/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: Teddy Hogeborn
  • Date: 2019-03-07 21:37:10 UTC
  • Revision ID: teddy@recompile.se-20190307213710-brbbpkpqxcq8e444
mandos-ctl.xml: Clarify the conflicting nature of some options

* mandos-ctl.xml (SYNOPSIS): Show --start-checker and --stop-checker
                             as mutually exclusive.  Show --remove as
                             incompatible with everything except
                             --deny.

Show diffs side-by-side

added added

removed removed

Lines of Context:
44
44
import logging
45
45
import io
46
46
import tempfile
47
 
import contextlib
48
47
 
49
48
import dbus
50
49
 
64
63
 
65
64
locale.setlocale(locale.LC_ALL, "")
66
65
 
67
 
dbus_busname_domain = "se.recompile"
68
 
dbus_busname = dbus_busname_domain + ".Mandos"
69
 
server_dbus_path = "/"
70
 
server_dbus_interface = dbus_busname_domain + ".Mandos"
71
 
client_dbus_interface = dbus_busname_domain + ".Mandos.Client"
72
 
del dbus_busname_domain
 
66
domain = "se.recompile"
 
67
busname = domain + ".Mandos"
 
68
server_path = "/"
 
69
server_interface = domain + ".Mandos"
 
70
client_interface = domain + ".Mandos.Client"
73
71
version = "1.8.3"
74
72
 
75
73
 
277
275
# Abstract classes first
278
276
class Command(object):
279
277
    """Abstract class for commands"""
280
 
    def run(self, clients, bus=None, mandos=None):
 
278
    def run(self, mandos, clients):
281
279
        """Normal commands should implement run_on_one_client(), but
282
280
        commands which want to operate on all clients at the same time
283
281
        can override this run() method instead."""
284
282
        self.mandos = mandos
285
 
        for clientpath, properties in clients.items():
286
 
            log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
287
 
                      dbus_busname, str(clientpath))
288
 
            client = bus.get_object(dbus_busname, clientpath)
 
283
        for client, properties in clients.items():
289
284
            self.run_on_one_client(client, properties)
290
285
 
291
286
class PrintCmd(Command):
297
292
                    "LastApprovalRequest", "ApprovalDelay",
298
293
                    "ApprovalDuration", "Checker", "ExtendedTimeout",
299
294
                    "Expires", "LastCheckerStatus")
300
 
    def run(self, clients, bus=None, mandos=None):
301
 
        print(self.output(clients.values()))
302
 
    def output(self, clients):
303
 
        raise NotImplementedError()
 
295
    def run(self, mandos, clients):
 
296
        print(self.output(clients))
304
297
 
305
298
class PropertyCmd(Command):
306
299
    """Abstract class for Actions for setting one client property"""
307
300
    def run_on_one_client(self, client, properties):
308
301
        """Set the Client's D-Bus property"""
309
 
        log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", dbus_busname,
310
 
                  client.__dbus_object_path__,
311
 
                  dbus.PROPERTIES_IFACE, client_dbus_interface,
312
 
                  self.propname, self.value_to_set
313
 
                  if not isinstance(self.value_to_set, dbus.Boolean)
314
 
                  else bool(self.value_to_set))
315
 
        client.Set(client_dbus_interface, self.propname,
316
 
                   self.value_to_set,
 
302
        client.Set(client_interface, self.property, self.value_to_set,
317
303
                   dbus_interface=dbus.PROPERTIES_IFACE)
318
 
    @property
319
 
    def propname(self):
320
 
        raise NotImplementedError()
321
304
 
322
 
class PropertyValueCmd(PropertyCmd):
323
 
    """Abstract class for PropertyCmd recieving a value as argument"""
 
305
class ValueArgumentMixIn(object):
 
306
    """Mixin class for commands taking a value as argument"""
324
307
    def __init__(self, value):
325
308
        self.value_to_set = value
326
309
 
327
 
class MillisecondsPropertyValueArgumentCmd(PropertyValueCmd):
328
 
    """Abstract class for PropertyValueCmd taking a value argument as
329
 
a datetime.timedelta() but should store it as milliseconds."""
 
