least stick to the correct types, even though they are
909
# never used
910
"enable": True,
911
"disable": True,
912
"bump_timeout": True,
913
"start_checker": True,
914
"stop_checker": True,
915
"is_enabled": True,
916
"remove": True,
917
"checker": "x",
918
"timeout": datetime.timedelta(),
919
"extended_timeout": datetime.timedelta(),
920
"interval": datetime.timedelta(),
921
"approved_by_default": True,
922
"approval_delay": datetime.timedelta(),
923
"approval_duration": datetime.timedelta(),
924
"host": "x",
925
"secret": io.BytesIO(b"x"),
926
"approve": True,
927
"deny": True,
928
}
929
930
@contextlib.contextmanager
931
def assertParseError(self):
932
with self.assertRaises(SystemExit) as e:
933
with self.temporarily_suppress_stderr():
934
yield
935
# Exit code from argparse is guaranteed to be "2". Reference:
936
# https://docs.python.org/3/library
937
# /argparse.html#exiting-methods
938
self.assertEqual(e.exception.code, 2)
939
940
@staticmethod
941
@contextlib.contextmanager
942
def temporarily_suppress_stderr():
943
null = os.open(os.path.devnull, os.O_RDWR)
944
stderrcopy = os.dup(sys.stderr.fileno())
945
os.dup2(null, sys.stderr.fileno())
946
os.close(null)
947
try:
948
yield
949
finally:
950
# restore stderr
951
os.dup2(stderrcopy, sys.stderr.fileno())
952
os.close(stderrcopy)
953
954
def check_option_syntax(self, options):
955
check_option_syntax(self.parser, options)
956
957
def test_actions_all_conflicts_with_verbose(self):
958
for action, value in self.actions.items():
959
options = self.parser.parse_args()
960
setattr(options, action, value)
961
options.all = True
962
options.verbose = True
963
with self.assertParseError():
964
self.check_option_syntax(options)
965
966
def test_actions_with_client_conflicts_with_verbose(self):
967
for action, value in self.actions.items():
968
options = self.parser.parse_args()
969
setattr(options, action, value)
970
options.verbose = True
971
options.client = ["foo"]
972
with self.assertParseError():
973
self.check_option_syntax(options)
974
975
def test_dump_json_conflicts_with_verbose(self):
976
options = self.parser.parse_args()
977
options.dump_json = True
978
options.verbose = True
979
with self.assertParseError():
980
self.check_option_syntax(options)
981
982
def test_dump_json_conflicts_with_action(self):
983
for action, value in self.actions.items():
984
options = self.parser.parse_args()
985
setattr(options, action, value)
986
options.dump_json = True
987
with self.assertParseError():
988
self.check_option_syntax(options)
989
990
def test_all_can_not_be_alone(self):
991
options = self.parser.parse_args()
992
options.all = True
993
with self.assertParseError():
994
self.check_option_syntax(options)
995
996
def test_all_is_ok_with_any_action(self):
997
for action, value in self.actions.items():
998
options = self.parser.parse_args()
999
setattr(options, action, value)
1000
options.all = True
1001
self.check_option_syntax(options)
1002
1003
def test_any_action_is_ok_with_one_client(self):
1004
for action, value in self.actions.items():
1005
options = self.parser.parse_args()
1006
setattr(options, action, value)
1007
options.client = ["foo"]
1008
self.check_option_syntax(options)
1009
1010
def test_actions_except_is_enabled_are_ok_with_two_clients(self):
1011
for action, value in self.actions.items():
1012
if action == "is_enabled":
1013
continue
1014
options = self.parser.parse_args()
1015
setattr(options, action, value)
1016
options.client = ["foo", "barbar"]
1017
self.check_option_syntax(options)
1018
1019
def test_is_enabled_fails_without_client(self):
1020
options = self.parser.parse_args()
1021
options.is_enabled = True
1022
with self.assertParseError():
1023
self.check_option_syntax(options)
1024
1025
def test_is_enabled_fails_with_two_clients(self):
1026
options = self.parser.parse_args()
1027
options.is_enabled = True
1028
options.client = ["foo", "barbar"]
1029
with self.assertParseError():
1030
self.check_option_syntax(options)
1031
1032
def test_remove_can_only_be_combined_with_action_deny(self):
1033
for action, value in self.actions.items():
1034
if action in {"remove", "deny"}:
1035
continue
1036
options = self.parser.parse_args()
1037
setattr(options, action, value)
1038
options.all = True
1039
options.remove = True
1040
with self.assertParseError():
1041
self.check_option_syntax(options)
1042
1043
1044
class Test_get_mandos_dbus_object(TestCaseWithAssertLogs):
1045
def test_calls_and_returns_get_object_on_bus(self):
1046
class MockBus(object):
1047
called = False
1048
def get_object(mockbus_self, busname, dbus_path):
