To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-ctl
- browse files at revision 1054
- compare with another revision
- download diff
- download tarball
- view history from revision 1054
- Committer: Teddy Hogeborn
- Date: 2019-03-12 19:15:52 UTC
- Revision ID: teddy@recompile.se-20190312191552-f1di4dzya1pzxc9a
mandos-ctl: Refactor
* mandos-ctl (TestPrintTableCmd.test_verbose): Reformat for easier
editing.
* mandos-ctl (TestPrintTableCmd.test_verbose): Reformat for easier
editing.
- files modified:
- mandos-ctl
added
removed
mandos-ctl
42
42
import json
43
43
import unittest
44
44
import logging
45
import io
46
import tempfile
47
import contextlib
45
48
46
49
import dbus
47
50
61
64
62
65
locale.setlocale(locale.LC_ALL, "")
63
66
64
defaultkeywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
65
domain = "se.recompile"
66
busname = domain + ".Mandos"
67
server_path = "/"
68
server_interface = domain + ".Mandos"
69
client_interface = domain + ".Mandos.Client"
67
dbus_busname_domain = "se.recompile"
68
dbus_busname = dbus_busname_domain + ".Mandos"
69
server_dbus_path = "/"
70
server_dbus_interface = dbus_busname_domain + ".Mandos"
71
client_dbus_interface = dbus_busname_domain + ".Mandos.Client"
72
del dbus_busname_domain
70
73
version = "1.8.3"
71
74
72
75
269
272
return value
270
273
271
274
272
class TableOfClients(object):
273
tablewords = {
274
"Name": "Name",
275
"Enabled": "Enabled",
276
"Timeout": "Timeout",
277
"LastCheckedOK": "Last Successful Check",
278
"LastApprovalRequest": "Last Approval Request",
279
"Created": "Created",
280
"Interval": "Interval",
281
"Host": "Host",
282
"Fingerprint": "Fingerprint",
283
"KeyID": "Key ID",
284
"CheckerRunning": "Check Is Running",
285
"LastEnabled": "Last Enabled",
286
"ApprovalPending": "Approval Is Pending",
287
"ApprovedByDefault": "Approved By Default",
288
"ApprovalDelay": "Approval Delay",
289
"ApprovalDuration": "Approval Duration",
290
"Checker": "Checker",
291
"ExtendedTimeout": "Extended Timeout",
292
"Expires": "Expires",
293
"LastCheckerStatus": "Last Checker Status",
294
}
295
296
def __init__(self, clients, keywords, tablewords=None):
297
self.clients = clients
298
self.keywords = keywords
299
if tablewords is not None:
300
self.tablewords = tablewords
301
302
def __str__(self):
303
return "\n".join(self.rows())
304
305
if sys.version_info.major == 2:
306
__unicode__ = __str__
275
## Classes for commands.
276
277
# Abstract classes first
278
class Command(object):
279
"""Abstract class for commands"""
280
def run(self, clients, bus=None, mandos=None):
281
"""Normal commands should implement run_on_one_client(), but
282
commands which want to operate on all clients at the same time
283
can override this run() method instead."""
284
self.mandos = mandos
285
for clientpath, properties in clients.items():
286
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
287
dbus_busname, str(clientpath))
288
client = bus.get_object(dbus_busname, clientpath)
289
self.run_on_one_client(client, properties)
290
291
class PrintCmd(Command):
292
"""Abstract class for commands printing client details"""
293
all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
294
"Created", "Interval", "Host", "KeyID",
295
"Fingerprint", "CheckerRunning", "LastEnabled",
296
"ApprovalPending", "ApprovedByDefault",
297
"LastApprovalRequest", "ApprovalDelay",
298
"ApprovalDuration", "Checker", "ExtendedTimeout",
299
"Expires", "LastCheckerStatus")
300
def run(self, clients, bus=None, mandos=None):
301
print(self.output(clients.values()))
302
def output(self, clients):
303
raise NotImplementedError()
304
305
class PropertyCmd(Command):
306
"""Abstract class for Actions for setting one client property"""
307
def run_on_one_client(self, client, properties):
308
"""Set the Client's D-Bus property"""
309
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", dbus_busname,
310
client.__dbus_object_path__,
311
dbus.PROPERTIES_IFACE, client_dbus_interface,
312
self.propname, self.value_to_set
313
if not isinstance(self.value_to_set, dbus.Boolean)
314
else bool(self.value_to_set))
315
client.Set(client_dbus_interface, self.propname,
316
self.value_to_set,
317
dbus_interface=dbus.PROPERTIES_IFACE)
318
@property
319
def propname(self):
320
raise NotImplementedError()
321
322
class PropertyValueCmd(PropertyCmd):
323
"""Abstract class for PropertyCmd recieving a value as argument"""
324
def __init__(self, value):
325
self.value_to_set = value
326
327
class MillisecondsPropertyValueArgumentCmd(PropertyValueCmd):
328
"""Abstract class for PropertyValueCmd taking a value argument as
329
a datetime.timedelta() but should store it as milliseconds."""
330
@property
331
def value_to_set(self):
332
return self._vts
333
@value_to_set.setter
334
def value_to_set(self, value):
335
"""When setting, convert value from a datetime.timedelta"""
336
self._vts = int(round(value.total_seconds() * 1000))
337
338
# Actual (non-abstract) command classes
339
340
class PrintTableCmd(PrintCmd):
341
def __init__(self, verbose=False):
342
self.verbose = verbose
343
344
def output(self, clients):
345
default_keywords = ("Name", "Enabled", "Timeout",
346
"LastCheckedOK")
347
keywords = default_keywords
348
if self.verbose:
349
keywords = self.all_keywords
350
return str(self.TableOfClients(clients, keywords))
351
352
class TableOfClients(object):
353
tableheaders = {
354
"Name": "Name",
355
"Enabled": "Enabled",
356
"Timeout": "Timeout",
357
"LastCheckedOK": "Last Successful Check",
358
"LastApprovalRequest": "Last Approval Request",
359
"Created": "Created",
360
"Interval": "Interval",
361
"Host": "Host",
362
"Fingerprint": "Fingerprint",
363
"KeyID": "Key ID",
364
"CheckerRunning": "Check Is Running",
365
"LastEnabled": "Last Enabled",
366
"ApprovalPending": "Approval Is Pending",
367
"ApprovedByDefault": "Approved By Default",
368
"ApprovalDelay": "Approval Delay",
369
"ApprovalDuration": "Approval Duration",
370
"Checker": "Checker",
371
"ExtendedTimeout": "Extended Timeout",
372
"Expires": "Expires",
373
"LastCheckerStatus": "Last Checker Status",
374
}
375
376
def __init__(self, clients, keywords, tableheaders=None):
377
self.clients = clients
378
self.keywords = keywords
379
if tableheaders is not None:
380
self.tableheaders = tableheaders
381
307
382
def __str__(self):
308
return str(self).encode(locale.getpreferredencoding())
309
310
def rows(self):
311
format_string = self.row_formatting_string()
312
rows = [self.header_line(format_string)]
313
rows.extend(self.client_line(client, format_string)
314
for client in self.clients)
315
return rows
316
317
def row_formatting_string(self):
318
"Format string used to format table rows"
319
return " ".join("{{{key}:{width}}}".format(
320
width=max(len(self.tablewords[key]),
321
*(len(self.string_from_client(client, key))
322
for client in self.clients)),
323
key=key)
324
for key in self.keywords)
325
326
def string_from_client(self, client, key):
327
return self.valuetostring(client[key], key)
328
383
return "\n".join(self.rows())
384
385
if sys.version_info.major == 2:
386
__unicode__ = __str__
387
def __str__(self):
388
return str(self).encode(locale.getpreferredencoding())
389
390
def rows(self):
391
format_string = self.row_formatting_string()
392
rows = [self.header_line(format_string)]
393
rows.extend(self.client_line(client, format_string)
394
for client in self.clients)
395
return rows
396
397
def row_formatting_string(self):
398
"Format string used to format table rows"
399
return " ".join("{{{key}:{width}}}".format(
400
width=max(len(self.tableheaders[key]),
401
*(len(self.string_from_client(client, key))
402
for client in self.clients)),
403
key=key)
404
for key in self.keywords)
405
406
def string_from_client(self, client, key):
407
return self.valuetostring(client[key], key)
408
409
@staticmethod
410
def valuetostring(value, keyword):
411
if isinstance(value, dbus.Boolean):
412
return "Yes" if value else "No"
413
if keyword in ("Timeout", "Interval", "ApprovalDelay",
414
"ApprovalDuration", "ExtendedTimeout"):
415
return milliseconds_to_string(value)
416
return str(value)
417
418
def header_line(self, format_string):
419
return format_string.format(**self.tableheaders)
420
421