310
class MillisecondsValueArgumentMixIn(ValueArgumentMixIn):
 
311
    """Mixin class for commands taking a value argument as
 
312
    milliseconds."""
330
313
    @property
331
314
    def value_to_set(self):
332
315
        return self._vts
333
316
    @value_to_set.setter
334
317
    def value_to_set(self, value):
335
 
        """When setting, convert value from a datetime.timedelta"""
 
318
        """When setting, convert value to a datetime.timedelta"""
336
319
        self._vts = int(round(value.total_seconds() * 1000))
337
320
 
338
321
# Actual (non-abstract) command classes
346
329
        keywords = default_keywords
347
330
        if self.verbose:
348
331
            keywords = self.all_keywords
349
 
        return str(self.TableOfClients(clients, keywords))
 
332
        return str(self.TableOfClients(clients.values(), keywords))
350
333
 
351
334
    class TableOfClients(object):
352
335
        tableheaders = {
438
421
        return value
439
422
 
440
423
class IsEnabledCmd(Command):
441
 
    def run(self, clients, bus=None, mandos=None):
442
 
        client, properties = next(iter(clients.items()))
 
424
    def run_on_one_client(self, client, properties):
443
425
        if self.is_enabled(client, properties):
444
426
            sys.exit(0)
445
427
        sys.exit(1)
446
428
    def is_enabled(self, client, properties):
447
 
        return properties["Enabled"]
 
429
        return bool(properties["Enabled"])
448
430
 
449
431
class RemoveCmd(Command):
450
432
    def run_on_one_client(self, client, properties):
451
 
        log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,
452
 
                  server_dbus_path, server_dbus_interface,
453
 
                  str(client.__dbus_object_path__))
454
433
        self.mandos.RemoveClient(client.__dbus_object_path__)
455
434
 
456
435
class ApproveCmd(Command):
457
436
    def run_on_one_client(self, client, properties):
458
 
        log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,
459
 
                  client.__dbus_object_path__, client_dbus_interface)
460
437
        client.Approve(dbus.Boolean(True),
461
 
                       dbus_interface=client_dbus_interface)
 
438
                       dbus_interface=client_interface)
462
439
 
463
440
class DenyCmd(Command):
464
441
    def run_on_one_client(self, client, properties):
465
 
        log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,
466
 
                  client.__dbus_object_path__, client_dbus_interface)
467
442
        client.Approve(dbus.Boolean(False),
468
 
                       dbus_interface=client_dbus_interface)
 
443
                       dbus_interface=client_interface)
469
444
 
470
445
class EnableCmd(PropertyCmd):
471
 
    propname = "Enabled"
 
446
    property = "Enabled"
472
447
    value_to_set = dbus.Boolean(True)
473
448
 
474
449
class DisableCmd(PropertyCmd):
475
 
    propname = "Enabled"
 
450
    property = "Enabled"
476
451
    value_to_set = dbus.Boolean(False)
477
452
 
478
453
class BumpTimeoutCmd(PropertyCmd):
479
 
    propname = "LastCheckedOK"
 
454
    property = "LastCheckedOK"
480
455
    value_to_set = ""
481
456
 
482
457
class StartCheckerCmd(PropertyCmd):
483
 
    propname = "CheckerRunning"
 
458
    property = "CheckerRunning"
484
459
    value_to_set = dbus.Boolean(True)
485
460
 
486
461
class StopCheckerCmd(PropertyCmd):
487
 
    propname = "CheckerRunning"
 
462
    property = "CheckerRunning"
488
463
    value_to_set = dbus.Boolean(False)
489
464
 
490
465
class ApproveByDefaultCmd(PropertyCmd):
491
 
    propname = "ApprovedByDefault"
 
466
    property = "ApprovedByDefault"
492
467
    value_to_set = dbus.Boolean(True)
493
468
 
494
469
class DenyByDefaultCmd(PropertyCmd):
495
 
    propname = "ApprovedByDefault"
 
470
    property = "ApprovedByDefault"
496
471
    value_to_set = dbus.Boolean(False)
497
472
 
498
 
class SetCheckerCmd(PropertyValueCmd):
499
 
    propname = "Checker"
500
 
 
501
 
class SetHostCmd(PropertyValueCmd):
502
 
    propname = "Host"
503
 
 
504
 
class SetSecretCmd(PropertyValueCmd):
505
 
    propname = "Secret"
 
473
class SetCheckerCmd(PropertyCmd, ValueArgumentMixIn):
 
474
    property = "Checker"
 
475
 
 
476
class SetHostCmd(PropertyCmd, ValueArgumentMixIn):
 
477
    property = "Host"
 
478
 
 
479
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
506
480
    @property
507
481
    def value_to_set(self):
508
482
        return self._vts
511
485
        """When setting, read data from supplied file object"""
512
486
        self._vts = value.read()
513
487
        value.close()
514
 
 
515
 
class SetTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
516
 
    propname = "Timeout"
517
 
 
518
 
class SetExtendedTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
519
 
    propname = "ExtendedTimeout"
520
 
 
521
 
class SetIntervalCmd(MillisecondsPropertyValueArgumentCmd):
522
 
    propname = "Interval"
523
 
 
524
 
class SetApprovalDelayCmd(MillisecondsPropertyValueArgumentCmd):
525
 
    propname = "ApprovalDelay"
526
 
 
527
 
class SetApprovalDurationCmd(MillisecondsPropertyValueArgumentCmd):
528
 
    propname = "ApprovalDuration"
 
