salt/tests/integration/shell/auth.py

# -*- coding: utf-8 -*-
'''
    tests.integration.shell.auth
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'''

# Import python libs
import os
import yaml
import pipes
import shutil

# Import Salt Testing libs
from salttesting.helpers import (
    ensure_in_syspath,
    destructiveTest,
    with_system_user)
ensure_in_syspath('../../')

# Import salt libs
import integration
import salt.utils

from salttesting import skipIf

import random


class AuthTest(integration.ShellCase):
    '''
    Test auth mechanisms
    '''

    _call_binary_ = 'salt'

    is_root = os.geteuid() != 0

    @destructiveTest
    @skipIf(is_root, 'You must be logged in as root to run this test')
    # @with_system_user('saltdev') - doesn't work with ShellCase
    def test_pam_auth_valid_user(self):
        '''
        test pam auth mechanism is working with a valid user
        '''
        alphabet = ('abcdefghijklmnopqrstuvwxyz'
                    '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ')
        self.password = ''
        # generate password
        for _ in range(20):
            next_index = random.randrange(len(alphabet))
            self.password = self.password + alphabet[next_index]

        # hash the password
        from salt.utils.pycrypto import gen_hash

        pwd = gen_hash('salt', self.password, 'sha512')
        self.run_call("shadow.set_password saltdev '{0}'".format(pwd))
        cmd = ('-a pam "*"'
               ' test.ping --username {0}'
               ' --password {1}'.format('saltdev', self.password))

        resp = self.run_salt(cmd)
        self.assertTrue(
            'minion:' in resp
        )

    @skipIf(is_root, 'You must be logged in as root to run this test')
    def test_pam_auth_invalid_user(self):
        '''
        test pam auth mechanism errors for an invalid user
        '''
        cmd = ('-a pam'
               ' * test.ping --username nouser'
               ' --password {0}'.format('abcd1234'))
        resp = self.run_salt(cmd)
        self.assertTrue(
            'Failed to authenticate' in ''.join(resp)
        )

if __name__ == '__main__':
    from integration import run_tests
    run_tests(AuthTest)
Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`# -- coding: utf-8 --`
			`'''`
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`tests.integration.shell.auth`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`'''`

			`# Import python libs`
			`import os`
			`import yaml`
			`import pipes`
			`import shutil`

			`# Import Salt Testing libs`
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`from salttesting.helpers import (`
			`ensure_in_syspath,`
			`destructiveTest,`
			`with_system_user)`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`ensure_in_syspath('../../')`

			`# Import salt libs`
			`import integration`
			`import salt.utils`

Add tests for pam auth 2014-06-23 21:36:21 +00:00			`from salttesting import skipIf`

Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`import random`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00
			`class AuthTest(integration.ShellCase):`
			`'''`
			`Test auth mechanisms`
			`'''`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00
			`_call_binary_ = 'salt'`

Add tests for pam auth 2014-06-23 21:36:21 +00:00			`is_root = os.geteuid() != 0`

Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`@destructiveTest`
Add tests for pam auth 2014-06-23 21:36:21 +00:00			`@skipIf(is_root, 'You must be logged in as root to run this test')`
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`# @with_system_user('saltdev') - doesn't work with ShellCase`
Add tests for pam auth 2014-06-23 21:36:21 +00:00			`def test_pam_auth_valid_user(self):`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`'''`
Add tests for pam auth 2014-06-23 21:36:21 +00:00			`test pam auth mechanism is working with a valid user`
			`'''`
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`alphabet = ('abcdefghijklmnopqrstuvwxyz'`
			`'0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ')`
			`self.password = ''`
			`# generate password`
			`for _ in range(20):`
			`next_index = random.randrange(len(alphabet))`
			`self.password = self.password + alphabet[next_index]`

			`# hash the password`
			`from salt.utils.pycrypto import gen_hash`

			`pwd = gen_hash('salt', self.password, 'sha512')`
			`self.run_call("shadow.set_password saltdev '{0}'".format(pwd))`
			`cmd = ('-a pam "*"'`
			`' test.ping --username {0}'`
			`' --password {1}'.format('saltdev', self.password))`

Add tests for pam auth 2014-06-23 21:36:21 +00:00			`resp = self.run_salt(cmd)`
			`self.assertTrue(`
			`'minion:' in resp`
			`)`

			`@skipIf(is_root, 'You must be logged in as root to run this test')`
			`def test_pam_auth_invalid_user(self):`
Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`'''`
Add tests for pam auth 2014-06-23 21:36:21 +00:00			`test pam auth mechanism errors for an invalid user`
			`'''`
Make sure tests pass on the right setup 2014-06-24 18:12:17 +00:00			`cmd = ('-a pam'`
			`' * test.ping --username nouser'`
			`' --password {0}'.format('abcd1234'))`
Add tests for pam auth 2014-06-23 21:36:21 +00:00			`resp = self.run_salt(cmd)`
			`self.assertTrue(`
			`'Failed to authenticate' in ''.join(resp)`
			`)`

Add CLI options for username and password 2014-06-20 19:06:47 +00:00			`if __name__ == '__main__':`
			`from integration import run_tests`
			`run_tests(AuthTest)`