To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-ctl
- browse files at revision 1021
- compare with another revision
- download diff
- download tarball
- view history from revision 1021
- Committer: Teddy Hogeborn
- Date: 2019-03-04 20:50:40 UTC
- Revision ID: teddy@recompile.se-20190304205040-c0ecwnigjedch1j9
mandos-ctl: Add test for EnableCmd and DisableCmd
* mandos-ctl (TestEnableCmd, TestDisableCmd): New.
* mandos-ctl (TestEnableCmd, TestDisableCmd): New.
- files modified:
- mandos-ctl
added
removed
mandos-ctl
42
42
import json
43
43
import unittest
44
44
import logging
45
import io
46
import tempfile
47
import contextlib
48
45
49
46
import dbus
50
47
64
61
65
62
locale.setlocale(locale.LC_ALL, "")
66
63
67
dbus_busname_domain = "se.recompile"
68
dbus_busname = dbus_busname_domain + ".Mandos"
69
server_dbus_path = "/"
70
server_dbus_interface = dbus_busname_domain + ".Mandos"
71
client_dbus_interface = dbus_busname_domain + ".Mandos.Client"
72
del dbus_busname_domain
64
domain = "se.recompile"
65
busname = domain + ".Mandos"
66
server_path = "/"
67
server_interface = domain + ".Mandos"
68
client_interface = domain + ".Mandos.Client"
73
69
version = "1.8.3"
74
70
75
71
277
273
# Abstract classes first
278
274
class Command(object):
279
275
"""Abstract class for commands"""
280
def run(self, clients, bus=None, mandos=None):
276
def run(self, mandos, clients):
281
277
"""Normal commands should implement run_on_one_client(), but
282
278
commands which want to operate on all clients at the same time
283
279
can override this run() method instead."""
284
280
self.mandos = mandos
285
for clientpath, properties in clients.items():
286
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
287
dbus_busname, str(clientpath))
288
client = bus.get_object(dbus_busname, clientpath)
281
for client, properties in clients.items():
289
282
self.run_on_one_client(client, properties)
290
283
291
284
class PrintCmd(Command):
297
290
"LastApprovalRequest", "ApprovalDelay",
298
291
"ApprovalDuration", "Checker", "ExtendedTimeout",
299
292
"Expires", "LastCheckerStatus")
300
def run(self, clients, bus=None, mandos=None):
301
print(self.output(clients.values()))
302
def output(self, clients):
303
raise NotImplementedError()
293
def run(self, mandos, clients):
294
print(self.output(clients))
304
295
305
296
class PropertyCmd(Command):
306
297
"""Abstract class for Actions for setting one client property"""
307
298
def run_on_one_client(self, client, properties):
308
299
"""Set the Client's D-Bus property"""
309
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", dbus_busname,
310
client.__dbus_object_path__,
311
dbus.PROPERTIES_IFACE, client_dbus_interface,
312
self.propname, self.value_to_set
313
if not isinstance(self.value_to_set, dbus.Boolean)
314
else bool(self.value_to_set))
315
client.Set(client_dbus_interface, self.propname,
316
self.value_to_set,
300
client.Set(client_interface, self.property, self.value_to_set,
317
301
dbus_interface=dbus.PROPERTIES_IFACE)
318
@property
319
def propname(self):
320
raise NotImplementedError()
321
302
322
class PropertyValueCmd(PropertyCmd):
323
"""Abstract class for PropertyCmd recieving a value as argument"""
303
class ValueArgumentMixIn(object):
304
"""Mixin class for commands taking a value as argument"""
324
305
def __init__(self, value):
325
306
self.value_to_set = value
326
307
327
class MillisecondsPropertyValueArgumentCmd(PropertyValueCmd):
328
"""Abstract class for PropertyValueCmd taking a value argument as
329
a datetime.timedelta() but should store it as milliseconds."""
308
class MillisecondsValueArgumentMixIn(ValueArgumentMixIn):
309
"""Mixin class for commands taking a value argument as
310
milliseconds."""
330
311
@property
331
312
def value_to_set(self):
332
313
return self._vts
333
314
@value_to_set.setter
334
315
def value_to_set(self, value):
335
"""When setting, convert value from a datetime.timedelta"""
336
self._vts = int(round(value.total_seconds() * 1000))
316
"""When setting, convert value to a datetime.timedelta"""
317
self._vts = string_to_delta(value).total_seconds() * 1000
337
318
338
319
# Actual (non-abstract) command classes
339
320
342
323
self.verbose = verbose
343
324
344
325
def output(self, clients):
345
default_keywords = ("Name", "Enabled", "Timeout",
346
"LastCheckedOK")
347
keywords = default_keywords
348
326
if self.verbose:
349
327
keywords = self.all_keywords
350
return str(self.TableOfClients(clients, keywords))
328
else:
329
keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
330
return str(self.TableOfClients(clients.values(), keywords))
351
331
352
332
class TableOfClients(object):
353
333
tableheaders = {
439
419
return value
440
420
441
421
class IsEnabledCmd(Command):
442
def run(self, clients, bus=None, mandos=None):
443
client, properties = next(iter(clients.items()))
422
def run_on_one_client(self, client, properties):
444
423
if self.is_enabled(client, properties):
445
424
sys.exit(0)
446
425
sys.exit(1)
447
426
def is_enabled(self, client, properties):
448
return properties["Enabled"]
427
return bool(properties["Enabled"])
449
428
450
429
class RemoveCmd(Command):
451
430
def run_on_one_client(self, client, properties):
452
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,
453
server_dbus_path, server_dbus_interface,
454