488
    property = "Secret"
 
489
 
 
490
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
 
491
    property = "Timeout"
 
492
 
 
493
class SetExtendedTimeoutCmd(PropertyCmd,
 
494
                            MillisecondsValueArgumentMixIn):
 
495
    property = "ExtendedTimeout"
 
496
 
 
497
class SetIntervalCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
 
498
    property = "Interval"
 
499
 
 
500
class SetApprovalDelayCmd(PropertyCmd,
 
501
                          MillisecondsValueArgumentMixIn):
 
502
    property = "ApprovalDelay"
 
503
 
 
504
class SetApprovalDurationCmd(PropertyCmd,
 
505
                             MillisecondsValueArgumentMixIn):
 
506
    property = "ApprovalDuration"
529
507
 
530
508
def add_command_line_options(parser):
531
509
    parser.add_argument("--version", action="version",
587
565
        help="Approve any current client request")
588
566
    approve_deny.add_argument("-D", "--deny", action="store_true",
589
567
                              help="Deny any current client request")
590
 
    parser.add_argument("--debug", action="store_true",
591
 
                        help="Debug mode (show D-Bus commands)")
592
568
    parser.add_argument("--check", action="store_true",
593
569
                        help="Run self-test")
594
570
    parser.add_argument("client", nargs="*", help="Client name")
619
595
    if options.is_enabled:
620
596
        commands.append(IsEnabledCmd())
621
597
 
 
598
    if options.remove:
 
599
        commands.append(RemoveCmd())
 
600
 
622
601
    if options.checker is not None:
623
602
        commands.append(SetCheckerCmd(options.checker))
624
603
 
657
636
    if options.deny:
658
637
        commands.append(DenyCmd())
659
638
 
660
 
    if options.remove:
661
 
        commands.append(RemoveCmd())
662
 
 
663
639
    # If no command option has been given, show table of clients,
664
640
    # optionally verbosely
665
641
    if not commands:
669
645
 
670
646
 
671
647
def check_option_syntax(parser, options):
672
 
    """Apply additional restrictions on options, not expressible in
673
 
argparse"""
674
648
 
675
649
    def has_actions(options):
676
650
        return any((options.enable,
703
677
        parser.error("--all requires an action.")
704
678
    if options.is_enabled and len(options.client) > 1:
705
679
        parser.error("--is-enabled requires exactly one client")
706
 
    if options.remove:
707
 
        options.remove = False
708
 
        if has_actions(options) and not options.deny:
709
 
            parser.error("--remove can only be combined with --deny")
710
 
        options.remove = True
711
680
 
712
681
 
713
682
def main():
721
690
 
722
691
    clientnames = options.client
723
692
 
724
 
    if options.debug:
725
 
        log.setLevel(logging.DEBUG)
726
 
 
727
693
    try:
728
694
        bus = dbus.SystemBus()
729
 
        log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
730
 
                  dbus_busname, server_dbus_path)
731
 
        mandos_dbus_objc = bus.get_object(dbus_busname,
732
 
                                          server_dbus_path)
 
695
        mandos_dbus_objc = bus.get_object(busname, server_path)
733
696
    except dbus.exceptions.DBusException:
734
697
        log.critical("Could not connect to Mandos server")
735
698
        sys.exit(1)
736
699
 
737
700
    mandos_serv = dbus.Interface(mandos_dbus_objc,
738
 
                                 dbus_interface=server_dbus_interface)
 
701
                                 dbus_interface=server_interface)
739
702
    mandos_serv_object_manager = dbus.Interface(
740
703
        mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
741
704
 
747
710
    dbus_filter = NullFilter()
748
711
    try:
749
712
        dbus_logger.addFilter(dbus_filter)
750
 
        log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,
751
 
                  server_dbus_path, dbus.OBJECT_MANAGER_IFACE)
752
 
        mandos_clients = {path: ifs_and_props[client_dbus_interface]
 
713
        mandos_clients = {path: ifs_and_props[client_interface]
753
714
                          for path, ifs_and_props in
754
715
                          mandos_serv_object_manager
755
716
                          .GetManagedObjects().items()
756
 
                          if client_dbus_interface in ifs_and_props}
 
717
                          if client_interface in ifs_and_props}
757
718
    except dbus.exceptions.DBusException as e:
758
719
        log.critical("Failed to access Mandos server through D-Bus:"
759
720
                     "\n%s", e)
766
727
    clients = {}
767
728
 
768
729
    if not clientnames:
769
 
        clients = {objpath: properties
770
 
                   for objpath, properties in mandos_clients.items()}
 
730
        clients = {bus.get_object(busname, path): properties
 
731
                   for path, properties in mandos_clients.items()}
771
732
    else:
772
733
        for name in clientnames:
773
 
            for objpath, properties in mandos_clients.items():
774
 
                if properties["Name"] == name:
775
 
                    clients[objpath] = properties
 
734
            for path, client in mandos_clients.items():
 
