Added license text

[hermes] / api / t / auth.t

#!/usr/bin/perl
#  Copyright (c) 2012, Gjøvik University College
#  All rights reserved.

#  Redistribution and use in source and binary forms, with or without
#  modification, are permitted provided that the following conditions are met:
#      * Redistributions of source code must retain the above copyright
#        notice, this list of conditions and the following disclaimer.
#      * Redistributions in binary form must reproduce the above copyright
#        notice, this list of conditions and the following disclaimer in the
#        documentation and/or other materials provided with the distribution.
#      * Neither the name of the Gjøvik University College nor the
#        names of its contributors may be used to endorse or promote products
#        derived from this software without specific prior written permission.
#       
#  THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
#  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
#  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
#  DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
#  DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
#  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
#  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
#  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
#  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
#  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

use strict;
use Test::More 'no_plan';
use tests_common;

# Configuration variables defined in tests_common
# Make sure those are updated/set correctly..
#   $api_base
#   $api_key
#
# Further variables defined in tests_common:
#   $invalid_key
#   $test_username
#   $test_password
#   $invalid_username

my ($response, $data, $temp);

isa_ok( $g_ua, 'LWP::UserAgent', '$g_ua');
isa_ok( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');

login_apikey();

$data = exec_apinode('auth/new_apikey', { 'host_ip' => '10.0.3.87', 'access' => 'full_read' });
is( $data->{'response'}, 'ok',          'auth/new_apikey ok');
ok( $data->{'key'},                     'auth/new_apikey new key');
$temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
undef $data;

$data = exec_apinode('auth/list_apikeys', undef);
is( $data->{'response'}, 'ok',          'auth/list_apikeys ok');
ok( $data->{'list'},                    'auth/list_apikeys list');
undef $data;

$data = exec_apinode('auth/remove_apikey', { "api_key" => $temp });
is( $data->{'response'}, 'ok',          'auth/remove_apikey ok');
ok( $data->{'key'},                     'auth/remove_apikey key');
undef $data;

$data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "read_write" });
is( $data->{'response'}, 'ok',          'auth/authorize_user ok');
ok( $data->{'user'},                    'auth/authorize_user user set');
is( $data->{'user'}, $test_username,    'auth/authorize_user user is ' . $test_username);
ok( $data->{'access'},                  'auth/authorize_user access set');
isnt( $data->{'access'}, 'no_access',   'auth/authorize_user level');
undef $data;

$data = exec_apinode("auth/list_users", undef );
is( $data->{'response'}, 'ok',          'auth/list_users ok');
ok( $data->{'list'},                    'auth/list_users list');
undef $data;

$data = exec_apinode("auth/ping", undef );
is( $data->{'response'}, 'pong',                'auth/ping PONG!');
ok( $data->{'auth_key'},                                'auth/ping key set');
ok( not ($data->{'auth_key'} eq $auth_key),             'auth/ping key changed');
$auth_key = $data->{'auth_key'};
undef $data;

$data = exec_apinode("auth/list_apikeys", undef );
is( $data->{'response'}, 'ok',          'auth/ping new key accepted.');
undef $data;


logout();
ok( !$session,                          'logged out, session cleared');
login_user();

$data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "full_read" });
is( $data->{'response'}, 'ok',          'auth/authorize_user as user ok');
is( $data->{'user'}, $test_username,    'auth/authorize_user user is ' . $test_username);
ok( $data->{'access'},                  'auth/authorize_user access set');
isnt( $data->{'access'}, 'no_access',   'auth/authorize_user level');
undef $data;

$data = exec_apinode("auth/remove_user", { "username" => $test_username });
is( $data->{'response'}, 'failed',              'auth/remove_user as nonpriv user fails');
is( $data->{'cause'}, 'unauthorized',                   'auth/remove_user cause correct');
undef $data;


$data = exec_apinode("auth/add_user", { "username" => $test_username });
is( $data->{'response'}, 'notimplemented',              'auth/add_user TODO: notimplemented.');
undef $data;

$data = exec_apinode("auth/update_user", { "username" => $test_username });
is( $data->{'response'}, 'notimplemented',              'auth/update_user TODO: notimplemented.');
undef $data;

logout();
ok( !$session,                          'logged out, session cleared');
login_apikey();

$data = exec_apinode("auth/remove_user", { "username" => $test_username });
is( $data->{'response'}, 'ok',          'auth/remove_user as user ok');
is( $data->{'user'}, $test_username,    'auth/remove_user removed ' . $test_username);
undef $data;

logout();
ok( !$session,                          'logged out, session cleared');

$data = exec_apinode("auth/list_apikeys", undef );
is( $data->{'response'}, 'failed',              'auth/list_apikeys denied after logout');
is( $data->{'cause'}, 'unauthorized',           'auth/list_apikeys cause correct');
undef $data;

$data = exec_apinode("auth/list_users", undef );
is( $data->{'response'}, 'failed',              'auth/list_users denied after logout');
is( $data->{'cause'}, 'unauthorized',           'auth/list_users cause correct');
undef $data;