nee2c
/
salt
oglindă de https://github.com/nee2c/salt.git


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
							# -*- coding: utf-8 -*-

# Import python libs
from __future__ import absolute_import

# Import Salt Libs
from salt import acl

# Import Salt Testing Libs
from tests.support.unit import TestCase


class ClientACLTestCase(TestCase):
    """
    Unit tests for salt.acl.ClientACL
    """

    def setUp(self):
        self.blacklist = {
            "users": ["joker", "penguin", "*bad_*", "blocked_.*", "^Homer$"],
            "modules": ["cmd.run", "test.fib", "rm-rf.*"],
        }
        self.whitelist = {
            "users": ["testuser", "saltuser"],
            "modules": ["test.ping", "grains.items"],
        }

    def tearDown(self):
        del self.blacklist
        del self.whitelist

    def test_user_is_blacklisted(self):
        """
        test user_is_blacklisted
        """
        client_acl = acl.PublisherACL(self.blacklist)

        self.assertTrue(client_acl.user_is_blacklisted("joker"))
        self.assertTrue(client_acl.user_is_blacklisted("penguin"))
        self.assertTrue(client_acl.user_is_blacklisted("bad_"))
        self.assertTrue(client_acl.user_is_blacklisted("bad_user"))
        self.assertTrue(client_acl.user_is_blacklisted("bad_*"))
        self.assertTrue(client_acl.user_is_blacklisted("user_bad_"))
        self.assertTrue(client_acl.user_is_blacklisted("blocked_"))
        self.assertTrue(client_acl.user_is_blacklisted("blocked_user"))
        self.assertTrue(client_acl.user_is_blacklisted("blocked_.*"))
        self.assertTrue(client_acl.user_is_blacklisted("Homer"))

        self.assertFalse(client_acl.user_is_blacklisted("batman"))
        self.assertFalse(client_acl.user_is_blacklisted("robin"))
        self.assertFalse(client_acl.user_is_blacklisted("bad"))
        self.assertFalse(client_acl.user_is_blacklisted("blocked"))
        self.assertFalse(client_acl.user_is_blacklisted("NotHomer"))
        self.assertFalse(client_acl.user_is_blacklisted("HomerSimpson"))

    def test_cmd_is_blacklisted(self):
        """
        test cmd_is_blacklisted
        """
        client_acl = acl.PublisherACL(self.blacklist)

        self.assertTrue(client_acl.cmd_is_blacklisted("cmd.run"))
        self.assertTrue(client_acl.cmd_is_blacklisted("test.fib"))
        self.assertTrue(client_acl.cmd_is_blacklisted("rm-rf.root"))

        self.assertFalse(client_acl.cmd_is_blacklisted("cmd.shell"))
        self.assertFalse(client_acl.cmd_is_blacklisted("test.versions"))
        self.assertFalse(client_acl.cmd_is_blacklisted("arm-rf.root"))

        self.assertTrue(client_acl.cmd_is_blacklisted(["cmd.run", "state.sls"]))
        self.assertFalse(
            client_acl.cmd_is_blacklisted(["state.highstate", "state.sls"])
        )

    def test_user_is_whitelisted(self):
        """
        test user_is_whitelisted
        """
        client_acl = acl.PublisherACL(self.whitelist)

        self.assertTrue(client_acl.user_is_whitelisted("testuser"))
        self.assertTrue(client_acl.user_is_whitelisted("saltuser"))
        self.assertFalse(client_acl.user_is_whitelisted("three"))
        self.assertFalse(client_acl.user_is_whitelisted("hans"))

    def test_cmd_is_whitelisted(self):
        """
        test cmd_is_whitelisted
        """
        client_acl = acl.PublisherACL(self.whitelist)

        self.assertTrue(client_acl.cmd_is_whitelisted("test.ping"))
        self.assertTrue(client_acl.cmd_is_whitelisted("grains.items"))
        self.assertFalse(client_acl.cmd_is_whitelisted("cmd.run"))
        self.assertFalse(client_acl.cmd_is_whitelisted("test.version"))