To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-ctl
- browse files at revision 1040
- compare with another revision
- download diff
- download tarball
- view history from revision 1040
- Committer: Teddy Hogeborn
- Date: 2019-03-07 21:41:04 UTC
- Revision ID: teddy@recompile.se-20190307214104-covfbvw1ch6ermzl
mandos-ctl.xml: Use RFC3339 duration values in examples
* mandos-ctl.xml (EXAMPLE): Use RFC3339 duration values.
* mandos-ctl.xml (EXAMPLE): Use RFC3339 duration values.
- files modified:
- mandos-ctl
added
removed
mandos-ctl
42
42
import json
43
43
import unittest
44
44
import logging
45
import io
46
import tempfile
45
47
46
48
import dbus
47
49
268
270
return value
269
271
270
272
271
class TableOfClients(object):
272
tableheaders = {
273
"Name": "Name",
274
"Enabled": "Enabled",
275
"Timeout": "Timeout",
276
"LastCheckedOK": "Last Successful Check",
277
"LastApprovalRequest": "Last Approval Request",
278
"Created": "Created",
279
"Interval": "Interval",
280
"Host": "Host",
281
"Fingerprint": "Fingerprint",
282
"KeyID": "Key ID",
283
"CheckerRunning": "Check Is Running",
284
"LastEnabled": "Last Enabled",
285
"ApprovalPending": "Approval Is Pending",
286
"ApprovedByDefault": "Approved By Default",
287
"ApprovalDelay": "Approval Delay",
288
"ApprovalDuration": "Approval Duration",
289
"Checker": "Checker",
290
"ExtendedTimeout": "Extended Timeout",
291
"Expires": "Expires",
292
"LastCheckerStatus": "Last Checker Status",
293
}
294
295
def __init__(self, clients, keywords, tableheaders=None):
296
self.clients = clients
297
self.keywords = keywords
298
if tableheaders is not None:
299
self.tableheaders = tableheaders
300
301
def __str__(self):
302
return "\n".join(self.rows())
303
304
if sys.version_info.major == 2:
305
__unicode__ = __str__
306
def __str__(self):
307
return str(self).encode(locale.getpreferredencoding())
308
309
def rows(self):
310
format_string = self.row_formatting_string()
311
rows = [self.header_line(format_string)]
312
rows.extend(self.client_line(client, format_string)
313
for client in self.clients)
314
return rows
315
316
def row_formatting_string(self):
317
"Format string used to format table rows"
318
return " ".join("{{{key}:{width}}}".format(
319
width=max(len(self.tableheaders[key]),
320
*(len(self.string_from_client(client, key))
321
for client in self.clients)),
322
key=key)
323
for key in self.keywords)
324
325
def string_from_client(self, client, key):
326
return self.valuetostring(client[key], key)
327
328
@staticmethod
329
def valuetostring(value, keyword):
330
if isinstance(value, dbus.Boolean):
331
return "Yes" if value else "No"
332
if keyword in ("Timeout", "Interval", "ApprovalDelay",
333
"ApprovalDuration", "ExtendedTimeout"):
334
return milliseconds_to_string(value)
335
return str(value)
336
337
def header_line(self, format_string):
338
return format_string.format(**self.tableheaders)
339
340
def client_line(self, client, format_string):
341
return format_string.format(
342
**{key: self.string_from_client(client, key)
343
for key in self.keywords})
344
345
346
273
## Classes for commands.
347
274
348
275
# Abstract classes first
353
280
commands which want to operate on all clients at the same time
354
281
can override this run() method instead."""
355
282
self.mandos = mandos
356
for client in clients:
357
self.run_on_one_client(client)
283
for client, properties in clients.items():
284
self.run_on_one_client(client, properties)
358
285
359
286
class PrintCmd(Command):
360
287
"""Abstract class for commands printing client details"""
370
297
371
298
class PropertyCmd(Command):
372
299
"""Abstract class for Actions for setting one client property"""
373
def run_on_one_client(self, client):
300
def run_on_one_client(self, client, properties):
374
301
"""Set the Client's D-Bus property"""
375
302
client.Set(client_interface, self.property, self.value_to_set,
376
303
dbus_interface=dbus.PROPERTIES_IFACE)
389
316
@value_to_set.setter
390
317
def value_to_set(self, value):
391
318
"""When setting, convert value to a datetime.timedelta"""
392
self._vts = string_to_delta(value).total_seconds() * 1000
319
self._vts = int(round(value.total_seconds() * 1000))
393
320
394
321
# Actual (non-abstract) command classes
395
322
396
323
class PrintTableCmd(PrintCmd):
397
324
def __init__(self, verbose=False):
398
325
self.verbose = verbose
326
399
327
def output(self, clients):
328
default_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
329
keywords = default_keywords
400
330
if self.verbose:
401
331
keywords = self.all_keywords
402
else:
403
keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
404
return str(TableOfClients(clients.values(), keywords))
332
return str(self.TableOfClients(clients.values(), keywords))
333
334
class TableOfClients(object):
335
tableheaders = {
336
"Name": "Name",
337
"Enabled": "Enabled",
338
"Timeout": "Timeout",
339
"LastCheckedOK": "Last Successful Check",
340
"LastApprovalRequest": "Last Approval Request",
341
"Created": "Created",
342
"Interval": "Interval",
343
"Host": "Host",
344
"Fingerprint": "Fingerprint",
345
"KeyID": "Key ID",
346
"CheckerRunning": "Check Is Running",
347
"LastEnabled": "Last Enabled",
348
"ApprovalPending": "Approval Is Pending",
349
"ApprovedByDefault": "Approved By Default",
350
"ApprovalDelay": "Approval Delay",
351
"ApprovalDuration": "Approval Duration",
352
"Checker": "Checker",
353
"ExtendedTimeout": "Extended Timeout",
354
"Expires": "Expires",
355
"LastCheckerStatus": "Last Checker Status",
356
}
357
358
def __init__(self, clients, keywords, tableheaders=None):
359
self.clients = clients
360
self.keywords = keywords
361
if tableheaders is not None:
362
self.tableheaders = tableheaders