1049
# Note that "self" is still the testcase instance,
1050
# this MockBus instance is in "mockbus_self".
1051
self.assertEqual(busname, dbus_busname)
1052
self.assertEqual(dbus_path, server_dbus_path)
1053
mockbus_self.called = True
1054
return mockbus_self
1055
1056
mockbus = get_mandos_dbus_object(bus=MockBus())
1057
self.assertIsInstance(mockbus, MockBus)
1058
self.assertTrue(mockbus.called)
1059
1060
def test_logs_and_exits_on_dbus_error(self):
1061
class MockBusFailing(object):
1062
def get_object(self, busname, dbus_path):
1063
raise dbus.exceptions.DBusException("Test")
1064
1065
with self.assertLogs(log, logging.CRITICAL):
1066
with self.assertRaises(SystemExit) as e:
1067
bus = get_mandos_dbus_object(bus=MockBusFailing())
1068
1069
if isinstance(e.exception.code, int):
1070
self.assertNotEqual(e.exception.code, 0)
1071
else:
1072
self.assertIsNotNone(e.exception.code)
1073
1074
1075
class Test_get_managed_objects(TestCaseWithAssertLogs):
1076
def test_calls_and_returns_GetManagedObjects(self):
1077
managed_objects = {"/clients/foo": { "Name": "foo"}}
1078
class MockObjectManager(object):
1079
def GetManagedObjects(self):
1080
return managed_objects
1081
retval = get_managed_objects(MockObjectManager())
1082
self.assertDictEqual(managed_objects, retval)
1083
1084
def test_logs_and_exits_on_dbus_error(self):
1085
dbus_logger = logging.getLogger("dbus.proxies")
1086
1087
class MockObjectManagerFailing(object):
1088
def GetManagedObjects(self):
1089
dbus_logger.error("Test")
1090
raise dbus.exceptions.DBusException("Test")
1091
1092
class CountingHandler(logging.Handler):
1093
count = 0
1094
def emit(self, record):
1095
self.count += 1
1096
1097
counting_handler = CountingHandler()
1098
1099
dbus_logger.addHandler(counting_handler)
1100
1101
try:
1102
with self.assertLogs(log, logging.CRITICAL) as watcher:
1103
with self.assertRaises(SystemExit) as e:
1104
get_managed_objects(MockObjectManagerFailing())
1105
finally:
1106
dbus_logger.removeFilter(counting_handler)
1107
1108
# Make sure the dbus logger was suppressed
1109
self.assertEqual(counting_handler.count, 0)
1110
1111
# Test that the dbus_logger still works
1112
with self.assertLogs(dbus_logger, logging.ERROR):
1113
dbus_logger.error("Test")
1114
1115
if isinstance(e.exception.code, int):
1116
self.assertNotEqual(e.exception.code, 0)
1117
else:
1118
self.assertIsNotNone(e.exception.code)
1119
1120
1121
class Test_commands_from_options(unittest.TestCase):
1122
def setUp(self):
1123
self.parser = argparse.ArgumentParser()
1124
add_command_line_options(self.parser)
1125
1126
def test_is_enabled(self):
1127
self.assert_command_from_args(["--is-enabled", "foo"],
1128
IsEnabledCmd)
1129
1130
def assert_command_from_args(self, args, command_cls,
1131
**cmd_attrs):
1132
"""Assert that parsing ARGS should result in an instance of
1133
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1134
options = self.parser.parse_args(args)
1135
check_option_syntax(self.parser, options)
1136
commands = commands_from_options(options)
1137
self.assertEqual(len(commands), 1)
1138
command = commands[0]
1139
self.assertIsInstance(command, command_cls)
1140
for key, value in cmd_attrs.items():
1141
self.assertEqual(getattr(command, key), value)
1142
1143
def test_is_enabled_short(self):
1144
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1145
1146
def test_approve(self):
1147
self.assert_command_from_args(["--approve", "foo"],
1148
ApproveCmd)
1149
1150
def test_approve_short(self):
1151
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1152
1153
def test_deny(self):
1154
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1155
1156
def test_deny_short(self):
1157
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1158
1159
def test_remove(self):
1160
self.assert_command_from_args(["--remove", "foo"],
1161
RemoveCmd)
1162
1163
def test_deny_before_remove(self):
1164
options = self.parser.parse_args(["--deny", "--remove",
1165
"foo"])
1166
check_option_syntax(self.parser, options)
1167
commands = commands_from_options(options)
1168
self.assertEqual(len(commands), 2)
1169
self.assertIsInstance(commands[0], DenyCmd)
1170
self.assertIsInstance(commands[1], RemoveCmd)
1171
1172
def test_deny_before_remove_reversed(self):
1173
options = self.parser.parse_args(["--remove", "--deny",
1174
"--all"])
1175
check_option_syntax(self.parser, options)
1176
commands = commands_from_options(options)
1177
self.assertEqual(len(commands), 2)
1178
self.assertIsInstance(commands[0], DenyCmd)
1179
self.assertIsInstance(commands[1], RemoveCmd)
1180
1181
def test_remove_short(self):
1182
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1183
1184
def test_dump_json(self):
1185
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1186
1187
def test_enable(self):
1188
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1189
1190
def test_enable_short(self):
1191
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1192
1193
def test_disable(self):
1194
self.assert_command_from_args(["--disable", "foo"],
1195
DisableCmd)
1196
1197
def test_disable_short(self):
1198
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1199
1200
def test_bump_timeout(self):
1201
self.assert_command_from_args(["--bump-timeout", "foo"],
1202
BumpTimeoutCmd)
1203
1204
def test_bump_timeout_short(self):
1205
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1206
1207
def test_start_checker(self):
1208
self.assert_command_from_args(["--start-checker", "foo"],
1209
StartCheckerCmd)
1210
1211
def test_stop_checker(self):
1212
self.assert_command_from_args(["--stop-checker", "foo"],
1213
StopCheckerCmd)
1214
1215
def test_approve_by_default(self):
1216
self.assert_command_from_args(["--approve-by-default", "foo"],
1217
ApproveByDefaultCmd)
1218
1219
def test_deny_by_default(self):
1220
self.assert_command_from_args(["--deny-by-default", "foo"],
1221
DenyByDefaultCmd)
1222
1223
def test_checker(self):
1224
self.assert_command_from_args(["--checker", ":", "foo"],
1225
SetCheckerCmd, value_to_set=":")
1226
1227
def test_checker_empty(self):
1228
self.assert_command_from_args(["--checker", "", "foo"],
1229
SetCheckerCmd, value_to_set="")
1230
1231
def test_checker_short(self):
1232
self.assert_command_from_args(["-c", ":", "foo"],
1233
SetCheckerCmd, value_to_set=":")
1234
1235
def test_host(self):
1236
self.assert_command_from_args(["--host", "foo.example.org",
1237
"foo"], SetHostCmd,
1238
value_to_set="foo.example.org")
1239
1240
def test_host_short(self):
1241
