229
 
def print_clients(clients, keywords):
 
230
 
    def valuetostring(value, keyword):
 
231
 
        if type(value) is dbus.Boolean:
 
232
 
            return "Yes" if value else "No"
 
233
 
        if keyword in ("Timeout", "Interval", "ApprovalDelay",
 
234
 
                       "ApprovalDuration", "ExtendedTimeout"):
 
235
 
            return milliseconds_to_string(value)
 
238
 
    # Create format string to print table rows
 
239
 
    format_string = " ".join("{{{key}:{width}}}".format(
 
240
 
        width = max(len(tablewords[key]),
 
241
 
                    max(len(valuetostring(client[key], key))
 
242
 
                        for client in clients)),
 
246
 
    print(format_string.format(**tablewords))
 
247
 
    for client in clients:
 
248
 
        print(format_string.format(**{
 
249
 
            key: valuetostring(client[key], key)
 
250
 
            for key in keywords }))
 
 
273
## Classes for commands.
 
 
275
# Abstract classes first
 
 
276
class Command(object):
 
 
277
    """Abstract class for commands"""
 
 
278
    def run(self, mandos, clients):
 
 
279
        """Normal commands should implement run_on_one_client(), but
 
 
280
        commands which want to operate on all clients at the same time
 
 
281
        can override this run() method instead."""
 
 
283
        for client, properties in clients.items():
 
 
284
            self.run_on_one_client(client, properties)
 
 
286
class PrintCmd(Command):
 
 
287
    """Abstract class for commands printing client details"""
 
 
288
    all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
 
 
289
                    "Created", "Interval", "Host", "KeyID",
 
 
290
                    "Fingerprint", "CheckerRunning", "LastEnabled",
 
 
291
                    "ApprovalPending", "ApprovedByDefault",
 
 
292
                    "LastApprovalRequest", "ApprovalDelay",
 
 
293
                    "ApprovalDuration", "Checker", "ExtendedTimeout",
 
 
294
                    "Expires", "LastCheckerStatus")
 
 
295
    def run(self, mandos, clients):
 
 
296
        print(self.output(clients))
 
 
298
class PropertyCmd(Command):
 
 
299
    """Abstract class for Actions for setting one client property"""
 
 
300
    def run_on_one_client(self, client, properties):
 
 
301
        """Set the Client's D-Bus property"""
 
 
302
        client.Set(client_interface, self.property, self.value_to_set,
 
 
303
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
 
305
class ValueArgumentMixIn(object):
 
 
306
    """Mixin class for commands taking a value as argument"""
 
 
307
    def __init__(self, value):
 
 
308
        self.value_to_set = value
 
 
310
class MillisecondsValueArgumentMixIn(ValueArgumentMixIn):
 
 
311
    """Mixin class for commands taking a value argument as
 
 
314
    def value_to_set(self):
 
 
317
    def value_to_set(self, value):
 
 
318
        """When setting, convert value to a datetime.timedelta"""
 
 
319
        self._vts = string_to_delta(value).total_seconds() * 1000
 
 
321
# Actual (non-abstract) command classes
 
 
323
class PrintTableCmd(PrintCmd):
 
 
324
    def __init__(self, verbose=False):
 
 
325
        self.verbose = verbose
 
 
327
    def output(self, clients):
 
 
328
        default_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
 
 
329
        keywords = default_keywords
 
 
331
            keywords = self.all_keywords
 
 
332
        return str(self.TableOfClients(clients.values(), keywords))
 
 
334
    class TableOfClients(object):
 
 
337
            "Enabled": "Enabled",
 
 
338
            "Timeout": "Timeout",
 
 
339
            "LastCheckedOK": "Last Successful Check",
 
 
340
            "LastApprovalRequest": "Last Approval Request",
 
 
341
            "Created": "Created",
 
 
342
            "Interval": "Interval",
 
 
344
            "Fingerprint": "Fingerprint",
 
 
346
            "CheckerRunning": "Check Is Running",
 
 
347
            "LastEnabled": "Last Enabled",
 
 
348
            "ApprovalPending": "Approval Is Pending",
 
 
349
            "ApprovedByDefault": "Approved By Default",
 
 
350
            "ApprovalDelay": "Approval Delay",
 
 
351
            "ApprovalDuration": "Approval Duration",
 
 
352
            "Checker": "Checker",
 
 
353
            "ExtendedTimeout": "Extended Timeout",
 
 
354
            "Expires": "Expires",
 
 
355
            "LastCheckerStatus": "Last Checker Status",
 
 
358
        def __init__(self, clients, keywords, tableheaders=None):
 
 
359
            self.clients = clients
 
 
360
            self.keywords = keywords
 
 
361
            if tableheaders is not None:
 
 
362
                self.tableheaders = tableheaders
 
 
365
            return "\n".join(self.rows())
 
 
367
        if sys.version_info.major == 2:
 
 
368
            __unicode__ = __str__
 
 
370
                return str(self).encode(locale.getpreferredencoding())
 
 
373
            format_string = self.row_formatting_string()
 
 
374
            rows = [self.header_line(format_string)]
 
 
375
            rows.extend(self.client_line(client, format_string)
 
 
376
                        for client in self.clients)
 
 
379
        def row_formatting_string(self):
 
 
380
            "Format string used to format table rows"
 
 
381
            return " ".join("{{{key}:{width}}}".format(
 
 
382
                width=max(len(self.tableheaders[key]),
 
 
383
                          *(len(self.string_from_client(client, key))
 
 
384
                            for client in self.clients)),
 
 
386
                            for key in self.keywords)
 
 
388
        def string_from_client(self, client, key):
 
 
389
            return self.valuetostring(client[key], key)
 
 
392
        def valuetostring(value, keyword):
 