str(client.__dbus_object_path__))
455
431
self.mandos.RemoveClient(client.__dbus_object_path__)
456
432
457
433
class ApproveCmd(Command):
458
434
def run_on_one_client(self, client, properties):
459
log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,
460
client.__dbus_object_path__, client_dbus_interface)
461
435
client.Approve(dbus.Boolean(True),
462
dbus_interface=client_dbus_interface)
436
dbus_interface=client_interface)
463
437
464
438
class DenyCmd(Command):
465
439
def run_on_one_client(self, client, properties):
466
log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,
467
client.__dbus_object_path__, client_dbus_interface)
468
440
client.Approve(dbus.Boolean(False),
469
dbus_interface=client_dbus_interface)
441
dbus_interface=client_interface)
470
442
471
443
class EnableCmd(PropertyCmd):
472
propname = "Enabled"
444
property = "Enabled"
473
445
value_to_set = dbus.Boolean(True)
474
446
475
447
class DisableCmd(PropertyCmd):
476
propname = "Enabled"
448
property = "Enabled"
477
449
value_to_set = dbus.Boolean(False)
478
450
479
451
class BumpTimeoutCmd(PropertyCmd):
480
propname = "LastCheckedOK"
452
property = "LastCheckedOK"
481
453
value_to_set = ""
482
454
483
455
class StartCheckerCmd(PropertyCmd):
484
propname = "CheckerRunning"
456
property = "CheckerRunning"
485
457
value_to_set = dbus.Boolean(True)
486
458
487
459
class StopCheckerCmd(PropertyCmd):
488
propname = "CheckerRunning"
460
property = "CheckerRunning"
489
461
value_to_set = dbus.Boolean(False)
490
462
491
463
class ApproveByDefaultCmd(PropertyCmd):
492
propname = "ApprovedByDefault"
464
property = "ApprovedByDefault"
493
465
value_to_set = dbus.Boolean(True)
494
466
495
467
class DenyByDefaultCmd(PropertyCmd):
496
propname = "ApprovedByDefault"
468
property = "ApprovedByDefault"
497
469
value_to_set = dbus.Boolean(False)
498
470
499
class SetCheckerCmd(PropertyValueCmd):
500
propname = "Checker"
501
502
class SetHostCmd(PropertyValueCmd):
503
propname = "Host"
504
505
class SetSecretCmd(PropertyValueCmd):
506
propname = "Secret"
507
@property
508
def value_to_set(self):
509
return self._vts
510
@value_to_set.setter
511
def value_to_set(self, value):
512
"""When setting, read data from supplied file object"""
513
self._vts = value.read()
514
value.close()
515
516
class SetTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
517
propname = "Timeout"
518
519
class SetExtendedTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
520
propname = "ExtendedTimeout"
521
522
class SetIntervalCmd(MillisecondsPropertyValueArgumentCmd):
523
propname = "Interval"
524
525
class SetApprovalDelayCmd(MillisecondsPropertyValueArgumentCmd):
526
propname = "ApprovalDelay"
527
528
class SetApprovalDurationCmd(MillisecondsPropertyValueArgumentCmd):
529
propname = "ApprovalDuration"
471
class SetCheckerCmd(PropertyCmd, ValueArgumentMixIn):
472
property = "Checker"
473
474
class SetHostCmd(PropertyCmd, ValueArgumentMixIn):
475
property = "Host"
476
477
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
478
property = "Secret"
479
480
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
481
property = "Timeout"
482
483
class SetExtendedTimeoutCmd(PropertyCmd,
484
MillisecondsValueArgumentMixIn):
485
property = "ExtendedTimeout"
486
487
class SetIntervalCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
488
property = "Interval"
489
490
class SetApprovalDelayCmd(PropertyCmd,
491
MillisecondsValueArgumentMixIn):
492
property = "ApprovalDelay"
493
494
class SetApprovalDurationCmd(PropertyCmd,
495
MillisecondsValueArgumentMixIn):
496
property = "ApprovalDuration"
497
498
def has_actions(options):
499
return any((options.enable,
500
options.disable,
501
options.bump_timeout,
502
options.start_checker,
503
options.stop_checker,
504
options.is_enabled,
505
options.remove,
506
options.checker is not None,
507
options.timeout is not None,
508
options.extended_timeout is not None,
509
options.interval is not None,
510
options.approved_by_default is not None,
511
options.approval_delay is not None,
512
options.approval_duration is not None,
513
options.host is not None,
514
options.secret is not None,
515
options.approve,
516
options.deny))
530
517
531
518
def add_command_line_options(parser):
532
519
parser.add_argument("--version", action="version",
559
546
help="Remove client")
560
547
parser.add_argument("-c", "--checker",
561
548
help="Set checker command for client")
562
parser.add_argument("-t", "--timeout", type=string_to_delta,
549
parser.add_argument("-t", "--timeout",
563
550
help="Set timeout for client")
564
parser.add_argument("--extended-timeout", type=string_to_delta,
551
parser.add_argument("--extended-timeout",
565
552
help="Set extended timeout for client")
566
parser.add_argument("-i", "--interval", type=string_to_delta,
553
parser.add_argument("-i", "--interval",
567
554
help="Set checker interval for client")
568
555
approve_deny_default = parser.add_mutually_exclusive_group()
569
556
approve_deny_default.add_argument(
574
561
"--deny-by-default", action="store_false",
575
562
dest="approved_by_default",
576
563
help="Set client to be denied by default")
577
parser.add_argument("--approval-delay", type=string_to_delta,
564
parser.add_argument("--approval-delay",
578
565
help="Set delay before client approve/deny")
579