self.assert_command_from_args(["-H", "foo.example.org",
1242
"foo"], SetHostCmd,
1243
value_to_set="foo.example.org")
1244
1245
def test_secret_devnull(self):
1246
self.assert_command_from_args(["--secret", os.path.devnull,
1247
"foo"], SetSecretCmd,
1248
value_to_set=b"")
1249
1250
def test_secret_tempfile(self):
1251
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1252
value = b"secret\0xyzzy\nbar"
1253
f.write(value)
1254
f.seek(0)
1255
self.assert_command_from_args(["--secret", f.name,
1256
"foo"], SetSecretCmd,
1257
value_to_set=value)
1258
1259
def test_secret_devnull_short(self):
1260
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1261
SetSecretCmd, value_to_set=b"")
1262
1263
def test_secret_tempfile_short(self):
1264
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1265
value = b"secret\0xyzzy\nbar"
1266
f.write(value)
1267
f.seek(0)
1268
self.assert_command_from_args(["-s", f.name, "foo"],
1269
SetSecretCmd,
1270
value_to_set=value)
1271
1272
def test_timeout(self):
1273
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1274
SetTimeoutCmd,
1275
value_to_set=300000)
1276
1277
def test_timeout_short(self):
1278
self.assert_command_from_args(["-t", "PT5M", "foo"],
1279
SetTimeoutCmd,
1280
value_to_set=300000)
1281
1282
def test_extended_timeout(self):
1283
self.assert_command_from_args(["--extended-timeout", "PT15M",
1284
"foo"],
1285
SetExtendedTimeoutCmd,
1286
value_to_set=900000)
1287
1288
def test_interval(self):
1289
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1290
SetIntervalCmd,
1291
value_to_set=120000)
1292
1293
def test_interval_short(self):
1294
self.assert_command_from_args(["-i", "PT2M", "foo"],
1295
SetIntervalCmd,
1296
value_to_set=120000)
1297
1298
def test_approval_delay(self):
1299
self.assert_command_from_args(["--approval-delay", "PT30S",
1300
"foo"], SetApprovalDelayCmd,
1301
value_to_set=30000)
1302
1303
def test_approval_duration(self):
1304
self.assert_command_from_args(["--approval-duration", "PT1S",
1305
"foo"], SetApprovalDurationCmd,
1306
value_to_set=1000)
1307
1308
def test_print_table(self):
1309
self.assert_command_from_args([], PrintTableCmd,
1310
verbose=False)
1311
1312
def test_print_table_verbose(self):
1313
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1314
verbose=True)
1315
1316
def test_print_table_verbose_short(self):
1317
self.assert_command_from_args(["-v"], PrintTableCmd,
1318
verbose=True)
1319
1320
820
1321
class TestCmd(unittest.TestCase):
821
1322
"""Abstract class for tests of command classes"""
1323
822
1324
def setUp(self):
823
1325
testcase = self
824
1326
class MockClient(object):
825
1327
def __init__(self, name, **attributes):
826
self.__dbus_object_path__ = "objpath_{}".format(name)
1328
self.__dbus_object_path__ = "/clients/{}".format(name)
827
1329
self.attributes = attributes
828
1330
self.attributes["Name"] = name
829
1331
self.calls = []
830
def Set(self, interface, property, value, dbus_interface):
831
testcase.assertEqual(interface, client_interface)
832
testcase.assertEqual(dbus_interface,
833
dbus.PROPERTIES_IFACE)
834
self.attributes[property] = value
835
def Get(self, interface, property, dbus_interface):
836
testcase.assertEqual(interface, client_interface)
837
testcase.assertEqual(dbus_interface,
838
dbus.PROPERTIES_IFACE)
839
return self.attributes[property]
1332
def Set(self, interface, propname, value, dbus_interface):
1333
testcase.assertEqual(interface, client_dbus_interface)
1334
testcase.assertEqual(dbus_interface,
1335
dbus.PROPERTIES_IFACE)
1336
self.attributes[propname] = value
1337
def Get(self, interface, propname, dbus_interface):
1338
testcase.assertEqual(interface, client_dbus_interface)
1339
testcase.assertEqual(dbus_interface,
1340
dbus.PROPERTIES_IFACE)
1341
return self.attributes[propname]
840
1342
def Approve(self, approve, dbus_interface):
841
testcase.assertEqual(dbus_interface, client_interface)
1343
testcase.assertEqual(dbus_interface,
1344
client_dbus_interface)
842
1345
self.calls.append(("Approve", (approve,
843
1346
dbus_interface)))
844
1347
self.client = MockClient(
884
1387
ApprovedByDefault=dbus.Boolean(False),
885
1388
LastApprovalRequest="2019-01-03T00:00:00",
886
1389
ApprovalDelay=30000,
887
ApprovalDuration=1000,
1390
ApprovalDuration=93785000,
888
1391
Checker=":",
889
1392
ExtendedTimeout=900000,
890
1393
Expires="2019-02-05T00:00:00",
891
1394
LastCheckerStatus=-2)
892
1395
self.clients = collections.OrderedDict(
893
1396
[
894
(self.client, self.client.attributes),
895
(self.other_client, self.other_client.attributes),
1397
("/clients/foo", self.client.attributes),
1398
("/clients/barbar", self.other_client.attributes),
896
1399
])
897
self.one_client = {self.client: self.client.attributes}
898
899
class TestPrintTableCmd(TestCmd):
900
def test_normal(self):
901
output = PrintTableCmd().output(self.clients)
902
expected_output = """
903
Name Enabled Timeout Last Successful Check
904
foo Yes 00:05:00 2019-02-03T00:00:00
905
barbar Yes 00:05:00 2019-02-04T00:00:00
906
"""[1:-1]
907
self.assertEqual(output, expected_output)
908
def test_verbose(self):
909
output = PrintTableCmd(verbose=True).output(self.clients)
910
expected_output = """
911
Name Enabled Timeout Last Successful Check Created Interval Host Key ID Fingerprint Check Is Running Last Enabled Approval Is Pending Approved By Default Last Approval Request Approval Delay Approval Duration Checker Extended Timeout Expires Last Checker Status
912
foo Yes 00:05:00 2019-02-03T00:00:00 2019-01-02T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 No 2019-01-03T00:00:00 No Yes 00:00:00 00:00:01 fping -q -- %(host)s 00:15:00 2019-02-04T00:00:00 0
913
barbar Yes 00:05:00 2019-02-04T00:00:00 2019-01-03T00:00:00 00:02:00 192.0.2.3 0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e46c2b020f441c 3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 Yes 2019-01-04T00:00:00 No No 2019-01-03T00:00:00 00:00:30 00:00:01 : 00:15:00 2019-02-05T00:00:00 -2
914
"""[1:-1]
915
self.assertEqual(output, expected_output)
916
def test_one_client(self):
917
output = PrintTableCmd().output(self.one_client)
918
expected_output = """
919
Name Enabled Timeout Last Successful Check
920
foo Yes 00:05:00 2019-02-03T00:00:00
921
"""[1:-1]
922
self.assertEqual(output, expected_output)
1400
self.one_client = {"/clients/foo": self.client.attributes}
1401
1402
@property
1403
def bus(self):
1404
class Bus(object):
1405
@staticmethod
1406
def get_object(client_bus_name, path):
1407
self.assertEqual(client_bus_name, dbus_busname)