 
393
            if isinstance(value, dbus.Boolean):
 
 
394
                return "Yes" if value else "No"
 
 
395
            if keyword in ("Timeout", "Interval", "ApprovalDelay",
 
 
396
                           "ApprovalDuration", "ExtendedTimeout"):
 
 
397
                return milliseconds_to_string(value)
 
 
400
        def header_line(self, format_string):
 
 
401
            return format_string.format(**self.tableheaders)
 
 
403
        def client_line(self, client, format_string):
 
 
404
            return format_string.format(
 
 
405
                **{key: self.string_from_client(client, key)
 
 
406
                   for key in self.keywords})
 
 
410
class DumpJSONCmd(PrintCmd):
 
 
411
    def output(self, clients):
 
 
412
        data = {client["Name"]:
 
 
413
                {key: self.dbus_boolean_to_bool(client[key])
 
 
414
                 for key in self.all_keywords}
 
 
415
                for client in clients.values()}
 
 
416
        return json.dumps(data, indent=4, separators=(',', ': '))
 
 
418
    def dbus_boolean_to_bool(value):
 
 
419
        if isinstance(value, dbus.Boolean):
 
 
423
class IsEnabledCmd(Command):
 
 
424
    def run_on_one_client(self, client, properties):
 
 
425
        if self.is_enabled(client, properties):
 
 
428
    def is_enabled(self, client, properties):
 
 
429
        return bool(properties["Enabled"])
 
 
431
class RemoveCmd(Command):
 
 
432
    def run_on_one_client(self, client, properties):
 
 
433
        self.mandos.RemoveClient(client.__dbus_object_path__)
 
 
435
class ApproveCmd(Command):
 
 
436
    def run_on_one_client(self, client, properties):
 
 
437
        client.Approve(dbus.Boolean(True),
 
 
438
                       dbus_interface=client_interface)
 
 
440
class DenyCmd(Command):
 
 
441
    def run_on_one_client(self, client, properties):
 
 
442
        client.Approve(dbus.Boolean(False),
 
 
443
                       dbus_interface=client_interface)
 
 
445
class EnableCmd(PropertyCmd):
 
 
447
    value_to_set = dbus.Boolean(True)
 
 
449
class DisableCmd(PropertyCmd):
 
 
451
    value_to_set = dbus.Boolean(False)
 
 
453
class BumpTimeoutCmd(PropertyCmd):
 
 
454
    property = "LastCheckedOK"
 
 
457
class StartCheckerCmd(PropertyCmd):
 
 
458
    property = "CheckerRunning"
 
 
459
    value_to_set = dbus.Boolean(True)
 
 
461
class StopCheckerCmd(PropertyCmd):
 
 
462
    property = "CheckerRunning"
 
 
463
    value_to_set = dbus.Boolean(False)
 
 
465
class ApproveByDefaultCmd(PropertyCmd):
 
 
466
    property = "ApprovedByDefault"
 
 
467
    value_to_set = dbus.Boolean(True)
 
 
469
class DenyByDefaultCmd(PropertyCmd):
 
 
470
    property = "ApprovedByDefault"
 
 
471
    value_to_set = dbus.Boolean(False)
 
 
473
class SetCheckerCmd(PropertyCmd, ValueArgumentMixIn):
 
 
476
class SetHostCmd(PropertyCmd, ValueArgumentMixIn):
 
 
479
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
 
 
481
    def value_to_set(self):
 
 
484
    def value_to_set(self, value):
 
 
485
        """When setting, read data from supplied file object"""
 
 
486
        self._vts = value.read()
 
 
490
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
 
 
493
class SetExtendedTimeoutCmd(PropertyCmd,
 
 
494
                            MillisecondsValueArgumentMixIn):
 
 
495
    property = "ExtendedTimeout"
 
 
497
class SetIntervalCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
 
 
498
    property = "Interval"
 
 
500
class SetApprovalDelayCmd(PropertyCmd,
 
 
501
                          MillisecondsValueArgumentMixIn):
 
 
502
    property = "ApprovalDelay"
 
 
504
class SetApprovalDurationCmd(PropertyCmd,
 
 
505
                             MillisecondsValueArgumentMixIn):
 
 
506
    property = "ApprovalDuration"
 
253
508
def has_actions(options):
 
254
509
    return any((options.enable,
 
 
316
579
    parser.add_argument("-s", "--secret",
 
317
580
                        type=argparse.FileType(mode="rb"),
 
318
581
                        help="Set password blob (file) for client")
 
319
 
    parser.add_argument("-A", "--approve", action="store_true",
 
320
 
                        help="Approve any current client request")
 
321
 
    parser.add_argument("-D", "--deny", action="store_true",
 
322
 
                        help="Deny any current client request")
 
 
582
    approve_deny = parser.add_mutually_exclusive_group()
 
 
583
    approve_deny.add_argument(
 
 
584
        "-A", "--approve", action="store_true",
 
 
585
        help="Approve any current client request")
 
 
586
    approve_deny.add_argument("-D", "--deny", action="store_true",
 
 
587
                              help="Deny any current client request")
 
323
588
    parser.add_argument("--check", action="store_true",
 
324
589
                        help="Run self-test")
 
325
590
    parser.add_argument("client", nargs="*", help="Client name")
 
 
593
def commands_from_options(options):
 
 
597
    if options.dump_json:
 
 
598
        commands.append(DumpJSONCmd())
 
 
601
        commands.append(EnableCmd())
 
 
604
        commands.append(DisableCmd())
 
 
606
    if options.bump_timeout:
 
 
607
        commands.append(BumpTimeoutCmd())
 
 
609
    if options.start_checker:
 
 
610
        commands.append(StartCheckerCmd())
 
 
612
    if options.stop_checker:
 
 
613
        commands.append(StopCheckerCmd())
 