def client_line(self, client, format_string):
422
return format_string.format(
423
**{key: self.string_from_client(client, key)
424
for key in self.keywords})
425
426
427
428
class DumpJSONCmd(PrintCmd):
429
def output(self, clients):
430
data = {client["Name"]:
431
{key: self.dbus_boolean_to_bool(client[key])
432
for key in self.all_keywords}
433
for client in clients.values()}
434
return json.dumps(data, indent=4, separators=(',', ': '))
329
435
@staticmethod
330
def valuetostring(value, keyword):
436
def dbus_boolean_to_bool(value):
331
437
if isinstance(value, dbus.Boolean):
332
return "Yes" if value else "No"
333
if keyword in ("Timeout", "Interval", "ApprovalDelay",
334
"ApprovalDuration", "ExtendedTimeout"):
335
return milliseconds_to_string(value)
336
return str(value)
337
338
def header_line(self, format_string):
339
return format_string.format(**self.tablewords)
340
341
def client_line(self, client, format_string):
342
return format_string.format(
343
**{key: self.string_from_client(client, key)
344
for key in self.keywords})
345
346
347
def has_actions(options):
348
return any((options.enable,
349
options.disable,
350
options.bump_timeout,
351
options.start_checker,
352
options.stop_checker,
353
options.is_enabled,
354
options.remove,
355
options.checker is not None,
356
options.timeout is not None,
357
options.extended_timeout is not None,
358
options.interval is not None,
359
options.approved_by_default is not None,
360
options.approval_delay is not None,
361
options.approval_duration is not None,
362
options.host is not None,
363
options.secret is not None,
364
options.approve,
365
options.deny))
366
367
368
def main():
369
parser = argparse.ArgumentParser()
438
value = bool(value)
439
return value
440
441
class IsEnabledCmd(Command):
442
def run(self, clients, bus=None, mandos=None):
443
client, properties = next(iter(clients.items()))
444
if self.is_enabled(client, properties):
445
sys.exit(0)
446
sys.exit(1)
447
def is_enabled(self, client, properties):
448
return properties["Enabled"]
449
450
class RemoveCmd(Command):
451
def run_on_one_client(self, client, properties):
452
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,
453
server_dbus_path, server_dbus_interface,
454
str(client.__dbus_object_path__))
455
self.mandos.RemoveClient(client.__dbus_object_path__)
456
457
class ApproveCmd(Command):
458
def run_on_one_client(self, client, properties):
459
log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,
460
client.__dbus_object_path__, client_dbus_interface)
461
client.Approve(dbus.Boolean(True),
462
dbus_interface=client_dbus_interface)
463
464
class DenyCmd(Command):
465
def run_on_one_client(self, client, properties):
466
log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,
467
client.__dbus_object_path__, client_dbus_interface)
468
client.Approve(dbus.Boolean(False),
469
dbus_interface=client_dbus_interface)
470
471
class EnableCmd(PropertyCmd):
472
propname = "Enabled"
473
value_to_set = dbus.Boolean(True)
474
475
class DisableCmd(PropertyCmd):
476
propname = "Enabled"
477
value_to_set = dbus.Boolean(False)
478
479
class BumpTimeoutCmd(PropertyCmd):
480
propname = "LastCheckedOK"
481
value_to_set = ""
482
483
class StartCheckerCmd(PropertyCmd):
484
propname = "CheckerRunning"
485
value_to_set = dbus.Boolean(True)
486
487
class StopCheckerCmd(PropertyCmd):
488
propname = "CheckerRunning"
489
value_to_set = dbus.Boolean(False)
490
491
class ApproveByDefaultCmd(PropertyCmd):
492
propname = "ApprovedByDefault"
493
value_to_set = dbus.Boolean(True)
494
495
class DenyByDefaultCmd(PropertyCmd):
496
propname = "ApprovedByDefault"
497
value_to_set = dbus.Boolean(False)
498
499
class SetCheckerCmd(PropertyValueCmd):
500
propname = "Checker"
501
502
class SetHostCmd(PropertyValueCmd):
503
propname = "Host"
504
505
class SetSecretCmd(PropertyValueCmd):
506
propname = "Secret"
507
@property
508
def value_to_set(self):
509
return self._vts
510
@value_to_set.setter
511
def value_to_set(self, value):
512
"""When setting, read data from supplied file object"""
513
self._vts = value.read()
514
value.close()
515
516
class SetTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
517
propname = "Timeout"
518
519
class SetExtendedTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
520
propname = "ExtendedTimeout"
521
522
class SetIntervalCmd(MillisecondsPropertyValueArgumentCmd):
523
propname = "Interval"
524
525
class SetApprovalDelayCmd(MillisecondsPropertyValueArgumentCmd):
526
propname = "ApprovalDelay"
527
528
class SetApprovalDurationCmd(MillisecondsPropertyValueArgumentCmd):
529
propname = "ApprovalDuration"
530
531
def add_command_line_options(parser):
370
532
parser.add_argument("--version", action="version",
371
533
version="%(prog)s {}".format(version),
372
534
help="show version number and exit")
376
538
help="Print all fields")
377
539
parser.add_argument("-j", "--dump-json", action="store_true",
378
540
help="Dump client data in JSON format")
379
parser.add_argument("-e", "--enable", action="store_true",
380
help="Enable client")
381
parser.add_argument("-d", "--disable", action="store_true",
382
help="disable client")
541
enable_disable = parser.add_mutually_exclusive_group()
542
enable_disable.add_argument("-e", "--enable", action="store_true",
543
help="Enable client")
544
enable_disable.add_argument("-d", "--disable",
545
action="store_true",
546
help="disable client")
383
547
parser.add_argument("-b", "--bump-timeout", action="store_true",
384
548
help="Bump timeout for client")
385
parser.add_argument("--start-checker", action="store_true",
386
help="Start checker for client")
387
parser.add_argument("--stop-checker", action="store_true",
388
help="Stop checker for client")
549
start_stop_checker = parser.add_mutually_exclusive_group()
550
start_stop_checker.add_argument("--start-checker",
551
action="store_true",
552
help="Start checker for client")
553
start_stop_checker.add_argument("--stop-checker",
554
action="store_true",
555
help="Stop checker for client")
389
556
parser.add_argument("-V", "--is-enabled", action="store_true",
390
557
help="Check if client is enabled")
391
558
parser.add_argument("-r", "--remove", action="store_true",
392
559
help="Remove client")
393
560
parser.add_argument("-c", "--checker",
394
561
help="Set checker command for client")
395
parser.add_argument("-t", "--timeout",
562
parser.add_argument("-t", "--timeout", type=string_to_delta,
396
563
help="Set timeout for client")
397
parser.add_argument("--extended-timeout",
564
parser.add_argument("--extended-timeout", type=string_to_delta,
398
565
help="Set extended timeout for client")
399
parser.add_argument("-i", "--interval",
566
parser.add_argument("-i", "--interval", type=string_to_delta,
400
567
help="Set checker interval for client")
401
parser.add_argument("--approve-by-default", action="store_true",
402
default=None, dest="approved_by_default",
403
help="Set client to be approved by default")
404
parser.add_argument("--deny-by-default", action="store_false",
405
dest="approved_by_default",
406
help="Set client to be denied by default")
407
parser.add_argument("--approval-delay",
568
approve_deny_default = parser.add_mutually_exclusive_group()
569
approve_deny_default.add_argument(
570
"--approve-by-default", action="store_true",
571
default=None, dest="approved_by_default",
572
help="Set client to be approved by default")
573
approve_deny_default.add_argument(
574
"--deny-by-default", action="store_false",
575
dest="approved_by_default",
576
help="Set client to be denied by default")
577
parser.add_argument("--approval-delay", type=string_to_delta,
408
578
help="Set delay before client approve/deny")
409
parser.add_argument("--approval-duration",
579
parser.add_argument("--approval-duration", type=string_to_delta,
410
580
help="Set duration of one client approval")
411
581
parser.add_argument("-H", "--host", help="Set host for client")
412
582
parser.add_argument("-s", "--secret",
413
583
type=argparse.FileType(mode="rb"),
414
584
help="Set password blob (file) for client")
415
parser.add_argument("-A", "--approve", action="store_true",
416
help="Approve any current client request")
417
parser.add_argument("-D", "--deny", action="store_true",