1408
return {
1409
# Note: "self" here is the TestCmd instance, not
1410
# the Bus instance, since this is a static method!
1411
"/clients/foo": self.client,
1412
"/clients/barbar": self.other_client,
1413
}[path]
1414
return Bus()
1415
1416
1417
class TestIsEnabledCmd(TestCmd):
1418
def test_is_enabled(self):
1419
self.assertTrue(all(IsEnabledCmd().is_enabled(client,
1420
properties)
1421
for client, properties
1422
in self.clients.items()))
1423
1424
def test_is_enabled_run_exits_successfully(self):
1425
with self.assertRaises(SystemExit) as e:
1426
IsEnabledCmd().run(self.one_client)
1427
if e.exception.code is not None:
1428
self.assertEqual(e.exception.code, 0)
1429
else:
1430
self.assertIsNone(e.exception.code)
1431
1432
def test_is_enabled_run_exits_with_failure(self):
1433
self.client.attributes["Enabled"] = dbus.Boolean(False)
1434
with self.assertRaises(SystemExit) as e:
1435
IsEnabledCmd().run(self.one_client)
1436
if isinstance(e.exception.code, int):
1437
self.assertNotEqual(e.exception.code, 0)
1438
else:
1439
self.assertIsNotNone(e.exception.code)
1440
1441
1442
class TestApproveCmd(TestCmd):
1443
def test_approve(self):
1444
ApproveCmd().run(self.clients, self.bus)
1445
for clientpath in self.clients:
1446
client = self.bus.get_object(dbus_busname, clientpath)
1447
self.assertIn(("Approve", (True, client_dbus_interface)),
1448
client.calls)
1449
1450
1451
class TestDenyCmd(TestCmd):
1452
def test_deny(self):
1453
DenyCmd().run(self.clients, self.bus)
1454
for clientpath in self.clients:
1455
client = self.bus.get_object(dbus_busname, clientpath)
1456
self.assertIn(("Approve", (False, client_dbus_interface)),
1457
client.calls)
1458
1459
1460
class TestRemoveCmd(TestCmd):
1461
def test_remove(self):
1462
class MockMandos(object):
1463
def __init__(self):
1464
self.calls = []
1465
def RemoveClient(self, dbus_path):
1466
self.calls.append(("RemoveClient", (dbus_path,)))
1467
mandos = MockMandos()
1468
super(TestRemoveCmd, self).setUp()
1469
RemoveCmd().run(self.clients, self.bus, mandos)
1470
self.assertEqual(len(mandos.calls), 2)
1471
for clientpath in self.clients:
1472
self.assertIn(("RemoveClient", (clientpath,)),
1473
mandos.calls)
1474
923
1475
924
1476
class TestDumpJSONCmd(TestCmd):
925
1477
def setUp(self):
966
1518
"ApprovedByDefault": False,
967
1519
"LastApprovalRequest": "2019-01-03T00:00:00",
968
1520
"ApprovalDelay": 30000,
969
"ApprovalDuration": 1000,
1521
"ApprovalDuration": 93785000,
970
1522
"Checker": ":",
971
1523
"ExtendedTimeout": 900000,
972
1524
"Expires": "2019-02-05T00:00:00",
974
1526
},
975
1527
}
976
1528
return super(TestDumpJSONCmd, self).setUp()
1529
977
1530
def test_normal(self):
978
json_data = json.loads(DumpJSONCmd().output(self.clients))
1531
output = DumpJSONCmd().output(self.clients.values())
1532
json_data = json.loads(output)
979
1533
self.assertDictEqual(json_data, self.expected_json)
1534
980
1535
def test_one_client(self):
981
clients = self.one_client
982
json_data = json.loads(DumpJSONCmd().output(clients))
1536
output = DumpJSONCmd().output(self.one_client.values())
1537
json_data = json.loads(output)
983
1538
expected_json = {"foo": self.expected_json["foo"]}
984
1539
self.assertDictEqual(json_data, expected_json)
985
1540
986
class TestIsEnabledCmd(TestCmd):
987
def test_is_enabled(self):
988
self.assertTrue(all(IsEnabledCmd().is_enabled(client, properties)
989
for client, properties in self.clients.items()))
990
def test_is_enabled_run_exits_successfully(self):
991
with self.assertRaises(SystemExit) as e:
992
IsEnabledCmd().run(None, self.one_client)
993
if e.exception.code is not None:
994
self.assertEqual(e.exception.code, 0)
995
else:
996
self.assertIsNone(e.exception.code)
997
def test_is_enabled_run_exits_with_failure(self):
998
self.client.attributes["Enabled"] = dbus.Boolean(False)
999
with self.assertRaises(SystemExit) as e:
1000
IsEnabledCmd().run(None, self.one_client)
1001
if isinstance(e.exception.code, int):
1002
self.assertNotEqual(e.exception.code, 0)
1003
else:
1004
self.assertIsNotNone(e.exception.code)
1005
1006
class TestRemoveCmd(TestCmd):
1007
def test_remove(self):
1008
class MockMandos(object):
1009
def __init__(self):
1010
self.calls = []
1011
def RemoveClient(self, dbus_path):
1012
self.calls.append(("RemoveClient", (dbus_path,)))
1013
mandos = MockMandos()
1014
super(TestRemoveCmd, self).setUp()
1015
RemoveCmd().run(mandos, self.clients)
1016
self.assertEqual(len(mandos.calls), 2)
1017
for client in self.clients:
1018
self.assertIn(("RemoveClient",
1019
(client.__dbus_object_path__,)),
1020
mandos.calls)
1021
1022
class TestApproveCmd(TestCmd):
1023
def test_approve(self):
1024
ApproveCmd().run(None, self.clients)
1025
for client in self.clients:
1026
self.assertIn(("Approve", (True, client_interface)),
1027
client.calls)
1028
1029
class TestDenyCmd(TestCmd):
1030
def test_deny(self):
1031
DenyCmd().run(None, self.clients)
1032
for client in self.clients:
1033
self.assertIn(("Approve", (False, client_interface)),
1034
client.calls)
1035
1036
class TestEnableCmd(TestCmd):