 
615
    if options.is_enabled:
 
 
616
        commands.append(IsEnabledCmd())
 
 
619
        commands.append(RemoveCmd())
 
 
621
    if options.checker is not None:
 
 
622
        commands.append(SetCheckerCmd(options.checker))
 
 
624
    if options.timeout is not None:
 
 
625
        commands.append(SetTimeoutCmd(options.timeout))
 
 
627
    if options.extended_timeout:
 
 
629
            SetExtendedTimeoutCmd(options.extended_timeout))
 
 
631
    if options.interval is not None:
 
 
632
        commands.append(SetIntervalCmd(options.interval))
 
 
634
    if options.approved_by_default is not None:
 
 
635
        if options.approved_by_default:
 
 
636
            commands.append(ApproveByDefaultCmd())
 
 
638
            commands.append(DenyByDefaultCmd())
 
 
640
    if options.approval_delay is not None:
 
 
641
        commands.append(SetApprovalDelayCmd(options.approval_delay))
 
 
643
    if options.approval_duration is not None:
 
 
645
            SetApprovalDurationCmd(options.approval_duration))
 
 
647
    if options.host is not None:
 
 
648
        commands.append(SetHostCmd(options.host))
 
 
650
    if options.secret is not None:
 
 
651
        commands.append(SetSecretCmd(options.secret))
 
 
654
        commands.append(ApproveCmd())
 
 
657
        commands.append(DenyCmd())
 
 
659
    # If no command option has been given, show table of clients,
 
 
660
    # optionally verbosely
 
 
662
        commands.append(PrintTableCmd(verbose=options.verbose))
 
 
668
    parser = argparse.ArgumentParser()
 
 
670
    add_command_line_options(parser)
 
326
672
    options = parser.parse_args()
 
328
674
    if has_actions(options) and not (options.client or options.all):
 
329
675
        parser.error("Options require clients names or --all.")
 
330
676
    if options.verbose and has_actions(options):
 
331
 
        parser.error("--verbose can only be used alone or with"
 
 
677
        parser.error("--verbose can only be used alone.")
 
 
678
    if options.dump_json and (options.verbose
 
 
679
                              or has_actions(options)):
 
 
680
        parser.error("--dump-json can only be used alone.")
 
333
681
    if options.all and not has_actions(options):
 
334
682
        parser.error("--all requires an action.")
 
337
 
        fail_count, test_count = doctest.testmod()
 
338
 
        sys.exit(os.EX_OK if fail_count == 0 else 1)
 
 
683
    if options.is_enabled and len(options.client) > 1:
 
 
684
        parser.error("--is-enabled requires exactly one client")
 
 
686
    clientnames = options.client
 
341
689
        bus = dbus.SystemBus()
 
342
690
        mandos_dbus_objc = bus.get_object(busname, server_path)
 
343
691
    except dbus.exceptions.DBusException:
 
344
 
        print("Could not connect to Mandos server", file=sys.stderr)
 
 
692
        log.critical("Could not connect to Mandos server")
 
347
695
    mandos_serv = dbus.Interface(mandos_dbus_objc,
 
348
 
                                 dbus_interface = server_interface)
 
 
696
                                 dbus_interface=server_interface)
 
349
697
    mandos_serv_object_manager = dbus.Interface(
 
350
 
        mandos_dbus_objc, dbus_interface = dbus.OBJECT_MANAGER_IFACE)
 
352
 
    #block stderr since dbus library prints to stderr
 
353
 
    null = os.open(os.path.devnull, os.O_RDWR)
 
354
 
    stderrcopy = os.dup(sys.stderr.fileno())
 
355
 
    os.dup2(null, sys.stderr.fileno())
 
 
698
        mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
 
 
700
    # Filter out log message from dbus module
 
 
701
    dbus_logger = logging.getLogger("dbus.proxies")
 
 
702
    class NullFilter(logging.Filter):
 
 
703
        def filter(self, record):
 
 
705
    dbus_filter = NullFilter()
 
359
 
            mandos_clients = { path: ifs_and_props[client_interface]
 
360
 
                               for path, ifs_and_props in
 
361
 
                               mandos_serv_object_manager
 
362
 
                               .GetManagedObjects().items()
 
363
 
                               if client_interface in ifs_and_props }
 
366
 
            os.dup2(stderrcopy, sys.stderr.fileno())
 
 
707
        dbus_logger.addFilter(dbus_filter)
 
 
708
        mandos_clients = {path: ifs_and_props[client_interface]
 
 
709
                          for path, ifs_and_props in
 
 
710
                          mandos_serv_object_manager
 
 
711
                          .GetManagedObjects().items()
 
 
712
                          if client_interface in ifs_and_props}
 
368
713
    except dbus.exceptions.DBusException as e:
 
369
 
        print("Access denied: Accessing mandos server through D-Bus: {}"
 
370
 
              .format(e), file=sys.stderr)
 
 
714
        log.critical("Failed to access Mandos server through D-Bus:"
 
 
718
        # restore dbus logger
 
 
719
        dbus_logger.removeFilter(dbus_filter)
 
373
721
    # Compile dict of (clients: properties) to process
 
376
 
    if options.all or not options.client:
 
377
 
        clients = { bus.get_object(busname, path): properties
 
378
 
                    for path, properties in mandos_clients.items() }
 
 
725
        clients = {bus.get_object(busname, path): properties
 
 
726
                   for path, properties in mandos_clients.items()}
 
380
 
        for name in options.client:
 
 
728
        for name in clientnames:
 
381
729
            for path, client in mandos_clients.items():
 
382
730
                if client["Name"] == name:
 
383
731
                    client_objc = bus.get_object(busname, path)
 
384
732
                    clients[client_objc] = client
 
387
 
                print("Client not found on server: {!r}"
 