418
help="Deny any current client request")
585
approve_deny = parser.add_mutually_exclusive_group()
586
approve_deny.add_argument(
587
"-A", "--approve", action="store_true",
588
help="Approve any current client request")
589
approve_deny.add_argument("-D", "--deny", action="store_true",
590
help="Deny any current client request")
591
parser.add_argument("--debug", action="store_true",
592
help="Debug mode (show D-Bus commands)")
419
593
parser.add_argument("--check", action="store_true",
420
594
help="Run self-test")
421
595
parser.add_argument("client", nargs="*", help="Client name")
422
options = parser.parse_args()
596
597
598
def commands_from_options(options):
599
600
commands = []
601
602
if options.dump_json:
603
commands.append(DumpJSONCmd())
604
605
if options.enable:
606
commands.append(EnableCmd())
607
608
if options.disable:
609
commands.append(DisableCmd())
610
611
if options.bump_timeout:
612
commands.append(BumpTimeoutCmd())
613
614
if options.start_checker:
615
commands.append(StartCheckerCmd())
616
617
if options.stop_checker:
618
commands.append(StopCheckerCmd())
619
620
if options.is_enabled:
621
commands.append(IsEnabledCmd())
622
623
if options.checker is not None:
624
commands.append(SetCheckerCmd(options.checker))
625
626
if options.timeout is not None:
627
commands.append(SetTimeoutCmd(options.timeout))
628
629
if options.extended_timeout:
630
commands.append(
631
SetExtendedTimeoutCmd(options.extended_timeout))
632
633
if options.interval is not None:
634
commands.append(SetIntervalCmd(options.interval))
635
636
if options.approved_by_default is not None:
637
if options.approved_by_default:
638
commands.append(ApproveByDefaultCmd())
639
else:
640
commands.append(DenyByDefaultCmd())
641
642
if options.approval_delay is not None:
643
commands.append(SetApprovalDelayCmd(options.approval_delay))
644
645
if options.approval_duration is not None:
646
commands.append(
647
SetApprovalDurationCmd(options.approval_duration))
648
649
if options.host is not None:
650
commands.append(SetHostCmd(options.host))
651
652
if options.secret is not None:
653
commands.append(SetSecretCmd(options.secret))
654
655
if options.approve:
656
commands.append(ApproveCmd())
657
658
if options.deny:
659
commands.append(DenyCmd())
660
661
if options.remove:
662
commands.append(RemoveCmd())
663
664
# If no command option has been given, show table of clients,
665
# optionally verbosely
666
if not commands:
667
commands.append(PrintTableCmd(verbose=options.verbose))
668
669
return commands
670
671
672
def check_option_syntax(parser, options):
673
"""Apply additional restrictions on options, not expressible in
674
argparse"""
675
676
def has_actions(options):
677
return any((options.enable,
678
options.disable,
679
options.bump_timeout,
680
options.start_checker,
681
options.stop_checker,
682
options.is_enabled,
683
options.remove,
684
options.checker is not None,
685
options.timeout is not None,
686
options.extended_timeout is not None,
687
options.interval is not None,
688
options.approved_by_default is not None,
689
options.approval_delay is not None,
690
options.approval_duration is not None,
691
options.host is not None,
692
options.secret is not None,
693
options.approve,
694
options.deny))
423
695
424
696
if has_actions(options) and not (options.client or options.all):
425
697
parser.error("Options require clients names or --all.")
430
702
parser.error("--dump-json can only be used alone.")
431
703
if options.all and not has_actions(options):
432
704
parser.error("--all requires an action.")
705
if options.is_enabled and len(options.client) > 1:
706
parser.error("--is-enabled requires exactly one client")
707
if options.remove:
708
options.remove = False
709
if has_actions(options) and not options.deny:
710
parser.error("--remove can only be combined with --deny")
711
options.remove = True
712
713
714
def main():
715
parser = argparse.ArgumentParser()
716
717
add_command_line_options(parser)
718
719
options = parser.parse_args()
720
721
check_option_syntax(parser, options)
722
723
clientnames = options.client
724
725
if options.debug:
726
log.setLevel(logging.DEBUG)
433
727
434
728
try:
435
729
bus = dbus.SystemBus()
436
mandos_dbus_objc = bus.get_object(busname, server_path)
730
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
731
dbus_busname, server_dbus_path)
732
mandos_dbus_objc = bus.get_object(dbus_busname,
733
server_dbus_path)
437
734
except dbus.exceptions.DBusException:
438
735
log.critical("Could not connect to Mandos server")
439
736
sys.exit(1)
440
737
441
738
mandos_serv = dbus.Interface(mandos_dbus_objc,
442
dbus_interface=server_interface)
739
dbus_interface=server_dbus_interface)
443
740
mandos_serv_object_manager = dbus.Interface(
444
741
mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
445
742
446
# block stderr since dbus library prints to stderr
447
null = os.open(os.path.devnull, os.O_RDWR)
448
stderrcopy = os.dup(sys.stderr.fileno())
449
os.dup2(null, sys.stderr.fileno())
450
os.close(null)
743
# Filter out log message from dbus module
744
dbus_logger = logging.getLogger("dbus.proxies")
745
class NullFilter(logging.Filter):
746
def filter(self, record):
747
return False
748
dbus_filter = NullFilter()
451
749
try:
452
try:
453
mandos_clients = {path: ifs_and_props[client_interface]
454
for path, ifs_and_props in
455
mandos_serv_object_manager
456
.GetManagedObjects().items()
457
if client_interface in ifs_and_props}
458
finally:
459
# restore stderr
460
os.dup2(stderrcopy, sys.stderr.fileno())
461
os.close(stderrcopy)
750
dbus_logger.addFilter(dbus_filter)
751
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,
752
server_dbus_path, dbus.OBJECT_MANAGER_IFACE)
753
mandos_clients = {path: ifs_and_props[client_dbus_interface]
754
for path, ifs_and_props in
755
mandos_serv_object_manager
756
.GetManagedObjects().items()
757
if client_dbus_interface in ifs_and_props}
462
758
except dbus.exceptions.DBusException as e:
463
759
log.critical("Failed to access Mandos server through D-Bus:"
464
760
"\n%s", e)
465
761
sys.exit(1)
762
finally:
763
# restore dbus logger
764
dbus_logger.removeFilter(dbus_filter)
466
765
467
766
# Compile dict of (clients: properties) to process
468
767
clients = {}
469
768
470
if options.all or not options.client:
471
clients = {bus.get_object(busname, path): properties
472
for path, properties in mandos_clients.items()}
769
if not clientnames:
770
clients = {objpath: properties
771
for objpath, properties in mandos_clients.items()}
473
772
else:
474
for name in options.client:
475
for path, client in mandos_clients.items():
476
if client["Name"] == name:
477
client_objc = bus.get_object(busname, path)
478
clients[client_objc] = client
773
for name in clientnames:
774
for objpath, properties in mandos_clients.items():
775
if properties["Name"] == name:
776
clients[objpath] = properties
479
777
break
480
778
else:
481
779
log.critical("Client not found on server: %r", name)
482
780
sys.exit(1)
483
781
484
if not has_actions(options) and clients:
485
if options.verbose or options.dump_json:
486
keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
487
"Created", "Interval", "Host", "KeyID",
488
"Fingerprint", "CheckerRunning",
489
"LastEnabled", "ApprovalPending",
490
"ApprovedByDefault", "LastApprovalRequest",
491
"ApprovalDelay", "ApprovalDuration",
492
"Checker", "ExtendedTimeout", "Expires",
493
"LastCheckerStatus")
494
else:
495
keywords = defaultkeywords
496
497
if options.dump_json:
498
json.dump({client["Name"]: {key:
499
bool(client[key])
500
if isinstance(client[key],
501
dbus.Boolean)
502
else client[key]
503
for key in keywords}
504
for client in clients.values()},
505
fp=sys.stdout, indent=4,
506
separators=(',', ': '))
507
print()
508
else:
509
print(TableOfClients(clients.values(), keywords))
510
else:
511
# Process each client in the list by all selected options
512
for client in clients:
513
514
def set_client_prop(prop, value):
515
"""Set a Client D-Bus property"""
516
client.Set(client_interface, prop, value,
517
dbus_interface=dbus.PROPERTIES_IFACE)
518
519
def set_client_prop_ms(prop, value):
520
"""Set a Client D-Bus property, converted
521
from a string to milliseconds."""