1037
def test_enable(self):
1038
for client in self.clients:
1039
client.attributes["Enabled"] = False
1040
1041
EnableCmd().run(None, self.clients)
1042
1043
for client in self.clients:
1044
self.assertTrue(client.attributes["Enabled"])
1045
1046
class TestDisableCmd(TestCmd):
1047
def test_disable(self):
1048
DisableCmd().run(None, self.clients)
1049
1050
for client in self.clients:
1051
self.assertFalse(client.attributes["Enabled"])
1052
1053
class Unique(object):
1054
"""Class for objects which exist only to be unique objects, since
1055
unittest.mock.sentinel only exists in Python 3.3"""
1541
1542
class TestPrintTableCmd(TestCmd):
1543
def test_normal(self):
1544
output = PrintTableCmd().output(self.clients.values())
1545
expected_output = "\n".join((
1546
"Name Enabled Timeout Last Successful Check",
1547
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
1548
"barbar Yes 00:05:00 2019-02-04T00:00:00 ",
1549
))
1550
self.assertEqual(output, expected_output)
1551
1552
def test_verbose(self):
1553
output = PrintTableCmd(verbose=True).output(
1554
self.clients.values())
1555
columns = (
1556
(
1557
"Name ",
1558
"foo ",
1559
"barbar ",
1560
),(
1561
"Enabled ",
1562
"Yes ",
1563
"Yes ",
1564
),(
1565
"Timeout ",
1566
"00:05:00 ",
1567
"00:05:00 ",
1568
),(
1569
"Last Successful Check ",
1570
"2019-02-03T00:00:00 ",
1571
"2019-02-04T00:00:00 ",
1572
),(
1573
"Created ",
1574
"2019-01-02T00:00:00 ",
1575
"2019-01-03T00:00:00 ",
1576
),(
1577
"Interval ",
1578
"00:02:00 ",
1579
"00:02:00 ",
1580
),(
1581
"Host ",
1582
"foo.example.org ",
1583
"192.0.2.3 ",
1584
),(
1585
("Key ID "
1586
" "),
1587
("92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8"
1588
"ea90a27cddb12 "),
1589
("0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e"
1590
"46c2b020f441c "),
1591
),(
1592
"Fingerprint ",
1593
"778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 ",
1594
"3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 ",
1595
),(
1596
"Check Is Running ",
1597
"No ",
1598
"Yes ",
1599
),(
1600
"Last Enabled ",
1601
"2019-01-03T00:00:00 ",
1602
"2019-01-04T00:00:00 ",
1603
),(
1604
"Approval Is Pending ",
1605
"No ",
1606
"No ",
1607
),(
1608
"Approved By Default ",
1609
"Yes ",
1610
"No ",
1611
),(
1612
"Last Approval Request ",
1613
" ",
1614
"2019-01-03T00:00:00 ",
1615
),(
1616
"Approval Delay ",
1617
"00:00:00 ",
1618
"00:00:30 ",
1619
),(
1620
"Approval Duration ",
1621
"00:00:01 ",
1622
"1T02:03:05 ",
1623
),(
1624
"Checker ",
1625
"fping -q -- %(host)s ",
1626
": ",
1627
),(
1628
"Extended Timeout ",
1629
"00:15:00 ",
1630
"00:15:00 ",
1631
),(
1632
"Expires ",
1633
"2019-02-04T00:00:00 ",
1634
"2019-02-05T00:00:00 ",
1635
),(
1636
"Last Checker Status",
1637
"0 ",
1638
"-2 ",
1639
)
1640
)
1641
num_lines = max(len(rows) for rows in columns)
1642
expected_output = "\n".join("".join(rows[line]
1643
for rows in columns)
1644
for line in range(num_lines))
1645
self.assertEqual(output, expected_output)
1646
1647
def test_one_client(self):
1648
output = PrintTableCmd().output(self.one_client.values())
1649
expected_output = "\n".join((
1650
"Name Enabled Timeout Last Successful Check",
1651
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
1652
))
1653
self.assertEqual(output, expected_output)
1654
1056
1655
1057
1656
class TestPropertyCmd(TestCmd):
1058
1657
"""Abstract class for tests of PropertyCmd classes"""
1063
1662
self.values_to_set)
1064
1663
for value_to_set, value_to_get in zip(self.values_to_set,
1065
1664
values_to_get):
1066
for client in self.clients:
1067
old_value = client.attributes[self.property]
1068
self.assertNotIsInstance(old_value, Unique)
1069
client.attributes[self.property] = Unique()
1665
for clientpath in self.clients:
1666
client = self.bus.get_object(dbus_busname, clientpath)
1667
old_value = client.attributes[self.propname]
1668
self.assertNotIsInstance(old_value, self.Unique)
1669
client.attributes[self.propname] = self.Unique()
1070
1670
self.run_command(value_to_set, self.clients)
1071
for client in self.clients:
1072
value = client.attributes[self.property]
1073
self.assertNotIsInstance(value, Unique)
1671
for clientpath in self.clients:
1672
client = self.bus.get_object(dbus_busname, clientpath)
1673
value = client.attributes[self.propname]
1674
self.assertNotIsInstance(value, self.Unique)
1074
1675
self.assertEqual(value, value_to_get)
1676
1677
class Unique(object):
1678
"""Class for objects which exist only to be unique objects,
1679
since unittest.mock.sentinel only exists in Python 3.3"""
1680
1075
1681
def run_command(self, value, clients):
1076
self.command().run(None, clients)
1682
self.command().run(clients, self.bus)
1683
1684
1685
class TestEnableCmd(TestPropertyCmd):
1686
command = EnableCmd
1687
propname = "Enabled"
1688
values_to_set = [dbus.Boolean(True)]
1689
1690
1691
class TestDisableCmd(TestPropertyCmd):
1692
command = DisableCmd
1693
propname = "Enabled"
1694
values_to_set = [dbus.Boolean(False)]
1695
1077
1696
1078
1697
class TestBumpTimeoutCmd(TestPropertyCmd):
1079
1698
command = BumpTimeoutCmd