388
 
                      .format(name), file=sys.stderr)
 
 
735
                log.critical("Client not found on server: %r", name)
 
391
 
    if not has_actions(options) and clients:
 
393
 
            keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
 
394
 
                        "Created", "Interval", "Host", "Fingerprint",
 
395
 
                        "CheckerRunning", "LastEnabled",
 
396
 
                        "ApprovalPending", "ApprovedByDefault",
 
397
 
                        "LastApprovalRequest", "ApprovalDelay",
 
398
 
                        "ApprovalDuration", "Checker",
 
401
 
            keywords = defaultkeywords
 
403
 
        print_clients(clients.values(), keywords)
 
405
 
        # Process each client in the list by all selected options
 
406
 
        for client in clients:
 
408
 
            def set_client_prop(prop, value):
 
409
 
                """Set a Client D-Bus property"""
 
410
 
                client.Set(client_interface, prop, value,
 
411
 
                           dbus_interface=dbus.PROPERTIES_IFACE)
 
413
 
            def set_client_prop_ms(prop, value):
 
414
 
                """Set a Client D-Bus property, converted
 
415
 
                from a string to milliseconds."""
 
416
 
                set_client_prop(prop,
 
417
 
                                string_to_delta(value).total_seconds()
 
421
 
                mandos_serv.RemoveClient(client.__dbus_object_path__)
 
423
 
                set_client_prop("Enabled", dbus.Boolean(True))
 
425
 
                set_client_prop("Enabled", dbus.Boolean(False))
 
426
 
            if options.bump_timeout:
 
427
 
                set_client_prop("LastCheckedOK", "")
 
428
 
            if options.start_checker:
 
429
 
                set_client_prop("CheckerRunning", dbus.Boolean(True))
 
430
 
            if options.stop_checker:
 
431
 
                set_client_prop("CheckerRunning", dbus.Boolean(False))
 
432
 
            if options.is_enabled:
 
433
 
                sys.exit(0 if client.Get(client_interface,
 
436
 
                                         dbus.PROPERTIES_IFACE)
 
438
 
            if options.checker is not None:
 
439
 
                set_client_prop("Checker", options.checker)
 
440
 
            if options.host is not None:
 
441
 
                set_client_prop("Host", options.host)
 
442
 
            if options.interval is not None:
 
443
 
                set_client_prop_ms("Interval", options.interval)
 
444
 
            if options.approval_delay is not None:
 
445
 
                set_client_prop_ms("ApprovalDelay",
 
446
 
                                   options.approval_delay)
 
447
 
            if options.approval_duration is not None:
 
448
 
                set_client_prop_ms("ApprovalDuration",
 
449
 
                                   options.approval_duration)
 
450
 
            if options.timeout is not None:
 
451
 
                set_client_prop_ms("Timeout", options.timeout)
 
452
 
            if options.extended_timeout is not None:
 
453
 
                set_client_prop_ms("ExtendedTimeout",
 
454
 
                                   options.extended_timeout)
 
455
 
            if options.secret is not None:
 
456
 
                set_client_prop("Secret",
 
457
 
                                dbus.ByteArray(options.secret.read()))
 
458
 
            if options.approved_by_default is not None:
 
459
 
                set_client_prop("ApprovedByDefault",
 
461
 
                                             .approved_by_default))
 
463
 
                client.Approve(dbus.Boolean(True),
 
464
 
                               dbus_interface=client_interface)
 
466
 
                client.Approve(dbus.Boolean(False),
 
467
 
                               dbus_interface=client_interface)
 
 
738
    # Run all commands on clients
 
 
739
    commands = commands_from_options(options)
 
 
740
    for command in commands:
 
 
741
        command.run(mandos_serv, clients)
 
 
744
class Test_milliseconds_to_string(unittest.TestCase):
 
 
746
        self.assertEqual(milliseconds_to_string(93785000),
 
 
748
    def test_no_days(self):
 
 
749
        self.assertEqual(milliseconds_to_string(7385000), "02:03:05")
 
 
750
    def test_all_zero(self):
 
 
751
        self.assertEqual(milliseconds_to_string(0), "00:00:00")
 
 
752
    def test_no_fractional_seconds(self):
 
 
753
        self.assertEqual(milliseconds_to_string(400), "00:00:00")
 
 
754
        self.assertEqual(milliseconds_to_string(900), "00:00:00")
 
 
755
        self.assertEqual(milliseconds_to_string(1900), "00:00:01")
 
 
757
class Test_string_to_delta(unittest.TestCase):
 
 
758
    def test_handles_basic_rfc3339(self):
 
 
759
        self.assertEqual(string_to_delta("PT0S"),
 
 
760
                         datetime.timedelta())
 
 
761
        self.assertEqual(string_to_delta("P0D"),
 
 
762
                         datetime.timedelta())
 
 
763
        self.assertEqual(string_to_delta("PT1S"),
 
 
764
                         datetime.timedelta(0, 1))
 
 
765
        self.assertEqual(string_to_delta("PT2H"),
 
 
766
                         datetime.timedelta(0, 7200))
 
 
767
    def test_falls_back_to_pre_1_6_1_with_warning(self):
 
 
768
        # assertLogs only exists in Python 3.4
 
 
769
        if hasattr(self, "assertLogs"):
 
 
770
            with self.assertLogs(log, logging.WARNING):
 
 
771
                value = string_to_delta("2h")
 
 
773
            class WarningFilter(logging.Filter):
 
 
774
                """Don't show, but record the presence of, warnings"""
 
 
775
                def filter(self, record):
 
 
776
                    is_warning = record.levelno >= logging.WARNING
 
 
777
                    self.found = is_warning or getattr(self, "found",
 
 
779
                    return not is_warning
 
 
780
            warning_filter = WarningFilter()
 
