To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-ctl
- browse files at revision 1069
- compare with another revision
- download diff
- download tarball
- view history from revision 1069
- Committer: Teddy Hogeborn
- Date: 2019-03-15 23:55:53 UTC
- Revision ID: teddy@recompile.se-20190315235553-znbpfn7d8o84tyt6
mandos-ctl: Refactor
* mandos-ctl (main): Do some minor refactoring.
* mandos-ctl (main): Do some minor refactoring.
- files modified:
- mandos-ctl
added
removed
mandos-ctl
64
64
65
65
locale.setlocale(locale.LC_ALL, "")
66
66
67
domain = "se.recompile"
68
busname = domain + ".Mandos"
69
server_path = "/"
70
server_interface = domain + ".Mandos"
71
client_interface = domain + ".Mandos.Client"
67
dbus_busname_domain = "se.recompile"
68
dbus_busname = dbus_busname_domain + ".Mandos"
69
server_dbus_path = "/"
70
server_dbus_interface = dbus_busname_domain + ".Mandos"
71
client_dbus_interface = dbus_busname_domain + ".Mandos.Client"
72
del dbus_busname_domain
72
73
version = "1.8.3"
73
74
74
75
78
79
dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"
79
80
80
81
81
def milliseconds_to_string(ms):
82
td = datetime.timedelta(0, 0, 0, ms)
83
return ("{days}{hours:02}:{minutes:02}:{seconds:02}"
84
.format(days="{}T".format(td.days) if td.days else "",
85
hours=td.seconds // 3600,
86
minutes=(td.seconds % 3600) // 60,
87
seconds=td.seconds % 60))
82
def main():
83
parser = argparse.ArgumentParser()
84
85
add_command_line_options(parser)
86
87
options = parser.parse_args()
88
89
check_option_syntax(parser, options)
90
91
clientnames = options.client
92
93
if options.debug:
94
log.setLevel(logging.DEBUG)
95
96
bus = dbus.SystemBus()
97
98
mandos_dbus_object = get_mandos_dbus_object(bus)
99
100
mandos_serv = dbus.Interface(
101
mandos_dbus_object, dbus_interface=server_dbus_interface)
102
mandos_serv_object_manager = dbus.Interface(
103
mandos_dbus_object, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
104
105
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", dbus_busname,
106
server_dbus_path, dbus.OBJECT_MANAGER_IFACE)
107
try:
108
with SilenceLogger("dbus.proxies"):
109
managed_objects = (mandos_serv_object_manager
110
.GetManagedObjects())
111
except dbus.exceptions.DBusException as e:
112
log.critical("Failed to access Mandos server through D-Bus:"
113
"\n%s", e)
114
sys.exit(1)
115
116
all_clients = {}
117
for path, ifs_and_props in managed_objects.items():
118
try:
119
all_clients[path] = ifs_and_props[client_dbus_interface]
120
except KeyError:
121
pass
122
123
# Compile dict of (clientpath: properties) to process
124
if not clientnames:
125
clients = all_clients
126
else:
127
clients = {}
128
for name in clientnames:
129
for objpath, properties in all_clients.items():
130
if properties["Name"] == name:
131
clients[objpath] = properties
132
break
133
else:
134
log.critical("Client not found on server: %r", name)
135
sys.exit(1)
136
137
# Run all commands on clients
138
commands = commands_from_options(options)
139
for command in commands:
140
command.run(clients, bus, mandos_serv)
141
142
143
def add_command_line_options(parser):
144
parser.add_argument("--version", action="version",
145
version="%(prog)s {}".format(version),
146
help="show version number and exit")
147
parser.add_argument("-a", "--all", action="store_true",
148
help="Select all clients")
149
parser.add_argument("-v", "--verbose", action="store_true",
150
help="Print all fields")
151
parser.add_argument("-j", "--dump-json", action="store_true",
152
help="Dump client data in JSON format")
153
enable_disable = parser.add_mutually_exclusive_group()
154
enable_disable.add_argument("-e", "--enable", action="store_true",
155
help="Enable client")
156
enable_disable.add_argument("-d", "--disable",
157
action="store_true",
158
help="disable client")
159
parser.add_argument("-b", "--bump-timeout", action="store_true",
160
help="Bump timeout for client")
161
start_stop_checker = parser.add_mutually_exclusive_group()
162
start_stop_checker.add_argument("--start-checker",
163
action="store_true",
164
help="Start checker for client")
165
start_stop_checker.add_argument("--stop-checker",
166
action="store_true",
167
help="Stop checker for client")
168
parser.add_argument("-V", "--is-enabled", action="store_true",
169
help="Check if client is enabled")
170
parser.add_argument("-r", "--remove", action="store_true",
171
help="Remove client")
172
parser.add_argument("-c", "--checker",
173
help="Set checker command for client")
174
parser.add_argument("-t", "--timeout", type=string_to_delta,
175
help="Set timeout for client")
176
parser.add_argument("--extended-timeout", type=string_to_delta,
177
help="Set extended timeout for client")
178
parser.add_argument("-i", "--interval", type=string_to_delta,
179
help="Set checker interval for client")
180
approve_deny_default = parser.add_mutually_exclusive_group()
181
approve_deny_default.add_argument(
182
"--approve-by-default", action="store_true",
183
default=None, dest="approved_by_default",
184
help="Set client to be approved by default")
185
approve_deny_default.add_argument(
186
"--deny-by-default", action="store_false",
187
dest="approved_by_default",
188
help="Set client to be denied by default")
189
parser.add_argument("--approval-delay", type=string_to_delta,
190
help="Set delay before client approve/deny")
191
parser.add_argument("--approval-duration", type=string_to_delta,
192
help="Set duration of one client approval")
193
parser.add_argument("-H", "--host", help="Set host for client")
194
parser.add_argument("-s", "--secret",
195
type=argparse.FileType(mode="rb"),
196
help="Set password blob (file) for client")
197
approve_deny = parser.add_mutually_exclusive_group()
198
approve_deny.add_argument(
199
"-A", "--approve", action="store_true",
200
help="Approve any current client request")
201
approve_deny.add_argument("-D", "--deny", action="store_true",
202
help="Deny any current client request")
203
parser.add_argument("--debug", action="store_true",
204
help="Debug mode (show D-Bus commands)")
205
parser.add_argument("--check", action="store_true",
206
help="Run self-test")
207
parser.add_argument("client", nargs="*", help="Client name")
208
209
210
def string_to_delta(interval):
211
"""Parse a string and return a datetime.timedelta"""
212
213
try:
214
return rfc3339_duration_to_delta(interval)
215
except ValueError as e:
216
log.warning("%s - Parsing as pre-1.6.1 interval instead",
217
' '.join(e.args))
218
return parse_pre_1_6_1_interval(interval)
88
219
89
220
90
221
def rfc3339_duration_to_delta(duration):
217
348
return value
218
349
219
350
220
def string_to_delta(interval):
221
"""Parse a string and return a datetime.timedelta"""
222
223
try:
224
return rfc3339_duration_to_delta(interval)
225
except ValueError as e:
226
log.warning("%s - Parsing as pre-1.6.1 interval instead",
227
' '.join(e.args))
228
return parse_pre_1_6_1_interval(interval)
229
230
231
351
def parse_pre_1_6_1_interval(interval):
232
352
"""Parse an interval string as documented by Mandos before 1.6.1,
233
353
and return a datetime.timedelta
271
391
return value
272
392
273
393
274
## Classes for commands.
275
276
# Abstract classes first
394
def check_option_syntax(parser, options):
395
"""Apply additional restrictions on options, not expressible in
396
argparse"""
397
398
def has_actions(options):
399
return any((options.enable,
400
options.disable,
401
options.bump_timeout,
402
options.start_checker,
403
options.stop_checker,
404
options.is_enabled,
405
options.remove,
406
options.checker is not None,
407
options.timeout is not None,
408
options.extended_timeout is not None,
409
options.interval is not None,
410
options.approved_by_default is not None,
411
options.approval_delay is not None,
412
options.approval_duration is not None,
413
options.host is not None,
414
options.secret is not None,
415
options.approve,
416
options.deny))
417
418
if has_actions(options) and not (options.client or options.all):
419
parser.error("Options require clients names or --all.")
420
if options.verbose and has_actions(options):
421
parser.error("--verbose can only be used alone.")
422
if options.dump_json and (options.verbose
423
or has_actions(options)):
424
parser.error("--dump-json can only be used alone.")
425
if options.all and not has_actions(options):
426
parser.error("--all requires an action.")
427
if options.is_enabled and len(options.client) > 1:
428
parser.error("--is-enabled requires exactly one client")
429
if options.remove:
430
options.remove = False
431
if has_actions(options) and not options.deny:
432
parser.error("--remove can only be combined with --deny")
433
options.remove = True
434
435
436
def get_mandos_dbus_object(bus):
437
try:
438
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
439
dbus_busname, server_dbus_path)
440
mandos_dbus_object = bus.get_object(dbus_busname,
441
server_dbus_path)
442
except dbus.exceptions.DBusException:
443
log.critical("Could not connect to Mandos server")
444
sys.exit(1)
445
446
return mandos_dbus_object
447
448
449
class SilenceLogger(object):
450
"Simple context manager to silence a particular logger"
451
def __init__(self, loggername):
452
self.logger = logging.getLogger(loggername)
453
454
def __enter__(self):
455
self.logger.addFilter(self.nullfilter)
456
return self
457
458
class NullFilter(logging.Filter):
459
def filter(self, record):
460
return False
461
462
nullfilter = NullFilter()
463
464
def __exit__(self, exc_type, exc_val, exc_tb):
465
self.logger.removeFilter(self.nullfilter)
466
467
468
def commands_from_options(options):
469
470
commands = []
471
472
if options.is_enabled:
473
commands.append(IsEnabledCmd())
474
475
if options.approve:
476
commands.append(ApproveCmd())
477
478
if options.deny:
479
commands.append(DenyCmd())
480
481
if options.remove:
482
commands.append(RemoveCmd())
483
484
if options.dump_json:
485
commands.append(DumpJSONCmd())
486
487
if options.enable:
488
commands.append(EnableCmd())
489
490
if options.disable:
491
commands.append(DisableCmd())
492
493
if options.bump_timeout:
494
commands.append(BumpTimeoutCmd())
495
496
if options.start_checker:
497
commands.append(StartCheckerCmd())
498
499
if options.stop_checker:
500
commands.append(StopCheckerCmd())
501
502
if options.approved_by_default is not None:
503
if options.approved_by_default:
504
commands.append(ApproveByDefaultCmd())
505
else:
506
commands.append(DenyByDefaultCmd())
507
508
if options.checker is not None:
509
commands.append(SetCheckerCmd(options.checker))
510
511
if options.host is not None:
512
commands.append(SetHostCmd(options.host))
513
514
if options.secret is not None:
515
commands.append(SetSecretCmd(options.secret))
516
517
if options.timeout is not None:
518
commands.append(SetTimeoutCmd(options.timeout))
519
520
if options.extended_timeout:
521
commands.append(
522
SetExtendedTimeoutCmd(options.extended_timeout))
523
524
if options.interval is not None:
525
commands.append(SetIntervalCmd(options.interval))
526
527
if options.approval_delay is not None:
528
commands.append(SetApprovalDelayCmd(options.approval_delay))
529
530
if options.approval_duration is not None:
531
commands.append(
532
SetApprovalDurationCmd(options.approval_duration))
533
534
# If no command option has been given, show table of clients,
535
# optionally verbosely
536
if not commands:
537
commands.append(PrintTableCmd(verbose=options.verbose))
538
539
return commands
540
541
277
542
class Command(object):
278
543
"""Abstract class for commands"""
279
def run(self, mandos, clients):
544
def run(self, clients, bus=None, mandos=None):
280
545
"""Normal commands should implement run_on_one_client(), but
281
546
commands which want to operate on all clients at the same time
282
547
can override this run() method instead."""