735
                if client["Name"] == name:
 
736
                    client_objc = bus.get_object(busname, path)
 
737
                    clients[client_objc] = client
776
738
                    break
777
739
            else:
778
740
                log.critical("Client not found on server: %r", name)
781
743
    # Run all commands on clients
782
744
    commands = commands_from_options(options)
783
745
    for command in commands:
784
 
        command.run(clients, bus, mandos_serv)
 
746
        command.run(mandos_serv, clients)
785
747
 
786
748
 
787
749
class Test_milliseconds_to_string(unittest.TestCase):
836
798
        testcase = self
837
799
        class MockClient(object):
838
800
            def __init__(self, name, **attributes):
839
 
                self.__dbus_object_path__ = "/clients/{}".format(name)
 
801
                self.__dbus_object_path__ = "objpath_{}".format(name)
840
802
                self.attributes = attributes
841
803
                self.attributes["Name"] = name
842
804
                self.calls = []
843
 
            def Set(self, interface, propname, value, dbus_interface):
844
 
                testcase.assertEqual(interface, client_dbus_interface)
845
 
                testcase.assertEqual(dbus_interface,
846
 
                                     dbus.PROPERTIES_IFACE)
847
 
                self.attributes[propname] = value
848
 
            def Get(self, interface, propname, dbus_interface):
849
 
                testcase.assertEqual(interface, client_dbus_interface)
850
 
                testcase.assertEqual(dbus_interface,
851
 
                                     dbus.PROPERTIES_IFACE)
852
 
                return self.attributes[propname]
 
805
            def Set(self, interface, property, value, dbus_interface):
 
806
                testcase.assertEqual(interface, client_interface)
 
807
                testcase.assertEqual(dbus_interface,
 
808
                                     dbus.PROPERTIES_IFACE)
 
809
                self.attributes[property] = value
 
810
            def Get(self, interface, property, dbus_interface):
 
811
                testcase.assertEqual(interface, client_interface)
 
812
                testcase.assertEqual(dbus_interface,
 
813
                                     dbus.PROPERTIES_IFACE)
 
814
                return self.attributes[property]
853
815
            def Approve(self, approve, dbus_interface):
854
 
                testcase.assertEqual(dbus_interface,
855
 
                                     client_dbus_interface)
 
816
                testcase.assertEqual(dbus_interface, client_interface)
856
817
                self.calls.append(("Approve", (approve,
857
818
                                               dbus_interface)))
858
819
        self.client = MockClient(
905
866
            LastCheckerStatus=-2)
906
867
        self.clients =  collections.OrderedDict(
907
868
            [
908
 
                ("/clients/foo", self.client.attributes),
909
 
                ("/clients/barbar", self.other_client.attributes),
 
869
                (self.client, self.client.attributes),
 
870
                (self.other_client, self.other_client.attributes),
910
871
            ])
911
 
        self.one_client = {"/clients/foo": self.client.attributes}
912
 
    @property
913
 
    def bus(self):
914
 
        class Bus(object):
915
 
            @staticmethod
916
 
            def get_object(client_bus_name, path):
917
 
                self.assertEqual(client_bus_name, dbus_busname)
918
 
                return {
919
 
                    "/clients/foo": self.client,
920
 
                    "/clients/barbar": self.other_client,
921
 
                }[path]
922
 
        return Bus()
 
872
        self.one_client = {self.client: self.client.attributes}
923
873
 
924
874
class TestPrintTableCmd(TestCmd):
925
875
    def test_normal(self):
926
 
        output = PrintTableCmd().output(self.clients.values())
 
876
        output = PrintTableCmd().output(self.clients)
927
877
        expected_output = """
928
878
Name   Enabled Timeout  Last Successful Check
929
879
foo    Yes     00:05:00 2019-02-03T00:00:00  
931
881
"""[1:-1]
932
882
        self.assertEqual(output, expected_output)
933
883
    def test_verbose(self):
934
 
        output = PrintTableCmd(verbose=True).output(
935
 
            self.clients.values())
 
884
        output = PrintTableCmd(verbose=True).output(self.clients)
936
885
        expected_output = """
937
886
Name   Enabled Timeout  Last Successful Check Created             Interval Host            Key ID                                                           Fingerprint                              Check Is Running Last Enabled        Approval Is Pending Approved By Default Last Approval Request Approval Delay Approval Duration Checker              Extended Timeout Expires             Last Checker Status
938
887
foo    Yes     00:05:00 2019-02-03T00:00:00   2019-01-02T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 No               2019-01-03T00:00:00 No                  Yes                                       00:00:00       00:00:01          fping -q -- %(host)s 00:15:00         2019-02-04T00:00:00 0                  
940
889
"""[1:-1]
941
890
        self.assertEqual(output, expected_output)
942
891
    def test_one_client(self):
943
 
        output = PrintTableCmd().output(self.one_client.values())
 