363
364
def __str__(self):
365
return "\n".join(self.rows())
366
367
if sys.version_info.major == 2:
368
__unicode__ = __str__
369
def __str__(self):
370
return str(self).encode(locale.getpreferredencoding())
371
372
def rows(self):
373
format_string = self.row_formatting_string()
374
rows = [self.header_line(format_string)]
375
rows.extend(self.client_line(client, format_string)
376
for client in self.clients)
377
return rows
378
379
def row_formatting_string(self):
380
"Format string used to format table rows"
381
return " ".join("{{{key}:{width}}}".format(
382
width=max(len(self.tableheaders[key]),
383
*(len(self.string_from_client(client, key))
384
for client in self.clients)),
385
key=key)
386
for key in self.keywords)
387
388
def string_from_client(self, client, key):
389
return self.valuetostring(client[key], key)
390
391
@staticmethod
392
def valuetostring(value, keyword):
393
if isinstance(value, dbus.Boolean):
394
return "Yes" if value else "No"
395
if keyword in ("Timeout", "Interval", "ApprovalDelay",
396
"ApprovalDuration", "ExtendedTimeout"):
397
return milliseconds_to_string(value)
398
return str(value)
399
400
def header_line(self, format_string):
401
return format_string.format(**self.tableheaders)
402
403
def client_line(self, client, format_string):
404
return format_string.format(
405
**{key: self.string_from_client(client, key)
406
for key in self.keywords})
407
408
405
409
406
410
class DumpJSONCmd(PrintCmd):
407
411
def output(self, clients):
417
421
return value
418
422
419
423
class IsEnabledCmd(Command):
420
def run_on_one_client(self, client):
421
if self.is_enabled(client):
424
def run_on_one_client(self, client, properties):
425
if self.is_enabled(client, properties):
422
426
sys.exit(0)
423
427
sys.exit(1)
424
def is_enabled(self, client):
425
return client.Get(client_interface, "Enabled",
426
dbus_interface=dbus.PROPERTIES_IFACE)
428
def is_enabled(self, client, properties):
429
return bool(properties["Enabled"])
427
430
428
431
class RemoveCmd(Command):
429
def run_on_one_client(self, client):
432
def run_on_one_client(self, client, properties):
430
433
self.mandos.RemoveClient(client.__dbus_object_path__)
431
434
432
435
class ApproveCmd(Command):
433
def run_on_one_client(self, client):
436
def run_on_one_client(self, client, properties):
434
437
client.Approve(dbus.Boolean(True),
435
438
dbus_interface=client_interface)
436
439
437
440
class DenyCmd(Command):
438
def run_on_one_client(self, client):
441
def run_on_one_client(self, client, properties):
439
442
client.Approve(dbus.Boolean(False),
440
443
dbus_interface=client_interface)
441
444
474
477
property = "Host"
475
478
476
479
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
480
@property
481
def value_to_set(self):
482
return self._vts
483
@value_to_set.setter
484
def value_to_set(self, value):
485
"""When setting, read data from supplied file object"""
486
self._vts = value.read()
487
value.close()
477
488
property = "Secret"
478
489
479
490
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
494
505
MillisecondsValueArgumentMixIn):
495
506
property = "ApprovalDuration"
496
507
497
def has_actions(options):
498
return any((options.enable,
499
options.disable,
500
options.bump_timeout,
501
options.start_checker,
502
options.stop_checker,
503
options.is_enabled,
504
options.remove,
505
options.checker is not None,
506
options.timeout is not None,
507
options.extended_timeout is not None,
508
options.interval is not None,
509
options.approved_by_default is not None,
510
options.approval_delay is not None,
511
options.approval_duration is not None,
512
options.host is not None,
513
options.secret is not None,
514
options.approve,
515
options.deny))
516
517
518
def commands_and_clients_from_options(args=None):
519
if args is None:
520
args=sys.argv[1:]
521
parser = argparse.ArgumentParser()
508
def add_command_line_options(parser):
522
509
parser.add_argument("--version", action="version",
523
510
version="%(prog)s {}".format(version),
524
511
help="show version number and exit")
549
536
help="Remove client")
550
537
parser.add_argument("-c", "--checker",
551
538
help="Set checker command for client")
552
parser.add_argument("-t", "--timeout",
539
parser.add_argument("-t", "--timeout", type=string_to_delta,
553
540
help="Set timeout for client")
554
parser.add_argument("--extended-timeout",
541
parser.add_argument("--extended-timeout", type=string_to_delta,
555
542
help="Set extended timeout for client")
556
parser.add_argument("-i", "--interval",
543
parser.add_argument("-i", "--interval", type=string_to_delta,
557
544
help="Set checker interval for client")
558
545
approve_deny_default = parser.add_mutually_exclusive_group()
559
546
approve_deny_default.add_argument(
564
551
"--deny-by-default", action="store_false",
565
552
dest="approved_by_default",
566
553
help="Set client to be denied by default")
567
parser.add_argument("--approval-delay",
554
parser.add_argument("--approval-delay", type=string_to_delta,
568
555
help="Set delay before client approve/deny")
569
parser.add_argument("--approval-duration",
556
parser.add_argument("--approval-duration", type=string_to_delta,
570
557
help="Set duration of one client approval")
571
558
parser.add_argument("-H", "--host", help="Set host for client")
572
559
parser.add_argument("-s", "--secret",
581
568
parser.add_argument("--check", action="store_true",
582
569
help="Run self-test")
583
570
parser.add_argument("client", nargs="*", help="Client name")
584
options = parser.parse_args(args=args)
585
586
if has_actions(options) and not (options.client or options.all):
587
parser.error("Options require clients names or --all.")