283
548
self.mandos = mandos
284
for client, properties in clients.items():
549
for clientpath, properties in clients.items():
550
log.debug("D-Bus: Connect to: (busname=%r, path=%r)",
551
dbus_busname, str(clientpath))
552
client = bus.get_object(dbus_busname, clientpath)
285
553
self.run_on_one_client(client, properties)
286
554
287
class PrintCmd(Command):
288
"""Abstract class for commands printing client details"""
555
556
class IsEnabledCmd(Command):
557
def run(self, clients, bus=None, mandos=None):
558
client, properties = next(iter(clients.items()))
559
if self.is_enabled(client, properties):
560
sys.exit(0)
561
sys.exit(1)
562
def is_enabled(self, client, properties):
563
return properties["Enabled"]
564
565
566
class ApproveCmd(Command):
567
def run_on_one_client(self, client, properties):
568
log.debug("D-Bus: %s:%s:%s.Approve(True)", dbus_busname,
569
client.__dbus_object_path__, client_dbus_interface)
570
client.Approve(dbus.Boolean(True),
571
dbus_interface=client_dbus_interface)
572
573
574
class DenyCmd(Command):
575
def run_on_one_client(self, client, properties):
576
log.debug("D-Bus: %s:%s:%s.Approve(False)", dbus_busname,
577
client.__dbus_object_path__, client_dbus_interface)
578
client.Approve(dbus.Boolean(False),
579
dbus_interface=client_dbus_interface)
580
581
582
class RemoveCmd(Command):
583
def run_on_one_client(self, client, properties):
584
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", dbus_busname,
585
server_dbus_path, server_dbus_interface,
586
str(client.__dbus_object_path__))
587
self.mandos.RemoveClient(client.__dbus_object_path__)
588
589
590
class OutputCmd(Command):
591
"""Abstract class for commands outputting client details"""
289
592
all_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK",
290
593
"Created", "Interval", "Host", "KeyID",
291
594
"Fingerprint", "CheckerRunning", "LastEnabled",
293
596
"LastApprovalRequest", "ApprovalDelay",
294
597
"ApprovalDuration", "Checker", "ExtendedTimeout",
295
598
"Expires", "LastCheckerStatus")
296
def run(self, mandos, clients):
297
print(self.output(clients))
298
299
class PropertyCmd(Command):
300
"""Abstract class for Actions for setting one client property"""
301
def run_on_one_client(self, client, properties):
302
"""Set the Client's D-Bus property"""
303
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", busname,
304
client.__dbus_object_path__,
305
dbus.PROPERTIES_IFACE, client_interface,
306
self.property, self.value_to_set
307
if not isinstance(self.value_to_set, dbus.Boolean)
308
else bool(self.value_to_set))
309
client.Set(client_interface, self.property, self.value_to_set,
310
dbus_interface=dbus.PROPERTIES_IFACE)
311
312
class ValueArgumentMixIn(object):
313
"""Mixin class for commands taking a value as argument"""
314
def __init__(self, value):
315
self.value_to_set = value
316
317
class MillisecondsValueArgumentMixIn(ValueArgumentMixIn):
318
"""Mixin class for commands taking a value argument as
319
milliseconds."""
320
@property
321
def value_to_set(self):
322
return self._vts
323
@value_to_set.setter
324
def value_to_set(self, value):
325
"""When setting, convert value to a datetime.timedelta"""
326
self._vts = int(round(value.total_seconds() * 1000))
327
328
# Actual (non-abstract) command classes
329
330
class PrintTableCmd(PrintCmd):
599
600
def run(self, clients, bus=None, mandos=None):
601
print(self.output(clients.values()))
602
603
def output(self, clients):
604
raise NotImplementedError()
605
606
607
class DumpJSONCmd(OutputCmd):
608
def output(self, clients):
609
data = {client["Name"]:
610
{key: self.dbus_boolean_to_bool(client[key])
611
for key in self.all_keywords}
612
for client in clients}
613
return json.dumps(data, indent=4, separators=(',', ': '))
614
615
@staticmethod
616
def dbus_boolean_to_bool(value):
617
if isinstance(value, dbus.Boolean):
618
value = bool(value)
619
return value
620
621
622
class PrintTableCmd(OutputCmd):
331
623
def __init__(self, verbose=False):
332
624
self.verbose = verbose
333
625
334
626
def output(self, clients):
335
default_keywords = ("Name", "Enabled", "Timeout", "LastCheckedOK")
627
default_keywords = ("Name", "Enabled", "Timeout",
628
"LastCheckedOK")
336
629
keywords = default_keywords
337
630
if self.verbose:
338
631
keywords = self.all_keywords
339
return str(self.TableOfClients(clients.values(), keywords))
632
return str(self.TableOfClients(clients, keywords))
340
633
341
634
class TableOfClients(object):
342
635
tableheaders = {
362
655
"LastCheckerStatus": "Last Checker Status",
363
656
}
364
657
365
def __init__(self, clients, keywords, tableheaders=None):
658
def __init__(self, clients, keywords):
366
659
self.clients = clients
367
660
self.keywords = keywords
368
if tableheaders is not None:
369
self.tableheaders = tableheaders
370
661
371
662
def __str__(self):
372
663
return "\n".join(self.rows())
395
686
def string_from_client(self, client, key):
396
687
return self.valuetostring(client[key], key)
397
688
398
@staticmethod
399
def valuetostring(value, keyword):
689
@classmethod
690
def valuetostring(cls, value, keyword):
400
691
if isinstance(value, dbus.Boolean):
401
692
return "Yes" if value else "No"
402
693
if keyword in ("Timeout", "Interval", "ApprovalDelay",
403
694
"ApprovalDuration", "ExtendedTimeout"):
404
return milliseconds_to_string(value)
695
return cls.milliseconds_to_string(value)
405
696
return str(value)
406
697
407
698
def header_line(self, format_string):
412
703
**{key: self.string_from_client(client, key)
413
704
for key in self.keywords})
414
705
415
416
417
class DumpJSONCmd(PrintCmd):
418
def output(self, clients):
419
data = {client["Name"]:
420
{key: self.dbus_boolean_to_bool(client[key])
421
for key in self.all_keywords}
422
for client in clients.values()}
423
return json.dumps(data, indent=4, separators=(',', ': '))
424
@staticmethod
425
def dbus_boolean_to_bool(value):
426
if isinstance(value, dbus.Boolean):
427
value = bool(value)
428
return value
429
430
class IsEnabledCmd(Command):
431
def run_on_one_client(self, client, properties):
432
if self.is_enabled(client, properties):
433
sys.exit(0)
434
sys.exit(1)
435
def is_enabled(self, client, properties):
436
return bool(properties["Enabled"])
437
438
class RemoveCmd(Command):
439
def run_on_one_client(self, client, properties):
440
log.debug("D-Bus: %s:%s:%s.RemoveClient(%r)", busname,
441
server_path, server_interface,
442
str(client.__dbus_object_path__))
443
self.mandos.RemoveClient(client.__dbus_object_path__)
444
445
class ApproveCmd(Command):
446
def run_on_one_client(self, client, properties):
447
log.debug("D-Bus: %s:%s.Approve(True)",
448
client.__dbus_object_path__, client_interface)
449
client.Approve(dbus.Boolean(True),
450
dbus_interface=client_interface)
451
452
class DenyCmd(Command):
453
def run_on_one_client(self, client, properties):
454
log.debug("D-Bus: %s:%s.Approve(False)",
455
client.__dbus_object_path__, client_interface)
456
client.Approve(dbus.Boolean(False),
457
dbus_interface=client_interface)
706
@staticmethod
707
def milliseconds_to_string(ms):
708
td = datetime.timedelta(0, 0, 0, ms)
709
return ("{days}{hours:02}:{minutes:02}:{seconds:02}"
710
.format(days="{}T".format(td.days)
711
if td.days else "",
712
hours=td.seconds // 3600,
713
minutes=(td.seconds % 3600) // 60,
714
seconds=td.seconds % 60))
715
716
717
class PropertyCmd(Command):
718
"""Abstract class for Actions for setting one client property"""
719
720
def run_on_one_client(self, client, properties):
721
"""Set the Client's D-Bus property"""
722
log.debug("D-Bus: %s:%s:%s.Set(%r, %r, %r)", dbus_busname,
723
client.__dbus_object_path__,
724
dbus.PROPERTIES_IFACE, client_dbus_interface,
725
self.propname, self.value_to_set
726
if not isinstance(self.value_to_set, dbus.Boolean)
727
else bool(self.value_to_set))
728
client.Set(client_dbus_interface, self.propname,
729
self.value_to_set,
730
dbus_interface=dbus.PROPERTIES_IFACE)
731
732
@property
733
def propname(self):
734
raise NotImplementedError()
735
458
736
459
737
class EnableCmd(PropertyCmd):
460
property = "Enabled"
738
propname = "Enabled"
461
739
value_to_set = dbus.Boolean(True)
462
740
741
463
742
class DisableCmd(PropertyCmd):
464
property = "Enabled"
743
propname = "Enabled"
465
744
value_to_set = dbus.Boolean(False)
466
745
746
467
747
class BumpTimeoutCmd(PropertyCmd):
468
property = "LastCheckedOK"
748
propname = "LastCheckedOK"
469
749
value_to_set = ""
470
750
751
471
752
class StartCheckerCmd(PropertyCmd):
472
property = "CheckerRunning"
753
propname = "CheckerRunning"
473
754
value_to_set = dbus.Boolean(True)
474
755
756
475
757
class StopCheckerCmd(PropertyCmd):
476
property = "CheckerRunning"
758
propname = "CheckerRunning"
477
759
value_to_set = dbus.Boolean(False)
478
760
761
479
762
class ApproveByDefaultCmd(PropertyCmd):
480
property = "ApprovedByDefault"
763
propname = "ApprovedByDefault"
481
764
value_to_set = dbus.Boolean(True)
482
765
766
483
767
class DenyByDefaultCmd(PropertyCmd):
484
property = "ApprovedByDefault"
768
propname = "ApprovedByDefault"
485
769
value_to_set = dbus.Boolean(False)
486
770
487
class SetCheckerCmd(PropertyCmd, ValueArgumentMixIn):
488
property = "Checker"
489
490
class SetHostCmd(PropertyCmd, ValueArgumentMixIn):
491
property = "Host"
492
493
class SetSecretCmd(PropertyCmd, ValueArgumentMixIn):
771
772
class PropertyValueCmd(PropertyCmd):
773
"""Abstract class for PropertyCmd recieving a value as argument"""
774
def __init__(self, value):
775
self.value_to_set = value
776
777
778
class SetCheckerCmd(PropertyValueCmd):
779
propname = "Checker"
780
781
782
class SetHostCmd(PropertyValueCmd):
783
propname = "Host"
784
785
786