892
        output = PrintTableCmd().output(self.one_client)
944
893
        expected_output = """
945
894
Name Enabled Timeout  Last Successful Check
946
895
foo  Yes     00:05:00 2019-02-03T00:00:00  
1015
964
                            for client, properties in self.clients.items()))
1016
965
    def test_is_enabled_run_exits_successfully(self):
1017
966
        with self.assertRaises(SystemExit) as e:
1018
 
            IsEnabledCmd().run(self.one_client)
 
967
            IsEnabledCmd().run(None, self.one_client)
1019
968
        if e.exception.code is not None:
1020
969
            self.assertEqual(e.exception.code, 0)
1021
970
        else:
1023
972
    def test_is_enabled_run_exits_with_failure(self):
1024
973
        self.client.attributes["Enabled"] = dbus.Boolean(False)
1025
974
        with self.assertRaises(SystemExit) as e:
1026
 
            IsEnabledCmd().run(self.one_client)
 
975
            IsEnabledCmd().run(None, self.one_client)
1027
976
        if isinstance(e.exception.code, int):
1028
977
            self.assertNotEqual(e.exception.code, 0)
1029
978
        else:
1038
987
                self.calls.append(("RemoveClient", (dbus_path,)))
1039
988
        mandos = MockMandos()
1040
989
        super(TestRemoveCmd, self).setUp()
1041
 
        RemoveCmd().run(self.clients, self.bus, mandos)
 
990
        RemoveCmd().run(mandos, self.clients)
1042
991
        self.assertEqual(len(mandos.calls), 2)
1043
 
        for clientpath in self.clients:
1044
 
            self.assertIn(("RemoveClient", (clientpath,)),
 
992
        for client in self.clients:
 
993
            self.assertIn(("RemoveClient",
 
994
                           (client.__dbus_object_path__,)),
1045
995
                          mandos.calls)
1046
996
 
1047
997
class TestApproveCmd(TestCmd):
1048
998
    def test_approve(self):
1049
 
        ApproveCmd().run(self.clients, self.bus)
1050
 
        for clientpath in self.clients:
1051
 
            client = self.bus.get_object(dbus_busname, clientpath)
1052
 
            self.assertIn(("Approve", (True, client_dbus_interface)),
 
999
        ApproveCmd().run(None, self.clients)
 
1000
        for client in self.clients:
 
1001
            self.assertIn(("Approve", (True, client_interface)),
1053
1002
                          client.calls)
1054
1003
 
1055
1004
class TestDenyCmd(TestCmd):
1056
1005
    def test_deny(self):
1057
 
        DenyCmd().run(self.clients, self.bus)
1058
 
        for clientpath in self.clients:
1059
 
            client = self.bus.get_object(dbus_busname, clientpath)
1060
 
            self.assertIn(("Approve", (False, client_dbus_interface)),
 
1006
        DenyCmd().run(None, self.clients)
 
1007
        for client in self.clients:
 
1008
            self.assertIn(("Approve", (False, client_interface)),
1061
1009
                          client.calls)
1062
1010
 
1063
1011
class TestEnableCmd(TestCmd):
1064
1012
    def test_enable(self):
1065
 
        for clientpath in self.clients:
1066
 
            client = self.bus.get_object(dbus_busname, clientpath)
 
1013
        for client in self.clients:
1067
1014
            client.attributes["Enabled"] = False
1068
1015
 
1069
 
        EnableCmd().run(self.clients, self.bus)
 
1016
        EnableCmd().run(None, self.clients)
1070
1017
 
1071
 
        for clientpath in self.clients:
1072
 
            client = self.bus.get_object(dbus_busname, clientpath)
 
1018
        for client in self.clients:
1073
1019
            self.assertTrue(client.attributes["Enabled"])
1074
1020
 
1075
1021
class TestDisableCmd(TestCmd):
1076
1022
    def test_disable(self):
1077
 
        DisableCmd().run(self.clients, self.bus)
1078
 
        for clientpath in self.clients:
1079
 
            client = self.bus.get_object(dbus_busname, clientpath)
 
1023
        DisableCmd().run(None, self.clients)
 
1024
 
 
1025
        for client in self.clients:
1080
1026
            self.assertFalse(client.attributes["Enabled"])
1081
1027
 
1082
1028
class Unique(object):
1092
1038
                                self.values_to_set)
1093
1039
        for value_to_set, value_to_get in zip(self.values_to_set,
1094
1040
                                              values_to_get):
1095
 
            for clientpath in self.clients:
1096
 
                client = self.bus.get_object(dbus_busname, clientpath)
1097
 
                old_value = client.attributes[self.propname]
 
