ceph/qa/tasks/mgr/dashboard/test_auth.py

# -*- coding: utf-8 -*-

from __future__ import absolute_import

import time

from .helper import DashboardTestCase


class AuthTest(DashboardTestCase):

    AUTO_AUTHENTICATE = False

    def setUp(self):
        self.reset_session()

    def test_a_set_login_credentials(self):
        self.create_user('admin2', 'admin2', ['administrator'])
        self._post("/api/auth", {'username': 'admin2', 'password': 'admin2'})
        self.assertStatus(201)
        # self.assertJsonBody({"username": "admin2"})
        data = self.jsonBody()
        self.assertIn('username', data)
        self.assertEqual(data['username'], "admin2")
        self.assertIn('permissions', data)
        for scope, perms in data['permissions'].items():
            self.assertIsNotNone(scope)
            self.assertIn('read', perms)
            self.assertIn('update', perms)
            self.assertIn('create', perms)
            self.assertIn('delete', perms)
        self.delete_user('admin2')

    def test_login_valid(self):
        self._post("/api/auth", {'username': 'admin', 'password': 'admin'})
        self.assertStatus(201)
        data = self.jsonBody()
        self.assertIn('username', data)
        self.assertEqual(data['username'], "admin")
        self.assertIn('permissions', data)
        for scope, perms in data['permissions'].items():
            self.assertIsNotNone(scope)
            self.assertIn('read', perms)
            self.assertIn('update', perms)
            self.assertIn('create', perms)
            self.assertIn('delete', perms)

    def test_login_stay_signed_in(self):
        self._post("/api/auth", {
            'username': 'admin',
            'password': 'admin',
            'stay_signed_in': True})
        self.assertStatus(201)
        self.assertIn('session_id', self.cookies())
        for cookie in self.cookies():
            if cookie.name == 'session_id':
                self.assertIsNotNone(cookie.expires)

    def test_login_not_stay_signed_in(self):
        self._post("/api/auth", {
            'username': 'admin',
            'password': 'admin',
            'stay_signed_in': False})
        self.assertStatus(201)
        self.assertIn('session_id', self.cookies())
        for cookie in self.cookies():
            if cookie.name == 'session_id':
                self.assertIsNone(cookie.expires)

    def test_login_invalid(self):
        self._post("/api/auth", {'username': 'admin', 'password': 'inval'})
        self.assertStatus(400)
        self.assertJsonBody({
            "component": "auth",
            "code": "invalid_credentials",
            "detail": "Invalid credentials"
        })

    def test_login_without_password(self):
        self.create_user('admin2', '', ['administrator'])
        self._post("/api/auth", {'username': 'admin2', 'password': ''})
        self.assertStatus(400)
        self.assertJsonBody({
            "component": "auth",
            "code": "invalid_credentials",
            "detail": "Invalid credentials"
        })
        self.delete_user('admin2')

    def test_logout(self):
        self._post("/api/auth", {'username': 'admin', 'password': 'admin'})
        self._delete("/api/auth")
        self.assertStatus(204)
        self.assertBody('')
        self._get("/api/host")
        self.assertStatus(401)

    def test_session_expire(self):
        self._ceph_cmd(['dashboard', 'set-session-expire', '2'])
        self._post("/api/auth", {'username': 'admin', 'password': 'admin'})
        self.assertStatus(201)
        self._get("/api/host")
        self.assertStatus(200)
        time.sleep(3)
        self._get("/api/host")
        self.assertStatus(401)
        self._ceph_cmd(['dashboard', 'set-session-expire', '1200'])

    def test_unauthorized(self):
        self._get("/api/host")
        self.assertStatus(401)
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00			`# -- coding: utf-8 --`

			`from __future__ import absolute_import`

			`import time`
mgr/dashboard_v2: auth module refactoring Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-01-25 11:41:24 +00:00
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`from .helper import DashboardTestCase`
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00
mgr/dashboard_v2: Unit tests refactoring Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-01-26 12:11:21 +00:00
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`class AuthTest(DashboardTestCase):`
qa/tasks/mgr/dashboard: Adapted tests to work with new authentication system Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-04-24 16:32:54 +00:00
			`AUTO_AUTHENTICATE = False`