class SetSecretCmd(PropertyValueCmd):
787
propname = "Secret"
788
494
789
@property
495
790
def value_to_set(self):
496
791
return self._vts
792
497
793
@value_to_set.setter
498
794
def value_to_set(self, value):
499
795
"""When setting, read data from supplied file object"""
500
796
self._vts = value.read()
501
797
value.close()
502
property = "Secret"
503
504
class SetTimeoutCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
505
property = "Timeout"
506
507
class SetExtendedTimeoutCmd(PropertyCmd,
508
MillisecondsValueArgumentMixIn):
509
property = "ExtendedTimeout"
510
511
class SetIntervalCmd(PropertyCmd, MillisecondsValueArgumentMixIn):
512
property = "Interval"
513
514
class SetApprovalDelayCmd(PropertyCmd,
515
MillisecondsValueArgumentMixIn):
516
property = "ApprovalDelay"
517
518
class SetApprovalDurationCmd(PropertyCmd,
519
MillisecondsValueArgumentMixIn):
520
property = "ApprovalDuration"
521
522
def add_command_line_options(parser):
523
parser.add_argument("--version", action="version",
524
version="%(prog)s {}".format(version),
525
help="show version number and exit")
526
parser.add_argument("-a", "--all", action="store_true",
527
help="Select all clients")
528
parser.add_argument("-v", "--verbose", action="store_true",
529
help="Print all fields")
530
parser.add_argument("-j", "--dump-json", action="store_true",
531
help="Dump client data in JSON format")
532
enable_disable = parser.add_mutually_exclusive_group()
533
enable_disable.add_argument("-e", "--enable", action="store_true",
534
help="Enable client")
535
enable_disable.add_argument("-d", "--disable",
536
action="store_true",
537
help="disable client")
538
parser.add_argument("-b", "--bump-timeout", action="store_true",
539
help="Bump timeout for client")
540
start_stop_checker = parser.add_mutually_exclusive_group()
541
start_stop_checker.add_argument("--start-checker",
542
action="store_true",
543
help="Start checker for client")
544
start_stop_checker.add_argument("--stop-checker",
545
action="store_true",
546
help="Stop checker for client")
547
parser.add_argument("-V", "--is-enabled", action="store_true",
548
help="Check if client is enabled")
549
parser.add_argument("-r", "--remove", action="store_true",
550
help="Remove client")
551
parser.add_argument("-c", "--checker",
552
help="Set checker command for client")
553
parser.add_argument("-t", "--timeout", type=string_to_delta,
554
help="Set timeout for client")
555
parser.add_argument("--extended-timeout", type=string_to_delta,
556
help="Set extended timeout for client")
557
parser.add_argument("-i", "--interval", type=string_to_delta,
558
help="Set checker interval for client")
559
approve_deny_default = parser.add_mutually_exclusive_group()
560
approve_deny_default.add_argument(
561
"--approve-by-default", action="store_true",
562
default=None, dest="approved_by_default",
563
help="Set client to be approved by default")
564
approve_deny_default.add_argument(
565
"--deny-by-default", action="store_false",
566
dest="approved_by_default",
567
help="Set client to be denied by default")
568
parser.add_argument("--approval-delay", type=string_to_delta,
569
help="Set delay before client approve/deny")
570
parser.add_argument("--approval-duration", type=string_to_delta,
571
help="Set duration of one client approval")
572
parser.add_argument("-H", "--host", help="Set host for client")
573
parser.add_argument("-s", "--secret",
574
type=argparse.FileType(mode="rb"),
575
help="Set password blob (file) for client")
576
approve_deny = parser.add_mutually_exclusive_group()
577
approve_deny.add_argument(
578
"-A", "--approve", action="store_true",
579
help="Approve any current client request")
580
approve_deny.add_argument("-D", "--deny", action="store_true",
581
help="Deny any current client request")
582
parser.add_argument("--debug", action="store_true",
583
help="Debug mode (show D-Bus commands)")
584
parser.add_argument("--check", action="store_true",
585
help="Run self-test")
586
parser.add_argument("client", nargs="*", help="Client name")
587
588
589
def commands_from_options(options):
590
591
commands = []
592
593
if options.dump_json:
594
commands.append(DumpJSONCmd())
595
596
if options.enable:
597
commands.append(EnableCmd())
598
599
if options.disable:
600
commands.append(DisableCmd())
601
602
if options.bump_timeout:
603
commands.append(BumpTimeoutCmd())
604
605
if options.start_checker:
606
commands.append(StartCheckerCmd())
607
608
if options.stop_checker:
609
commands.append(StopCheckerCmd())
610
611
if options.is_enabled:
612
commands.append(IsEnabledCmd())
613
614
if options.remove:
615
commands.append(RemoveCmd())
616
617
if options.checker is not None:
618
commands.append(SetCheckerCmd(options.checker))
619
620
if options.timeout is not None:
621
commands.append(SetTimeoutCmd(options.timeout))
622
623
if options.extended_timeout:
624
commands.append(
625
SetExtendedTimeoutCmd(options.extended_timeout))
626
627
if options.interval is not None:
628
commands.append(SetIntervalCmd(options.interval))
629
630
if options.approved_by_default is not None:
631
if options.approved_by_default:
632
commands.append(ApproveByDefaultCmd())
633
else:
634
commands.append(DenyByDefaultCmd())
635
636
if options.approval_delay is not None:
637
commands.append(SetApprovalDelayCmd(options.approval_delay))
638
639
if options.approval_duration is not None:
640
commands.append(
641
SetApprovalDurationCmd(options.approval_duration))
642
643
if options.host is not None:
644
commands.append(SetHostCmd(options.host))
645
646
if options.secret is not None:
647
commands.append(SetSecretCmd(options.secret))
648
649
if options.approve:
650
commands.append(ApproveCmd())
651
652
if options.deny:
653
commands.append(DenyCmd())
654
655
# If no command option has been given, show table of clients,
656
# optionally verbosely
657
if not commands:
658
commands.append(PrintTableCmd(verbose=options.verbose))
659
660
return commands
661
662
663
def check_option_syntax(parser, options):
664
"""Apply additional restrictions on options, not expressible in
665
argparse"""
666
667
def has_actions(options):
668
return any((options.enable,
669
options.disable,
670
options.bump_timeout,
671
options.start_checker,
672
options.stop_checker,
673
options.is_enabled,
674
options.remove,
675
options.checker is not None,
676
options.timeout is not None,
677
options.extended_timeout is not None,
678
options.interval is not None,
679
options.approved_by_default is not None,
680
options.approval_delay is not None,
681
options.approval_duration is not None,
682
options.host is not None,
683
options.secret is not None,
684
options.approve,
685
options.deny))
686
687
if has_actions(options) and not (options.client or options.all):
688
parser.error("Options require clients names or --all.")
689
if options.verbose and has_actions(options):
690
parser.error("--verbose can only be used alone.")
691
if options.dump_json and (options.verbose
692
or has_actions(options)):
693
parser.error("--dump-json can only be used alone.")
694
if options.all and not has_actions(options):
695
parser.error("--all requires an action.")
696
if options.is_enabled and len(options.client) > 1:
697
parser.error("--is-enabled requires exactly one client")
698
699
700
def main():
701
parser = argparse.ArgumentParser()
702
703
add_command_line_options(parser)
704
705
options = parser.parse_args()
706
707
check_option_syntax(parser, options)
708
709
clientnames = options.client
710
711
if options.debug:
712
log.setLevel(logging.DEBUG)
713
714
try:
715
bus = dbus.SystemBus()
716
log.debug("D-Bus: Connect to: (name=%r, path=%r)", busname,
717
server_path)
718
mandos_dbus_objc = bus.get_object(busname, server_path)
719
except dbus.exceptions.DBusException:
720
log.critical("Could not connect to Mandos server")
721
sys.exit(1)
722
723
mandos_serv = dbus.Interface(mandos_dbus_objc,
724
dbus_interface=server_interface)
725
mandos_serv_object_manager = dbus.Interface(
726
mandos_dbus_objc, dbus_interface=dbus.OBJECT_MANAGER_IFACE)
727
728
# Filter out log message from dbus module
729
dbus_logger = logging.getLogger("dbus.proxies")
730
class NullFilter(logging.Filter):
731
def filter(self, record):
732
return False
733
dbus_filter = NullFilter()
734
try:
735
dbus_logger.addFilter(dbus_filter)
736
log.debug("D-Bus: %s:%s:%s.GetManagedObjects()", busname,
737
server_path, dbus.OBJECT_MANAGER_IFACE)
738
mandos_clients = {path: ifs_and_props[client_interface]
739
for path, ifs_and_props in
740
mandos_serv_object_manager
741
.GetManagedObjects().items()
742
if client_interface in ifs_and_props}
743
except dbus.exceptions.DBusException as e:
744
log.critical("Failed to access Mandos server through D-Bus:"
745
"\n%s", e)
746
sys.exit(1)
747
finally:
748
# restore dbus logger
749
dbus_logger.removeFilter(dbus_filter)
750
751
# Compile dict of (clients: properties) to process
752
clients = {}
753
754
if not clientnames:
755
clients = {bus.get_object(busname, path): properties
756
for path, properties in mandos_clients.items()}
757
else:
758
for name in clientnames:
759
for path, client in mandos_clients.items():
760
if client["Name"] == name:
761
client_objc = bus.get_object(busname, path)
762
clients[client_objc] = client
763
break
764
else:
765
log.critical("Client not found on server: %r", name)
766
sys.exit(1)
767
768
# Run all commands on clients
769
commands = commands_from_options(options)
770
for command in commands:
771
command.run(mandos_serv, clients)
798
799
800
class MillisecondsPropertyValueArgumentCmd(PropertyValueCmd):
801
"""Abstract class for PropertyValueCmd taking a value argument as
802
a datetime.timedelta() but should store it as milliseconds."""