1041
            for client in self.clients:
 
1042
                old_value = client.attributes[self.property]
1098
1043
                self.assertNotIsInstance(old_value, Unique)
1099
 
                client.attributes[self.propname] = Unique()
 
1044
                client.attributes[self.property] = Unique()
1100
1045
            self.run_command(value_to_set, self.clients)
1101
 
            for clientpath in self.clients:
1102
 
                client = self.bus.get_object(dbus_busname, clientpath)
1103
 
                value = client.attributes[self.propname]
 
1046
            for client in self.clients:
 
1047
                value = client.attributes[self.property]
1104
1048
                self.assertNotIsInstance(value, Unique)
1105
1049
                self.assertEqual(value, value_to_get)
1106
1050
    def run_command(self, value, clients):
1107
 
        self.command().run(clients, self.bus)
 
1051
        self.command().run(None, clients)
1108
1052
 
1109
1053
class TestBumpTimeoutCmd(TestPropertyCmd):
1110
1054
    command = BumpTimeoutCmd
1111
 
    propname = "LastCheckedOK"
 
1055
    property = "LastCheckedOK"
1112
1056
    values_to_set = [""]
1113
1057
 
1114
1058
class TestStartCheckerCmd(TestPropertyCmd):
1115
1059
    command = StartCheckerCmd
1116
 
    propname = "CheckerRunning"
 
1060
    property = "CheckerRunning"
1117
1061
    values_to_set = [dbus.Boolean(True)]
1118
1062
 
1119
1063
class TestStopCheckerCmd(TestPropertyCmd):
1120
1064
    command = StopCheckerCmd
1121
 
    propname = "CheckerRunning"
 
1065
    property = "CheckerRunning"
1122
1066
    values_to_set = [dbus.Boolean(False)]
1123
1067
 
1124
1068
class TestApproveByDefaultCmd(TestPropertyCmd):
1125
1069
    command = ApproveByDefaultCmd
1126
 
    propname = "ApprovedByDefault"
 
1070
    property = "ApprovedByDefault"
1127
1071
    values_to_set = [dbus.Boolean(True)]
1128
1072
 
1129
1073
class TestDenyByDefaultCmd(TestPropertyCmd):
1130
1074
    command = DenyByDefaultCmd
1131
 
    propname = "ApprovedByDefault"
 
1075
    property = "ApprovedByDefault"
1132
1076
    values_to_set = [dbus.Boolean(False)]
1133
1077
 
1134
 
class TestPropertyValueCmd(TestPropertyCmd):
1135
 
    """Abstract class for tests of PropertyValueCmd classes"""
 
1078
class TestValueArgumentPropertyCmd(TestPropertyCmd):
 
1079
    """Abstract class for tests of PropertyCmd classes using the
 
1080
ValueArgumentMixIn"""
1136
1081
    def runTest(self):
1137
 
        if type(self) is TestPropertyValueCmd:
 
1082
        if type(self) is TestValueArgumentPropertyCmd:
1138
1083
            return
1139
 
        return super(TestPropertyValueCmd, self).runTest()
 
1084
        return super(TestValueArgumentPropertyCmd, self).runTest()
1140
1085
    def run_command(self, value, clients):
1141
 
        self.command(value).run(clients, self.bus)
 
1086
        self.command(value).run(None, clients)
1142
1087
 
1143
 
class TestSetCheckerCmd(TestPropertyValueCmd):
 
1088
class TestSetCheckerCmd(TestValueArgumentPropertyCmd):
1144
1089
    command = SetCheckerCmd
1145
 
    propname = "Checker"
 
1090
    property = "Checker"
1146
1091
    values_to_set = ["", ":", "fping -q -- %s"]
1147
1092
 
1148
 
class TestSetHostCmd(TestPropertyValueCmd):
 
1093
class TestSetHostCmd(TestValueArgumentPropertyCmd):
1149
1094
    command = SetHostCmd
1150
 
    propname = "Host"
 
1095
    property = "Host"
1151
1096
    values_to_set = ["192.0.2.3", "foo.example.org"]
1152
1097
 
1153
 
class TestSetSecretCmd(TestPropertyValueCmd):
 
1098
class TestSetSecretCmd(TestValueArgumentPropertyCmd):
1154
1099
    command = SetSecretCmd
1155
 
    propname = "Secret"
1156
 
    values_to_set = [io.BytesIO(b""),
 
1100
    property = "Secret"
 
1101
    values_to_set = [open("/dev/null", "rb"),
1157
1102
                     io.BytesIO(b"secret\0xyzzy\nbar")]
1158
1103
    values_to_get = [b"", b"secret\0xyzzy\nbar"]
1159
1104
 
1160
 
class TestSetTimeoutCmd(TestPropertyValueCmd):
 