 
781
            log.addFilter(warning_filter)
 
 
783
                value = string_to_delta("2h")
 
 
785
                log.removeFilter(warning_filter)
 
 
786
            self.assertTrue(getattr(warning_filter, "found", False))
 
 
787
        self.assertEqual(value, datetime.timedelta(0, 7200))
 
 
790
class TestCmd(unittest.TestCase):
 
 
791
    """Abstract class for tests of command classes"""
 
 
794
        class MockClient(object):
 
 
795
            def __init__(self, name, **attributes):
 
 
796
                self.__dbus_object_path__ = "objpath_{}".format(name)
 
 
797
                self.attributes = attributes
 
 
798
                self.attributes["Name"] = name
 
 
800
            def Set(self, interface, property, value, dbus_interface):
 
 
801
                testcase.assertEqual(interface, client_interface)
 
 
802
                testcase.assertEqual(dbus_interface,
 
 
803
                                     dbus.PROPERTIES_IFACE)
 
 
804
                self.attributes[property] = value
 
 
805
            def Get(self, interface, property, dbus_interface):
 
 
806
                testcase.assertEqual(interface, client_interface)
 
 
807
                testcase.assertEqual(dbus_interface,
 
 
808
                                     dbus.PROPERTIES_IFACE)
 
 
809
                return self.attributes[property]
 
 
810
            def Approve(self, approve, dbus_interface):
 
 
811
                testcase.assertEqual(dbus_interface, client_interface)
 
 
812
                self.calls.append(("Approve", (approve,
 
 
814
        self.client = MockClient(
 
 
816
            KeyID=("92ed150794387c03ce684574b1139a65"
 
 
817
                   "94a34f895daaaf09fd8ea90a27cddb12"),
 
 
819
            Host="foo.example.org",
 
 
820
            Enabled=dbus.Boolean(True),
 
 
822
            LastCheckedOK="2019-02-03T00:00:00",
 
 
823
            Created="2019-01-02T00:00:00",
 
 
825
            Fingerprint=("778827225BA7DE539C5A"
 
 
826
                         "7CFA59CFF7CDBD9A5920"),
 
 
827
            CheckerRunning=dbus.Boolean(False),
 
 
828
            LastEnabled="2019-01-03T00:00:00",
 
 
829
            ApprovalPending=dbus.Boolean(False),
 
 
830
            ApprovedByDefault=dbus.Boolean(True),
 
 
831
            LastApprovalRequest="",
 
 
833
            ApprovalDuration=1000,
 
 
834
            Checker="fping -q -- %(host)s",
 
 
835
            ExtendedTimeout=900000,
 
 
836
            Expires="2019-02-04T00:00:00",
 
 
838
        self.other_client = MockClient(
 
 
840
            KeyID=("0558568eedd67d622f5c83b35a115f79"
 
 
841
                   "6ab612cff5ad227247e46c2b020f441c"),
 
 
844
            Enabled=dbus.Boolean(True),
 
 
846
            LastCheckedOK="2019-02-04T00:00:00",
 
 
847
            Created="2019-01-03T00:00:00",
 
 
849
            Fingerprint=("3E393AEAEFB84C7E89E2"
 
 
850
                         "F547B3A107558FCA3A27"),
 
 
851
            CheckerRunning=dbus.Boolean(True),
 
 
852
            LastEnabled="2019-01-04T00:00:00",
 
 
853
            ApprovalPending=dbus.Boolean(False),
 
 
854
            ApprovedByDefault=dbus.Boolean(False),
 
 
855
            LastApprovalRequest="2019-01-03T00:00:00",
 
 
857
            ApprovalDuration=1000,
 
 
859
            ExtendedTimeout=900000,
 
 
860
            Expires="2019-02-05T00:00:00",
 
 
861
            LastCheckerStatus=-2)
 
 
862
        self.clients =  collections.OrderedDict(
 
 
864
                (self.client, self.client.attributes),
 
 
865
                (self.other_client, self.other_client.attributes),
 
 
867
        self.one_client = {self.client: self.client.attributes}
 
 
869
class TestPrintTableCmd(TestCmd):
 
 
870
    def test_normal(self):
 
 
871
        output = PrintTableCmd().output(self.clients)
 
 
872
        expected_output = """
 
 
873
Name   Enabled Timeout  Last Successful Check
 
 
874
foo    Yes     00:05:00 2019-02-03T00:00:00  
 
 
875
barbar Yes     00:05:00 2019-02-04T00:00:00  
 
 
877
        self.assertEqual(output, expected_output)
 
 
878
    def test_verbose(self):
 
 
879
        output = PrintTableCmd(verbose=True).output(self.clients)
 
 
880
        expected_output = """
 
 
881
Name   Enabled Timeout  Last Successful Check Created             Interval Host            Key ID                                                           Fingerprint                              Check Is Running Last Enabled        Approval Is Pending Approved By Default Last Approval Request Approval Delay Approval Duration Checker              Extended Timeout Expires             Last Checker Status
 
 
882
foo    Yes     00:05:00 2019-02-03T00:00:00   2019-01-02T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 No               2019-01-03T00:00:00 No                  Yes                                       00:00:00       00:00:01          fping -q -- %(host)s 00:15:00         2019-02-04T00:00:00 0                  
 
 
883
barbar Yes     00:05:00 2019-02-04T00:00:00   2019-01-03T00:00:00 00:02:00 192.0.2.3       0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e46c2b020f441c 3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 Yes              2019-01-04T00:00:00 No                  No                  2019-01-03T00:00:00   00:00:30       00:00:01          :                    00:15:00         2019-02-05T00:00:00 -2                 
 
 
885
        self.assertEqual(output, expected_output)
 
 
886
    def test_one_client(self):
 