522
set_client_prop(prop,
523
string_to_delta(value).total_seconds()
524
* 1000)
525
526
if options.remove:
527
mandos_serv.RemoveClient(client.__dbus_object_path__)
528
if options.enable:
529
set_client_prop("Enabled", dbus.Boolean(True))
530
if options.disable:
531
set_client_prop("Enabled", dbus.Boolean(False))
532
if options.bump_timeout:
533
set_client_prop("LastCheckedOK", "")
534
if options.start_checker:
535
set_client_prop("CheckerRunning", dbus.Boolean(True))
536
if options.stop_checker:
537
set_client_prop("CheckerRunning", dbus.Boolean(False))
538
if options.is_enabled:
539
if client.Get(client_interface, "Enabled",
540
dbus_interface=dbus.PROPERTIES_IFACE):
541
sys.exit(0)
542
else:
543
sys.exit(1)
544
if options.checker is not None:
545
set_client_prop("Checker", options.checker)
546
if options.host is not None:
547
set_client_prop("Host", options.host)
548
if options.interval is not None:
549
set_client_prop_ms("Interval", options.interval)
550
if options.approval_delay is not None:
551
set_client_prop_ms("ApprovalDelay",
552
options.approval_delay)
553
if options.approval_duration is not None:
554
set_client_prop_ms("ApprovalDuration",
555
options.approval_duration)
556
if options.timeout is not None:
557
set_client_prop_ms("Timeout", options.timeout)
558
if options.extended_timeout is not None:
559
set_client_prop_ms("ExtendedTimeout",
560
options.extended_timeout)
561
if options.secret is not None:
562
set_client_prop("Secret",
563
dbus.ByteArray(options.secret.read()))
564
if options.approved_by_default is not None:
565
set_client_prop("ApprovedByDefault",
566
dbus.Boolean(options
567
.approved_by_default))
568
if options.approve:
569
client.Approve(dbus.Boolean(True),
570
dbus_interface=client_interface)
571
elif options.deny:
572
client.Approve(dbus.Boolean(False),
573
dbus_interface=client_interface)
782
# Run all commands on clients
783
commands = commands_from_options(options)
784
for command in commands:
785
command.run(clients, bus, mandos_serv)
574
786
575
787
576
788
class Test_milliseconds_to_string(unittest.TestCase):
588
800
589
801
class Test_string_to_delta(unittest.TestCase):
590
802
def test_handles_basic_rfc3339(self):
803
self.assertEqual(string_to_delta("PT0S"),
804
datetime.timedelta())
805
self.assertEqual(string_to_delta("P0D"),
806
datetime.timedelta())
807
self.assertEqual(string_to_delta("PT1S"),
808
datetime.timedelta(0, 1))
591
809
self.assertEqual(string_to_delta("PT2H"),
592
810
datetime.timedelta(0, 7200))
593
811
def test_falls_back_to_pre_1_6_1_with_warning(self):
596
814
with self.assertLogs(log, logging.WARNING):
597
815
value = string_to_delta("2h")
598
816
else:
599
value = string_to_delta("2h")
817
class WarningFilter(logging.Filter):
818
"""Don't show, but record the presence of, warnings"""
819
def filter(self, record):
820
is_warning = record.levelno >= logging.WARNING
821
self.found = is_warning or getattr(self, "found",
822
False)
823
return not is_warning
824
warning_filter = WarningFilter()
825
log.addFilter(warning_filter)
826
try:
827
value = string_to_delta("2h")
828
finally:
829
log.removeFilter(warning_filter)
830
self.assertTrue(getattr(warning_filter, "found", False))
600
831
self.assertEqual(value, datetime.timedelta(0, 7200))
601
832
602
class Test_TableOfClients(unittest.TestCase):
603
def setUp(self):
604
self.tablewords = {
605
"Attr1": "X",
606
"AttrTwo": "Yy",
607
"AttrThree": "Zzz",
608
"Bool": "A D-BUS Boolean",
609
"NonDbusBoolean": "A Non-D-BUS Boolean",
610
"Integer": "An Integer",
611
"Timeout": "Timedelta 1",
612
"Interval": "Timedelta 2",
613
"ApprovalDelay": "Timedelta 3",
614
"ApprovalDuration": "Timedelta 4",
615
"ExtendedTimeout": "Timedelta 5",
616
"String": "A String",
833
834
class TestCmd(unittest.TestCase):
835
"""Abstract class for tests of command classes"""
836
def setUp(self):
837
testcase = self
838
class MockClient(object):
839
def __init__(self, name, **attributes):
840
self.__dbus_object_path__ = "/clients/{}".format(name)
841
self.attributes = attributes
842
self.attributes["Name"] = name
843
self.calls = []
844
def Set(self, interface, propname, value, dbus_interface):
845
testcase.assertEqual(interface, client_dbus_interface)
846
testcase.assertEqual(dbus_interface,
847
dbus.PROPERTIES_IFACE)
848
self.attributes[propname] = value
849
def Get(self, interface, propname, dbus_interface):
850
testcase.assertEqual(interface, client_dbus_interface)
851
testcase.assertEqual(dbus_interface,
852
dbus.PROPERTIES_IFACE)
853
return self.attributes[propname]
854
def Approve(self, approve, dbus_interface):
855
testcase.assertEqual(dbus_interface,
856
client_dbus_interface)
857
self.calls.append(("Approve", (approve,
858
dbus_interface)))
859
self.client = MockClient(
860
"foo",
861
KeyID=("92ed150794387c03ce684574b1139a65"
862
"94a34f895daaaf09fd8ea90a27cddb12"),
863
Secret=b"secret",
864
Host="foo.example.org",
865
Enabled=dbus.Boolean(True),
866
Timeout=300000,
867
LastCheckedOK="2019-02-03T00:00:00",
868
Created="2019-01-02T00:00:00",
869
Interval=120000,
870
Fingerprint=("778827225BA7DE539C5A"
871
"7CFA59CFF7CDBD9A5920"),
872
CheckerRunning=dbus.Boolean(False),
873
LastEnabled="2019-01-03T00:00:00",
874
ApprovalPending=dbus.Boolean(False),
875
ApprovedByDefault=dbus.Boolean(True),
876
LastApprovalRequest="",
877
ApprovalDelay=0,
878
ApprovalDuration=1000,
879
Checker="fping -q -- %(host)s",
880
ExtendedTimeout=900000,
881
Expires="2019-02-04T00:00:00",
882
LastCheckerStatus=0)
883
self.other_client = MockClient(
884
"barbar",
885
KeyID=("0558568eedd67d622f5c83b35a115f79"
886
"6ab612cff5ad227247e46c2b020f441c"),
887
Secret=b"secretbar",
888
Host="192.0.2.3",
889
Enabled=dbus.Boolean(True),
890
Timeout=300000,
891
LastCheckedOK="2019-02-04T00:00:00",
892
Created="2019-01-03T00:00:00",
893
Interval=120000,
894
Fingerprint=("3E393AEAEFB84C7E89E2"
895
"F547B3A107558FCA3A27"),
896
CheckerRunning=dbus.Boolean(True),
897
LastEnabled="2019-01-04T00:00:00",
898
ApprovalPending=dbus.Boolean(False),
899
ApprovedByDefault=dbus.Boolean(False),
900
LastApprovalRequest="2019-01-03T00:00:00",
901
ApprovalDelay=30000,
902
ApprovalDuration=1000,
903
Checker=":",
904
ExtendedTimeout=900000,
905
Expires="2019-02-05T00:00:00",
906
LastCheckerStatus=-2)
907
self.clients = collections.OrderedDict(
908
[
909
("/clients/foo", self.client.attributes),