803
804
@property
805
def value_to_set(self):
806
return self._vts
807
808
@value_to_set.setter
809
def value_to_set(self, value):
810
"""When setting, convert value from a datetime.timedelta"""
811
self._vts = int(round(value.total_seconds() * 1000))
812
813
814
class SetTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
815
propname = "Timeout"
816
817
818
class SetExtendedTimeoutCmd(MillisecondsPropertyValueArgumentCmd):
819
propname = "ExtendedTimeout"
820
821
822
class SetIntervalCmd(MillisecondsPropertyValueArgumentCmd):
823
propname = "Interval"
824
825
826
class SetApprovalDelayCmd(MillisecondsPropertyValueArgumentCmd):
827
propname = "ApprovalDelay"
828
829
830
class SetApprovalDurationCmd(MillisecondsPropertyValueArgumentCmd):
831
propname = "ApprovalDuration"
832
772
833
773
834
774
class Test_milliseconds_to_string(unittest.TestCase):
775
def test_all(self):
776
self.assertEqual(milliseconds_to_string(93785000),
777
"1T02:03:05")
778
def test_no_days(self):
779
self.assertEqual(milliseconds_to_string(7385000), "02:03:05")
780
def test_all_zero(self):
781
self.assertEqual(milliseconds_to_string(0), "00:00:00")
782
def test_no_fractional_seconds(self):
783
self.assertEqual(milliseconds_to_string(400), "00:00:00")
784
self.assertEqual(milliseconds_to_string(900), "00:00:00")
785
self.assertEqual(milliseconds_to_string(1900), "00:00:01")
786
787
835
class Test_string_to_delta(unittest.TestCase):
788
836
def test_handles_basic_rfc3339(self):
789
837
self.assertEqual(string_to_delta("PT0S"),
794
842
datetime.timedelta(0, 1))
795
843
self.assertEqual(string_to_delta("PT2H"),
796
844
datetime.timedelta(0, 7200))
845
797
846
def test_falls_back_to_pre_1_6_1_with_warning(self):
798
847
# assertLogs only exists in Python 3.4
799
848
if hasattr(self, "assertLogs"):
817
866
self.assertEqual(value, datetime.timedelta(0, 7200))
818
867
819
868
869
class Test_check_option_syntax(unittest.TestCase):
870
def setUp(self):
871
self.parser = argparse.ArgumentParser()
872
add_command_line_options(self.parser)
873
874
def test_actions_requires_client_or_all(self):
875
for action, value in self.actions.items():
876
options = self.parser.parse_args()
877
setattr(options, action, value)
878
with self.assertParseError():
879
self.check_option_syntax(options)
880
881
# This mostly corresponds to the definition from has_actions() in
882
# check_option_syntax()
883
actions = {
884
# The actual values set here are not that important, but we do
885
# at least stick to the correct types, even though they are
886
# never used
887
"enable": True,
888
"disable": True,
889
"bump_timeout": True,
890
"start_checker": True,
891
"stop_checker": True,
892
"is_enabled": True,
893
"remove": True,
894
"checker": "x",
895
"timeout": datetime.timedelta(),
896
"extended_timeout": datetime.timedelta(),
897
"interval": datetime.timedelta(),
898
"approved_by_default": True,
899
"approval_delay": datetime.timedelta(),
900
"approval_duration": datetime.timedelta(),
901
"host": "x",
902
"secret": io.BytesIO(b"x"),
903
"approve": True,
904
"deny": True,
905
}
906
907
@contextlib.contextmanager
908
def assertParseError(self):
909
with self.assertRaises(SystemExit) as e:
910
with self.temporarily_suppress_stderr():
911
yield
912
# Exit code from argparse is guaranteed to be "2". Reference:
913
# https://docs.python.org/3/library
914
# /argparse.html#exiting-methods
915
self.assertEqual(e.exception.code, 2)
916
917
@staticmethod
918
@contextlib.contextmanager
919
def temporarily_suppress_stderr():
920
null = os.open(os.path.devnull, os.O_RDWR)
921
stderrcopy = os.dup(sys.stderr.fileno())
922
os.dup2(null, sys.stderr.fileno())
923
os.close(null)
924
try:
925
yield
926
finally:
927
# restore stderr
928
os.dup2(stderrcopy, sys.stderr.fileno())
929
os.close(stderrcopy)
930
931
def check_option_syntax(self, options):
932
check_option_syntax(self.parser, options)
933
934
def test_actions_conflicts_with_verbose(self):
935
for action, value in self.actions.items():
936
options = self.parser.parse_args()
937
setattr(options, action, value)
938
options.verbose = True
939
with self.assertParseError():
940
self.check_option_syntax(options)
941
942
def test_dump_json_conflicts_with_verbose(self):
943
options = self.parser.parse_args()
944
options.dump_json = True
945
options.verbose = True
946
with self.assertParseError():
947
self.check_option_syntax(options)
948
949
def test_dump_json_conflicts_with_action(self):
950
for action, value in self.actions.items():
951
options = self.parser.parse_args()
952
setattr(options, action, value)
953
options.dump_json = True
954
with self.assertParseError():
955
self.check_option_syntax(options)
956
957
def test_all_can_not_be_alone(self):
958
options = self.parser.parse_args()
959
options.all = True
960
with self.assertParseError():
961
self.check_option_syntax(options)
962
963
def test_all_is_ok_with_any_action(self):
964
for action, value in self.actions.items():
965
options = self.parser.parse_args()
966
setattr(options, action, value)
967
options.all = True
968
self.check_option_syntax(options)
969
970
def test_is_enabled_fails_without_client(self):
971
options = self.parser.parse_args()
972
options.is_enabled = True
973
with self.assertParseError():
974
self.check_option_syntax(options)
975
976
def test_is_enabled_works_with_one_client(self):
977
options = self.parser.parse_args()
978
options.is_enabled = True
979
options.client = ["foo"]
980
self.check_option_syntax(options)
981
982
def test_is_enabled_fails_with_two_clients(self):
983
options = self.parser.parse_args()
984
options.is_enabled = True
985
options.client = ["foo", "barbar"]
986
with self.assertParseError():
987
self.check_option_syntax(options)
988
989
def test_remove_can_only_be_combined_with_action_deny(self):
990
for action, value in self.actions.items():
991
if action in {"remove", "deny"}:
992
continue
993
options = self.parser.parse_args()
994
setattr(options, action, value)
995
options.all = True
996
options.remove = True
997
with self.assertParseError():
998
self.check_option_syntax(options)
999
1000
1001
class Test_get_mandos_dbus_object(unittest.TestCase):
1002
def test_calls_and_returns_get_object_on_bus(self):
1003
class MockBus(object):
1004
called = False
1005
def get_object(mockbus_self, busname, dbus_path):