588
if options.verbose and has_actions(options):
589
parser.error("--verbose can only be used alone.")
590
if options.dump_json and (options.verbose
591
or has_actions(options)):
592
parser.error("--dump-json can only be used alone.")
593
if options.all and not has_actions(options):
594
parser.error("--all requires an action.")
595
if options.is_enabled and len(options.client) > 1:
596
parser.error("--is-enabled requires exactly one client")
571
572
573
def commands_from_options(options):
597
574
598
575
commands = []
599
576
607
584
commands.append(DisableCmd())
608
585
609
586
if options.bump_timeout:
610
commands.append(BumpTimeoutCmd(options.bump_timeout))
587
commands.append(BumpTimeoutCmd())
611
588
612
589
if options.start_checker:
613
590
commands.append(StartCheckerCmd())
622
599
commands.append(RemoveCmd())
623
600
624
601
if options.checker is not None:
625
commands.append(SetCheckerCmd())
602
commands.append(SetCheckerCmd(options.checker))
626
603
627
604
if options.timeout is not None:
628
605
commands.append(SetTimeoutCmd(options.timeout))
632
609
SetExtendedTimeoutCmd(options.extended_timeout))
633
610
634
611
if options.interval is not None:
635
command.append(SetIntervalCmd(options.interval))
612
commands.append(SetIntervalCmd(options.interval))
636
613
637
614
if options.approved_by_default is not None:
638
615
if options.approved_by_default:
639
command.append(ApproveByDefaultCmd())
616
commands.append(ApproveByDefaultCmd())
640
617
else:
641
command.append(DenyByDefaultCmd())
618
commands.append(DenyByDefaultCmd())
642
619
643
620
if options.approval_delay is not None:
644
command.append(SetApprovalDelayCmd(options.approval_delay))
621
commands.append(SetApprovalDelayCmd(options.approval_delay))
645
622
646
623
if options.approval_duration is not None:
647
command.append(
624
commands.append(
648
625
SetApprovalDurationCmd(options.approval_duration))
649
626
650
627
if options.host is not None:
651
command.append(SetHostCmd(options.host))
628
commands.append(SetHostCmd(options.host))
652
629
653
630
if options.secret is not None:
654
command.append(SetSecretCmd(options.secret))
631
commands.append(SetSecretCmd(options.secret))
655
632
656
633
if options.approve:
657
634
commands.append(ApproveCmd())
664
641
if not commands:
665
642
commands.append(PrintTableCmd(verbose=options.verbose))
666
643
667
return commands, options.client
644
return commands
645
646
647
def check_option_syntax(parser, options):
648
649
def has_actions(options):
650
return any((options.enable,
651
options.disable,
652
options.bump_timeout,
653
options.start_checker,
654
options.stop_checker,
655
options.is_enabled,
656
options.remove,
657
options.checker is not None,
658
options.timeout is not None,
659
options.extended_timeout is not None,
660
options.interval is not None,
661
options.approved_by_default is not None,
662
options.approval_delay is not None,
663
options.approval_duration is not None,
664
options.host is not None,
665
options.secret is not None,
666
options.approve,
667
options.deny))
668
669
if has_actions(options) and not (options.client or options.all):
670
parser.error("Options require clients names or --all.")
671
if options.verbose and has_actions(options):
672
parser.error("--verbose can only be used alone.")
673
if options.dump_json and (options.verbose
674
or has_actions(options)):
675
parser.error("--dump-json can only be used alone.")
676
if options.all and not has_actions(options):
677
parser.error("--all requires an action.")