910
("/clients/barbar", self.other_client.attributes),
911
])
912
self.one_client = {"/clients/foo": self.client.attributes}
913
@property
914
def bus(self):
915
class Bus(object):
916
@staticmethod
917
def get_object(client_bus_name, path):
918
self.assertEqual(client_bus_name, dbus_busname)
919
return {
920
"/clients/foo": self.client,
921
"/clients/barbar": self.other_client,
922
}[path]
923
return Bus()
924
925
class TestPrintTableCmd(TestCmd):
926
def test_normal(self):
927
output = PrintTableCmd().output(self.clients.values())
928
expected_output = "\n".join((
929
"Name Enabled Timeout Last Successful Check",
930
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
931
"barbar Yes 00:05:00 2019-02-04T00:00:00 ",
932
))
933
self.assertEqual(output, expected_output)
934
def test_verbose(self):
935
output = PrintTableCmd(verbose=True).output(
936
self.clients.values())
937
columns = (
938
(
939
"Name ",
940
"foo ",
941
"barbar ",
942
),(
943
"Enabled ",
944
"Yes ",
945
"Yes ",
946
),(
947
"Timeout ",
948
"00:05:00 ",
949
"00:05:00 ",
950
),(
951
"Last Successful Check ",
952
"2019-02-03T00:00:00 ",
953
"2019-02-04T00:00:00 ",
954
),(
955
"Created ",
956
"2019-01-02T00:00:00 ",
957
"2019-01-03T00:00:00 ",
958
),(
959
"Interval ",
960
"00:02:00 ",
961
"00:02:00 ",
962
),(
963
"Host ",
964
"foo.example.org ",
965
"192.0.2.3 ",
966
),(
967
("Key ID "
968
" "),
969
("92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8"
970
"ea90a27cddb12 "),
971
("0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e"
972
"46c2b020f441c "),
973
),(
974
"Fingerprint ",
975
"778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 ",
976
"3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 ",
977
),(
978
"Check Is Running ",
979
"No ",
980
"Yes ",
981
),(
982
"Last Enabled ",
983
"2019-01-03T00:00:00 ",
984
"2019-01-04T00:00:00 ",
985
),(
986
"Approval Is Pending ",
987
"No ",
988
"No ",
989
),(
990
"Approved By Default ",
991
"Yes ",
992
"No ",
993
),(
994
"Last Approval Request ",
995
" ",
996
"2019-01-03T00:00:00 ",
997
),(
998
"Approval Delay ",
999
"00:00:00 ",
1000
"00:00:30 ",
1001
),(
1002
"Approval Duration ",
1003
"00:00:01 ",
1004
"00:00:01 ",
1005
),(
1006
"Checker ",
1007
"fping -q -- %(host)s ",
1008
": ",
1009
),(
1010
"Extended Timeout ",
1011
"00:15:00 ",
1012
"00:15:00 ",
1013
),(
1014
"Expires ",
1015
"2019-02-04T00:00:00 ",
1016
"2019-02-05T00:00:00 ",
1017
),(
1018
"Last Checker Status",
1019
"0 ",
1020
"-2 ",
1021
)
1022
)
1023
num_lines = max(len(rows) for rows in columns)
1024
expected_output = "\n".join("".join(rows[line]
1025
for rows in columns)
1026
for line in range(num_lines))
1027
self.assertEqual(output, expected_output)
1028
def test_one_client(self):
1029
output = PrintTableCmd().output(self.one_client.values())
1030
expected_output = """
1031
Name Enabled Timeout Last Successful Check
1032
foo Yes 00:05:00 2019-02-03T00:00:00
1033
"""[1:-1]
1034
self.assertEqual(output, expected_output)
1035
1036
class TestDumpJSONCmd(TestCmd):
1037
def setUp(self):
1038
self.expected_json = {
1039
"foo": {
1040
"Name": "foo",
1041
"KeyID": ("92ed150794387c03ce684574b1139a65"
1042
"94a34f895daaaf09fd8ea90a27cddb12"),
1043
"Host": "foo.example.org",
1044
"Enabled": True,
1045
"Timeout": 300000,
1046
"LastCheckedOK": "2019-02-03T00:00:00",
1047
"Created": "2019-01-02T00:00:00",
1048
"Interval": 120000,
1049
"Fingerprint": ("778827225BA7DE539C5A"
1050
"7CFA59CFF7CDBD9A5920"),
1051
"CheckerRunning": False,
1052
"LastEnabled": "2019-01-03T00:00:00",
1053
"ApprovalPending": False,
1054
"ApprovedByDefault": True,
1055
"LastApprovalRequest": "",
1056
"ApprovalDelay": 0,
1057
"ApprovalDuration": 1000,
1058
"Checker": "fping -q -- %(host)s",
1059
"ExtendedTimeout": 900000,
1060
"Expires": "2019-02-04T00:00:00",
1061
"LastCheckerStatus": 0,
1062
},
1063
"barbar": {
1064
"Name": "barbar",
1065
"KeyID": ("0558568eedd67d622f5c83b35a115f79"
1066
"6ab612cff5ad227247e46c2b020f441c"),
1067
"Host": "192.0.2.3",
1068
"Enabled": True,
1069
"Timeout": 300000,
1070
"LastCheckedOK": "2019-02-04T00:00:00",
1071
"Created": "2019-01-03T00:00:00",
1072
"Interval": 120000,
1073
"Fingerprint": ("3E393AEAEFB84C7E89E2"
1074
"F547B3A107558FCA3A27"),
1075
"CheckerRunning": True,
1076
"LastEnabled": "2019-01-04T00:00:00",
1077
"ApprovalPending": False,
1078
"ApprovedByDefault": False,
1079
"LastApprovalRequest": "2019-01-03T00:00:00",
1080
"ApprovalDelay": 30000,
1081
"ApprovalDuration": 1000,
1082
"Checker": ":",
1083
"ExtendedTimeout": 900000,
1084
"Expires": "2019-02-05T00:00:00",
1085
"LastCheckerStatus": -2,
1086
},
617
1087
}
618
self.keywords = ["Attr1", "AttrTwo"]
619
self.clients = [
620
{
621
"Attr1": "x1",
622
"AttrTwo": "y1",
623
"AttrThree": "z1",
624
"Bool": dbus.Boolean(False),
625
"NonDbusBoolean": False,
626
"Integer": 0,
627
"Timeout": 0,
628
"Interval": 1000,
629
"ApprovalDelay": 2000,
630
"ApprovalDuration": 3000,
631
"ExtendedTimeout": 4000,
632
"String": "",
633
},
634
{
635
"Attr1": "x2",
636
"AttrTwo": "y2",
637
"AttrThree": "z2",
638
"Bool": dbus.Boolean(True),
639
"NonDbusBoolean": True,
640
"Integer": 1,
641
"Timeout": 93785000,
642
"Interval": 93786000,
643
"ApprovalDelay": 93787000,
644
"ApprovalDuration": 93788000,
645
"ExtendedTimeout": 93789000,
646
"String": "A huge string which will not fit," * 10,
647
},
648
]
649
def test_short_header(self):
650
text = str(TableOfClients(self.clients, self.keywords,
651
self.tablewords))
652
expected_text = """
653
X Yy
654
x1 y1
655
x2 y2
656
"""[1:-1]
657
self.assertEqual(text, expected_text)
658
def test_booleans(self):
659
keywords = ["Bool", "NonDbusBoolean"]
660
text = str(TableOfClients(self.clients, keywords,
661
self.tablewords))
662
expected_text = """
663
A D-BUS Boolean A Non-D-BUS Boolean
664
No False
665
Yes True
666
"""[1:-1]
667
self.assertEqual(text, expected_text)
668
def test_milliseconds_detection(self):
669
keywords = ["Integer", "Timeout", "Interval", "ApprovalDelay",
670
"ApprovalDuration", "ExtendedTimeout"]
671
text = str(TableOfClients(self.clients, keywords,
672
self.tablewords))
673
expected_text = """
674
An Integer Timedelta 1 Timedelta 2 Timedelta 3 Timedelta 4 Timedelta 5
675
0 00:00:00 00:00:01 00:00:02 00:00:03 00:00:04
676
1 1T02:03:05 1T02:03:06 1T02:03:07 1T02:03:08 1T02:03:09
677
"""[1:-1]
678