1006
# Note that "self" is still the testcase instance,
1007
# this MockBus instance is in "mockbus_self".
1008
self.assertEqual(busname, dbus_busname)
1009
self.assertEqual(dbus_path, server_dbus_path)
1010
mockbus_self.called = True
1011
return mockbus_self
1012
1013
mockbus = get_mandos_dbus_object(bus=MockBus())
1014
self.assertIsInstance(mockbus, MockBus)
1015
self.assertTrue(mockbus.called)
1016
1017
def test_logs_and_exits_on_dbus_error(self):
1018
class MockBusFailing(object):
1019
def get_object(self, busname, dbus_path):
1020
raise dbus.exceptions.DBusException("Test")
1021
1022
# assertLogs only exists in Python 3.4
1023
if hasattr(self, "assertLogs"):
1024
with self.assertLogs(log, logging.CRITICAL):
1025
with self.assertRaises(SystemExit) as e:
1026
bus = get_mandos_dbus_object(bus=MockBus())
1027
else:
1028
critical_filter = self.CriticalFilter()
1029
log.addFilter(critical_filter)
1030
try:
1031
with self.assertRaises(SystemExit) as e:
1032
get_mandos_dbus_object(bus=MockBusFailing())
1033
finally:
1034
log.removeFilter(critical_filter)
1035
self.assertTrue(critical_filter.found)
1036
if isinstance(e.exception.code, int):
1037
self.assertNotEqual(e.exception.code, 0)
1038
else:
1039
self.assertIsNotNone(e.exception.code)
1040
1041
class CriticalFilter(logging.Filter):
1042
"""Don't show, but register, critical messages"""
1043
found = False
1044
def filter(self, record):
1045
is_critical = record.levelno >= logging.CRITICAL
1046
self.found = is_critical or self.found
1047
return not is_critical
1048
1049
1050
class Test_SilenceLogger(unittest.TestCase):
1051
loggername = "mandos-ctl.Test_SilenceLogger"
1052
log = logging.getLogger(loggername)
1053
log.propagate = False
1054
log.addHandler(logging.NullHandler())
1055
1056
def setUp(self):
1057
self.counting_filter = self.CountingFilter()
1058
1059
class CountingFilter(logging.Filter):
1060
"Count number of records"
1061
count = 0
1062
def filter(self, record):
1063
self.count += 1
1064
return True
1065
1066
def test_should_filter_records_only_when_active(self):
1067
try:
1068
with SilenceLogger(self.loggername):
1069
self.log.addFilter(self.counting_filter)
1070
self.log.info("Filtered log message 1")
1071
self.log.info("Non-filtered message 2")
1072
self.log.info("Non-filtered message 3")
1073
finally:
1074
self.log.removeFilter(self.counting_filter)
1075
self.assertEqual(self.counting_filter.count, 2)
1076
1077
1078
class Test_commands_from_options(unittest.TestCase):
1079
def setUp(self):
1080
self.parser = argparse.ArgumentParser()
1081
add_command_line_options(self.parser)
1082
1083
def test_is_enabled(self):
1084
self.assert_command_from_args(["--is-enabled", "foo"],
1085
IsEnabledCmd)
1086
1087
def assert_command_from_args(self, args, command_cls,
1088
**cmd_attrs):
1089
"""Assert that parsing ARGS should result in an instance of
1090
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1091
options = self.parser.parse_args(args)
1092
check_option_syntax(self.parser, options)
1093
commands = commands_from_options(options)
1094
self.assertEqual(len(commands), 1)
1095
command = commands[0]
1096
self.assertIsInstance(command, command_cls)
1097
for key, value in cmd_attrs.items():
1098
self.assertEqual(getattr(command, key), value)
1099
1100
def test_is_enabled_short(self):
1101
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1102
1103
def test_approve(self):
1104
self.assert_command_from_args(["--approve", "foo"],
1105
ApproveCmd)
1106
1107
def test_approve_short(self):
1108
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1109
1110
def test_deny(self):
1111
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1112
1113
def test_deny_short(self):
1114
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1115
1116
def test_remove(self):
1117
self.assert_command_from_args(["--remove", "foo"],
1118
RemoveCmd)
1119
1120
def test_deny_before_remove(self):
1121
options = self.parser.parse_args(["--deny", "--remove",
1122
"foo"])
1123
check_option_syntax(self.parser, options)
1124
commands = commands_from_options(options)
1125
self.assertEqual(len(commands), 2)
1126
self.assertIsInstance(commands[0], DenyCmd)
1127
self.assertIsInstance(commands[1], RemoveCmd)
1128
1129
def test_deny_before_remove_reversed(self):
1130
options = self.parser.parse_args(["--remove", "--deny",
1131
"--all"])
1132
check_option_syntax(self.parser, options)
1133
commands = commands_from_options(options)
1134
self.assertEqual(len(commands), 2)
1135
self.assertIsInstance(commands[0], DenyCmd)
1136
self.assertIsInstance(commands[1], RemoveCmd)
1137
1138
def test_remove_short(self):
1139
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1140
1141
def test_dump_json(self):
1142
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1143
1144
def test_enable(self):
1145
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1146
1147
def test_enable_short(self):
1148
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1149
1150
def test_disable(self):
1151
self.assert_command_from_args(["--disable", "foo"],
1152
DisableCmd)
1153
1154
def test_disable_short(self):
1155
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1156
1157
def test_bump_timeout(self):
1158
self.assert_command_from_args(["--bump-timeout", "foo"],
1159
BumpTimeoutCmd)
1160
1161
def test_bump_timeout_short(self):
1162
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1163
1164
def test_start_checker(self):
1165
self.assert_command_from_args(["--start-checker", "foo"],
1166
StartCheckerCmd)
1167
1168
def test_stop_checker(self):
1169
self.assert_command_from_args(["--stop-checker", "foo"],
1170
StopCheckerCmd)
1171
1172
def test_approve_by_default(self):
1173
self.assert_command_from_args(["--approve-by-default", "foo"],
1174
ApproveByDefaultCmd)
1175
1176
def test_deny_by_default(self):
1177
self.assert_command_from_args(["--deny-by-default", "foo"],
1178
DenyByDefaultCmd)
1179
1180
def test_checker(self):
1181
self.assert_command_from_args(["--checker", ":", "foo"],
1182
SetCheckerCmd, value_to_set=":")
1183
1184
def test_checker_empty(self):
1185
self.assert_command_from_args(["--checker", "", "foo"],
1186
SetCheckerCmd, value_to_set="")
1187
1188
def test_checker_short(self):
1189
self.assert_command_from_args(["-c", ":", "foo"],
1190
SetCheckerCmd, value_to_set=":")
1191
1192
def test_host(self):
1193
self.assert_command_from_args(["--host", "foo.example.org",
1194
"foo"], SetHostCmd,
1195
value_to_set="foo.example.org")
1196
1197
def test_host_short(self):
1198
self.assert_command_from_args(["-H", "foo.example.org",
1199
"foo"], SetHostCmd,
1200
value_to_set="foo.example.org")
1201
1202
def test_secret_devnull(self):
1203
self.assert_command_from_args(["--secret", os.path.devnull,
1204
"foo"], SetSecretCmd,
1205
value_to_set=b"")
1206
1207
def test_secret_tempfile(self):
1208
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1209
value = b"secret\0xyzzy\nbar"
1210
f.write(value)
1211
f.seek(0)
1212
self.assert_command_from_args(["--secret", f.name,
1213
"foo"], SetSecretCmd,
1214
value_to_set=value)
1215
1216
def test_secret_devnull_short(self):
1217
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1218
SetSecretCmd, value_to_set=b"")
1219
1220
def test_secret_tempfile_short(self):
1221
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1222
value = b"secret\0xyzzy\nbar"
1223
f.write(value)
1224
f.seek(0)
1225
self.assert_command_from_args(["-s", f.name, "foo"],
1226
SetSecretCmd,
1227
value_to_set=value)
1228
1229
def test_timeout(self):
1230
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1231
SetTimeoutCmd,
1232
value_to_set=300000)
1233
1234
def test_timeout_short(self):
1235
self.assert_command_from_args(["-t", "PT5M", "foo"],
1236
SetTimeoutCmd,
1237
value_to_set=300000)
1238
1239
def test_extended_timeout(self):
1240
self.assert_command_from_args(["--extended-timeout", "PT15M",
1241
"foo"],
1242
SetExtendedTimeoutCmd,
1243
value_to_set=900000)
1244
1245
def test_interval(self):
1246
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1247
SetIntervalCmd,
1248
value_to_set=120000)
1249
1250
def test_interval_short(self):
1251
self.assert_command_from_args(["-i", "PT2M", "foo"],
1252
SetIntervalCmd,
1253
value_to_set=120000)
1254
1255
def test_approval_delay(self):
1256
self.assert_command_from_args(["--approval-delay", "PT30S",
1257
"foo"], SetApprovalDelayCmd,
1258
value_to_set=30000)
1259
1260
def test_approval_duration(self):
1261
self.assert_command_from_args(["--approval-duration", "PT1S",
1262
"foo"], SetApprovalDurationCmd,
1263
value_to_set=1000)
1264
1265
def test_print_table(self):
1266
self.assert_command_from_args([], PrintTableCmd,
1267
verbose=False)
1268
1269
def test_print_table_verbose(self):
1270
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1271
verbose=True)
1272
1273
def test_print_table_verbose_short(self):
1274
self.assert_command_from_args(["-v"], PrintTableCmd,
1275
verbose=True)
1276
1277
820
1278
class TestCmd(unittest.TestCase):
821
1279
"""Abstract class for tests of command classes"""
1280
822
1281
def setUp(self):
823
1282
testcase = self
824
1283
class MockClient(object):
825
1284
def __init__(self, name, **attributes):
826
self.__dbus_object_path__ = "objpath_{}".format(name)
1285
self.__dbus_object_path__ = "/clients/{}".format(name)
827
1286
self.attributes = attributes
828
1287
self.attributes["Name"] = name
829
1288
self.calls = []
830
def Set(self, interface, property, value, dbus_interface):
831
testcase.assertEqual(interface, client_interface)
832
testcase.assertEqual(dbus_interface,
833
dbus.PROPERTIES_IFACE)
834
self.attributes[property] = value
835
def Get(self, interface, property, dbus_interface):
836
testcase.assertEqual(interface, client_interface)
837
testcase.assertEqual(dbus_interface,
838
dbus.PROPERTIES_IFACE)
839
return self.attributes[property]
1289
def Set(self, interface, propname, value, dbus_interface):
1290
testcase.assertEqual(interface, client_dbus_interface)
1291
testcase.assertEqual(dbus_interface,
1292
dbus.PROPERTIES_IFACE)
1293
self.attributes[propname] = value
1294
def Get(self, interface, propname, dbus_interface):
1295
testcase.assertEqual(interface, client_dbus_interface)
1296
testcase.assertEqual(dbus_interface,
1297
dbus.PROPERTIES_IFACE)
1298
return self.attributes[propname]
840
1299
def Approve(self, approve, dbus_interface):
841
testcase.assertEqual(dbus_interface, client_interface)
1300
testcase.assertEqual(dbus_interface,
1301
client_dbus_interface)
842
1302
self.calls.append(("Approve", (approve,
843
1303
dbus_interface)))
844
1304
self.client = MockClient(
884
1344
ApprovedByDefault=dbus.Boolean(False),
885
1345
LastApprovalRequest="2019-01-03T00:00:00",
886
1346
ApprovalDelay=30000,
887
ApprovalDuration=1000,
1347
ApprovalDuration=93785000,
888
1348
Checker=":",
889
1349
ExtendedTimeout=900000,
890
1350
Expires="2019-02-05T00:00:00",
891
1351
LastCheckerStatus=-2)
892
1352
self.clients = collections.OrderedDict(
893
1353
[
894
(self.client, self.client.attributes),
895
(self.other_client, self.other_client.attributes),
1354
("/clients/foo", self.client.attributes),
1355
("/clients/barbar", self.other_client.attributes),
896
1356
])
897
self.one_client = {self.client: self.client.attributes}
898
899
class TestPrintTableCmd(TestCmd):
900
def test_normal(self):
901
output = PrintTableCmd().output(self.clients)
902
expected_output = """
903
Name Enabled Timeout Last Successful Check
904
foo Yes 00:05:00 2019-02-03T00:00:00
905
barbar Yes 00:05:00 2019-02-04T00:00:00
906
"""[1:-1]
907
self.assertEqual(output, expected_output)
908
def test_verbose(self):
909
output = PrintTableCmd(verbose=True).output(self.clients)
910
expected_output = """
911
Name Enabled Timeout Last Successful Check Created Interval Host Key ID Fingerprint Check Is Running Last Enabled Approval Is Pending Approved By Default Last Approval Request Approval Delay Approval Duration Checker Extended Timeout Expires Last Checker Status
912
foo Yes 00:05:00 2019-02-03T00:00:00 2019-01-02T00:00:00 00:02:00 foo.example.org 92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8ea90a27cddb12 778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 No 2019-01-03T00:00:00 No Yes 00:00:00 00:00:01 fping -q -- %(host)s 00:15:00 2019-02-04T00:00:00 0
913
barbar Yes 00:05:00 2019-02-04T00:00:00 2019-01-03T00:00:00 00:02:00 192.0.2.3 0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e46c2b020f441c 3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 Yes 2019-01-04T00:00:00 No No 2019-01-03T00:00:00 00:00:30 00:00:01 : 00:15:00 2019-02-05T00:00:00 -2
914
"""[1:-1]
915
self.assertEqual(output, expected_output)
916
def test_one_client(self):
917
output = PrintTableCmd().output(self.one_client)
918
expected_output = """
919
Name Enabled Timeout Last Successful Check
920
foo Yes 00:05:00 2019-02-03T00:00:00
921
"""[1:-1]
922
self.assertEqual(output, expected_output)
1357
self.one_client = {"/clients/foo": self.client.attributes}
1358
1359
@property
1360
def bus(self):
1361
class Bus(object):
1362
@staticmethod
1363
def get_object(client_bus_name, path):
1364
self.assertEqual(client_bus_name, dbus_busname)