parser.add_argument("--approval-duration", type=string_to_delta,
566
parser.add_argument("--approval-duration",
580
567
help="Set duration of one client approval")
581
568
parser.add_argument("-H", "--host", help="Set host for client")
582
569
parser.add_argument("-s", "--secret",
588
575
help="Approve any current client request")
589
576
approve_deny.add_argument("-D", "--deny", action="store_true",
590
577
help="Deny any current client request")
591
parser.add_argument("--debug", action="store_true",
592
help="Debug mode (show D-Bus commands)")
593
578
parser.add_argument("--check", action="store_true",
594
579
help="Run self-test")
595
580
parser.add_argument("client", nargs="*", help="Client name")
596
581
597
582
598
def commands_from_options(options):
583
def commands_and_clients_from_options(options):
599
584
600
585
commands = []
601
586
609
594
commands.append(DisableCmd())
610
595
611
596
if options.bump_timeout:
612
commands.append(BumpTimeoutCmd())
597
commands.append(BumpTimeoutCmd(options.bump_timeout))
613
598
614
599
if options.start_checker:
615
600
commands.append(StartCheckerCmd())
620
605
if options.is_enabled:
621
606
commands.append(IsEnabledCmd())
622
607
608
if options.remove:
609
commands.append(RemoveCmd())
610
623
611
if options.checker is not None:
624
commands.append(SetCheckerCmd(options.checker))
612
commands.append(SetCheckerCmd())
625
613
626
614
if options.timeout is not None:
627
615
commands.append(SetTimeoutCmd(options.timeout))
631
619
SetExtendedTimeoutCmd(options.extended_timeout))
632
620
633
621
if options.interval is not None:
634
commands.append(SetIntervalCmd(options.interval))
622
command.append(SetIntervalCmd(options.interval))
635
623
636
624
if options.approved_by_default is not None:
637
625
if options.approved_by_default:
638
commands.append(ApproveByDefaultCmd())
626
command.append(ApproveByDefaultCmd())
639
627
else:
640
commands.append(DenyByDefaultCmd())
628
command.append(DenyByDefaultCmd())
641
629
642
630
if options.approval_delay is not None:
643
commands.append(SetApprovalDelayCmd(options.approval_delay))
631
command.append(SetApprovalDelayCmd(options.approval_delay))
644
632
645
633
if options.approval_duration is not None:
646
commands.append(
634
command.append(
647
635
SetApprovalDurationCmd(options.approval_duration))
648
636
649
637
if options.host is not None:
650
commands.append(SetHostCmd(options.host))
638
command.append(SetHostCmd(options.host))
651
639
652
640
if options.secret is not None:
653
commands.append(SetSecretCmd(options.secret))
641
command.append(SetSecretCmd(options.secret))
654
642
655
643
if options.approve:
656
644
commands.append(ApproveCmd())
658
646
if options.deny:
659
647
commands.append(DenyCmd())
660
648
661
if options.remove:
662
commands.append(RemoveCmd())
663
664
649
# If no command option has been given, show table of clients,
665
650
# optionally verbosely
666
651
if not commands:
667
652
commands.append(PrintTableCmd(verbose=options.verbose))
668
653
669
return commands
670
671
672
def check_option_syntax(parser, options):
673
"""Apply additional restrictions on options, not expressible in
674
argparse"""
675
676
def has_actions(options):
677
return any((options.enable,
678
options.disable,
679
options.bump_timeout,
680
options.start_checker,
681
options.stop_checker,
682
options.is_enabled,
683
options.remove,
684
options.checker is not None,
685
options.timeout is not None,
686
options.extended_timeout is not None,
687
options.interval is not None,
688
options.approved_by_default is not None,
689
options.approval_delay is not None,
690
options.approval_duration is not None,
691
options.host is not None,
692
options.secret is not None,
693
options.approve,
694
options.deny))
654
return commands, options.client
655
656
657
def main():
658
parser = argparse.ArgumentParser()
659
660
add_command_line_options(parser)
661
662
options = parser.parse_args()
695
663
696
664
if has_actions(options) and not (options.client or options.all):
697
665
parser.error("Options require clients names or --all.")
704
672
parser.error("--all requires an action.")
705
673
if options.is_enabled and len(options.client) > 1:
706
674
parser.error("--is-enabled requires exactly one client")
707
if options.remove:
708
options.remove = False
709
if has_actions(options) and not options.deny:
710
parser.error("--remove can only be combined with --deny")
711
options.remove = True
712
713
714
def main():
715
parser = argparse.ArgumentParser()
716
717
add_command_line_options(parser)
718
719
options = parser.parse_args()
720
721
check_option_syntax(parser, options)
722
723
clientnames = options.client
724
725
if options.debug:
726
log.setLevel(logging.DEBUG)
675
676
commands, clientnames = commands_and_clients_from_options(options)
727
677
728
678
try:
729
679
bus = dbus.SystemBus()
730
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
731
dbus_busname, server_dbus_path)
732
mandos_dbus_objc = bus.get_object(dbus_busname,
733
server_dbus_path)
680
mandos_dbus_objc = bus.get_object(busname, server_path)
734
681
except dbus.exceptions.DBusException:
735
682
log.critical("Could not connect to Mandos server")
736
683
sys.exit(1)
737
684
738
685
mandos_serv = dbus.Interface(mandos_dbus_objc,
739
dbus_interface=server_dbus_interface)
686
dbus_interface=server_interface)