 
887
        output = PrintTableCmd().output(self.one_client)
 
 
888
        expected_output = """
 
 
889
Name Enabled Timeout  Last Successful Check
 
 
890
foo  Yes     00:05:00 2019-02-03T00:00:00  
 
 
892
        self.assertEqual(output, expected_output)
 
 
894
class TestDumpJSONCmd(TestCmd):
 
 
896
        self.expected_json = {
 
 
899
                "KeyID": ("92ed150794387c03ce684574b1139a65"
 
 
900
                          "94a34f895daaaf09fd8ea90a27cddb12"),
 
 
901
                "Host": "foo.example.org",
 
 
904
                "LastCheckedOK": "2019-02-03T00:00:00",
 
 
905
                "Created": "2019-01-02T00:00:00",
 
 
907
                "Fingerprint": ("778827225BA7DE539C5A"
 
 
908
                                "7CFA59CFF7CDBD9A5920"),
 
 
909
                "CheckerRunning": False,
 
 
910
                "LastEnabled": "2019-01-03T00:00:00",
 
 
911
                "ApprovalPending": False,
 
 
912
                "ApprovedByDefault": True,
 
 
913
                "LastApprovalRequest": "",
 
 
915
                "ApprovalDuration": 1000,
 
 
916
                "Checker": "fping -q -- %(host)s",
 
 
917
                "ExtendedTimeout": 900000,
 
 
918
                "Expires": "2019-02-04T00:00:00",
 
 
919
                "LastCheckerStatus": 0,
 
 
923
                "KeyID": ("0558568eedd67d622f5c83b35a115f79"
 
 
924
                          "6ab612cff5ad227247e46c2b020f441c"),
 
 
928
                "LastCheckedOK": "2019-02-04T00:00:00",
 
 
929
                "Created": "2019-01-03T00:00:00",
 
 
931
                "Fingerprint": ("3E393AEAEFB84C7E89E2"
 
 
932
                                "F547B3A107558FCA3A27"),
 
 
933
                "CheckerRunning": True,
 
 
934
                "LastEnabled": "2019-01-04T00:00:00",
 
 
935
                "ApprovalPending": False,
 
 
936
                "ApprovedByDefault": False,
 
 
937
                "LastApprovalRequest": "2019-01-03T00:00:00",
 
 
938
                "ApprovalDelay": 30000,
 
 
939
                "ApprovalDuration": 1000,
 
 
941
                "ExtendedTimeout": 900000,
 
 
942
                "Expires": "2019-02-05T00:00:00",
 
 
943
                "LastCheckerStatus": -2,
 
 
946
        return super(TestDumpJSONCmd, self).setUp()
 
 
947
    def test_normal(self):
 
 
948
        json_data = json.loads(DumpJSONCmd().output(self.clients))
 
 
949
        self.assertDictEqual(json_data, self.expected_json)
 
 
950
    def test_one_client(self):
 
 
951
        clients = self.one_client
 
 
952
        json_data = json.loads(DumpJSONCmd().output(clients))
 
 
953
        expected_json = {"foo": self.expected_json["foo"]}
 
 
954
        self.assertDictEqual(json_data, expected_json)
 
 
956
class TestIsEnabledCmd(TestCmd):
 
 
957
    def test_is_enabled(self):
 
 
958
        self.assertTrue(all(IsEnabledCmd().is_enabled(client, properties)
 
 
959
                            for client, properties in self.clients.items()))
 
 
960
    def test_is_enabled_run_exits_successfully(self):
 
 
961
        with self.assertRaises(SystemExit) as e:
 
 
962
            IsEnabledCmd().run(None, self.one_client)
 
 
963
        if e.exception.code is not None:
 
 
964
            self.assertEqual(e.exception.code, 0)
 
 
966
            self.assertIsNone(e.exception.code)
 
 
967
    def test_is_enabled_run_exits_with_failure(self):
 
 
968
        self.client.attributes["Enabled"] = dbus.Boolean(False)
 
 
969
        with self.assertRaises(SystemExit) as e:
 
 
970
            IsEnabledCmd().run(None, self.one_client)
 
 
971
        if isinstance(e.exception.code, int):
 
 
972
            self.assertNotEqual(e.exception.code, 0)
 
 
974
            self.assertIsNotNone(e.exception.code)
 
 
976
class TestRemoveCmd(TestCmd):
 
 
977
    def test_remove(self):
 
 
978
        class MockMandos(object):
 
 
981
            def RemoveClient(self, dbus_path):
 
 
982
                self.calls.append(("RemoveClient", (dbus_path,)))
 
 
983
        mandos = MockMandos()
 
 
984
        super(TestRemoveCmd, self).setUp()
 
 
985
        RemoveCmd().run(mandos, self.clients)
 
 
986
        self.assertEqual(len(mandos.calls), 2)
 
 
987
        for client in self.clients:
 
 
988
            self.assertIn(("RemoveClient",
 
 
989
                           (client.__dbus_object_path__,)),
 
 
992
class TestApproveCmd(TestCmd):
 
 
993
    def test_approve(self):
 
 
994
        ApproveCmd().run(None, self.clients)
 
 
995
        for client in self.clients:
 
 
996
            self.assertIn(("Approve", (True, client_interface)),
 
 
999
class TestDenyCmd(TestCmd):
 
 
1000
    def test_deny(self):
 
 
1001
        DenyCmd().run(None, self.clients)
 
 
1002
        for client in self.clients:
 
 
1003
            self.assertIn(("Approve", (False, client_interface)),
 
 
1006
class TestEnableCmd(TestCmd):
 
 
1007
    def test_enable(self):
 
 
1008
        for client in self.clients:
 
 
1009
            client.attributes["Enabled"] = False
 
 
1011
        EnableCmd().run(None, self.clients)
 
 
1013
        for client in self.clients:
 