1365
return {
1366
# Note: "self" here is the TestCmd instance, not
1367
# the Bus instance, since this is a static method!
1368
"/clients/foo": self.client,
1369
"/clients/barbar": self.other_client,
1370
}[path]
1371
return Bus()
1372
1373
1374
class TestIsEnabledCmd(TestCmd):
1375
def test_is_enabled(self):
1376
self.assertTrue(all(IsEnabledCmd().is_enabled(client,
1377
properties)
1378
for client, properties
1379
in self.clients.items()))
1380
1381
def test_is_enabled_run_exits_successfully(self):
1382
with self.assertRaises(SystemExit) as e:
1383
IsEnabledCmd().run(self.one_client)
1384
if e.exception.code is not None:
1385
self.assertEqual(e.exception.code, 0)
1386
else:
1387
self.assertIsNone(e.exception.code)
1388
1389
def test_is_enabled_run_exits_with_failure(self):
1390
self.client.attributes["Enabled"] = dbus.Boolean(False)
1391
with self.assertRaises(SystemExit) as e:
1392
IsEnabledCmd().run(self.one_client)
1393
if isinstance(e.exception.code, int):
1394
self.assertNotEqual(e.exception.code, 0)
1395
else:
1396
self.assertIsNotNone(e.exception.code)
1397
1398
1399
class TestApproveCmd(TestCmd):
1400
def test_approve(self):
1401
ApproveCmd().run(self.clients, self.bus)
1402
for clientpath in self.clients:
1403
client = self.bus.get_object(dbus_busname, clientpath)
1404
self.assertIn(("Approve", (True, client_dbus_interface)),
1405
client.calls)
1406
1407
1408
class TestDenyCmd(TestCmd):
1409
def test_deny(self):
1410
DenyCmd().run(self.clients, self.bus)
1411
for clientpath in self.clients:
1412
client = self.bus.get_object(dbus_busname, clientpath)
1413
self.assertIn(("Approve", (False, client_dbus_interface)),
1414
client.calls)
1415
1416
1417
class TestRemoveCmd(TestCmd):
1418
def test_remove(self):
1419
class MockMandos(object):
1420
def __init__(self):
1421
self.calls = []
1422
def RemoveClient(self, dbus_path):
1423
self.calls.append(("RemoveClient", (dbus_path,)))
1424
mandos = MockMandos()
1425
super(TestRemoveCmd, self).setUp()
1426
RemoveCmd().run(self.clients, self.bus, mandos)
1427
self.assertEqual(len(mandos.calls), 2)
1428
for clientpath in self.clients:
1429
self.assertIn(("RemoveClient", (clientpath,)),
1430
mandos.calls)
1431
923
1432
924
1433
class TestDumpJSONCmd(TestCmd):
925
1434
def setUp(self):
966
1475
"ApprovedByDefault": False,
967
1476
"LastApprovalRequest": "2019-01-03T00:00:00",
968
1477
"ApprovalDelay": 30000,
969
"ApprovalDuration": 1000,
1478
"ApprovalDuration": 93785000,
970
1479
"Checker": ":",
971
1480
"ExtendedTimeout": 900000,
972
1481
"Expires": "2019-02-05T00:00:00",
974
1483
},
975
1484
}
976
1485
return super(TestDumpJSONCmd, self).setUp()
1486
977
1487
def test_normal(self):
978
json_data = json.loads(DumpJSONCmd().output(self.clients))
1488
output = DumpJSONCmd().output(self.clients.values())
1489
json_data = json.loads(output)
979
1490
self.assertDictEqual(json_data, self.expected_json)
1491
980
1492
def test_one_client(self):
981
clients = self.one_client
982
json_data = json.loads(DumpJSONCmd().output(clients))
1493
output = DumpJSONCmd().output(self.one_client.values())
1494
json_data = json.loads(output)
983
1495
expected_json = {"foo": self.expected_json["foo"]}
984
1496
self.assertDictEqual(json_data, expected_json)
985
1497
986
class TestIsEnabledCmd(TestCmd):
987
def test_is_enabled(self):
988
self.assertTrue(all(IsEnabledCmd().is_enabled(client, properties)
989
for client, properties in self.clients.items()))
990
def test_is_enabled_run_exits_successfully(self):
991
with self.assertRaises(SystemExit) as e:
992
IsEnabledCmd().run(None, self.one_client)
993
if e.exception.code is not None:
994
self.assertEqual(e.exception.code, 0)
995
else:
996
self.assertIsNone(e.exception.code)
997
def test_is_enabled_run_exits_with_failure(self):
998
self.client.attributes["Enabled"] = dbus.Boolean(False)
999
with self.assertRaises(SystemExit) as e:
1000
IsEnabledCmd().run(None, self.one_client)
1001
if isinstance(e.exception.code, int):
1002
self.assertNotEqual(e.exception.code, 0)
1003
else:
1004
self.assertIsNotNone(e.exception.code)
1005
1006
class TestRemoveCmd(TestCmd):
1007
def test_remove(self):
1008
class MockMandos(object):
1009
def __init__(self):
1010
self.calls = []
1011
def RemoveClient(self, dbus_path):
1012
self.calls.append(("RemoveClient", (dbus_path,)))
1013
mandos = MockMandos()
1014
super(TestRemoveCmd, self).setUp()
1015
RemoveCmd().run(mandos, self.clients)
1016
self.assertEqual(len(mandos.calls), 2)
1017
for client in self.clients:
1018
self.assertIn(("RemoveClient",
1019
(client.__dbus_object_path__,)),
1020
mandos.calls)
1021
1022
class TestApproveCmd(TestCmd):
1023
def test_approve(self):
1024
ApproveCmd().run(None, self.clients)
1025
for client in self.clients:
1026
self.assertIn(("Approve", (True, client_interface)),
1027
client.calls)
1028
1029
class TestDenyCmd(TestCmd):
1030
def test_deny(self):
1031
DenyCmd().run(None, self.clients)
1032
for client in self.clients:
1033
self.assertIn(("Approve", (False, client_interface)),
1034
client.calls)
1035
1036
class TestEnableCmd(TestCmd):
1037
def test_enable(self):
1038
for client in self.clients:
1039
client.attributes["Enabled"] = False
1040
1041
EnableCmd().run(None, self.clients)
1042
1043
for client in self.clients:
1044
self.assertTrue(client.attributes["Enabled"])
1045
1046
class TestDisableCmd(TestCmd):
1047
def test_disable(self):
1048
DisableCmd().run(None, self.clients)
1049
1050
for client in self.clients:
1051
self.assertFalse(client.attributes["Enabled"])
1052
1053
class Unique(object):
1054
"""Class for objects which exist only to be unique objects, since
1055
unittest.mock.sentinel only exists in Python 3.3"""
1498
1499
class TestPrintTableCmd(TestCmd):
1500
def test_normal(self):
1501
output = PrintTableCmd().output(self.clients.values())
1502
expected_output = "\n".join((
1503
"Name Enabled Timeout Last Successful Check",
1504
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
1505
"barbar Yes 00:05:00 2019-02-04T00:00:00 ",
1506
))
1507
self.assertEqual(output, expected_output)
1508
1509
def test_verbose(self):
1510
output = PrintTableCmd(verbose=True).output(
1511
self.clients.values())
1512
columns = (
1513
(
1514
"Name ",
1515
"foo ",
1516
"barbar ",
1517
),(
1518
"Enabled ",
1519
"Yes ",
1520
"Yes ",
1521
),(
1522
"Timeout ",
1523
"00:05:00 ",
1524
"00:05:00 ",
1525
),(
1526
"Last Successful Check ",
1527
"2019-02-03T00:00:00 ",
1528
"2019-02-04T00:00:00 ",
1529
),(
1530
"Created ",
1531
"2019-01-02T00:00:00 ",
1532
"2019-01-03T00:00:00 ",
1533
),(
1534
"Interval ",
1535
"00:02:00 ",
1536
"00:02:00 ",
1537
),(
1538
"Host ",
1539
"foo.example.org ",
1540
"192.0.2.3 ",
1541
),(
1542
("Key ID "
1543
" "),
1544
("92ed150794387c03ce684574b1139a6594a34f895daaaf09fd8"
1545
"ea90a27cddb12 "),
1546
("0558568eedd67d622f5c83b35a115f796ab612cff5ad227247e"
1547
"46c2b020f441c "),
1548
),(
1549
"Fingerprint ",
1550
"778827225BA7DE539C5A7CFA59CFF7CDBD9A5920 ",
1551
"3E393AEAEFB84C7E89E2F547B3A107558FCA3A27 ",
1552
),(
1553
"Check Is Running ",
1554
"No ",
1555
"Yes ",
1556
),(
1557
"Last Enabled ",
1558
"2019-01-03T00:00:00 ",
1559
"2019-01-04T00:00:00 ",
1560
),(
1561
"Approval Is Pending ",
1562
"No ",
1563
"No ",
1564
),(
1565
"Approved By Default ",
1566
"Yes ",
1567
"No ",
1568
),(
1569
"Last Approval Request ",
1570
" ",
1571
"2019-01-03T00:00:00 ",
1572
),(
1573
"Approval Delay ",
1574
"00:00:00 ",
1575
"00:00:30 ",
1576
),(
1577
"Approval Duration ",
1578
"00:00:01 ",
1579
"1T02:03:05 ",
1580
),(
1581
"Checker ",
1582
"fping -q -- %(host)s ",
1583
": ",
1584
),(
1585
"Extended Timeout ",
1586
"00:15:00 ",
1587
"00:15:00 ",
1588
),(
1589
"Expires ",
1590
"2019-02-04T00:00:00 ",
1591
"2019-02-05T00:00:00 ",