740
687
mandos_serv_object_manager = dbus.Interface(
741
688
mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
742
689
748
695
dbus_filter = NullFilter()
749
696
try:
750
697
dbus_logger.addFilter(dbus_filter)
751
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,
752
server_dbus_path, dbus.OBJECT_MANAGER_IFACE)
753
mandos_clients = {path: ifs_and_props[client_dbus_interface]
698
mandos_clients = {path: ifs_and_props[client_interface]
754
699
for path, ifs_and_props in
755
700
mandos_serv_object_manager
756
701
.GetManagedObjects().items()
757
if client_dbus_interface in ifs_and_props}
702
if client_interface in ifs_and_props}
758
703
except dbus.exceptions.DBusException as e:
759
704
log.critical("Failed to access Mandos server through D-Bus:"
760
705
"\n%s", e)
767
712
clients = {}
768
713
769
714
if not clientnames:
770
clients = {objpath: properties
771
for objpath, properties in mandos_clients.items()}
715
clients = {bus.get_object(busname, path): properties
716
for path, properties in mandos_clients.items()}
772
717
else:
773
718
for name in clientnames:
774
for objpath, properties in mandos_clients.items():
775
if properties["Name"] == name:
776
clients[objpath] = properties
719
for path, client in mandos_clients.items():
720
if client["Name"] == name:
721
client_objc = bus.get_object(busname, path)
722
clients[client_objc] = client
777
723
break
778
724
else:
779
725
log.critical("Client not found on server: %r", name)
780
726
sys.exit(1)
781
727
782
728
# Run all commands on clients
783
commands = commands_from_options(options)
784
729
for command in commands:
785
command.run(clients, bus, mandos_serv)
730
command.run(mandos_serv, clients)
786
731
787
732
788
733
class Test_milliseconds_to_string(unittest.TestCase):
800
745
801
746
class Test_string_to_delta(unittest.TestCase):
802
747
def test_handles_basic_rfc3339(self):
803
self.assertEqual(string_to_delta("PT0S"),
804
datetime.timedelta())
805
self.assertEqual(string_to_delta("P0D"),
806
datetime.timedelta())
807
self.assertEqual(string_to_delta("PT1S"),
808
datetime.timedelta(0, 1))
809
748
self.assertEqual(string_to_delta("PT2H"),
810
749
datetime.timedelta(0, 7200))
811
750
def test_falls_back_to_pre_1_6_1_with_warning(self):
837
776
testcase = self
838
777
class MockClient(object):
839
778
def __init__(self, name, **attributes):
840
self.__dbus_object_path__ = "/clients/{}".format(name)
779
self.__dbus_object_path__ = "objpath_{}".format(name)
841
780
self.attributes = attributes
842
781
self.attributes["Name"] = name
843
782
self.calls = []
844
def Set(self, interface, propname, value, dbus_interface):
845
testcase.assertEqual(interface, client_dbus_interface)
846
testcase.assertEqual(dbus_interface,
847
dbus.PROPERTIES_IFACE)
848
self.attributes[propname] = value
849
def Get(self, interface, propname, dbus_interface):
850
testcase.assertEqual(interface, client_dbus_interface)
851
testcase.assertEqual(dbus_interface,
852
dbus.PROPERTIES_IFACE)
853
return self.attributes[propname]
783
def Set(self, interface, property, value, dbus_interface):
784
testcase.assertEqual(interface, client_interface)
785
testcase.assertEqual(dbus_interface,
786
dbus.PROPERTIES_IFACE)
787
self.attributes[property] = value
788
self.calls.append(("Set", (interface, property, value,
789
dbus_interface)))
790
def Get(self, interface, property, dbus_interface):
791
testcase.assertEqual(interface, client_interface)
792
testcase.assertEqual(dbus_interface,
793
dbus.PROPERTIES_IFACE)
794
self.calls.append(("Get", (interface, property,
795
dbus_interface)))
796
return self.attributes[property]
854
797
def Approve(self, approve, dbus_interface):
855
testcase.assertEqual(dbus_interface,
856
client_dbus_interface)
798
testcase.assertEqual(dbus_interface, client_interface)
857
799
self.calls.append(("Approve", (approve,
858
800
dbus_interface)))
859
801
self.client = MockClient(
906
848
LastCheckerStatus=-2)
907
849
self.clients = collections.OrderedDict(
908
850
[
909
("/clients/foo", self.client.attributes),
910
("/clients/barbar", self.other_client.attributes),
851
(self.client, self.client.attributes),
852
(self.other_client, self.other_client.attributes),
911
853
])
912
self.one_client = {"/clients/foo": self.client.attributes}
913
@property
914
def bus(self):
915
class Bus(object):
916
@staticmethod
917
def get_object(client_bus_name, path):
918
self.assertEqual(client_bus_name, dbus_busname)
919
return {
920
"/clients/foo": self.client,
921
"/clients/barbar": self.other_client,
922
}[path]
923
return Bus()
854
self.one_client = {self.client: self.client.attributes}
924
855
925
856
class TestPrintTableCmd(TestCmd):
926
857
def test_normal(self):
927
output = PrintTableCmd().output(self.clients.values())
928
expected_output = "\n".join((
929
"Name Enabled Timeout Last Successful Check",
930
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
931
"barbar Yes 00:05:00 2019-02-04T00:00:00 ",
932
))
858
output = PrintTableCmd().output(self.clients)
859
expected_output = """
860
Name Enabled Timeout Last Successful Check
861
foo Yes 00:05:00 2019-02-03T00:00:00
862
barbar Yes 00:05:00 2019-02-04T00:00:00
863
"""[1:-1]
933
864
self.assertEqual(output, expected_output)
934
865
def test_verbose(self):
935
output = PrintTableCmd(verbose=True).output(
936
self.clients.values())