mgr/dashboard_v2: Moved set-login-cred command logic to Auth class Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-01-26 12:12:16 +00:00			`def setUp(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self.reset_session()`
mgr/dashboard_v2: Moved set-login-cred command logic to Auth class Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-01-26 12:12:16 +00:00
			`def test_a_set_login_credentials(self):`
qa/tasks/mgr/dashboard: Adapted tests to work with new authentication system Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-04-24 16:32:54 +00:00			`self.create_user('admin2', 'admin2', ['administrator'])`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {'username': 'admin2', 'password': 'admin2'})`
			`self.assertStatus(201)`
mgr/dashboard: auth: return user permissions on login Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-06-01 11:15:49 +00:00			`# self.assertJsonBody({"username": "admin2"})`
			`data = self.jsonBody()`
			`self.assertIn('username', data)`
			`self.assertEqual(data['username'], "admin2")`
			`self.assertIn('permissions', data)`
			`for scope, perms in data['permissions'].items():`
			`self.assertIsNotNone(scope)`
			`self.assertIn('read', perms)`
			`self.assertIn('update', perms)`
			`self.assertIn('create', perms)`
			`self.assertIn('delete', perms)`
qa/tasks/mgr/dashboard: Adapted tests to work with new authentication system Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-04-24 16:32:54 +00:00			`self.delete_user('admin2')`
mgr/dashboard_v2: Moved set-login-cred command logic to Auth class Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-01-26 12:12:16 +00:00
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00			`def test_login_valid(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {'username': 'admin', 'password': 'admin'})`
			`self.assertStatus(201)`
mgr/dashboard: auth: return user permissions on login Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-06-01 11:15:49 +00:00			`data = self.jsonBody()`
			`self.assertIn('username', data)`
			`self.assertEqual(data['username'], "admin")`
			`self.assertIn('permissions', data)`
			`for scope, perms in data['permissions'].items():`
			`self.assertIsNotNone(scope)`
			`self.assertIn('read', perms)`
			`self.assertIn('update', perms)`
			`self.assertIn('create', perms)`
			`self.assertIn('delete', perms)`
mgr/dashboard_v2: Session expire at browser close Add support for session expire at browser close. Signed-off-by: Volker Theile <vtheile@suse.com> 2018-01-27 10:55:29 +00:00
			`def test_login_stay_signed_in(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {`
			`'username': 'admin',`
			`'password': 'admin',`
			`'stay_signed_in': True})`
			`self.assertStatus(201)`
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`self.assertIn('session_id', self.cookies())`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`for cookie in self.cookies():`
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`if cookie.name == 'session_id':`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self.assertIsNotNone(cookie.expires)`
mgr/dashboard_v2: Session expire at browser close Add support for session expire at browser close. Signed-off-by: Volker Theile <vtheile@suse.com> 2018-01-27 10:55:29 +00:00
			`def test_login_not_stay_signed_in(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {`
			`'username': 'admin',`
			`'password': 'admin',`
			`'stay_signed_in': False})`
			`self.assertStatus(201)`
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`self.assertIn('session_id', self.cookies())`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`for cookie in self.cookies():`
qa/tasks/mgr/dashboard_v2: implementation of backend API tests We moved the dashboard_v2 test cases that required a real ceph cluster to run into qa/tasks/mgr with the necessary adaptations. These tests can now be run in teuthology using the cephfs_test_runner task. Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-28 22:14:35 +00:00			`if cookie.name == 'session_id':`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self.assertIsNone(cookie.expires)`
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00
			`def test_login_invalid(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {'username': 'admin', 'password': 'inval'})`
mgr/dashboard: Login failure should return HTTP 400 Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-06-04 20:26:44 +00:00			`self.assertStatus(400)`
			`self.assertJsonBody({`
			`"component": "auth",`
			`"code": "invalid_credentials",`
			`"detail": "Invalid credentials"`
			`})`
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00
mgr/dashboard: User password should be optional Fixes: https://tracker.ceph.com/issues/36031 Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-09-17 11:03:37 +00:00			`def test_login_without_password(self):`
			`self.create_user('admin2', '', ['administrator'])`
			`self._post("/api/auth", {'username': 'admin2', 'password': ''})`
			`self.assertStatus(400)`
			`self.assertJsonBody({`
			`"component": "auth",`
			`"code": "invalid_credentials",`
			`"detail": "Invalid credentials"`
			`})`
			`self.delete_user('admin2')`

mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00			`def test_logout(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {'username': 'admin', 'password': 'admin'})`
			`self._delete("/api/auth")`
			`self.assertStatus(204)`
			`self.assertBody('')`
			`self._get("/api/host")`
			`self.assertStatus(401)`
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00
			`def test_session_expire(self):`
qa/tasks/mgr/dashboard: Fix login expires too soon Signed-off-by: Sebastian Wagner <sebastian.wagner@suse.com> 2018-03-23 10:25:48 +00:00			`self._ceph_cmd(['dashboard', 'set-session-expire', '2'])`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._post("/api/auth", {'username': 'admin', 'password': 'admin'})`
			`self.assertStatus(201)`
			`self._get("/api/host")`
			`self.assertStatus(200)`
			`time.sleep(3)`
			`self._get("/api/host")`
			`self.assertStatus(401)`
qa/tasks/mgr/dashboard: Fix login expires too soon Signed-off-by: Sebastian Wagner <sebastian.wagner@suse.com> 2018-03-23 10:25:48 +00:00			`self._ceph_cmd(['dashboard', 'set-session-expire', '1200'])`
mgr/dashboard_v2: Auth API Signed-off-by: Ricardo Marques <rimarques@suse.com> 2018-01-23 22:13:57 +00:00
			`def test_unauthorized(self):`
mgr/dashboard_v2: removed mock classes, unit tests now run against real cluster We changed tox.ini to run a vstart.sh cluster and run the unit tests against that cluster. All unit tests code was adapted to make requests to the real dashboard_v2 backend using the `requests` python library Signed-off-by: Ricardo Dias <rdias@suse.com> 2018-02-08 08:24:01 +00:00			`self._get("/api/host")`
			`self.assertStatus(401)`