1592
),(
1593
"Last Checker Status",
1594
"0 ",
1595
"-2 ",
1596
)
1597
)
1598
num_lines = max(len(rows) for rows in columns)
1599
expected_output = "\n".join("".join(rows[line]
1600
for rows in columns)
1601
for line in range(num_lines))
1602
self.assertEqual(output, expected_output)
1603
1604
def test_one_client(self):
1605
output = PrintTableCmd().output(self.one_client.values())
1606
expected_output = "\n".join((
1607
"Name Enabled Timeout Last Successful Check",
1608
"foo Yes 00:05:00 2019-02-03T00:00:00 ",
1609
))
1610
self.assertEqual(output, expected_output)
1611
1056
1612
1057
1613
class TestPropertyCmd(TestCmd):
1058
1614
"""Abstract class for tests of PropertyCmd classes"""
1063
1619
self.values_to_set)
1064
1620
for value_to_set, value_to_get in zip(self.values_to_set,
1065
1621
values_to_get):
1066
for client in self.clients:
1067
old_value = client.attributes[self.property]
1068
self.assertNotIsInstance(old_value, Unique)
1069
client.attributes[self.property] = Unique()
1622
for clientpath in self.clients:
1623
client = self.bus.get_object(dbus_busname, clientpath)
1624
old_value = client.attributes[self.propname]
1625
self.assertNotIsInstance(old_value, self.Unique)
1626
client.attributes[self.propname] = self.Unique()
1070
1627
self.run_command(value_to_set, self.clients)
1071
for client in self.clients:
1072
value = client.attributes[self.property]
1073
self.assertNotIsInstance(value, Unique)
1628
for clientpath in self.clients:
1629
client = self.bus.get_object(dbus_busname, clientpath)
1630
value = client.attributes[self.propname]
1631
self.assertNotIsInstance(value, self.Unique)
1074
1632
self.assertEqual(value, value_to_get)
1633
1634
class Unique(object):
1635
"""Class for objects which exist only to be unique objects,
1636
since unittest.mock.sentinel only exists in Python 3.3"""
1637
1075
1638
def run_command(self, value, clients):
1076
self.command().run(None, clients)
1639
self.command().run(clients, self.bus)
1640
1641
1642
class TestEnableCmd(TestPropertyCmd):
1643
command = EnableCmd
1644
propname = "Enabled"
1645
values_to_set = [dbus.Boolean(True)]
1646
1647
1648
class TestDisableCmd(TestPropertyCmd):
1649
command = DisableCmd
1650
propname = "Enabled"
1651
values_to_set = [dbus.Boolean(False)]
1652
1077
1653
1078
1654
class TestBumpTimeoutCmd(TestPropertyCmd):
1079
1655
command = BumpTimeoutCmd
1080
property = "LastCheckedOK"
1656
propname = "LastCheckedOK"
1081
1657
values_to_set = [""]
1082
1658
1659
1083
1660
class TestStartCheckerCmd(TestPropertyCmd):
1084
1661
command = StartCheckerCmd
1085
property = "CheckerRunning"
1662
propname = "CheckerRunning"
1086
1663
values_to_set = [dbus.Boolean(True)]
1087
1664
1665
1088
1666
class TestStopCheckerCmd(TestPropertyCmd):
1089
1667
command = StopCheckerCmd
1090
property = "CheckerRunning"
1668
propname = "CheckerRunning"
1091
1669
values_to_set = [dbus.Boolean(False)]
1092
1670
1671
1093
1672
class TestApproveByDefaultCmd(TestPropertyCmd):
1094
1673
command = ApproveByDefaultCmd
1095
property = "ApprovedByDefault"
1674
propname = "ApprovedByDefault"
1096
1675
values_to_set = [dbus.Boolean(True)]
1097
1676
1677
1098
1678
class TestDenyByDefaultCmd(TestPropertyCmd):
1099
1679
command = DenyByDefaultCmd
1100
property = "ApprovedByDefault"
1680
propname = "ApprovedByDefault"
1101
1681
values_to_set = [dbus.Boolean(False)]
1102
1682
1103
class TestValueArgumentPropertyCmd(TestPropertyCmd):
1104
"""Abstract class for tests of PropertyCmd classes using the
1105
ValueArgumentMixIn"""
1683
1684
class TestPropertyValueCmd(TestPropertyCmd):
1685
"""Abstract class for tests of PropertyValueCmd classes"""
1686
1106
1687
def runTest(self):
1107
if type(self) is TestValueArgumentPropertyCmd:
1688
if type(self) is TestPropertyValueCmd:
1108
1689
return
1109
return super(TestValueArgumentPropertyCmd, self).runTest()
1690
return super(TestPropertyValueCmd, self).runTest()
1691
1110
1692
def run_command(self, value, clients):
1111
self.command(value).run(None, clients)
1112
1113
class TestSetCheckerCmd(TestValueArgumentPropertyCmd):
1693
self.command(value).run(clients, self.bus)
1694
1695
1696
class TestSetCheckerCmd(TestPropertyValueCmd):
1114
1697
command = SetCheckerCmd
1115
property = "Checker"
1698
propname = "Checker"
1116
1699
values_to_set = ["", ":", "fping -q -- %s"]
1117
1700
1118
class TestSetHostCmd(TestValueArgumentPropertyCmd):
1701
1702
class TestSetHostCmd(TestPropertyValueCmd):
1119
1703
command = SetHostCmd
1120
property = "Host"
1704
propname = "Host"
1121
1705
values_to_set = ["192.0.2.3", "foo.example.org"]
1122
1706
1123
class TestSetSecretCmd(TestValueArgumentPropertyCmd):
1707
1708
class TestSetSecretCmd(TestPropertyValueCmd):
1124
1709
command = SetSecretCmd
1125
property = "Secret"
1710
propname = "Secret"
1126
1711
values_to_set = [io.BytesIO(b""),
1127
1712
io.BytesIO(b"secret\0xyzzy\nbar")]
1128
1713
values_to_get = [b"", b"secret\0xyzzy\nbar"]
1129
1714
1130
class TestSetTimeoutCmd(TestValueArgumentPropertyCmd):
1715
1716
class TestSetTimeoutCmd(TestPropertyValueCmd):
1131
1717
command = SetTimeoutCmd
1132
property = "Timeout"
1718
propname = "Timeout"
1133
1719
values_to_set = [datetime.timedelta(),
1134
1720
datetime.timedelta(minutes=5),
1135
1721
datetime.timedelta(seconds=1),
1137
1723
datetime.timedelta(weeks=52)]
1138
1724
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1139
1725
1140
class TestSetExtendedTimeoutCmd(TestValueArgumentPropertyCmd):
1726
1727
class TestSetExtendedTimeoutCmd(TestPropertyValueCmd):
1141
1728
command = SetExtendedTimeoutCmd
1142
property = "ExtendedTimeout"
1729
propname = "ExtendedTimeout"
1143
1730
values_to_set = [datetime.timedelta(),
1144
1731
datetime.timedelta(minutes=5),
1145
1732
datetime.timedelta(seconds=1),
1147
1734
datetime.timedelta(weeks=52)]
1148
1735
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1149
1736
1150
class TestSetIntervalCmd(TestValueArgumentPropertyCmd):
1737
1738
class TestSetIntervalCmd(TestPropertyValueCmd):
1151
1739
command = SetIntervalCmd
1152
property = "Interval"
1740
propname = "Interval"
1153
1741
values_to_set = [datetime.timedelta(),
1154
1742
datetime.timedelta(minutes=5),
1155
1743
datetime.timedelta(seconds=1),
1157
1745
datetime.timedelta(weeks=52)]
1158
1746
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1159
1747
1160
class TestSetApprovalDelayCmd(TestValueArgumentPropertyCmd):
1748
1749
class TestSetApprovalDelayCmd(TestPropertyValueCmd):
1161
1750
command = SetApprovalDelayCmd
1162
property = "ApprovalDelay"
1751
propname = "ApprovalDelay"
1163
1752
values_to_set = [datetime.timedelta(),
1164
1753
datetime.timedelta(minutes=5),
1165
1754
datetime.timedelta(seconds=1),
1167
1756
datetime.timedelta(weeks=52)]
1168
1757
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1169
1758
1170
class TestSetApprovalDurationCmd(TestValueArgumentPropertyCmd):
1759
1760
class TestSetApprovalDurationCmd(TestPropertyValueCmd):
1171
1761
command = SetApprovalDurationCmd
1172
property = "ApprovalDuration"
1762
propname = "ApprovalDuration"
1173
1763
values_to_set = [datetime.timedelta(),
1174
1764
datetime.timedelta(minutes=5),
1175
1765
datetime.timedelta(seconds=1),
1177
1767
datetime.timedelta(weeks=52)]
1178
1768
values_to_get = [0, 300000, 1000, 604800000, 31449600000]
1179
1769
1180
class Test_command_from_options(unittest.TestCase):
1181
def setUp(self):
1182
self.parser = argparse.ArgumentParser()
1183
add_command_line_options(self.parser)
1184
def assert_command_from_args(self, args, command_cls, **cmd_attrs):
1185
"""Assert that parsing ARGS should result in an instance of
1186
COMMAND_CLS with (optionally) all supplied attributes (CMD_ATTRS)."""