1080
property = "LastCheckedOK"
1699
propname = "LastCheckedOK"
1081
1700
values_to_set = [""]
1082
1701
1702
1083
1703
class TestStartCheckerCmd(TestPropertyCmd):
1084
1704
command = StartCheckerCmd
1085
property = "CheckerRunning"
1705
propname = "CheckerRunning"
1086
1706
values_to_set = [dbus.Boolean(True)]
1087
1707
1708
1088
1709
class TestStopCheckerCmd(TestPropertyCmd):
1089
1710
command = StopCheckerCmd
1090
property = "CheckerRunning"
1711
propname = "CheckerRunning"
1091
1712
values_to_set = [dbus.Boolean(False)]
1092
1713
1714
1093
1715
class TestApproveByDefaultCmd(TestPropertyCmd):
1094
1716
command = ApproveByDefaultCmd
1095
property = "ApprovedByDefault"
1717
propname = "ApprovedByDefault"
1096
1718
values_to_set = [dbus.Boolean(True)]
1097
1719
1720
1098
1721
class TestDenyByDefaultCmd(TestPropertyCmd):
1099
1722
command = DenyByDefaultCmd
1100
property = "ApprovedByDefault"
1723
propname = "ApprovedByDefault"
1101
1724
values_to_set = [dbus.Boolean(False)]
1102
1725
1103
class TestValueArgumentPropertyCmd(TestPropertyCmd):
1104
"""Abstract class for tests of PropertyCmd classes using the
1105
ValueArgumentMixIn"""
1726
1727
class TestPropertyValueCmd(TestPropertyCmd):
1728
"""Abstract class for tests of PropertyValueCmd classes"""
1729
1106
1730
def runTest(self):
1107
if type(self) is TestValueArgumentPropertyCmd:
1731
if type(self) is TestPropertyValueCmd:
1108
1732
return
1109
return super(TestValueArgumentPropertyCmd, self).runTest()
1733
return super(TestPropertyValueCmd, self).runTest()
1734
1110
1735
def run_command(self, value, clients):
1111
self.command(value).run(None, clients)
1112
1113
class TestSetCheckerCmd(TestValueArgumentPropertyCmd):
1736
self.command(value).run(clients, self.bus)
1737
1738
1739
class TestSetCheckerCmd(TestPropertyValueCmd):
1114
1740
command = SetCheckerCmd
1115
property = "Checker"
1741
propname = "Checker"
1116
1742
values_to_set = ["", ":", "fping -q -- %s"]
1117
1743
1118
class TestSetHostCmd(TestValueArgumentPropertyCmd):
1744
1745
class TestSetHostCmd(TestPropertyValueCmd):
1119
1746
command = SetHostCmd
1120
property = "Host"
1747
propname = "Host"
1121
1748
values_to_set = ["192.0.2.3", "foo.example.org"]
1122
1749
1123
class TestSetSecretCmd(TestValueArgumentPropertyCmd):
1750
1751
class TestSetSecretCmd(TestPropertyValueCmd):
1124
1752
command = SetSecretCmd
1125
property = "Secret"
1753
propname = "Secret"
1126
1754
values_to_set = [io.BytesIO(b""),
1127
1755
io.BytesIO(b"secret\0xyzzy\nbar")]
1128
1756
values_to_get = [b"", b"secret\0xyzzy\nbar"]
1129
1757
1130
class TestSetTimeoutCmd(TestValueArgumentPropertyCmd):
1758
1759
class TestSetTimeoutCmd(TestPropertyValueCmd):
1131
1760
command = SetTimeoutCmd
1132
property = "Timeout"
1761
propname = "Timeout"
1133
1762
values_to_set = [datetime.timedelta(),
1134
1763
datetime.timedelta(minutes=5),
1135
1764
datetime.timedelta(seconds=1),
1137
1766
datetime.timedelta(weeks=52)]
1138
1767
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1139
1768
1140
class TestSetExtendedTimeoutCmd(TestValueArgumentPropertyCmd):
1769
1770
class TestSetExtendedTimeoutCmd(TestPropertyValueCmd):
1141
1771
command = SetExtendedTimeoutCmd
1142
property = "ExtendedTimeout"
1772
propname = "ExtendedTimeout"
1143
1773
values_to_set = [datetime.timedelta(),
1144
1774
datetime.timedelta(minutes=5),
1145
1775
datetime.timedelta(seconds=1),
1147
1777
datetime.timedelta(weeks=52)]
1148
1778
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1149
1779
1150
class TestSetIntervalCmd(TestValueArgumentPropertyCmd):
1780
1781
class TestSetIntervalCmd(TestPropertyValueCmd):
1151
1782
command = SetIntervalCmd
1152
property = "Interval"
1783
propname = "Interval"
1153
1784
values_to_set = [datetime.timedelta(),
1154
1785
datetime.timedelta(minutes=5),
1155
1786
datetime.timedelta(seconds=1),
1157
1788
datetime.timedelta(weeks=52)]
1158
1789
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1159
1790
1160
class TestSetApprovalDelayCmd(TestValueArgumentPropertyCmd):
1791
1792
class TestSetApprovalDelayCmd(TestPropertyValueCmd):
1161
1793
command = SetApprovalDelayCmd
1162
property = "ApprovalDelay"
1794
propname = "ApprovalDelay"
1163
1795
values_to_set = [datetime.timedelta(),
1164
1796
datetime.timedelta(minutes=5),
1165
1797
datetime.timedelta(seconds=1),
1167
1799
datetime.timedelta(weeks=52)]
1168
1800
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1169
1801
1170
class TestSetApprovalDurationCmd(TestValueArgumentPropertyCmd):
1802
1803
class TestSetApprovalDurationCmd(TestPropertyValueCmd):
1171
1804
command = SetApprovalDurationCmd
1172
property = "ApprovalDuration"
1805
propname = "ApprovalDuration"
1173
1806
values_to_set = [datetime.timedelta(),
1174
1807
datetime.timedelta(minutes=5),
1175
1808
datetime.timedelta(seconds=1),
1177
1810
datetime.timedelta(weeks=52)]
1178
1811
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1179
1812
1180
class Test_command_from_options(unittest.TestCase):
1181
def setUp(self):
1182
self.parser = argparse.ArgumentParser()