678
if options.is_enabled and len(options.client) > 1:
679
parser.error("--is-enabled requires exactly one client")
668
680
669
681
670
682
def main():
671
commands, clientnames = commands_and_clients_from_options()
683
parser = argparse.ArgumentParser()
684
685
add_command_line_options(parser)
686
687
options = parser.parse_args()
688
689
check_option_syntax(parser, options)
690
691
clientnames = options.client
672
692
673
693
try:
674
694
bus = dbus.SystemBus()
688
708
def filter(self, record):
689
709
return False
690
710
dbus_filter = NullFilter()
691
dbus_logger.addFilter(dbus_filter)
692
711
try:
693
try:
694
mandos_clients = {path: ifs_and_props[client_interface]
695
for path, ifs_and_props in
696
mandos_serv_object_manager
697
.GetManagedObjects().items()
698
if client_interface in ifs_and_props}
699
finally:
700
# restore dbus logger
701
dbus_logger.removeFilter(dbus_filter)
712
dbus_logger.addFilter(dbus_filter)
713
mandos_clients = {path: ifs_and_props[client_interface]
714
for path, ifs_and_props in
715
mandos_serv_object_manager
716
.GetManagedObjects().items()
717
if client_interface in ifs_and_props}
702
718
except dbus.exceptions.DBusException as e:
703
719
log.critical("Failed to access Mandos server through D-Bus:"
704
720
"\n%s", e)
705
721
sys.exit(1)
722
finally:
723
# restore dbus logger
724
dbus_logger.removeFilter(dbus_filter)
706
725
707
726
# Compile dict of (clients: properties) to process
708
727
clients = {}
722
741
sys.exit(1)
723
742
724
743
# Run all commands on clients
744
commands = commands_from_options(options)
725
745
for command in commands:
726
746
command.run(mandos_serv, clients)
727
747
741
761
742
762
class Test_string_to_delta(unittest.TestCase):
743
763
def test_handles_basic_rfc3339(self):
764
self.assertEqual(string_to_delta("PT0S"),
765
datetime.timedelta())
766
self.assertEqual(string_to_delta("P0D"),
767
datetime.timedelta())
768
self.assertEqual(string_to_delta("PT1S"),
769
datetime.timedelta(0, 1))
744
770
self.assertEqual(string_to_delta("PT2H"),
745
771
datetime.timedelta(0, 7200))
746
772
def test_falls_back_to_pre_1_6_1_with_warning(self):
775
801
self.__dbus_object_path__ = "objpath_{}".format(name)
776
802
self.attributes = attributes
777
803
self.attributes["Name"] = name
778
def Set(interface, property, value,
779
properties_interface):
804
self.calls = []
805
def Set(self, interface, property, value, dbus_interface):
780
806
testcase.assertEqual(interface, client_interface)
781
testcase.assertEqual(properties_interface,
807
testcase.assertEqual(dbus_interface,
782
808
dbus.PROPERTIES_IFACE)
783
809
self.attributes[property] = value
784
def Get(interface, property, properties_interface):
810
def Get(self, interface, property, dbus_interface):
785
811
testcase.assertEqual(interface, client_interface)
786
testcase.assertEqual(properties_interface,
812
testcase.assertEqual(dbus_interface,
787
813
dbus.PROPERTIES_IFACE)
788
814
return self.attributes[property]
789
def __getitem__(self, key):
790
return self.attributes[key]
791
self.clients = collections.OrderedDict([
792
("foo",
793
MockClient(
794
"foo",
795
KeyID=("92ed150794387c03ce684574b1139a65"
796
"94a34f895daaaf09fd8ea90a27cddb12"),
797
Secret=b"secret",
798
Host="foo.example.org",
799
Enabled=dbus.Boolean(True),
800
Timeout=300000,
801
LastCheckedOK="2019-02-03T00:00:00",
802
Created="2019-01-02T00:00:00",
803
Interval=120000,
804
Fingerprint=("778827225BA7DE539C5A"
805
"7CFA59CFF7CDBD9A5920"),
806
CheckerRunning=dbus.Boolean(False),
807
LastEnabled="2019-01-03T00:00:00",
808
ApprovalPending=dbus.Boolean(False),
809
ApprovedByDefault=dbus.Boolean(True),
810
LastApprovalRequest="",
811
ApprovalDelay=0,
812
ApprovalDuration=1000,
813
Checker="fping -q -- %(host)s",
814
ExtendedTimeout=900000,
815
Expires="2019-02-04T00:00:00",
816
LastCheckerStatus=0)),
817
("barbar",
818
MockClient(
819
"barbar",
820
KeyID=("0558568eedd67d622f5c83b35a115f79"
821
"6ab612cff5ad227247e46c2b020f441c"),
822
Secret=b"secretbar",
823
Host="192.0.2.3",
824
Enabled=dbus.Boolean(True),
825
Timeout=300000,
826
LastCheckedOK="2019-02-04T00:00:00",
827
Created="2019-01-03T00:00:00",
828
Interval=120000,
829
Fingerprint=("3E393AEAEFB84C7E89E2"
830
"F547B3A107558FCA3A27"),
831
CheckerRunning=dbus.Boolean(True),
832
LastEnabled="2019-01-04T00:00:00",
833
ApprovalPending=dbus.Boolean(False),
834