1187
options = self.parser.parse_args(args)
1188
check_option_syntax(self.parser, options)
1189
commands = commands_from_options(options)
1190
self.assertEqual(len(commands), 1)
1191
command = commands[0]
1192
self.assertIsInstance(command, command_cls)
1193
for key, value in cmd_attrs.items():
1194
self.assertEqual(getattr(command, key), value)
1195
def test_print_table(self):
1196
self.assert_command_from_args([], PrintTableCmd,
1197
verbose=False)
1198
1199
def test_print_table_verbose(self):
1200
self.assert_command_from_args(["--verbose"], PrintTableCmd,
1201
verbose=True)
1202
1203
def test_print_table_verbose_short(self):
1204
self.assert_command_from_args(["-v"], PrintTableCmd,
1205
verbose=True)
1206
1207
def test_enable(self):
1208
self.assert_command_from_args(["--enable", "foo"], EnableCmd)
1209
1210
def test_enable_short(self):
1211
self.assert_command_from_args(["-e", "foo"], EnableCmd)
1212
1213
def test_disable(self):
1214
self.assert_command_from_args(["--disable", "foo"],
1215
DisableCmd)
1216
1217
def test_disable_short(self):
1218
self.assert_command_from_args(["-d", "foo"], DisableCmd)
1219
1220
def test_bump_timeout(self):
1221
self.assert_command_from_args(["--bump-timeout", "foo"],
1222
BumpTimeoutCmd)
1223
1224
def test_bump_timeout_short(self):
1225
self.assert_command_from_args(["-b", "foo"], BumpTimeoutCmd)
1226
1227
def test_start_checker(self):
1228
self.assert_command_from_args(["--start-checker", "foo"],
1229
StartCheckerCmd)
1230
1231
def test_stop_checker(self):
1232
self.assert_command_from_args(["--stop-checker", "foo"],
1233
StopCheckerCmd)
1234
1235
def test_remove(self):
1236
self.assert_command_from_args(["--remove", "foo"],
1237
RemoveCmd)
1238
1239
def test_remove_short(self):
1240
self.assert_command_from_args(["-r", "foo"], RemoveCmd)
1241
1242
def test_checker(self):
1243
self.assert_command_from_args(["--checker", ":", "foo"],
1244
SetCheckerCmd, value_to_set=":")
1245
1246
def test_checker_empty(self):
1247
self.assert_command_from_args(["--checker", "", "foo"],
1248
SetCheckerCmd, value_to_set="")
1249
1250
def test_checker_short(self):
1251
self.assert_command_from_args(["-c", ":", "foo"],
1252
SetCheckerCmd, value_to_set=":")
1253
1254
def test_timeout(self):
1255
self.assert_command_from_args(["--timeout", "PT5M", "foo"],
1256
SetTimeoutCmd,
1257
value_to_set=300000)
1258
1259
def test_timeout_short(self):
1260
self.assert_command_from_args(["-t", "PT5M", "foo"],
1261
SetTimeoutCmd,
1262
value_to_set=300000)
1263
1264
def test_extended_timeout(self):
1265
self.assert_command_from_args(["--extended-timeout", "PT15M",
1266
"foo"],
1267
SetExtendedTimeoutCmd,
1268
value_to_set=900000)
1269
1270
def test_interval(self):
1271
self.assert_command_from_args(["--interval", "PT2M", "foo"],
1272
SetIntervalCmd,
1273
value_to_set=120000)
1274
1275
def test_interval_short(self):
1276
self.assert_command_from_args(["-i", "PT2M", "foo"],
1277
SetIntervalCmd,
1278
value_to_set=120000)
1279
1280
def test_approve_by_default(self):
1281
self.assert_command_from_args(["--approve-by-default", "foo"],
1282
ApproveByDefaultCmd)
1283
1284
def test_deny_by_default(self):
1285
self.assert_command_from_args(["--deny-by-default", "foo"],
1286
DenyByDefaultCmd)
1287
1288
def test_approval_delay(self):
1289
self.assert_command_from_args(["--approval-delay", "PT30S",
1290
"foo"], SetApprovalDelayCmd,
1291
value_to_set=30000)
1292
1293
def test_approval_duration(self):
1294
self.assert_command_from_args(["--approval-duration", "PT1S",
1295
"foo"], SetApprovalDurationCmd,
1296
value_to_set=1000)
1297
1298
def test_host(self):
1299
self.assert_command_from_args(["--host", "foo.example.org",
1300
"foo"], SetHostCmd,
1301
value_to_set="foo.example.org")
1302
1303
def test_host_short(self):
1304
self.assert_command_from_args(["-H", "foo.example.org",
1305
"foo"], SetHostCmd,
1306
value_to_set="foo.example.org")
1307
1308
def test_secret_devnull(self):
1309
self.assert_command_from_args(["--secret", os.path.devnull,
1310
"foo"], SetSecretCmd,
1311
value_to_set=b"")
1312
1313
def test_secret_tempfile(self):
1314
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1315
value = b"secret\0xyzzy\nbar"
1316
f.write(value)
1317
f.seek(0)
1318
self.assert_command_from_args(["--secret", f.name,
1319
"foo"], SetSecretCmd,
1320
value_to_set=value)
1321
1322
def test_secret_devnull_short(self):
1323
self.assert_command_from_args(["-s", os.path.devnull, "foo"],
1324
SetSecretCmd, value_to_set=b"")
1325
1326
def test_secret_tempfile_short(self):
1327
with tempfile.NamedTemporaryFile(mode="r+b") as f:
1328
value = b"secret\0xyzzy\nbar"
1329
f.write(value)
1330
f.seek(0)
1331
self.assert_command_from_args(["-s", f.name, "foo"],
1332
SetSecretCmd,
1333
value_to_set=value)
1334
1335
def test_approve(self):
1336
self.assert_command_from_args(["--approve", "foo"],
1337
ApproveCmd)
1338
1339
def test_approve_short(self):
1340
self.assert_command_from_args(["-A", "foo"], ApproveCmd)
1341
1342
def test_deny(self):
1343
self.assert_command_from_args(["--deny", "foo"], DenyCmd)
1344
1345
def test_deny_short(self):
1346
self.assert_command_from_args(["-D", "foo"], DenyCmd)
1347
1348
def test_dump_json(self):
1349
self.assert_command_from_args(["--dump-json"], DumpJSONCmd)
1350
1351
def test_is_enabled(self):
1352
self.assert_command_from_args(["--is-enabled", "foo"],
1353
IsEnabledCmd)
1354
1355
def test_is_enabled_short(self):
1356
self.assert_command_from_args(["-V", "foo"], IsEnabledCmd)
1357
1358
1359
class Test_check_option_syntax(unittest.TestCase):
1360
# This mostly corresponds to the definition from has_actions() in
1361
# check_option_syntax()
1362
actions = {
1363
# The actual values set here are not that important, but we do
1364
# at least stick to the correct types, even though they are
1365
# never used
1366
"enable": True,
1367
"disable": True,
1368
"bump_timeout": True,
1369
"start_checker": True,
1370
"stop_checker": True,
1371
"is_enabled": True,
1372
"remove": True,
1373
"checker": "x",
1374
"timeout": datetime.timedelta(),
1375
"extended_timeout": datetime.timedelta(),
1376
"interval": datetime.timedelta(),
1377
"approved_by_default": True,
1378
"approval_delay": datetime.timedelta(),
1379
"approval_duration": datetime.timedelta(),
1380
"host": "x",
1381
"secret": io.BytesIO(b"x"),
1382
"approve": True,
1383
"deny": True,
1384
}
1385
1386
def setUp(self):
1387
self.parser = argparse.ArgumentParser()
1388
add_command_line_options(self.parser)
1389
1390
@contextlib.contextmanager
1391
def assertParseError(self):
1392
with self.assertRaises(SystemExit) as e:
1393
with self.temporarily_suppress_stderr():
1394
yield
1395
# Exit code from argparse is guaranteed to be "2". Reference:
1396
# https://docs.python.org/3/library/argparse.html#exiting-methods
1397
self.assertEqual(e.exception.code, 2)
1398
1399
@staticmethod
1400
@contextlib.contextmanager
1401
def temporarily_suppress_stderr():
1402
null = os.open(os.path.devnull, os.O_RDWR)
1403
stderrcopy = os.dup(sys.stderr.fileno())
1404
os.dup2(null, sys.stderr.fileno())
1405
os.close(null)
1406
try:
1407
yield
1408
finally:
1409
# restore stderr
1410
os.dup2(stderrcopy, sys.stderr.fileno())
1411
os.close(stderrcopy)
1412
1413
def check_option_syntax(self, options):
1414
check_option_syntax(self.parser, options)
1415
1416
def test_actions_requires_client_or_all(self):
1417
for action, value in self.actions.items():
1418
options = self.parser.parse_args()
1419
setattr(options, action, value)
1420
with self.assertParseError():
1421
self.check_option_syntax(options)
1422
1423
def test_actions_conflicts_with_verbose(self):
1424
for action, value in self.actions.items():
1425
options = self.parser.parse_args()
1426
setattr(options, action, value)
1427
options.verbose = True
1428
with self.assertParseError():
1429
self.check_option_syntax(options)
1430
1431
def test_dump_json_conflicts_with_verbose(self):
1432
options = self.parser.parse_args()
1433
options.dump_json = True
1434
options.verbose = True
1435
with self.assertParseError():
1436
self.check_option_syntax(options)
1437
1438
def test_dump_json_conflicts_with_action(self):
1439
for action, value in self.actions.items():
1440
options = self.parser.parse_args()
1441
setattr(options, action, value)
1442
options.dump_json = True
1443
with self.assertParseError():
1444
self.check_option_syntax(options)
1445
1446
def test_all_can_not_be_alone(self):
1447
options = self.parser.parse_args()
1448
options.all = True
1449
with self.assertParseError():
1450
self.check_option_syntax(options)
1451
1452
def test_all_is_ok_with_any_action(self):
1453
for action, value in self.actions.items():
1454
options = self.parser.parse_args()
1455
setattr(options, action, value)
1456
options.all = True
1457
self.check_option_syntax(options)
1458
1459
def test_is_enabled_fails_without_client(self):
1460
options = self.parser.parse_args()
1461
options.is_enabled = True
1462
with self.assertParseError():
1463
self.check_option_syntax(options)
1464
1465
def test_is_enabled_works_with_one_client(self):
1466
options = self.parser.parse_args()
1467
options.is_enabled = True
1468
options.client = ["foo"]
1469
self.check_option_syntax(options)
1470
1471
def test_is_enabled_fails_with_two_clients(self):
1472
options = self.parser.parse_args()
1473
options.is_enabled = True
1474
options.client = ["foo", "barbar"]
1475
with self.assertParseError():
1476
self.check_option_syntax(options)
1477
1478
1770
1479
1771
1480
1772
def should_only_run_tests():
1494
1786
return tests
1495
1787
1496
1788
if __name__ == "__main__":
1497
if should_only_run_tests():
1498
# Call using ./tdd-python-script --check [--verbose]
1499
unittest.main()
1500
else:
1501
main()
1789
try:
1790
if should_only_run_tests():
1791
# Call using ./tdd-python-script --check [--verbose]
1792
unittest.main()
1793
else:
1794
main()
1795
finally:
1796
logging.shutdown()
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0