937
expected_output = "\n".join((
938
# First line (headers)
939
"Name Enabled Timeout Last Successful Check Created "
940
" Interval Host Key ID "
941
" Fingerprint "
942
" Check Is Running Last Enabl"
943
"ed Approval Is Pending Approved By Default Last A"
944
"pproval Request Approval Delay Approval Duration Checker"
945
" Extended Timeout Expires Last "
946
"Checker Status",
947
# Second line (client "foo")
948
"foo Yes 00:05:00 2019-02-03T00:00:00 2019-01-02"
949
"T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684"
950
"574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7"
951
"DE539C5A7CFA59CFF7CDBD9A5920 No 2019-01-03"
952
"T00:00:00 No Yes "
953
" 00:00:00 00:00:01 fping -"
954
"q -- %(host)s 00:15:00 2019-02-04T00:00:00 0 "
955
" ",
956
# Third line (client "barbar")
957
"barbar Yes 00:05:00 2019-02-04T00:00:00 2019-01-03"
958
"T00:00:00 00:02:00 192.0.2.3 0558568eedd67d622f5c8"
959
"3b35a115f796ab612cff5ad227247e46c2b020f441c 3E393AEAEFB8"
960
"4C7E89E2F547B3A107558FCA3A27 Yes 2019-01-04"
961
"T00:00:00 No No 2019-0"
962
"1-03T00:00:00 00:00:30 00:00:01 : "
963
" 00:15:00 2019-02-05T00:00:00 -2 "
964
" ",
965
))
866
output = PrintTableCmd(verbose=True).output(self.clients)
867
expected_output = """
868
Name Enabled Timeout Last Successful Check Created Interval Host Key ID Fingerprint Check Is Running Last Enabled Approval Is Pending Approved By Default Last Approval Request Approval Delay Approval Duration Checker Extended Timeout Expires Last Checker Status
869
foo Yes 00:05:00 2019-02-03T00:00:00 2019-01-02T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 No 2019-01-03T00:00:00 No Yes 00:00:00 00:00:01 fping -q -- %(host)s 00:15:00 2019-02-04T00:00:00 0
870
barbar Yes 00:05:00 2019-02-04T00:00:00 2019-01-03T00:00:00 00:02:00 192.0.2.3 0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e46c2b020f441c 3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 Yes 2019-01-04T00:00:00 No No 2019-01-03T00:00:00 00:00:30 00:00:01 : 00:15:00 2019-02-05T00:00:00 -2
871
"""[1:-1]
966
872
self.assertEqual(output, expected_output)
967
873
def test_one_client(self):
968
output = PrintTableCmd().output(self.one_client.values())
874
output = PrintTableCmd().output(self.one_client)
969
875
expected_output = """
970
876
Name Enabled Timeout Last Successful Check
971
877
foo Yes 00:05:00 2019-02-03T00:00:00
1036
942
1037
943
class TestIsEnabledCmd(TestCmd):
1038
944
def test_is_enabled(self):
1039
self.assertTrue(all(IsEnabledCmd().is_enabled(client,
1040
properties)
1041
for client, properties
1042
in self.clients.items()))
945
self.assertTrue(all(IsEnabledCmd().is_enabled(client, properties)
946
for client, properties in self.clients.items()))
1043
947
def test_is_enabled_run_exits_successfully(self):
1044
948
with self.assertRaises(SystemExit) as e:
1045
IsEnabledCmd().run(self.one_client)
949
IsEnabledCmd().run(None, self.one_client)
1046
950
if e.exception.code is not None:
1047
951
self.assertEqual(e.exception.code, 0)
1048
952
else:
1050
954
def test_is_enabled_run_exits_with_failure(self):
1051
955
self.client.attributes["Enabled"] = dbus.Boolean(False)
1052
956
with self.assertRaises(SystemExit) as e:
1053
IsEnabledCmd().run(self.one_client)
957
IsEnabledCmd().run(None, self.one_client)
1054
958
if isinstance(e.exception.code, int):
1055
959
self.assertNotEqual(e.exception.code, 0)
1056
960
else:
1065
969
self.calls.append(("RemoveClient", (dbus_path,)))
1066
970
mandos = MockMandos()
1067
971
super(TestRemoveCmd, self).setUp()
1068
RemoveCmd().run(self.clients, self.bus, mandos)
972
RemoveCmd().run(mandos, self.clients)
1069
973
self.assertEqual(len(mandos.calls), 2)
1070
for clientpath in self.clients:
1071
self.assertIn(("RemoveClient", (clientpath,)),
974
for client in self.clients:
975
self.assertIn(("RemoveClient",
976
(client.__dbus_object_path__,)),
1072
977
mandos.calls)
1073
978
1074
979
class TestApproveCmd(TestCmd):
1075
980
def test_approve(self):
1076
ApproveCmd().run(self.clients, self.bus)
1077
for clientpath in self.clients:
1078
client = self.bus.get_object(dbus_busname, clientpath)
1079
self.assertIn(("Approve", (True, client_dbus_interface)),
981
ApproveCmd().run(None, self.clients)
982
for client in self.clients:
983
self.assertIn(("Approve", (True, client_interface)),
1080
984
client.calls)
1081
985
1082
986
class TestDenyCmd(TestCmd):
1083
987
def test_deny(self):
1084
DenyCmd().run(self.clients, self.bus)
1085
for clientpath in self.clients:
1086
client = self.bus.get_object(dbus_busname, clientpath)
1087
self.assertIn(("Approve", (False, client_dbus_interface)),
988
DenyCmd().run(None, self.clients)
989
for client in self.clients:
990
self.assertIn(("Approve", (False, client_interface)),
1088
991
client.calls)
1089
992
1090
993
class TestEnableCmd(TestCmd):
1091
994
def test_enable(self):
1092
for clientpath in self.clients:
1093
client = self.bus.get_object(dbus_busname, clientpath)
995
for client in self.clients:
1094
996
client.attributes["Enabled"] = False
1095
997
1096
EnableCmd().run(self.clients, self.bus)
998
EnableCmd().run(None, self.clients)
1097
999
1098
for clientpath in self.clients:
1099
client = self.bus.get_object(dbus_busname, clientpath)
1000
for client in self.clients:
1100
1001
self.assertTrue(client.attributes["Enabled"])
1101
1002
1102
1003