ApprovedByDefault=dbus.Boolean(False),
835
LastApprovalRequest="2019-01-03T00:00:00",
836
ApprovalDelay=30000,
837
ApprovalDuration=1000,
838
Checker=":",
839
ExtendedTimeout=900000,
840
Expires="2019-02-05T00:00:00",
841
LastCheckerStatus=-2)),
815
def Approve(self, approve, dbus_interface):
816
testcase.assertEqual(dbus_interface, client_interface)
817
self.calls.append(("Approve", (approve,
818
dbus_interface)))
819
self.client = MockClient(
820
"foo",
821
KeyID=("92ed150794387c03ce684574b1139a65"
822
"94a34f895daaaf09fd8ea90a27cddb12"),
823
Secret=b"secret",
824
Host="foo.example.org",
825
Enabled=dbus.Boolean(True),
826
Timeout=300000,
827
LastCheckedOK="2019-02-03T00:00:00",
828
Created="2019-01-02T00:00:00",
829
Interval=120000,
830
Fingerprint=("778827225BA7DE539C5A"
831
"7CFA59CFF7CDBD9A5920"),
832
CheckerRunning=dbus.Boolean(False),
833
LastEnabled="2019-01-03T00:00:00",
834
ApprovalPending=dbus.Boolean(False),
835
ApprovedByDefault=dbus.Boolean(True),
836
LastApprovalRequest="",
837
ApprovalDelay=0,
838
ApprovalDuration=1000,
839
Checker="fping -q -- %(host)s",
840
ExtendedTimeout=900000,
841
Expires="2019-02-04T00:00:00",
842
LastCheckerStatus=0)
843
self.other_client = MockClient(
844
"barbar",
845
KeyID=("0558568eedd67d622f5c83b35a115f79"
846
"6ab612cff5ad227247e46c2b020f441c"),
847
Secret=b"secretbar",
848
Host="192.0.2.3",
849
Enabled=dbus.Boolean(True),
850
Timeout=300000,
851
LastCheckedOK="2019-02-04T00:00:00",
852
Created="2019-01-03T00:00:00",
853
Interval=120000,
854
Fingerprint=("3E393AEAEFB84C7E89E2"
855
"F547B3A107558FCA3A27"),
856
CheckerRunning=dbus.Boolean(True),
857
LastEnabled="2019-01-04T00:00:00",
858
ApprovalPending=dbus.Boolean(False),
859
ApprovedByDefault=dbus.Boolean(False),
860
LastApprovalRequest="2019-01-03T00:00:00",
861
ApprovalDelay=30000,
862
ApprovalDuration=1000,
863
Checker=":",
864
ExtendedTimeout=900000,
865
Expires="2019-02-05T00:00:00",
866
LastCheckerStatus=-2)
867
self.clients = collections.OrderedDict(
868
[
869
(self.client, self.client.attributes),
870
(self.other_client, self.other_client.attributes),
842
871
])
872
self.one_client = {self.client: self.client.attributes}
843
873
844
874
class TestPrintTableCmd(TestCmd):
845
875
def test_normal(self):
859
889
"""[1:-1]
860
890
self.assertEqual(output, expected_output)
861
891
def test_one_client(self):
862
output = PrintTableCmd().output({"foo": self.clients["foo"]})
892
output = PrintTableCmd().output(self.one_client)
863
893
expected_output = """
864
894
Name Enabled Timeout Last Successful Check
865
895
foo Yes 00:05:00 2019-02-03T00:00:00
866
896
"""[1:-1]
867
897
self.assertEqual(output, expected_output)
868
898
899
class TestDumpJSONCmd(TestCmd):
900
def setUp(self):
901
self.expected_json = {
902
"foo": {
903
"Name": "foo",
904
"KeyID": ("92ed150794387c03ce684574b1139a65"
905
"94a34f895daaaf09fd8ea90a27cddb12"),
906
"Host": "foo.example.org",
907
"Enabled": True,
908
"Timeout": 300000,
909
"LastCheckedOK": "2019-02-03T00:00:00",
910
"Created": "2019-01-02T00:00:00",
911
"Interval": 120000,
912
"Fingerprint": ("778827225BA7DE539C5A"
913
"7CFA59CFF7CDBD9A5920"),
914
"CheckerRunning": False,
915
"LastEnabled": "2019-01-03T00:00:00",
916
"ApprovalPending": False,
917
"ApprovedByDefault": True,
918
"LastApprovalRequest": "",
919
"ApprovalDelay": 0,
920
"ApprovalDuration": 1000,
921
"Checker": "fping -q -- %(host)s",
922
"ExtendedTimeout": 900000,
923
"Expires": "2019-02-04T00:00:00",
924
"LastCheckerStatus": 0,
925
},
926
"barbar": {
927
"Name": "barbar",
928
"KeyID": ("0558568eedd67d622f5c83b35a115f79"
929
"6ab612cff5ad227247e46c2b020f441c"),
930
"Host": "192.0.2.3",
931
"Enabled": True,
932
"Timeout": 300000,
933
"LastCheckedOK": "2019-02-04T00:00:00",
934
"Created": "2019-01-03T00:00:00",
935
"Interval": 120000,
936
"Fingerprint": ("3E393AEAEFB84C7E89E2"
937
"F547B3A107558FCA3A27"),
938
"CheckerRunning": True,
939
"LastEnabled": "2019-01-04T00:00:00",
940
"ApprovalPending": False,
941
"ApprovedByDefault": False,
942
"LastApprovalRequest": "2019-01-03T00:00:00",
943
"ApprovalDelay": 30000,
944
"ApprovalDuration": 1000,
945
"Checker": ":",
946
"ExtendedTimeout": 900000,
947
"Expires": "2019-02-05T00:00:00",
948
"LastCheckerStatus": -2,
949
},
950
}
951
return super(TestDumpJSONCmd, self).setUp()
952
def test_normal(self):
953
json_data = json.loads(DumpJSONCmd().output(self.clients))