 
1014
            self.assertTrue(client.attributes["Enabled"])
 
 
1016
class TestDisableCmd(TestCmd):
 
 
1017
    def test_disable(self):
 
 
1018
        DisableCmd().run(None, self.clients)
 
 
1020
        for client in self.clients:
 
 
1021
            self.assertFalse(client.attributes["Enabled"])
 
 
1023
class Unique(object):
 
 
1024
    """Class for objects which exist only to be unique objects, since
 
 
1025
unittest.mock.sentinel only exists in Python 3.3"""
 
 
1027
class TestPropertyCmd(TestCmd):
 
 
1028
    """Abstract class for tests of PropertyCmd classes"""
 
 
1030
        if not hasattr(self, "command"):
 
 
1032
        values_to_get = getattr(self, "values_to_get",
 
 
1034
        for value_to_set, value_to_get in zip(self.values_to_set,
 
 
1036
            for client in self.clients:
 
 
1037
                old_value = client.attributes[self.property]
 
 
1038
                self.assertNotIsInstance(old_value, Unique)
 
 
1039
                client.attributes[self.property] = Unique()
 
 
1040
            self.run_command(value_to_set, self.clients)
 
 
1041
            for client in self.clients:
 
 
1042
                value = client.attributes[self.property]
 
 
1043
                self.assertNotIsInstance(value, Unique)
 
 
1044
                self.assertEqual(value, value_to_get)
 
 
1045
    def run_command(self, value, clients):
 
 
1046
        self.command().run(None, clients)
 
 
1048
class TestBumpTimeoutCmd(TestPropertyCmd):
 
 
1049
    command = BumpTimeoutCmd
 
 
1050
    property = "LastCheckedOK"
 
 
1051
    values_to_set = [""]
 
 
1053
class TestStartCheckerCmd(TestPropertyCmd):
 
 
1054
    command = StartCheckerCmd
 
 
1055
    property = "CheckerRunning"
 
 
1056
    values_to_set = [dbus.Boolean(True)]
 
 
1058
class TestStopCheckerCmd(TestPropertyCmd):
 
 
1059
    command = StopCheckerCmd
 
 
1060
    property = "CheckerRunning"
 
 
1061
    values_to_set = [dbus.Boolean(False)]
 
 
1063
class TestApproveByDefaultCmd(TestPropertyCmd):
 
 
1064
    command = ApproveByDefaultCmd
 
 
1065
    property = "ApprovedByDefault"
 
 
1066
    values_to_set = [dbus.Boolean(True)]
 
 
1068
class TestDenyByDefaultCmd(TestPropertyCmd):
 
 
1069
    command = DenyByDefaultCmd
 
 
1070
    property = "ApprovedByDefault"
 
 
1071
    values_to_set = [dbus.Boolean(False)]
 
 
1073
class TestValueArgumentPropertyCmd(TestPropertyCmd):
 
 
1074
    """Abstract class for tests of PropertyCmd classes using the
 
 
1075
ValueArgumentMixIn"""
 
 
1077
        if type(self) is TestValueArgumentPropertyCmd:
 
 
1079
        return super(TestValueArgumentPropertyCmd, self).runTest()
 
 
1080
    def run_command(self, value, clients):
 
 
1081
        self.command(value).run(None, clients)
 
 
1083
class TestSetCheckerCmd(TestValueArgumentPropertyCmd):
 
 
1084
    command = SetCheckerCmd
 
 
1085
    property = "Checker"
 
 
1086
    values_to_set = ["", ":", "fping -q -- %s"]
 
 
1088
class TestSetHostCmd(TestValueArgumentPropertyCmd):
 
 
1089
    command = SetHostCmd
 
 
1091
    values_to_set = ["192.0.2.3", "foo.example.org"]
 
 
1093
class TestSetSecretCmd(TestValueArgumentPropertyCmd):
 
 
1094
    command = SetSecretCmd
 
 
1096
    values_to_set = [open("/dev/null", "rb"),
 
 
1097
                     io.BytesIO(b"secret\0xyzzy\nbar")]
 
 
1098
    values_to_get = [b"", b"secret\0xyzzy\nbar"]
 
 
1100
class TestSetTimeoutCmd(TestValueArgumentPropertyCmd):
 
 
1101
    command = SetTimeoutCmd
 
 
1102
    property = "Timeout"
 
 
1103
    values_to_set = ["P0D", "PT5M", "PT1S", "PT120S", "P1Y"]
 
 
1104
    values_to_get = [0, 300000, 1000, 120000, 31449600000]
 
 
1106
class TestSetExtendedTimeoutCmd(TestValueArgumentPropertyCmd):
 
 
1107
    command = SetExtendedTimeoutCmd
 
 
1108
    property = "ExtendedTimeout"
 
 
1109
    values_to_set = ["P0D", "PT5M", "PT1S", "PT120S", "P1Y"]
 
 
1110
    values_to_get = [0, 300000, 1000, 120000, 31449600000]
 
 
1112
class TestSetIntervalCmd(TestValueArgumentPropertyCmd):
 
 
1113
    command = SetIntervalCmd
 
 
1114
    property = "Interval"
 
 
1115
    values_to_set = ["P0D", "PT5M", "PT1S", "PT120S", "P1Y"]
 
 
1116
    values_to_get = [0, 300000, 1000, 120000, 31449600000]
 
 
1118
class TestSetApprovalDelayCmd(TestValueArgumentPropertyCmd):
 
 
1119
    command = SetApprovalDelayCmd
 
 
1120
    property = "ApprovalDelay"
 
 
1121
    values_to_set = ["P0D", "PT5M", "PT1S", "PT120S", "P1Y"]
 
 
1122
    values_to_get = [0, 300000, 1000, 120000, 31449600000]
 