class TestDisableCmd(TestCmd):
1103
1004
def test_disable(self):
1104
DisableCmd().run(self.clients, self.bus)
1105
for clientpath in self.clients:
1106
client = self.bus.get_object(dbus_busname, clientpath)
1005
DisableCmd().run(None, self.clients)
1006
1007
for client in self.clients:
1107
1008
self.assertFalse(client.attributes["Enabled"])
1108
1009
1109
class Unique(object):
1110
"""Class for objects which exist only to be unique objects, since
1111
unittest.mock.sentinel only exists in Python 3.3"""
1112
1113
class TestPropertyCmd(TestCmd):
1114
"""Abstract class for tests of PropertyCmd classes"""
1115
def runTest(self):
1116
if not hasattr(self, "command"):
1117
return
1118
values_to_get = getattr(self, "values_to_get",
1119
self.values_to_set)
1120
for value_to_set, value_to_get in zip(self.values_to_set,
1121
values_to_get):
1122
for clientpath in self.clients:
1123
client = self.bus.get_object(dbus_busname, clientpath)
1124
old_value = client.attributes[self.propname]
1125
self.assertNotIsInstance(old_value, Unique)
1126
client.attributes[self.propname] = Unique()
1127
self.run_command(value_to_set, self.clients)
1128
for clientpath in self.clients:
1129
client = self.bus.get_object(dbus_busname, clientpath)
1130
value = client.attributes[self.propname]
1131
self.assertNotIsInstance(value, Unique)
1132
self.assertEqual(value, value_to_get)
1133
def run_command(self, value, clients):
1134
self.command().run(clients, self.bus)
1135
1136
class TestBumpTimeoutCmd(TestPropertyCmd):
1137
command = BumpTimeoutCmd
1138
propname = "LastCheckedOK"
1139
values_to_set = [""]
1140
1141
class TestStartCheckerCmd(TestPropertyCmd):
1142
command = StartCheckerCmd
1143
propname = "CheckerRunning"
1144
values_to_set = [dbus.Boolean(True)]
1145
1146
class TestStopCheckerCmd(TestPropertyCmd):
1147
command = StopCheckerCmd
1148
propname = "CheckerRunning"
1149
values_to_set = [dbus.Boolean(False)]
1150
1151
class TestApproveByDefaultCmd(TestPropertyCmd):
1152
command = ApproveByDefaultCmd
1153
propname = "ApprovedByDefault"
1154
values_to_set = [dbus.Boolean(True)]
1155
1156
class TestDenyByDefaultCmd(TestPropertyCmd):
1157
command = DenyByDefaultCmd
1158
propname = "ApprovedByDefault"
1159
values_to_set = [dbus.Boolean(False)]
1160
1161
class TestPropertyValueCmd(TestPropertyCmd):
1162
"""Abstract class for tests of PropertyValueCmd classes"""
1163
def runTest(self):
1164
if type(self) is TestPropertyValueCmd:
1165
return
1166
return super(TestPropertyValueCmd, self).runTest()
1167
def run_command(self, value, clients):
1168
self.command(value).run(clients, self.bus)
1169
1170
class TestSetCheckerCmd(TestPropertyValueCmd):
1171
command = SetCheckerCmd
1172
propname = "Checker"
1173
values_to_set = ["", ":", "fping -q -- %s"]
1174
1175
class TestSetHostCmd(TestPropertyValueCmd):
1176
command = SetHostCmd
1177
propname = "Host"
1178
values_to_set = ["192.0.2.3", "foo.example.org"]
1179
1180
class TestSetSecretCmd(TestPropertyValueCmd):
1181
command = SetSecretCmd
1182
propname = "Secret"
1183
values_to_set = [io.BytesIO(b""),
1184
io.BytesIO(b"secret\0xyzzy\nbar")]
1185
values_to_get = [b"", b"secret\0xyzzy\nbar"]
1186
1187
class TestSetTimeoutCmd(TestPropertyValueCmd):
1188
command = SetTimeoutCmd
1189
propname = "Timeout"
1190
values_to_set = [datetime.timedelta(),
1191
datetime.timedelta(minutes=5),
1192
datetime.timedelta(seconds=1),
1193
datetime.timedelta(weeks=1),
1194
datetime.timedelta(weeks=52)]
1195
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1196
1197
class TestSetExtendedTimeoutCmd(TestPropertyValueCmd):
1198
command = SetExtendedTimeoutCmd
1199
propname = "ExtendedTimeout"
1200
values_to_set = [datetime.timedelta(),
1201
datetime.timedelta(minutes=5),
1202
datetime.timedelta(seconds=1),
1203
datetime.timedelta(weeks=1),
1204
datetime.timedelta(weeks=52)]
1205
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1206
1207
class TestSetIntervalCmd(TestPropertyValueCmd):
1208
command = SetIntervalCmd
1209
propname = "Interval"
1210
values_to_set = [datetime.timedelta(),
1211
datetime.timedelta(minutes=5),
1212
datetime.timedelta(seconds=1),
1213
datetime.timedelta(weeks=1),
1214
datetime.timedelta(weeks=52)]
1215
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1216
1217
class TestSetApprovalDelayCmd(TestPropertyValueCmd):
1218
command = SetApprovalDelayCmd
1219
propname = "ApprovalDelay"
1220
values_to_set = [datetime.timedelta(),
1221
datetime.timedelta(minutes=5),
1222
datetime.timedelta(seconds=1),
1223
datetime.timedelta(weeks=1),
1224
datetime.timedelta(weeks=52)]
1225
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1226
1227
class TestSetApprovalDurationCmd(TestPropertyValueCmd):
1228
command = SetApprovalDurationCmd
1229
propname = "ApprovalDuration"
1230
values_to_set = [datetime.timedelta(),
1231
datetime.timedelta(minutes=5),
1232
datetime.timedelta(seconds=1),
1233
datetime.timedelta(weeks=1),
1234
datetime.timedelta(weeks=52)]
1235
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1236
1237
class Test_command_from_options(unittest.TestCase):
1238
def setUp(self):
1239
self.parser = argparse.ArgumentParser()
1240
add_command_line_options(self.parser)
1241
def assert_command_from_args(self, args, command_cls,
1242
**cmd_attrs):
1243
"""Assert that parsing ARGS should result in an instance of