954
self.assertDictEqual(json_data, self.expected_json)
955
def test_one_client(self):
956
clients = self.one_client
957
json_data = json.loads(DumpJSONCmd().output(clients))
958
expected_json = {"foo": self.expected_json["foo"]}
959
self.assertDictEqual(json_data, expected_json)
960
961
class TestIsEnabledCmd(TestCmd):
962
def test_is_enabled(self):
963
self.assertTrue(all(IsEnabledCmd().is_enabled(client, properties)
964
for client, properties in self.clients.items()))
965
def test_is_enabled_run_exits_successfully(self):
966
with self.assertRaises(SystemExit) as e:
967
IsEnabledCmd().run(None, self.one_client)
968
if e.exception.code is not None:
969
self.assertEqual(e.exception.code, 0)
970
else:
971
self.assertIsNone(e.exception.code)
972
def test_is_enabled_run_exits_with_failure(self):
973
self.client.attributes["Enabled"] = dbus.Boolean(False)
974
with self.assertRaises(SystemExit) as e:
975
IsEnabledCmd().run(None, self.one_client)
976
if isinstance(e.exception.code, int):
977
self.assertNotEqual(e.exception.code, 0)
978
else:
979
self.assertIsNotNone(e.exception.code)
980
981
class TestRemoveCmd(TestCmd):
982
def test_remove(self):
983
class MockMandos(object):
984
def __init__(self):
985
self.calls = []
986
def RemoveClient(self, dbus_path):
987
self.calls.append(("RemoveClient", (dbus_path,)))
988
mandos = MockMandos()
989
super(TestRemoveCmd, self).setUp()
990
RemoveCmd().run(mandos, self.clients)
991
self.assertEqual(len(mandos.calls), 2)
992
for client in self.clients:
993
self.assertIn(("RemoveClient",
994
(client.__dbus_object_path__,)),
995
mandos.calls)
996
997
class TestApproveCmd(TestCmd):
998
def test_approve(self):
999
ApproveCmd().run(None, self.clients)
1000
for client in self.clients:
1001
self.assertIn(("Approve", (True, client_interface)),
1002
client.calls)
1003
1004
class TestDenyCmd(TestCmd):
1005
def test_deny(self):
1006
DenyCmd().run(None, self.clients)
1007
for client in self.clients:
1008
self.assertIn(("Approve", (False, client_interface)),
1009
client.calls)
1010
1011
class TestEnableCmd(TestCmd):
1012
def test_enable(self):
1013
for client in self.clients:
1014
client.attributes["Enabled"] = False
1015
1016
EnableCmd().run(None, self.clients)
1017
1018
for client in self.clients:
1019
self.assertTrue(client.attributes["Enabled"])
1020
1021
class TestDisableCmd(TestCmd):
1022
def test_disable(self):
1023
DisableCmd().run(None, self.clients)
1024
1025
for client in self.clients:
1026
self.assertFalse(client.attributes["Enabled"])
1027
1028
class Unique(object):
1029
"""Class for objects which exist only to be unique objects, since
1030
unittest.mock.sentinel only exists in Python 3.3"""
1031
1032
class TestPropertyCmd(TestCmd):
1033
"""Abstract class for tests of PropertyCmd classes"""
1034
def runTest(self):
1035
if not hasattr(self, "command"):
1036
return
1037
values_to_get = getattr(self, "values_to_get",
1038
self.values_to_set)
1039
for value_to_set, value_to_get in zip(self.values_to_set,
1040
values_to_get):
1041
for client in self.clients:
1042
old_value = client.attributes[self.property]
1043
self.assertNotIsInstance(old_value, Unique)
1044
client.attributes[self.property] = Unique()
1045
self.run_command(value_to_set, self.clients)
1046
for client in self.clients:
1047
value = client.attributes[self.property]
1048
self.assertNotIsInstance(value, Unique)
1049
self.assertEqual(value, value_to_get)
1050
def run_command(self, value, clients):
1051
self.command().run(None, clients)
1052
1053
class TestBumpTimeoutCmd(TestPropertyCmd):
1054
command = BumpTimeoutCmd
1055
property = "LastCheckedOK"
1056
values_to_set = [""]
1057
1058
class TestStartCheckerCmd(TestPropertyCmd):
1059
command = StartCheckerCmd
1060
property = "CheckerRunning"
1061
values_to_set = [dbus.Boolean(True)]
1062
1063
class TestStopCheckerCmd(TestPropertyCmd):
1064
command = StopCheckerCmd
1065
property = "CheckerRunning"
1066
values_to_set = [dbus.Boolean(False)]
1067
1068
class TestApproveByDefaultCmd(TestPropertyCmd):
1069
command = ApproveByDefaultCmd
1070
property = "ApprovedByDefault"
1071
values_to_set = [dbus.Boolean(True)]
1072
1073
class TestDenyByDefaultCmd(TestPropertyCmd):
1074
command = DenyByDefaultCmd
1075
property = "ApprovedByDefault"
1076
values_to_set = [dbus.Boolean(False)]
1077
1078
class TestValueArgumentPropertyCmd(TestPropertyCmd):