 
1124
class TestSetApprovalDurationCmd(TestValueArgumentPropertyCmd):
 
 
1125
    command = SetApprovalDurationCmd
 
 
1126
    property = "ApprovalDuration"
 
 
1127
    values_to_set = ["P0D", "PT5M", "PT1S", "PT120S", "P1Y"]
 
 
1128
    values_to_get = [0, 300000, 1000, 120000, 31449600000]
 
 
1130
class Test_command_from_options(unittest.TestCase):
 
 
1132
        self.parser = argparse.ArgumentParser()
 
 
1133
        add_command_line_options(self.parser)
 
 
1134
    def assert_command_from_args(self, args, command_cls, **cmd_attrs):
 
 
1135
        """Assert that parsing ARGS should result in an instance of
 
 
1136
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
 
 
1137
        options = self.parser.parse_args(args)
 
 
1138
        commands = commands_from_options(options)
 
 
1139
        self.assertEqual(len(commands), 1)
 
 
1140
        command = commands[0]
 
 
1141
        self.assertIsInstance(command, command_cls)
 
 
1142
        for key, value in cmd_attrs.items():
 
 
1143
            self.assertEqual(getattr(command, key), value)
 
 
1144
    def test_print_table(self):
 
 
1145
        self.assert_command_from_args([], PrintTableCmd,
 
 
1148
    def test_print_table_verbose(self):
 
 
1149
        self.assert_command_from_args(["--verbose"], PrintTableCmd,
 
 
1152
    def test_enable(self):
 
 
1153
        self.assert_command_from_args(["--enable", "foo"], EnableCmd)
 
 
1155
    def test_disable(self):
 
 
1156
        self.assert_command_from_args(["--disable", "foo"],
 
 
1159
    def test_bump_timeout(self):
 
 
1160
        self.assert_command_from_args(["--bump-timeout", "foo"],
 
 
1163
    def test_start_checker(self):
 
 
1164
        self.assert_command_from_args(["--start-checker", "foo"],
 
 
1167
    def test_stop_checker(self):
 
 
1168
        self.assert_command_from_args(["--stop-checker", "foo"],
 
 
1171
    def test_remove(self):
 
 
1172
        self.assert_command_from_args(["--remove", "foo"],
 
 
1175
    def test_checker(self):
 
 
1176
        self.assert_command_from_args(["--checker", ":", "foo"],
 
 
1177
                                      SetCheckerCmd, value_to_set=":")
 
 
1179
    def test_timeout(self):
 
 
1180
        self.assert_command_from_args(["--timeout", "PT5M", "foo"],
 
 
1182
                                      value_to_set=300000)
 
 
1184
    def test_extended_timeout(self):
 
 
1185
        self.assert_command_from_args(["--extended-timeout", "PT15M",
 
 
1187
                                      SetExtendedTimeoutCmd,
 
 
1188
                                      value_to_set=900000)
 
 
1190
    def test_interval(self):
 
 
1191
        self.assert_command_from_args(["--interval", "PT2M", "foo"],
 
 
1193
                                      value_to_set=120000)
 
 
1195
    def test_approve_by_default(self):
 
 
1196
        self.assert_command_from_args(["--approve-by-default", "foo"],
 
 
1197
                                      ApproveByDefaultCmd)
 
 
1199
    def test_deny_by_default(self):
 
 
1200
        self.assert_command_from_args(["--deny-by-default", "foo"],
 
 
1203
    def test_approval_delay(self):
 
 
1204
        self.assert_command_from_args(["--approval-delay", "PT30S",
 
 
1205
                                       "foo"], SetApprovalDelayCmd,
 
 
1208
    def test_approval_duration(self):
 
 
1209
        self.assert_command_from_args(["--approval-duration", "PT1S",
 
 
1210
                                       "foo"], SetApprovalDurationCmd,
 
 
1213
    def test_host(self):
 
 
1214
        self.assert_command_from_args(["--host", "foo.example.org",
 
 
1216
                                      value_to_set="foo.example.org")
 
 
1218
    def test_secret_devnull(self):
 
 
1219
        self.assert_command_from_args(["--secret", os.path.devnull,
 
 
1220
                                       "foo"], SetSecretCmd,
 
 
1223
    def test_secret_tempfile(self):
 
 
1224
        with tempfile.NamedTemporaryFile(mode="r+b") as f:
 
 
1225
            value = b"secret\0xyzzy\nbar"
 
 
1228
            self.assert_command_from_args(["--secret", f.name,
 
 
1229
                                           "foo"], SetSecretCmd,
 
 
1232
    def test_approve(self):
 
 
1233
        self.assert_command_from_args(["--approve", "foo"],
 
 
1236
    def test_deny(self):
 
 
1237
        self.assert_command_from_args(["--deny", "foo"], DenyCmd)
 
 
1239
    def test_dump_json(self):
 
 
1240
        self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
 
 
1242
    def test_is_enabled(self):
 
 
1243
        self.assert_command_from_args(["--is-enabled", "foo"],
 
 
1248
def should_only_run_tests():
 
 
1249
    parser = argparse.ArgumentParser(add_help=False)
 
 
1250
    parser.add_argument("--check", action='store_true')
 
 
1251
    args, unknown_args = parser.parse_known_args()
 
 
1252
    run_tests = args.check
 
 
1254
        # Remove --check argument from sys.argv
 
 
1255
        sys.argv[1:] = unknown_args
 
 
1258
# Add all tests from doctest strings
 
 
1259
def load_tests(loader, tests, none):
 
 
1261
    tests.addTests(doctest.DocTestSuite())
 
470
1264
if __name__ == "__main__":
 
 
1265
    if should_only_run_tests():
 
 
1266
        # Call using ./tdd-python-script --check [--verbose]