1244
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1245
options = self.parser.parse_args(args)
1246
check_option_syntax(self.parser, options)
1247
commands = commands_from_options(options)
1248
self.assertEqual(len(commands), 1)
1249
command = commands[0]
1250
self.assertIsInstance(command, command_cls)
1251
for key, value in cmd_attrs.items():
1252
self.assertEqual(getattr(command, key), value)
1253
def test_print_table(self):
1254
self.assert_command_from_args([], PrintTableCmd,
1255
verbose=False)
1256
1257
def test_print_table_verbose(self):
1258
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1259
verbose=True)
1260
1261
def test_print_table_verbose_short(self):
1262
self.assert_command_from_args(["-v"], PrintTableCmd,
1263
verbose=True)
1264
1265
def test_enable(self):
1266
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1267
1268
def test_enable_short(self):
1269
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1270
1271
def test_disable(self):
1272
self.assert_command_from_args(["--disable", "foo"],
1273
DisableCmd)
1274
1275
def test_disable_short(self):
1276
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1277
1278
def test_bump_timeout(self):
1279
self.assert_command_from_args(["--bump-timeout", "foo"],
1280
BumpTimeoutCmd)
1281
1282
def test_bump_timeout_short(self):
1283
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1284
1285
def test_start_checker(self):
1286
self.assert_command_from_args(["--start-checker", "foo"],
1287
StartCheckerCmd)
1288
1289
def test_stop_checker(self):
1290
self.assert_command_from_args(["--stop-checker", "foo"],
1291
StopCheckerCmd)
1292
1293
def test_remove(self):
1294
self.assert_command_from_args(["--remove", "foo"],
1295
RemoveCmd)
1296
1297
def test_remove_short(self):
1298
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1299
1300
def test_checker(self):
1301
self.assert_command_from_args(["--checker", ":", "foo"],
1302
SetCheckerCmd, value_to_set=":")
1303
1304
def test_checker_empty(self):
1305
self.assert_command_from_args(["--checker", "", "foo"],
1306
SetCheckerCmd, value_to_set="")
1307
1308
def test_checker_short(self):
1309
self.assert_command_from_args(["-c", ":", "foo"],
1310
SetCheckerCmd, value_to_set=":")
1311
1312
def test_timeout(self):
1313
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1314
SetTimeoutCmd,
1315
value_to_set=300000)
1316
1317
def test_timeout_short(self):
1318
self.assert_command_from_args(["-t", "PT5M", "foo"],
1319
SetTimeoutCmd,
1320
value_to_set=300000)
1321
1322
def test_extended_timeout(self):
1323
self.assert_command_from_args(["--extended-timeout", "PT15M",
1324
"foo"],
1325
SetExtendedTimeoutCmd,
1326
value_to_set=900000)
1327
1328
def test_interval(self):
1329
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1330
SetIntervalCmd,
1331
value_to_set=120000)
1332
1333
def test_interval_short(self):
1334
self.assert_command_from_args(["-i", "PT2M", "foo"],
1335
SetIntervalCmd,
1336
value_to_set=120000)
1337
1338
def test_approve_by_default(self):
1339
self.assert_command_from_args(["--approve-by-default", "foo"],
1340
ApproveByDefaultCmd)
1341
1342
def test_deny_by_default(self):
1343
self.assert_command_from_args(["--deny-by-default", "foo"],
1344
DenyByDefaultCmd)
1345
1346
def test_approval_delay(self):
1347
self.assert_command_from_args(["--approval-delay", "PT30S",
1348
"foo"], SetApprovalDelayCmd,
1349
value_to_set=30000)
1350
1351
def test_approval_duration(self):
1352
self.assert_command_from_args(["--approval-duration", "PT1S",
1353
"foo"], SetApprovalDurationCmd,
1354
value_to_set=1000)
1355
1356
def test_host(self):
1357
self.assert_command_from_args(["--host", "foo.example.org",
1358
"foo"], SetHostCmd,
1359
value_to_set="foo.example.org")
1360
1361
def test_host_short(self):
1362
self.assert_command_from_args(["-H", "foo.example.org",
1363
"foo"], SetHostCmd,
1364
value_to_set="foo.example.org")
1365
1366
def test_secret_devnull(self):
1367
self.assert_command_from_args(["--secret", os.path.devnull,
1368
"foo"], SetSecretCmd,
1369
value_to_set=b"")
1370
1371
def test_secret_tempfile(self):
1372
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1373
value = b"secret\0xyzzy\nbar"
1374
f.write(value)
1375
f.seek(0)
1376
self.assert_command_from_args(["--secret", f.name,
1377
"foo"], SetSecretCmd,
1378
value_to_set=value)
1379
1380
def test_secret_devnull_short(self):
1381
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1382
SetSecretCmd, value_to_set=b"")
1383
1384
def test_secret_tempfile_short(self):
1385
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1386
value = b"secret\0xyzzy\nbar"
1387
f.write(value)
1388
f.seek(0)
1389
self.assert_command_from_args(["-s", f.name, "foo"],
1390
SetSecretCmd,
1391
value_to_set=value)
1392
1393
def test_approve(self):
1394
self.assert_command_from_args(["--approve", "foo"],
1395
ApproveCmd)
1396
1397
def test_approve_short(self):
1398
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1399
1400
def test_deny(self):
1401
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1402
1403
def test_deny_short(self):
1404
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1405
1406
def test_dump_json(self):
1407
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1408
1409
def test_is_enabled(self):
1410