1105
class TestSetTimeoutCmd(TestValueArgumentPropertyCmd):
1161
1106
    command = SetTimeoutCmd
1162
 
    propname = "Timeout"
 
1107
    property = "Timeout"
1163
1108
    values_to_set = [datetime.timedelta(),
1164
1109
                     datetime.timedelta(minutes=5),
1165
1110
                     datetime.timedelta(seconds=1),
1167
1112
                     datetime.timedelta(weeks=52)]
1168
1113
    values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1169
1114
 
1170
 
class TestSetExtendedTimeoutCmd(TestPropertyValueCmd):
 
1115
class TestSetExtendedTimeoutCmd(TestValueArgumentPropertyCmd):
1171
1116
    command = SetExtendedTimeoutCmd
1172
 
    propname = "ExtendedTimeout"
 
1117
    property = "ExtendedTimeout"
1173
1118
    values_to_set = [datetime.timedelta(),
1174
1119
                     datetime.timedelta(minutes=5),
1175
1120
                     datetime.timedelta(seconds=1),
1177
1122
                     datetime.timedelta(weeks=52)]
1178
1123
    values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1179
1124
 
1180
 
class TestSetIntervalCmd(TestPropertyValueCmd):
 
1125
class TestSetIntervalCmd(TestValueArgumentPropertyCmd):
1181
1126
    command = SetIntervalCmd
1182
 
    propname = "Interval"
 
1127
    property = "Interval"
1183
1128
    values_to_set = [datetime.timedelta(),
1184
1129
                     datetime.timedelta(minutes=5),
1185
1130
                     datetime.timedelta(seconds=1),
1187
1132
                     datetime.timedelta(weeks=52)]
1188
1133
    values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1189
1134
 
1190
 
class TestSetApprovalDelayCmd(TestPropertyValueCmd):
 
1135
class TestSetApprovalDelayCmd(TestValueArgumentPropertyCmd):
1191
1136
    command = SetApprovalDelayCmd
1192
 
    propname = "ApprovalDelay"
 
1137
    property = "ApprovalDelay"
1193
1138
    values_to_set = [datetime.timedelta(),
1194
1139
                     datetime.timedelta(minutes=5),
1195
1140
                     datetime.timedelta(seconds=1),
1197
1142
                     datetime.timedelta(weeks=52)]
1198
1143
    values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1199
1144
 
1200
 
class TestSetApprovalDurationCmd(TestPropertyValueCmd):
 
1145
class TestSetApprovalDurationCmd(TestValueArgumentPropertyCmd):
1201
1146
    command = SetApprovalDurationCmd
1202
 
    propname = "ApprovalDuration"
 
1147
    property = "ApprovalDuration"
1203
1148
    values_to_set = [datetime.timedelta(),
1204
1149
                     datetime.timedelta(minutes=5),
1205
1150
                     datetime.timedelta(seconds=1),
1385
1330
    def test_is_enabled_short(self):
1386
1331
        self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1387
1332
 