self.assertEqual(text, expected_text)
679
def test_empty_and_long_string_values(self):
680
keywords = ["String"]
681
text = str(TableOfClients(self.clients, keywords,
682
self.tablewords))
683
expected_text = """
684
A String
685
686
A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,A huge string which will not fit,
687
"""[1:-1]
688
self.assertEqual(text, expected_text)
1088
return super(TestDumpJSONCmd, self).setUp()
1089
def test_normal(self):
1090
json_data = json.loads(DumpJSONCmd().output(self.clients))
1091
self.assertDictEqual(json_data, self.expected_json)
1092
def test_one_client(self):
1093
clients = self.one_client
1094
json_data = json.loads(DumpJSONCmd().output(clients))
1095
expected_json = {"foo": self.expected_json["foo"]}
1096
self.assertDictEqual(json_data, expected_json)
1097
1098
class TestIsEnabledCmd(TestCmd):
1099
def test_is_enabled(self):
1100
self.assertTrue(all(IsEnabledCmd().is_enabled(client,
1101
properties)
1102
for client, properties
1103
in self.clients.items()))
1104
def test_is_enabled_run_exits_successfully(self):
1105
with self.assertRaises(SystemExit) as e:
1106
IsEnabledCmd().run(self.one_client)
1107
if e.exception.code is not None:
1108
self.assertEqual(e.exception.code, 0)
1109
else:
1110
self.assertIsNone(e.exception.code)
1111
def test_is_enabled_run_exits_with_failure(self):
1112
self.client.attributes["Enabled"] = dbus.Boolean(False)
1113
with self.assertRaises(SystemExit) as e:
1114
IsEnabledCmd().run(self.one_client)
1115
if isinstance(e.exception.code, int):
1116
self.assertNotEqual(e.exception.code, 0)
1117
else:
1118
self.assertIsNotNone(e.exception.code)
1119
1120
class TestRemoveCmd(TestCmd):
1121
def test_remove(self):
1122
class MockMandos(object):
1123
def __init__(self):
1124
self.calls = []
1125
def RemoveClient(self, dbus_path):
1126
self.calls.append(("RemoveClient", (dbus_path,)))
1127
mandos = MockMandos()
1128
super(TestRemoveCmd, self).setUp()
1129
RemoveCmd().run(self.clients, self.bus, mandos)
1130
self.assertEqual(len(mandos.calls), 2)
1131
for clientpath in self.clients:
1132
self.assertIn(("RemoveClient", (clientpath,)),
1133
mandos.calls)
1134
1135
class TestApproveCmd(TestCmd):
1136
def test_approve(self):
1137
ApproveCmd().run(self.clients, self.bus)
1138
for clientpath in self.clients:
1139
client = self.bus.get_object(dbus_busname, clientpath)
1140
self.assertIn(("Approve", (True, client_dbus_interface)),
1141
client.calls)
1142
1143
class TestDenyCmd(TestCmd):
1144
def test_deny(self):
1145
DenyCmd().run(self.clients, self.bus)
1146
for clientpath in self.clients:
1147
client = self.bus.get_object(dbus_busname, clientpath)
1148
self.assertIn(("Approve", (False, client_dbus_interface)),
1149
client.calls)
1150
1151
class TestEnableCmd(TestCmd):
1152
def test_enable(self):
1153
for clientpath in self.clients:
1154
client = self.bus.get_object(dbus_busname, clientpath)
1155
client.attributes["Enabled"] = False
1156
1157
EnableCmd().run(self.clients, self.bus)
1158
1159
for clientpath in self.clients:
1160
client = self.bus.get_object(dbus_busname, clientpath)
1161
self.assertTrue(client.attributes["Enabled"])
1162
1163
class TestDisableCmd(TestCmd):
1164
def test_disable(self):
1165
DisableCmd().run(self.clients, self.bus)
1166
for clientpath in self.clients:
1167
client = self.bus.get_object(dbus_busname, clientpath)
1168
self.assertFalse(client.attributes["Enabled"])
1169
1170
class Unique(object):
1171
"""Class for objects which exist only to be unique objects, since
1172
unittest.mock.sentinel only exists in Python 3.3"""
1173
1174
class TestPropertyCmd(TestCmd):
1175
"""Abstract class for tests of PropertyCmd classes"""
1176
def runTest(self):
1177
if not hasattr(self, "command"):
1178
return
1179
values_to_get = getattr(self, "values_to_get",
1180
self.values_to_set)
1181
for value_to_set, value_to_get in zip(self.values_to_set,
1182
values_to_get):
1183
for clientpath in self.clients:
1184
client = self.bus.get_object(dbus_busname, clientpath)
1185
old_value = client.attributes[self.propname]
1186
self.assertNotIsInstance(old_value, Unique)
1187
client.attributes[self.propname] = Unique()
1188
self.run_command(value_to_set, self.clients)
1189
for clientpath in self.clients:
1190
client = self.bus.get_object(dbus_busname, clientpath)
1191
value = client.attributes[self.propname]
1192
self.assertNotIsInstance(value, Unique)
1193
self.assertEqual(value, value_to_get)
1194
def run_command(self, value, clients):
1195
self.command().run(clients, self.bus)
1196
1197
class TestBumpTimeoutCmd(TestPropertyCmd):
1198
command = BumpTimeoutCmd
1199
propname = "LastCheckedOK"
1200
values_to_set = [""]
1201
1202
class TestStartCheckerCmd(TestPropertyCmd):
1203
command = StartCheckerCmd
1204
propname = "CheckerRunning"
1205
values_to_set = [dbus.Boolean(True)]
1206
1207
class TestStopCheckerCmd(TestPropertyCmd):
1208
command = StopCheckerCmd
1209
propname = "CheckerRunning"
1210
values_to_set = [dbus.Boolean(False)]
1211
1212
class TestApproveByDefaultCmd(TestPropertyCmd):
1213
command = ApproveByDefaultCmd
1214
propname = "ApprovedByDefault"
1215
values_to_set = [dbus.Boolean(True)]
1216
1217
class TestDenyByDefaultCmd(TestPropertyCmd):
1218
command = DenyByDefaultCmd
1219
propname = "ApprovedByDefault"
1220
values_to_set = [dbus.Boolean(False)]
1221
1222
class TestPropertyValueCmd(TestPropertyCmd):
1223
"""Abstract class for tests of PropertyValueCmd classes"""
1224
def runTest(self):
1225
if type(self) is TestPropertyValueCmd:
1226
return
1227
return super(TestPropertyValueCmd, self).runTest()
1228
def run_command(self, value, clients):
1229
self.command(value).run(clients, self.bus)
1230
1231
class TestSetCheckerCmd(TestPropertyValueCmd):
1232
command = SetCheckerCmd
1233
propname = "Checker"
1234
values_to_set = ["", ":", "fping -q -- %s"]
1235
1236
class TestSetHostCmd(TestPropertyValueCmd):
1237
command = SetHostCmd
1238
propname = "Host"
1239
values_to_set = ["192.0.2.3", "foo.example.org"]
1240
1241
class TestSetSecretCmd(TestPropertyValueCmd):
1242
command = SetSecretCmd
1243
propname = "Secret"
1244
values_to_set = [io.BytesIO(b""),
1245
io.BytesIO(b"secret\0xyzzy\nbar")]
1246
values_to_get = [b"", b"secret\0xyzzy\nbar"]
1247
1248
class TestSetTimeoutCmd(TestPropertyValueCmd):
1249
command = SetTimeoutCmd
1250
propname = "Timeout"