self.assert_command_from_args(["--is-enabled", "foo"],
1411
IsEnabledCmd)
1412
1413
def test_is_enabled_short(self):
1414
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1415
1416
def test_deny_before_remove(self):
1417
options = self.parser.parse_args(["--deny", "--remove",
1418
"foo"])
1419
check_option_syntax(self.parser, options)
1420
commands = commands_from_options(options)
1421
self.assertEqual(len(commands), 2)
1422
self.assertIsInstance(commands[0], DenyCmd)
1423
self.assertIsInstance(commands[1], RemoveCmd)
1424
1425
def test_deny_before_remove_reversed(self):
1426
options = self.parser.parse_args(["--remove", "--deny",
1427
"--all"])
1428
check_option_syntax(self.parser, options)
1429
commands = commands_from_options(options)
1430
self.assertEqual(len(commands), 2)
1431
self.assertIsInstance(commands[0], DenyCmd)
1432
self.assertIsInstance(commands[1], RemoveCmd)
1433
1434
1435
class Test_check_option_syntax(unittest.TestCase):
1436
# This mostly corresponds to the definition from has_actions() in
1437
# check_option_syntax()
1438
actions = {
1439
# The actual values set here are not that important, but we do
1440
# at least stick to the correct types, even though they are
1441
# never used
1442
"enable": True,
1443
"disable": True,
1444
"bump_timeout": True,
1445
"start_checker": True,
1446
"stop_checker": True,
1447
"is_enabled": True,
1448
"remove": True,
1449
"checker": "x",
1450
"timeout": datetime.timedelta(),
1451
"extended_timeout": datetime.timedelta(),
1452
"interval": datetime.timedelta(),
1453
"approved_by_default": True,
1454
"approval_delay": datetime.timedelta(),
1455
"approval_duration": datetime.timedelta(),
1456
"host": "x",
1457
"secret": io.BytesIO(b"x"),
1458
"approve": True,
1459
"deny": True,
1460
}
1461
1462
def setUp(self):
1463
self.parser = argparse.ArgumentParser()
1464
add_command_line_options(self.parser)
1465
1466
@contextlib.contextmanager
1467
def assertParseError(self):
1468
with self.assertRaises(SystemExit) as e:
1469
with self.temporarily_suppress_stderr():
1470
yield
1471
# Exit code from argparse is guaranteed to be "2". Reference:
1472
# https://docs.python.org/3/library
1473
# /argparse.html#exiting-methods
1474
self.assertEqual(e.exception.code, 2)
1475
1476
@staticmethod
1477
@contextlib.contextmanager
1478
def temporarily_suppress_stderr():
1479
null = os.open(os.path.devnull, os.O_RDWR)
1480
stderrcopy = os.dup(sys.stderr.fileno())
1481
os.dup2(null, sys.stderr.fileno())
1482
os.close(null)
1483
try:
1484
yield
1485
finally:
1486
# restore stderr
1487
os.dup2(stderrcopy, sys.stderr.fileno())
1488
os.close(stderrcopy)
1489
1490
def check_option_syntax(self, options):
1491
check_option_syntax(self.parser, options)
1492
1493
def test_actions_requires_client_or_all(self):
1494
for action, value in self.actions.items():
1495
options = self.parser.parse_args()
1496
setattr(options, action, value)
1497
with self.assertParseError():
1498
self.check_option_syntax(options)
1499
1500
def test_actions_conflicts_with_verbose(self):
1501
for action, value in self.actions.items():
1502
options = self.parser.parse_args()
1503
setattr(options, action, value)
1504
options.verbose = True
1505
with self.assertParseError():
1506
self.check_option_syntax(options)
1507
1508
def test_dump_json_conflicts_with_verbose(self):
1509
options = self.parser.parse_args()
1510
options.dump_json = True
1511
options.verbose = True
1512
with self.assertParseError():
1513
self.check_option_syntax(options)
1514
1515
def test_dump_json_conflicts_with_action(self):
1516
for action, value in self.actions.items():
1517
options = self.parser.parse_args()
1518
setattr(options, action, value)
1519
options.dump_json = True
1520
with self.assertParseError():
1521
self.check_option_syntax(options)
1522
1523
def test_all_can_not_be_alone(self):
1524
options = self.parser.parse_args()
1525
options.all = True
1526
with self.assertParseError():
1527
self.check_option_syntax(options)
1528
1529
def test_all_is_ok_with_any_action(self):
1530
for action, value in self.actions.items():
1531
options = self.parser.parse_args()
1532
setattr(options, action, value)
1533
options.all = True
1534
self.check_option_syntax(options)
1535
1536
def test_is_enabled_fails_without_client(self):
1537
options = self.parser.parse_args()
1538
options.is_enabled = True
1539
with self.assertParseError():
1540
self.check_option_syntax(options)
1541
1542
def test_is_enabled_works_with_one_client(self):
1543
options = self.parser.parse_args()
1544
options.is_enabled = True
1545
options.client = ["foo"]
1546
self.check_option_syntax(options)
1547
1548
def test_is_enabled_fails_with_two_clients(self):
1549
options = self.parser.parse_args()
1550
options.is_enabled = True
1551
options.client = ["foo", "barbar"]
1552
with self.assertParseError():
1553
self.check_option_syntax(options)
1554
1555
def test_remove_can_only_be_combined_with_action_deny(self):
1556
for action, value in self.actions.items():
1557
if action in {"remove", "deny"}:
1558
continue
1559
options = self.parser.parse_args()
1560
setattr(options, action, value)
1561
options.all = True
1562
options.remove = True
1563
with self.assertParseError():
1564
self.check_option_syntax(options)
1565
1566
1010
1567
1011
1568
1012
def should_only_run_tests():
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0