]> git.defcon.no Git - hermes/blob - api/t/auth.t
Merge branch 'auth-refactor'
[hermes] / api / t / auth.t
1 #!/usr/bin/perl
2
3 use strict;
4 use Test::More 'no_plan';
5 use tests_common;
6
7 # Configuration variables defined in tests_common
8 # Make sure those are updated/set correctly..
9 # $api_base
10 # $api_key
11 #
12 # Further variables defined in tests_common:
13 # $invalid_key
14 # $test_username
15 # $test_password
16 # $invalid_username
17
18 my ($response, $data, $temp);
19
20 isa_ok( $g_ua, 'LWP::UserAgent', '$g_ua');
21 isa_ok( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');
22
23 login_apikey();
24
25 $data = exec_apinode('auth/new_apikey', { 'host_ip' => '10.0.3.87', 'access' => 'full_read' });
26 is( $data->{'response'}, 'ok', 'auth/new_apikey ok');
27 ok( $data->{'key'}, 'auth/new_apikey new key');
28 $temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
29 undef $data;
30
31 $data = exec_apinode('auth/list_apikeys', undef);
32 is( $data->{'response'}, 'ok', 'auth/list_apikeys ok');
33 ok( $data->{'list'}, 'auth/list_apikeys list');
34 undef $data;
35
36 $data = exec_apinode('auth/remove_apikey', { "api_key" => $temp });
37 is( $data->{'response'}, 'ok', 'auth/remove_apikey ok');
38 ok( $data->{'key'}, 'auth/remove_apikey key');
39 undef $data;
40
41 $data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "read_write" });
42 is( $data->{'response'}, 'ok', 'auth/authorize_user ok');
43 ok( $data->{'user'}, 'auth/authorize_user user set');
44 is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
45 ok( $data->{'access'}, 'auth/authorize_user access set');
46 isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
47 undef $data;
48
49 $data = exec_apinode("auth/list_users", undef );
50 is( $data->{'response'}, 'ok', 'auth/list_users ok');
51 ok( $data->{'list'}, 'auth/list_users list');
52 undef $data;
53
54 $data = exec_apinode("auth/ping", undef );
55 is( $data->{'response'}, 'pong', 'auth/ping PONG!');
56 ok( $data->{'auth_key'}, 'auth/ping key set');
57 ok( not ($data->{'auth_key'} eq $auth_key), 'auth/ping key changed');
58 $auth_key = $data->{'auth_key'};
59 undef $data;
60
61 $data = exec_apinode("auth/list_apikeys", undef );
62 is( $data->{'response'}, 'ok', 'auth/ping new key accepted.');
63 undef $data;
64
65
66 logout();
67 ok( !$session, 'logged out, session cleared');
68 login_user();
69
70 $data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "full_read" });
71 is( $data->{'response'}, 'ok', 'auth/authorize_user as user ok');
72 is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
73 ok( $data->{'access'}, 'auth/authorize_user access set');
74 isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
75 undef $data;
76
77 $data = exec_apinode("auth/remove_user", { "username" => $test_username });
78 is( $data->{'response'}, 'failed', 'auth/remove_user as nonpriv user fails');
79 is( $data->{'cause'}, 'unauthorized', 'auth/remove_user cause correct');
80 undef $data;
81
82
83 $data = exec_apinode("auth/add_user", { "username" => $test_username });
84 is( $data->{'response'}, 'notimplemented', 'auth/add_user TODO: notimplemented.');
85 undef $data;
86
87 $data = exec_apinode("auth/update_user", { "username" => $test_username });
88 is( $data->{'response'}, 'notimplemented', 'auth/update_user TODO: notimplemented.');
89 undef $data;
90
91 logout();
92 ok( !$session, 'logged out, session cleared');
93 login_apikey();
94
95 $data = exec_apinode("auth/remove_user", { "&username" => $test_username });
96 is( $data->{'response'}, 'ok', 'auth/remove_user as user ok');
97 is( $data->{'user'}, $test_username, 'auth/remove_user removed ' . $test_username);
98 undef $data;
99
100 logout();
101 ok( !$session, 'logged out, session cleared');
102
103 $data = exec_apinode("auth/list_apikeys", undef );
104 is( $data->{'response'}, 'failed', 'auth/list_apikeys denied after logout');
105 is( $data->{'cause'}, 'unauthorized', 'auth/list_apikeys cause correct');
106 undef $data;
107
108 $data = exec_apinode("auth/list_users", undef );
109 is( $data->{'response'}, 'failed', 'auth/list_users denied after logout');
110 is( $data->{'cause'}, 'unauthorized', 'auth/list_users cause correct');
111 undef $data;
112