1079
"""Abstract class for tests of PropertyCmd classes using the
1080
ValueArgumentMixIn"""
1081
def runTest(self):
1082
if type(self) is TestValueArgumentPropertyCmd:
1083
return
1084
return super(TestValueArgumentPropertyCmd, self).runTest()
1085
def run_command(self, value, clients):
1086
self.command(value).run(None, clients)
1087
1088
class TestSetCheckerCmd(TestValueArgumentPropertyCmd):
1089
command = SetCheckerCmd
1090
property = "Checker"
1091
values_to_set = ["", ":", "fping -q -- %s"]
1092
1093
class TestSetHostCmd(TestValueArgumentPropertyCmd):
1094
command = SetHostCmd
1095
property = "Host"
1096
values_to_set = ["192.0.2.3", "foo.example.org"]
1097
1098
class TestSetSecretCmd(TestValueArgumentPropertyCmd):
1099
command = SetSecretCmd
1100
property = "Secret"
1101
values_to_set = [open("/dev/null", "rb"),
1102
io.BytesIO(b"secret\0xyzzy\nbar")]
1103
values_to_get = [b"", b"secret\0xyzzy\nbar"]
1104
1105
class TestSetTimeoutCmd(TestValueArgumentPropertyCmd):
1106
command = SetTimeoutCmd
1107
property = "Timeout"
1108
values_to_set = [datetime.timedelta(),
1109
datetime.timedelta(minutes=5),
1110
datetime.timedelta(seconds=1),
1111
datetime.timedelta(weeks=1),
1112
datetime.timedelta(weeks=52)]
1113
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1114
1115
class TestSetExtendedTimeoutCmd(TestValueArgumentPropertyCmd):
1116
command = SetExtendedTimeoutCmd
1117
property = "ExtendedTimeout"
1118
values_to_set = [datetime.timedelta(),
1119
datetime.timedelta(minutes=5),
1120
datetime.timedelta(seconds=1),
1121
datetime.timedelta(weeks=1),
1122
datetime.timedelta(weeks=52)]
1123
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1124
1125
class TestSetIntervalCmd(TestValueArgumentPropertyCmd):
1126
command = SetIntervalCmd
1127
property = "Interval"
1128
values_to_set = [datetime.timedelta(),
1129
datetime.timedelta(minutes=5),
1130
datetime.timedelta(seconds=1),
1131
datetime.timedelta(weeks=1),
1132
datetime.timedelta(weeks=52)]
1133
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1134
1135
class TestSetApprovalDelayCmd(TestValueArgumentPropertyCmd):
1136
command = SetApprovalDelayCmd
1137
property = "ApprovalDelay"
1138
values_to_set = [datetime.timedelta(),
1139
datetime.timedelta(minutes=5),
1140
datetime.timedelta(seconds=1),
1141
datetime.timedelta(weeks=1),
1142
datetime.timedelta(weeks=52)]
1143
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1144
1145
class TestSetApprovalDurationCmd(TestValueArgumentPropertyCmd):
1146
command = SetApprovalDurationCmd
1147
property = "ApprovalDuration"
1148
values_to_set = [datetime.timedelta(),
1149
datetime.timedelta(minutes=5),
1150
datetime.timedelta(seconds=1),
1151
datetime.timedelta(weeks=1),
1152
datetime.timedelta(weeks=52)]
1153
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1154
1155
class Test_command_from_options(unittest.TestCase):
1156
def setUp(self):
1157
self.parser = argparse.ArgumentParser()
1158
add_command_line_options(self.parser)
1159
def assert_command_from_args(self, args, command_cls, **cmd_attrs):
1160
"""Assert that parsing ARGS should result in an instance of
1161
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1162
options = self.parser.parse_args(args)
1163
check_option_syntax(self.parser, options)
1164
commands = commands_from_options(options)
1165
self.assertEqual(len(commands), 1)
1166
command = commands[0]
1167
self.assertIsInstance(command, command_cls)
1168
for key, value in cmd_attrs.items():
1169
self.assertEqual(getattr(command, key), value)
1170
def test_print_table(self):
1171
self.assert_command_from_args([], PrintTableCmd,
1172
verbose=False)
1173
1174
def test_print_table_verbose(self):
1175
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1176
verbose=True)
1177
1178
def test_print_table_verbose_short(self):
1179
self.assert_command_from_args(["-v"], PrintTableCmd,
1180
verbose=True)
1181
1182
def test_enable(self):
1183
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1184
1185
def test_enable_short(self):
1186
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1187
1188
def test_disable(self):
1189
self.assert_command_from_args(["--disable", "foo"],
1190
DisableCmd)
1191
1192
def test_disable_short(self):
1193
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1194
1195
def test_bump_timeout(self):
1196
