]>
git.defcon.no Git - hermes/blob - api/t/auth.t
2 # Copyright (c) 2012, Gjøvik University College
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions are met:
7 # * Redistributions of source code must retain the above copyright
8 # notice, this list of conditions and the following disclaimer.
9 # * Redistributions in binary form must reproduce the above copyright
10 # notice, this list of conditions and the following disclaimer in the
11 # documentation and/or other materials provided with the distribution.
12 # * Neither the name of the Gjøvik University College nor the
13 # names of its contributors may be used to endorse or promote products
14 # derived from this software without specific prior written permission.
16 # THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
17 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 # DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
20 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 use Test
::More
'no_plan';
31 # Configuration variables defined in tests_common
32 # Make sure those are updated/set correctly..
36 # Further variables defined in tests_common:
42 my ($response, $data, $temp);
44 isa_ok
( $g_ua, 'LWP::UserAgent', '$g_ua');
45 isa_ok
( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');
49 $data = exec_apinode
('auth/new_apikey', { 'host_ip' => '10.0.3.87', 'access' => 'full_read' });
50 is
( $data->{'response'}, 'ok', 'auth/new_apikey ok');
51 ok
( $data->{'key'}, 'auth/new_apikey new key');
52 $temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
55 $data = exec_apinode
('auth/list_apikeys', undef);
56 is
( $data->{'response'}, 'ok', 'auth/list_apikeys ok');
57 ok
( $data->{'list'}, 'auth/list_apikeys list');
60 $data = exec_apinode
('auth/remove_apikey', { "api_key" => $temp });
61 is
( $data->{'response'}, 'ok', 'auth/remove_apikey ok');
62 ok
( $data->{'key'}, 'auth/remove_apikey key');
65 $data = exec_apinode
("auth/authorize_user", { "username" => $test_username, "access" => "read_write" });
66 is
( $data->{'response'}, 'ok', 'auth/authorize_user ok');
67 ok
( $data->{'user'}, 'auth/authorize_user user set');
68 is
( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
69 ok
( $data->{'access'}, 'auth/authorize_user access set');
70 isnt
( $data->{'access'}, 'no_access', 'auth/authorize_user level');
73 $data = exec_apinode
("auth/list_users", undef );
74 is
( $data->{'response'}, 'ok', 'auth/list_users ok');
75 ok
( $data->{'list'}, 'auth/list_users list');
78 $data = exec_apinode
("auth/ping", undef );
79 is
( $data->{'response'}, 'pong', 'auth/ping PONG!');
80 ok
( $data->{'auth_key'}, 'auth/ping key set');
81 ok
( not ($data->{'auth_key'} eq $auth_key), 'auth/ping key changed');
82 $auth_key = $data->{'auth_key'};
85 $data = exec_apinode
("auth/list_apikeys", undef );
86 is
( $data->{'response'}, 'ok', 'auth/ping new key accepted.');
91 ok
( !$session, 'logged out, session cleared');
94 $data = exec_apinode
("auth/authorize_user", { "username" => $test_username, "access" => "full_read" });
95 is
( $data->{'response'}, 'ok', 'auth/authorize_user as user ok');
96 is
( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
97 ok
( $data->{'access'}, 'auth/authorize_user access set');
98 isnt
( $data->{'access'}, 'no_access', 'auth/authorize_user level');
101 $data = exec_apinode
("auth/remove_user", { "username" => $test_username });
102 is
( $data->{'response'}, 'failed', 'auth/remove_user as nonpriv user fails');
103 is
( $data->{'cause'}, 'unauthorized', 'auth/remove_user cause correct');
107 $data = exec_apinode
("auth/add_user", { "username" => $test_username });
108 is
( $data->{'response'}, 'notimplemented', 'auth/add_user TODO: notimplemented.');
111 $data = exec_apinode
("auth/update_user", { "username" => $test_username });
112 is
( $data->{'response'}, 'notimplemented', 'auth/update_user TODO: notimplemented.');
116 ok
( !$session, 'logged out, session cleared');
119 $data = exec_apinode
("auth/remove_user", { "username" => $test_username });
120 is
( $data->{'response'}, 'ok', 'auth/remove_user as user ok');
121 is
( $data->{'user'}, $test_username, 'auth/remove_user removed ' . $test_username);
125 ok
( !$session, 'logged out, session cleared');
127 $data = exec_apinode
("auth/list_apikeys", undef );
128 is
( $data->{'response'}, 'failed', 'auth/list_apikeys denied after logout');
129 is
( $data->{'cause'}, 'unauthorized', 'auth/list_apikeys cause correct');
132 $data = exec_apinode
("auth/list_users", undef );
133 is
( $data->{'response'}, 'failed', 'auth/list_users denied after logout');
134 is
( $data->{'cause'}, 'unauthorized', 'auth/list_users cause correct');