1251
values_to_set = [datetime.timedelta(),
1252
datetime.timedelta(minutes=5),
1253
datetime.timedelta(seconds=1),
1254
datetime.timedelta(weeks=1),
1255
datetime.timedelta(weeks=52)]
1256
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1257
1258
class TestSetExtendedTimeoutCmd(TestPropertyValueCmd):
1259
command = SetExtendedTimeoutCmd
1260
propname = "ExtendedTimeout"
1261
values_to_set = [datetime.timedelta(),
1262
datetime.timedelta(minutes=5),
1263
datetime.timedelta(seconds=1),
1264
datetime.timedelta(weeks=1),
1265
datetime.timedelta(weeks=52)]
1266
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1267
1268
class TestSetIntervalCmd(TestPropertyValueCmd):
1269
command = SetIntervalCmd
1270
propname = "Interval"
1271
values_to_set = [datetime.timedelta(),
1272
datetime.timedelta(minutes=5),
1273
datetime.timedelta(seconds=1),
1274
datetime.timedelta(weeks=1),
1275
datetime.timedelta(weeks=52)]
1276
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1277
1278
class TestSetApprovalDelayCmd(TestPropertyValueCmd):
1279
command = SetApprovalDelayCmd
1280
propname = "ApprovalDelay"
1281
values_to_set = [datetime.timedelta(),
1282
datetime.timedelta(minutes=5),
1283
datetime.timedelta(seconds=1),
1284
datetime.timedelta(weeks=1),
1285
datetime.timedelta(weeks=52)]
1286
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1287
1288
class TestSetApprovalDurationCmd(TestPropertyValueCmd):
1289
command = SetApprovalDurationCmd
1290
propname = "ApprovalDuration"
1291
values_to_set = [datetime.timedelta(),
1292
datetime.timedelta(minutes=5),
1293
datetime.timedelta(seconds=1),
1294
datetime.timedelta(weeks=1),
1295
datetime.timedelta(weeks=52)]
1296
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1297
1298
class Test_command_from_options(unittest.TestCase):
1299
def setUp(self):
1300
self.parser = argparse.ArgumentParser()
1301
add_command_line_options(self.parser)
1302
def assert_command_from_args(self, args, command_cls,
1303
**cmd_attrs):
1304
"""Assert that parsing ARGS should result in an instance of
1305
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1306
options = self.parser.parse_args(args)
1307
check_option_syntax(self.parser, options)
1308
commands = commands_from_options(options)
1309
self.assertEqual(len(commands), 1)
1310
command = commands[0]
1311
self.assertIsInstance(command, command_cls)
1312
for key, value in cmd_attrs.items():
1313
self.assertEqual(getattr(command, key), value)
1314
def test_print_table(self):
1315
self.assert_command_from_args([], PrintTableCmd,
1316
verbose=False)
1317
1318
def test_print_table_verbose(self):
1319
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1320
verbose=True)
1321
1322
def test_print_table_verbose_short(self):
1323
self.assert_command_from_args(["-v"], PrintTableCmd,
1324
verbose=True)
1325
1326
def test_enable(self):
1327
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1328
1329
def test_enable_short(self):
1330
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1331
1332
def test_disable(self):
1333
self.assert_command_from_args(["--disable", "foo"],
1334
DisableCmd)
1335
1336
def test_disable_short(self):
1337
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1338
1339
def test_bump_timeout(self):
1340
self.assert_command_from_args(["--bump-timeout", "foo"],
1341
BumpTimeoutCmd)
1342
1343
def test_bump_timeout_short(self):
1344
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1345
1346
def test_start_checker(self):
1347
self.assert_command_from_args(["--start-checker", "foo"],
1348
StartCheckerCmd)
1349
1350
def test_stop_checker(self):
1351
self.assert_command_from_args(["--stop-checker", "foo"],
1352
StopCheckerCmd)
1353
1354
def test_remove(self):
1355
self.assert_command_from_args(["--remove", "foo"],
1356
RemoveCmd)
1357
1358
def test_remove_short(self):
1359
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1360
1361
def test_checker(self):
1362
self.assert_command_from_args(["--checker", ":", "foo"],
1363
SetCheckerCmd, value_to_set=":")
1364
1365
def test_checker_empty(self):
1366
self.assert_command_from_args(["--checker", "", "foo"],
1367
SetCheckerCmd, value_to_set="")
1368
1369
def test_checker_short(self):
1370
self.assert_command_from_args(["-c", ":", "foo"],
1371
SetCheckerCmd, value_to_set=":")
1372
1373
def test_timeout(self):
1374
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1375
SetTimeoutCmd,
1376
value_to_set=300000)
1377
1378
def test_timeout_short(self):
1379
self.assert_command_from_args(["-t", "PT5M", "foo"],
1380
SetTimeoutCmd,
1381
value_to_set=300000)
1382
1383
def test_extended_timeout(self):
1384
self.assert_command_from_args(["--extended-timeout", "PT15M",
1385
"foo"],
1386
SetExtendedTimeoutCmd,
1387
value_to_set=900000)
1388
1389
def test_interval(self):
1390
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1391
SetIntervalCmd,
1392
value_to_set=120000)
1393
1394
def test_interval_short(self):
1395
self.assert_command_from_args(["-i", "PT2M", "foo"],
1396
SetIntervalCmd,
1397
value_to_set=120000)
1398
1399
def test_approve_by_default(self):
1400
self.assert_command_from_args(["--approve-by-default", "foo"],
1401
ApproveByDefaultCmd)
1402
1403
def test_deny_by_default(self):
1404
self.assert_command_from_args(["--deny-by-default", "foo"],
1405
DenyByDefaultCmd)
1406
1407
def test_approval_delay(self):
1408
self.assert_command_from_args(["--approval-delay", "PT30S",
1409
"foo"], SetApprovalDelayCmd,
1410
value_to_set=30000)
1411
1412
def test_approval_duration(self):
1413
self.assert_command_from_args(["--approval-duration", "PT1S",
1414
"foo"], SetApprovalDurationCmd,
1415
value_to_set=1000)
1416
1417
def test_host(self):
1418
self.assert_command_from_args(["--host", "foo.example.org",
1419
"foo"], SetHostCmd,
1420
value_to_set="foo.example.org")
1421
1422
def test_host_short(self):
1423
self.assert_command_from_args(["-H", "foo.example.org",
1424
"foo"], SetHostCmd,
1425
value_to_set="foo.example.org")
1426
1427
def test_secret_devnull(self):
1428
self.assert_command_from_args(["--secret", os.path.devnull,
1429
"foo"], SetSecretCmd,
1430
value_to_set=b"")
1431
1432
def test_secret_tempfile(self):
1433
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1434
value = b"secret\0xyzzy\nbar"
1435
f.write(value)
1436
f.seek(0)
1437
self.assert_command_from_args(["--secret", f.name,