1183
add_command_line_options(self.parser)
1184
def assert_command_from_args(self, args, command_cls, **cmd_attrs):
1185
"""Assert that parsing ARGS should result in an instance of
1186
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1187
options = self.parser.parse_args(args)
1188
check_option_syntax(self.parser, options)
1189
commands = commands_from_options(options)
1190
self.assertEqual(len(commands), 1)
1191
command = commands[0]
1192
self.assertIsInstance(command, command_cls)
1193
for key, value in cmd_attrs.items():
1194
self.assertEqual(getattr(command, key), value)
1195
def test_print_table(self):
1196
self.assert_command_from_args([], PrintTableCmd,
1197
verbose=False)
1198
1199
def test_print_table_verbose(self):
1200
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1201
verbose=True)
1202
1203
def test_print_table_verbose_short(self):
1204
self.assert_command_from_args(["-v"], PrintTableCmd,
1205
verbose=True)
1206
1207
def test_enable(self):
1208
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1209
1210
def test_enable_short(self):
1211
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1212
1213
def test_disable(self):
1214
self.assert_command_from_args(["--disable", "foo"],
1215
DisableCmd)
1216
1217
def test_disable_short(self):
1218
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1219
1220
def test_bump_timeout(self):
1221
self.assert_command_from_args(["--bump-timeout", "foo"],
1222
BumpTimeoutCmd)
1223
1224
def test_bump_timeout_short(self):
1225
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1226
1227
def test_start_checker(self):
1228
self.assert_command_from_args(["--start-checker", "foo"],
1229
StartCheckerCmd)
1230
1231
def test_stop_checker(self):
1232
self.assert_command_from_args(["--stop-checker", "foo"],
1233
StopCheckerCmd)
1234
1235
def test_remove(self):
1236
self.assert_command_from_args(["--remove", "foo"],
1237
RemoveCmd)
1238
1239
def test_remove_short(self):
1240
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1241
1242
def test_checker(self):
1243
self.assert_command_from_args(["--checker", ":", "foo"],
1244
SetCheckerCmd, value_to_set=":")
1245
1246
def test_checker_empty(self):
1247
self.assert_command_from_args(["--checker", "", "foo"],
1248
SetCheckerCmd, value_to_set="")
1249
1250
def test_checker_short(self):
1251
self.assert_command_from_args(["-c", ":", "foo"],
1252
SetCheckerCmd, value_to_set=":")
1253
1254
def test_timeout(self):
1255
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1256
SetTimeoutCmd,
1257
value_to_set=300000)
1258
1259
def test_timeout_short(self):
1260
self.assert_command_from_args(["-t", "PT5M", "foo"],
1261
SetTimeoutCmd,
1262
value_to_set=300000)
1263
1264
def test_extended_timeout(self):
1265
self.assert_command_from_args(["--extended-timeout", "PT15M",
1266
"foo"],
1267
SetExtendedTimeoutCmd,
1268
value_to_set=900000)
1269
1270
def test_interval(self):
1271
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1272
SetIntervalCmd,
1273
value_to_set=120000)
1274
1275
def test_interval_short(self):
1276
self.assert_command_from_args(["-i", "PT2M", "foo"],
1277
SetIntervalCmd,
1278
value_to_set=120000)
1279
1280
def test_approve_by_default(self):
1281
self.assert_command_from_args(["--approve-by-default", "foo"],
1282
ApproveByDefaultCmd)
1283
1284
def test_deny_by_default(self):
1285
self.assert_command_from_args(["--deny-by-default", "foo"],
1286
DenyByDefaultCmd)
1287
1288
def test_approval_delay(self):
1289
self.assert_command_from_args(["--approval-delay", "PT30S",
1290
"foo"], SetApprovalDelayCmd,
1291
value_to_set=30000)
1292
1293
def test_approval_duration(self):
1294
self.assert_command_from_args(["--approval-duration", "PT1S",
1295
"foo"], SetApprovalDurationCmd,
1296
value_to_set=1000)
1297
1298
def test_host(self):
1299
self.assert_command_from_args(["--host", "foo.example.org",
1300
"foo"], SetHostCmd,
1301
value_to_set="foo.example.org")
1302
1303
def test_host_short(self):
1304
self.assert_command_from_args(["-H", "foo.example.org",
1305
"foo"], SetHostCmd,
1306
value_to_set="foo.example.org")
1307
1308
def test_secret_devnull(self):
1309
self.assert_command_from_args(["--secret", os.path.devnull,
1310
"foo"], SetSecretCmd,
1311
value_to_set=b"")
1312
1313
def test_secret_tempfile(self):
1314
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1315
value = b"secret\0xyzzy\nbar"
1316
f.write(value)
1317
f.seek(0)
1318
self.assert_command_from_args(["--secret", f.name,
1319
"foo"], SetSecretCmd,
1320
value_to_set=value)
1321
1322
def test_secret_devnull_short(self):
1323
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1324
SetSecretCmd, value_to_set=b"")
1325
1326
def test_secret_tempfile_short(self):
1327
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1328
value = b"secret\0xyzzy\nbar"
1329
f.write(value)
1330
f.seek(0)
1331
self.assert_command_from_args(["-s", f.name, "foo"],
1332
SetSecretCmd,
1333
value_to_set=value)
1334
1335
def test_approve(self):
1336
self.assert_command_from_args(["--approve", "foo"],
1337
ApproveCmd)