self.assert_command_from_args(["--bump-timeout", "foo"],
1197
BumpTimeoutCmd)
1198
1199
def test_bump_timeout_short(self):
1200
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1201
1202
def test_start_checker(self):
1203
self.assert_command_from_args(["--start-checker", "foo"],
1204
StartCheckerCmd)
1205
1206
def test_stop_checker(self):
1207
self.assert_command_from_args(["--stop-checker", "foo"],
1208
StopCheckerCmd)
1209
1210
def test_remove(self):
1211
self.assert_command_from_args(["--remove", "foo"],
1212
RemoveCmd)
1213
1214
def test_remove_short(self):
1215
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1216
1217
def test_checker(self):
1218
self.assert_command_from_args(["--checker", ":", "foo"],
1219
SetCheckerCmd, value_to_set=":")
1220
1221
def test_checker_empty(self):
1222
self.assert_command_from_args(["--checker", "", "foo"],
1223
SetCheckerCmd, value_to_set="")
1224
1225
def test_checker_short(self):
1226
self.assert_command_from_args(["-c", ":", "foo"],
1227
SetCheckerCmd, value_to_set=":")
1228
1229
def test_timeout(self):
1230
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1231
SetTimeoutCmd,
1232
value_to_set=300000)
1233
1234
def test_timeout_short(self):
1235
self.assert_command_from_args(["-t", "PT5M", "foo"],
1236
SetTimeoutCmd,
1237
value_to_set=300000)
1238
1239
def test_extended_timeout(self):
1240
self.assert_command_from_args(["--extended-timeout", "PT15M",
1241
"foo"],
1242
SetExtendedTimeoutCmd,
1243
value_to_set=900000)
1244
1245
def test_interval(self):
1246
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1247
SetIntervalCmd,
1248
value_to_set=120000)
1249
1250
def test_interval_short(self):
1251
self.assert_command_from_args(["-i", "PT2M", "foo"],
1252
SetIntervalCmd,
1253
value_to_set=120000)
1254
1255
def test_approve_by_default(self):
1256
self.assert_command_from_args(["--approve-by-default", "foo"],
1257
ApproveByDefaultCmd)
1258
1259
def test_deny_by_default(self):
1260
self.assert_command_from_args(["--deny-by-default", "foo"],
1261
DenyByDefaultCmd)
1262
1263
def test_approval_delay(self):
1264
self.assert_command_from_args(["--approval-delay", "PT30S",
1265
"foo"], SetApprovalDelayCmd,
1266
value_to_set=30000)
1267
1268
def test_approval_duration(self):
1269
self.assert_command_from_args(["--approval-duration", "PT1S",
1270
"foo"], SetApprovalDurationCmd,
1271
value_to_set=1000)
1272
1273
def test_host(self):
1274
self.assert_command_from_args(["--host", "foo.example.org",
1275
"foo"], SetHostCmd,
1276
value_to_set="foo.example.org")
1277
1278
def test_host_short(self):
1279
self.assert_command_from_args(["-H", "foo.example.org",
1280
"foo"], SetHostCmd,
1281
value_to_set="foo.example.org")
1282
1283
def test_secret_devnull(self):
1284
self.assert_command_from_args(["--secret", os.path.devnull,
1285
"foo"], SetSecretCmd,
1286
value_to_set=b"")
1287
1288
def test_secret_tempfile(self):
1289
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1290
value = b"secret\0xyzzy\nbar"
1291
f.write(value)
1292
f.seek(0)
1293
self.assert_command_from_args(["--secret", f.name,
1294
"foo"], SetSecretCmd,
1295
value_to_set=value)
1296
1297
def test_secret_devnull_short(self):
1298
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1299
SetSecretCmd, value_to_set=b"")
1300
1301
def test_secret_tempfile_short(self):
1302
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1303
value = b"secret\0xyzzy\nbar"
1304
f.write(value)
1305
f.seek(0)
1306
self.assert_command_from_args(["-s", f.name, "foo"],
1307
SetSecretCmd,
1308
value_to_set=value)
1309
1310
def test_approve(self):
1311
self.assert_command_from_args(["--approve", "foo"],
1312
ApproveCmd)
1313
1314
def test_approve_short(self):
1315
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1316
1317
def test_deny(self):
1318
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1319
1320
def test_deny_short(self):
1321
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1322
1323
def test_dump_json(self):
1324
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1325
1326
def test_is_enabled(self):
1327
self.assert_command_from_args(["--is-enabled", "foo"],
1328
IsEnabledCmd)
1329
1330
def test_is_enabled_short(self):
1331
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1332
869
1333
870
1334
871
1335
def should_only_run_tests():
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0