1388
 
    def test_deny_before_remove(self):
1389
 
        options = self.parser.parse_args(["--deny", "--remove", "foo"])
1390
 
        check_option_syntax(self.parser, options)
1391
 
        commands = commands_from_options(options)
1392
 
        self.assertEqual(len(commands), 2)
1393
 
        self.assertIsInstance(commands[0], DenyCmd)
1394
 
        self.assertIsInstance(commands[1], RemoveCmd)
1395
 
 
1396
 
    def test_deny_before_remove_reversed(self):
1397
 
        options = self.parser.parse_args(["--remove", "--deny", "--all"])
1398
 
        check_option_syntax(self.parser, options)
1399
 
        commands = commands_from_options(options)
1400
 
        self.assertEqual(len(commands), 2)
1401
 
        self.assertIsInstance(commands[0], DenyCmd)
1402
 
        self.assertIsInstance(commands[1], RemoveCmd)
1403
 
 
1404
 
 
1405
 
class Test_check_option_syntax(unittest.TestCase):
1406
 
    # This mostly corresponds to the definition from has_actions() in
1407
 
    # check_option_syntax()
1408
 
    actions = {
1409
 
        # The actual values set here are not that important, but we do
1410
 
        # at least stick to the correct types, even though they are
1411
 
        # never used
1412
 
        "enable": True,
1413
 
        "disable": True,
1414
 
        "bump_timeout": True,
1415
 
        "start_checker": True,
1416
 
        "stop_checker": True,
1417
 
        "is_enabled": True,
1418
 
        "remove": True,
1419
 
        "checker": "x",
1420
 
        "timeout": datetime.timedelta(),
1421
 
        "extended_timeout": datetime.timedelta(),
1422
 
        "interval": datetime.timedelta(),
1423
 
        "approved_by_default": True,
1424
 
        "approval_delay": datetime.timedelta(),
1425
 
        "approval_duration": datetime.timedelta(),
1426
 
        "host": "x",
1427
 
        "secret": io.BytesIO(b"x"),
1428
 
        "approve": True,
1429
 
        "deny": True,
1430
 
    }
1431
 
 
1432
 
    def setUp(self):
1433
 
        self.parser = argparse.ArgumentParser()
1434
 
        add_command_line_options(self.parser)
1435
 
 
1436
 
    @contextlib.contextmanager
1437
 
    def assertParseError(self):
1438
 
        with self.assertRaises(SystemExit) as e:
1439
 
            with self.temporarily_suppress_stderr():
1440
 
                yield
1441
 
        # Exit code from argparse is guaranteed to be "2".  Reference:
1442
 
        # https://docs.python.org/3/library/argparse.html#exiting-methods
1443
 
        self.assertEqual(e.exception.code, 2)
1444
 
 
1445
 
    @staticmethod
1446
 
    @contextlib.contextmanager
1447
 
    def temporarily_suppress_stderr():
1448
 
        null = os.open(os.path.devnull, os.O_RDWR)
1449
 
        stderrcopy = os.dup(sys.stderr.fileno())
1450
 
        os.dup2(null, sys.stderr.fileno())
1451
 
        os.close(null)
1452
 
        try:
1453
 
            yield
1454
 
        finally:
1455
 
            # restore stderr
1456
 
            os.dup2(stderrcopy, sys.stderr.fileno())
1457
 
            os.close(stderrcopy)
1458
 
 
1459
 
    def check_option_syntax(self, options):
1460
 
        check_option_syntax(self.parser, options)
1461
 
 
1462
 
    def test_actions_requires_client_or_all(self):
1463
 
        for action, value in self.actions.items():
1464
 
            options = self.parser.parse_args()
1465
 
            setattr(options, action, value)
1466
 
            with self.assertParseError():
1467
 
                self.check_option_syntax(options)
1468
 
 
1469
 
    def test_actions_conflicts_with_verbose(self):
1470
 
        for action, value in self.actions.items():
1471
 
            options = self.parser.parse_args()
1472
 
            setattr(options, action, value)
1473
 
            options.verbose = True
1474
 
            with self.assertParseError():
1475
 
                self.check_option_syntax(options)
1476
 
 
1477
 
    def test_dump_json_conflicts_with_verbose(self):
1478
 
        options = self.parser.parse_args()
1479
 
        options.dump_json = True
1480
 
        options.verbose = True
1481
 
        with self.assertParseError():
1482
 
            self.check_option_syntax(options)
1483
 
 
1484
 
    def test_dump_json_conflicts_with_action(self):
1485
 
        for action, value in self.actions.items():
1486
 
            options = self.parser.parse_args()
1487
 
            setattr(options, action, value)
1488
 
            options.dump_json = True
1489
 
            with self.assertParseError():
1490
 
                self.check_option_syntax(options)
1491
 
 
1492
 
    def test_all_can_not_be_alone(self):
1493
 
        options = self.parser.parse_args()
1494
 
        options.all = True
1495
 
        with self.assertParseError():
1496
 
            self.check_option_syntax(options)
1497
 
 
1498
 
    def test_all_is_ok_with_any_action(self):
1499
 
        for action, value in self.actions.items():
1500
 
            options = self.parser.parse_args()
1501
 
            setattr(options, action, value)
1502
 
            options.all = True
1503
 
            self.check_option_syntax(options)
1504
 
 
1505
 
    def test_is_enabled_fails_without_client(self):
1506
 
        options = self.parser.parse_args()
1507
 
        options.is_enabled = True
1508
 
        with self.assertParseError():
1509
 
            self.check_option_syntax(options)
1510
 
 
1511
 
    def test_is_enabled_works_with_one_client(self):
1512
 
        options = self.parser.parse_args()
1513
 
        options.is_enabled = True
1514
 
        options.client = ["foo"]
1515
 
        self.check_option_syntax(options)
1516
 
 
1517
 
    def test_is_enabled_fails_with_two_clients(self):
1518
 
        options = self.parser.parse_args()
1519
 
        options.is_enabled = True
1520
 
        options.client = ["foo", "barbar"]
1521
 
        with self.assertParseError():
1522
 
            self.check_option_syntax(options)
1523
 
 
1524
 
    def test_remove_can_only_be_combined_with_action_deny(self):
1525
 
        for action, value in self.actions.items():
1526
 
            if action in {"remove", "deny"}:
1527
 
                continue
1528
 
            options = self.parser.parse_args()
1529
 
            setattr(options, action, value)
1530
 
            options.all = True
1531
 
            options.remove = True
1532
 
            with self.assertParseError():
1533
 
                self.check_option_syntax(options)
1534
 
 
1535
1333
 
1536
1334
 
1537
1335
def should_only_run_tests():