1338
1339
def test_approve_short(self):
1340
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1341
1342
def test_deny(self):
1343
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1344
1345
def test_deny_short(self):
1346
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1347
1348
def test_dump_json(self):
1349
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1350
1351
def test_is_enabled(self):
1352
self.assert_command_from_args(["--is-enabled", "foo"],
1353
IsEnabledCmd)
1354
1355
def test_is_enabled_short(self):
1356
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1357
1358
1359
class Test_check_option_syntax(unittest.TestCase):
1360
# This mostly corresponds to the definition from has_actions() in
1361
# check_option_syntax()
1362
actions = {
1363
# The actual values set here are not that important, but we do
1364
# at least stick to the correct types, even though they are
1365
# never used
1366
"enable": True,
1367
"disable": True,
1368
"bump_timeout": True,
1369
"start_checker": True,
1370
"stop_checker": True,
1371
"is_enabled": True,
1372
"remove": True,
1373
"checker": "x",
1374
"timeout": datetime.timedelta(),
1375
"extended_timeout": datetime.timedelta(),
1376
"interval": datetime.timedelta(),
1377
"approved_by_default": True,
1378
"approval_delay": datetime.timedelta(),
1379
"approval_duration": datetime.timedelta(),
1380
"host": "x",
1381
"secret": io.BytesIO(b"x"),
1382
"approve": True,
1383
"deny": True,
1384
}
1385
1386
def setUp(self):
1387
self.parser = argparse.ArgumentParser()
1388
add_command_line_options(self.parser)
1389
1390
@contextlib.contextmanager
1391
def assertParseError(self):
1392
with self.assertRaises(SystemExit) as e:
1393
with self.temporarily_suppress_stderr():
1394
yield
1395
# Exit code from argparse is guaranteed to be "2". Reference:
1396
# https://docs.python.org/3/library/argparse.html#exiting-methods
1397
self.assertEqual(e.exception.code, 2)
1398
1399
@staticmethod
1400
@contextlib.contextmanager
1401
def temporarily_suppress_stderr():
1402
null = os.open(os.path.devnull, os.O_RDWR)
1403
stderrcopy = os.dup(sys.stderr.fileno())
1404
os.dup2(null, sys.stderr.fileno())
1405
os.close(null)
1406
try:
1407
yield
1408
finally:
1409
# restore stderr
1410
os.dup2(stderrcopy, sys.stderr.fileno())
1411
os.close(stderrcopy)
1412
1413
def check_option_syntax(self, options):
1414
check_option_syntax(self.parser, options)
1415
1416
def test_actions_requires_client_or_all(self):
1417
for action, value in self.actions.items():
1418
options = self.parser.parse_args()
1419
setattr(options, action, value)
1420
with self.assertParseError():
1421
self.check_option_syntax(options)
1422
1423
def test_actions_conflicts_with_verbose(self):
1424
for action, value in self.actions.items():
1425
options = self.parser.parse_args()
1426
setattr(options, action, value)
1427
options.verbose = True
1428
with self.assertParseError():
1429
self.check_option_syntax(options)
1430
1431
def test_dump_json_conflicts_with_verbose(self):
1432
options = self.parser.parse_args()
1433
options.dump_json = True
1434
options.verbose = True
1435
with self.assertParseError():
1436
self.check_option_syntax(options)
1437
1438
def test_dump_json_conflicts_with_action(self):
1439
for action, value in self.actions.items():
1440
options = self.parser.parse_args()
1441
setattr(options, action, value)
1442
options.dump_json = True
1443
with self.assertParseError():
1444
self.check_option_syntax(options)
1445
1446
def test_all_can_not_be_alone(self):
1447
options = self.parser.parse_args()
1448
options.all = True
1449
with self.assertParseError():
1450
self.check_option_syntax(options)
1451
1452
def test_all_is_ok_with_any_action(self):
1453
for action, value in self.actions.items():
1454
options = self.parser.parse_args()
1455
setattr(options, action, value)
1456
options.all = True
1457
self.check_option_syntax(options)
1458
1459
def test_is_enabled_fails_without_client(self):
1460
options = self.parser.parse_args()
1461
options.is_enabled = True
1462
with self.assertParseError():
1463
self.check_option_syntax(options)
1464
1465
def test_is_enabled_works_with_one_client(self):
1466
options = self.parser.parse_args()
1467
options.is_enabled = True
1468
options.client = ["foo"]
1469
self.check_option_syntax(options)
1470
1471
def test_is_enabled_fails_with_two_clients(self):
1472
options = self.parser.parse_args()
1473
options.is_enabled = True
1474
options.client = ["foo", "barbar"]
1475
with self.assertParseError():
1476
self.check_option_syntax(options)
1477
1478
1813
1479
1814
1480
1815
def should_only_run_tests():
1494
1829
return tests
1495
1830
1496
1831
if __name__ == "__main__":
1497
if should_only_run_tests():
1498
# Call using ./tdd-python-script --check [--verbose]
1499
unittest.main()
1500
else:
1501
main()
1832
try:
1833
if should_only_run_tests():
1834
# Call using ./tdd-python-script --check [--verbose]
1835
unittest.main()
1836
else:
1837
main()
1838
finally:
1839
logging.shutdown()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0