1438
"foo"], SetSecretCmd,
1439
value_to_set=value)
1440
1441
def test_secret_devnull_short(self):
1442
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1443
SetSecretCmd, value_to_set=b"")
1444
1445
def test_secret_tempfile_short(self):
1446
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1447
value = b"secret\0xyzzy\nbar"
1448
f.write(value)
1449
f.seek(0)
1450
self.assert_command_from_args(["-s", f.name, "foo"],
1451
SetSecretCmd,
1452
value_to_set=value)
1453
1454
def test_approve(self):
1455
self.assert_command_from_args(["--approve", "foo"],
1456
ApproveCmd)
1457
1458
def test_approve_short(self):
1459
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1460
1461
def test_deny(self):
1462
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1463
1464
def test_deny_short(self):
1465
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1466
1467
def test_dump_json(self):
1468
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1469
1470
def test_is_enabled(self):
1471
self.assert_command_from_args(["--is-enabled", "foo"],
1472
IsEnabledCmd)
1473
1474
def test_is_enabled_short(self):
1475
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1476
1477
def test_deny_before_remove(self):
1478
options = self.parser.parse_args(["--deny", "--remove",
1479
"foo"])
1480
check_option_syntax(self.parser, options)
1481
commands = commands_from_options(options)
1482
self.assertEqual(len(commands), 2)
1483
self.assertIsInstance(commands[0], DenyCmd)
1484
self.assertIsInstance(commands[1], RemoveCmd)
1485
1486
def test_deny_before_remove_reversed(self):
1487
options = self.parser.parse_args(["--remove", "--deny",
1488
"--all"])
1489
check_option_syntax(self.parser, options)
1490
commands = commands_from_options(options)
1491
self.assertEqual(len(commands), 2)
1492
self.assertIsInstance(commands[0], DenyCmd)
1493
self.assertIsInstance(commands[1], RemoveCmd)
1494
1495
1496
class Test_check_option_syntax(unittest.TestCase):
1497
# This mostly corresponds to the definition from has_actions() in
1498
# check_option_syntax()
1499
actions = {
1500
# The actual values set here are not that important, but we do
1501
# at least stick to the correct types, even though they are
1502
# never used
1503
"enable": True,
1504
"disable": True,
1505
"bump_timeout": True,
1506
"start_checker": True,
1507
"stop_checker": True,
1508
"is_enabled": True,
1509
"remove": True,
1510
"checker": "x",
1511
"timeout": datetime.timedelta(),
1512
"extended_timeout": datetime.timedelta(),
1513
"interval": datetime.timedelta(),
1514
"approved_by_default": True,
1515
"approval_delay": datetime.timedelta(),
1516
"approval_duration": datetime.timedelta(),
1517
"host": "x",
1518
"secret": io.BytesIO(b"x"),
1519
"approve": True,
1520
"deny": True,
1521
}
1522
1523
def setUp(self):
1524
self.parser = argparse.ArgumentParser()
1525
add_command_line_options(self.parser)
1526
1527
@contextlib.contextmanager
1528
def assertParseError(self):
1529
with self.assertRaises(SystemExit) as e:
1530
with self.temporarily_suppress_stderr():
1531
yield
1532
# Exit code from argparse is guaranteed to be "2". Reference:
1533
# https://docs.python.org/3/library
1534
# /argparse.html#exiting-methods
1535
self.assertEqual(e.exception.code, 2)
1536
1537
@staticmethod
1538
@contextlib.contextmanager
1539
def temporarily_suppress_stderr():
1540
null = os.open(os.path.devnull, os.O_RDWR)
1541
stderrcopy = os.dup(sys.stderr.fileno())
1542
os.dup2(null, sys.stderr.fileno())
1543
os.close(null)
1544
try:
1545
yield
1546
finally:
1547
# restore stderr
1548
os.dup2(stderrcopy, sys.stderr.fileno())
1549
os.close(stderrcopy)
1550
1551
def check_option_syntax(self, options):
1552
check_option_syntax(self.parser, options)
1553
1554
def test_actions_requires_client_or_all(self):
1555
for action, value in self.actions.items():
1556
options = self.parser.parse_args()
1557
setattr(options, action, value)
1558
with self.assertParseError():
1559
self.check_option_syntax(options)
1560
1561
def test_actions_conflicts_with_verbose(self):
1562
for action, value in self.actions.items():
1563
options = self.parser.parse_args()
1564
setattr(options, action, value)
1565
options.verbose = True
1566
with self.assertParseError():
1567
self.check_option_syntax(options)
1568
1569
def test_dump_json_conflicts_with_verbose(self):
1570
options = self.parser.parse_args()
1571
options.dump_json = True
1572
options.verbose = True
1573
with self.assertParseError():
1574
self.check_option_syntax(options)
1575
1576
def test_dump_json_conflicts_with_action(self):
1577
for action, value in self.actions.items():
1578
options = self.parser.parse_args()
1579
setattr(options, action, value)
1580
options.dump_json = True
1581
with self.assertParseError():
1582
self.check_option_syntax(options)
1583
1584
def test_all_can_not_be_alone(self):
1585
options = self.parser.parse_args()
1586
options.all = True
1587
with self.assertParseError():
1588
self.check_option_syntax(options)
1589
1590
def test_all_is_ok_with_any_action(self):
1591
for action, value in self.actions.items():
1592
options = self.parser.parse_args()
1593
setattr(options, action, value)
1594
options.all = True
1595
self.check_option_syntax(options)
1596
1597
def test_is_enabled_fails_without_client(self):
1598
options = self.parser.parse_args()
1599
options.is_enabled = True
1600
with self.assertParseError():
1601
self.check_option_syntax(options)
1602
1603
def test_is_enabled_works_with_one_client(self):
1604
options = self.parser.parse_args()
1605
options.is_enabled = True
1606
options.client = ["foo"]
1607
self.check_option_syntax(options)
1608
1609
def test_is_enabled_fails_with_two_clients(self):
1610
options = self.parser.parse_args()
1611
options.is_enabled = True
1612
options.client = ["foo", "barbar"]
1613
with self.assertParseError():
1614
self.check_option_syntax(options)
1615
1616
def test_remove_can_only_be_combined_with_action_deny(self):
1617
for action, value in self.actions.items():
1618
if action in {"remove", "deny"}:
1619
continue
1620
options = self.parser.parse_args()
1621
setattr(options, action, value)
1622
options.all = True
1623
options.remove = True
1624
with self.assertParseError():
1625
self.check_option_syntax(options)
689
1626
690
1627
691
1628
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0