cast string values in Config
This commit is contained in:
parent
baeb83b1e2
commit
87298e18b3
|
@ -18,5 +18,13 @@ class Config:
|
|||
def get(self, key: str) -> str:
|
||||
section, subkey = key.split('_', 1)
|
||||
if section in self.config:
|
||||
return self.config[section][subkey]
|
||||
return self.config['DEFAULT'][key]
|
||||
val = self.config[section][subkey]
|
||||
else:
|
||||
val = self.config['DEFAULT'][key]
|
||||
if val.isdigit():
|
||||
return int(val)
|
||||
if val.lower() in ['true', 'yes']:
|
||||
return True
|
||||
if val.lower() in ['false', 'no']:
|
||||
return False
|
||||
return val
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
[DEFAULT]
|
||||
base_domain = csclub.internal
|
||||
|
||||
[ceod]
|
||||
admin_host = phosphoric-acid
|
||||
fs_root_host = phosphoric-acid
|
||||
mailman_host = mail
|
||||
use_https = false
|
||||
port = 9987
|
||||
|
||||
[ldap]
|
||||
admin_principal = ceod/admin
|
||||
server_url = ldap://ldap-master.csclub.internal
|
||||
sasl_realm = CSCLUB.INTERNAL
|
||||
users_base = ou=TestPeople,dc=csclub,dc=internal
|
||||
groups_base = ou=TestGroup,dc=csclub,dc=internal
|
||||
sudo_base = ou=TestSUDOers,dc=csclub,dc=internal
|
||||
|
||||
[uwldap]
|
||||
server_url = ldap://uwldap.uwaterloo.ca
|
||||
base = dc=uwaterloo,dc=ca
|
||||
|
||||
[members]
|
||||
min_id = 20001
|
||||
max_id = 29999
|
||||
home = /tmp/test_users
|
||||
skel = /users/skel
|
||||
|
||||
[clubs]
|
||||
min_id = 30001
|
||||
max_id = 39999
|
||||
home = /tmp/test_users
|
||||
skel = /users/skel
|
||||
|
||||
[mail]
|
||||
smtp_url = smtp://mail.csclub.internal
|
||||
smtp_starttls = false
|
||||
|
||||
[mailman3]
|
||||
api_base_url = http://localhost:8001/3.1
|
||||
api_username = restadmin
|
||||
api_password = mailman3
|
||||
new_member_list = csc-general
|
|
@ -8,10 +8,13 @@ from ceo_common.interfaces import IKerberosService
|
|||
|
||||
@implementer(IKerberosService)
|
||||
class KerberosService:
|
||||
def __init__(self, admin_principal: str):
|
||||
def __init__(
|
||||
self,
|
||||
admin_principal: str,
|
||||
cache_file: str = '/run/ceod/krb5_cache',
|
||||
):
|
||||
self.admin_principal = admin_principal
|
||||
cache_file = '/run/ceod/krb5_cache'
|
||||
os.makedirs('/run/ceod', exist_ok=True)
|
||||
os.makedirs(os.path.dirname(cache_file), exist_ok=True)
|
||||
os.putenv('KRB5CCNAME', 'FILE:' + cache_file)
|
||||
self.kinit()
|
||||
|
||||
|
|
|
@ -0,0 +1,80 @@
|
|||
import os
|
||||
import importlib.resources
|
||||
|
||||
import ldap
|
||||
import pytest
|
||||
import socket
|
||||
from zope import component
|
||||
|
||||
from ceo_common.interfaces import IConfig, IKerberosService, ILDAPService, \
|
||||
IFileService
|
||||
from ceo_common.model import Config
|
||||
from ceod.model import KerberosService, LDAPService, FileService
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def cfg():
|
||||
with importlib.resources.path('ceo_common.test', 'ceod_test_local.ini') as p:
|
||||
config_file = p.__fspath__()
|
||||
_cfg = Config(config_file)
|
||||
component.provideUtility(_cfg, IConfig)
|
||||
return _cfg
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def krb_srv(cfg):
|
||||
# we need to be root to read the keytab
|
||||
assert os.geteuid() == 0
|
||||
# this dance again... ugh
|
||||
if socket.gethostname() == cfg.get('ceod_admin_host'):
|
||||
principal = 'ceod/admin'
|
||||
else:
|
||||
principal = 'ceod/' + socket.getfqdn()
|
||||
cache_file = '/tmp/ceod_test/krb5_cache'
|
||||
if os.path.isfile(cache_file):
|
||||
os.unlink(cache_file)
|
||||
krb = KerberosService(principal, cache_file)
|
||||
component.provideUtility(krb, IKerberosService)
|
||||
yield krb
|
||||
os.unlink(cache_file)
|
||||
|
||||
|
||||
def recursively_delete_subtree(conn: ldap.ldapobject.LDAPObject, base_dn: str):
|
||||
try:
|
||||
records = conn.search_s(base_dn, ldap.SCOPE_ONELEVEL, attrlist=[''])
|
||||
for dn, _ in records:
|
||||
conn.delete_s(dn)
|
||||
conn.delete_s(base_dn)
|
||||
except ldap.NO_SUCH_OBJECT:
|
||||
pass
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def ldap_srv(cfg, krb_srv):
|
||||
conn = ldap.initialize(cfg.get('ldap_server_url'))
|
||||
conn.sasl_gssapi_bind_s()
|
||||
users_base = cfg.get('ldap_users_base')
|
||||
groups_base = cfg.get('ldap_groups_base')
|
||||
|
||||
recursively_delete_subtree(conn, users_base)
|
||||
recursively_delete_subtree(conn, groups_base)
|
||||
|
||||
for base_dn in [users_base, groups_base]:
|
||||
ou = base_dn.split(',', 1)[0].split('=')[1]
|
||||
conn.add_s(base_dn, ldap.modlist.addModlist({
|
||||
'objectClass': [b'organizationalUnit'],
|
||||
'ou': [ou.encode()]
|
||||
}))
|
||||
_ldap_srv = LDAPService()
|
||||
component.provideUtility(_ldap_srv, ILDAPService)
|
||||
yield _ldap_srv
|
||||
|
||||
recursively_delete_subtree(conn, users_base)
|
||||
recursively_delete_subtree(conn, groups_base)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def file_srv(cfg):
|
||||
_file_srv = FileService()
|
||||
component.provideUtility(_file_srv, IFileService)
|
||||
return _file_srv
|
|
@ -0,0 +1,22 @@
|
|||
import pytest
|
||||
|
||||
from ceo_common.errors import UserNotFoundError
|
||||
from ceod.model import User
|
||||
|
||||
|
||||
def test_user_add_to_ldap(cfg, ldap_srv, file_srv):
|
||||
min_id = cfg.get('members_min_id')
|
||||
user = User(
|
||||
uid='jdoe',
|
||||
cn='John Doe',
|
||||
program='Math',
|
||||
terms=['s2021'],
|
||||
)
|
||||
user.add_to_ldap()
|
||||
retrieved_user = ldap_srv.get_user(user.uid)
|
||||
assert retrieved_user.uid == user.uid
|
||||
assert retrieved_user.uid_number >= min_id
|
||||
|
||||
user.remove_from_ldap()
|
||||
with pytest.raises(UserNotFoundError):
|
||||
ldap_srv.get_user(user.uid)
|
|
@ -1,3 +1,4 @@
|
|||
flake8==3.9.2
|
||||
setuptools==40.8.0
|
||||
wheel==0.36.2
|
||||
pytest==6.2.4
|
||||
|
|
Loading…
Reference in New Issue