Skip to content

Commit

Permalink
AdminUserTag added to JujuConnSuite
Browse files Browse the repository at this point in the history
  • Loading branch information
@howbazaar
howbazaar committed Sep 4, 2014
1 parent ea24962 commit 47a07ba
Show file tree
Hide file tree
Showing 20 changed files with 104 additions and 66 deletions.
2 changes: 1 addition & 1 deletion api/uniter/service_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,5 +123,5 @@ func (s *serviceSuite) TestCharmURL(c *gc.C) {
func (s *serviceSuite) TestGetOwnerTag(c *gc.C) {
tag, err := s.apiService.GetOwnerTag()
c.Assert(err, gc.IsNil)
c.Assert(tag, gc.Equals, "user-admin")
c.Assert(tag, gc.Equals, s.AdminUserTag(c).String())
}
10 changes: 5 additions & 5 deletions api/usermanager/client_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ import (
"github.com/juju/juju/apiserver/params"
ums "github.com/juju/juju/apiserver/usermanager"
jujutesting "github.com/juju/juju/juju/testing"
"github.com/juju/juju/state"
"github.com/juju/juju/testing/factory"
)

Expand Down Expand Up @@ -73,7 +72,7 @@ func (s *usermanagerSuite) TestAddExistingUser(c *gc.C) {
}

func (s *usermanagerSuite) TestCantRemoveAdminUser(c *gc.C) {
err := s.usermanager.RemoveUser(state.AdminUser)
err := s.usermanager.RemoveUser(s.AdminUserTag(c).Name())
c.Assert(err, gc.ErrorMatches, "Failed to remove user: cannot deactivate admin user")
}

Expand All @@ -87,7 +86,7 @@ func (s *usermanagerSuite) TestUserInfo(c *gc.C) {
Result: &ums.UserInfo{
Username: "foobar",
DisplayName: "Foo Bar",
CreatedBy: "admin",
CreatedBy: s.AdminUserTag(c).Name(),
DateCreated: user.DateCreated(),
},
}
Expand Down Expand Up @@ -122,9 +121,10 @@ func (s *usermanagerSuite) TestUserInfoMoreThanOneResult(c *gc.C) {
}

func (s *usermanagerSuite) TestSetUserPassword(c *gc.C) {
err := s.usermanager.SetPassword("admin", "new-password")
name := s.AdminUserTag(c).Name()
err := s.usermanager.SetPassword(name, "new-password")
c.Assert(err, gc.IsNil)
user, err := s.State.User("admin")
user, err := s.State.User(name)
c.Assert(err, gc.IsNil)
c.Assert(user.PasswordValid("new-password"), gc.Equals, true)
}
2 changes: 2 additions & 0 deletions apiserver/admin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ func checkCreds(st *state.State, c params.Creds) (state.Entity, error) {
// We return the same error when an entity does not exist as for a bad
// password, so that we don't allow unauthenticated users to find
// information about existing entities.
logger.Debugf("entity %q not found", tag)
return nil, common.ErrBadCreds
}
if err != nil {
Expand All @@ -165,6 +166,7 @@ func checkCreds(st *state.State, c params.Creds) (state.Entity, error) {
}

if err = authenticator.Authenticate(entity, c.Password, c.Nonce); err != nil {
logger.Debugf("bad credentials")
return nil, err
}

Expand Down
17 changes: 11 additions & 6 deletions apiserver/admin_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,13 +59,15 @@ func (s *loginSuite) TestBadLogin(c *gc.C) {
info, cleanup := s.setupServer(c)
defer cleanup()

adminUser := s.AdminUserTag(c)

for i, t := range []struct {
tag string
password string
err string
code string
}{{
tag: "user-admin",
tag: adminUser.String(),
password: "wrong password",
err: "invalid entity name or password",
code: params.CodeUnauthorized,
Expand Down Expand Up @@ -384,7 +386,7 @@ func (s *loginSuite) TestUsersLoginWhileRateLimited(c *gc.C) {
}

userInfo := *info
userInfo.Tag = names.NewUserTag("admin")
userInfo.Tag = s.AdminUserTag(c)
userInfo.Password = "dummy-secret"
userResults, userWG := startNLogins(c, apiserver.LoginRateLimit+1, &userInfo)
// all of them should have started, and none of them in TryAgain state
Expand Down Expand Up @@ -417,7 +419,7 @@ func (s *loginSuite) TestUsersLoginWhileRateLimited(c *gc.C) {

func (s *loginSuite) TestUsersAreNotRateLimited(c *gc.C) {
info, cleanup := s.setupServer(c)
info.Tag = names.NewUserTag("admin")
info.Tag = s.AdminUserTag(c)
info.Password = "dummy-secret"
defer cleanup()
delayChan, cleanup := apiserver.DelayLogins()
Expand Down Expand Up @@ -450,12 +452,13 @@ func (s *loginSuite) TestLoginReportsEnvironTag(c *gc.C) {
// We Login without passing an EnvironTag, to show that it still lets
// us in, and that we can find out the real EnvironTag from the
// response.
adminUser := s.AdminUserTag(c)
st, err := api.Open(info, fastDialOpts)
c.Assert(err, gc.IsNil)
defer st.Close()
var result params.LoginResult
creds := &params.Creds{
AuthTag: "user-admin",
AuthTag: adminUser.String(),
Password: "dummy-secret",
}
err = st.APICall("Admin", 0, "", "Login", creds, &result)
Expand Down Expand Up @@ -524,8 +527,9 @@ func (s *loginSuite) checkLoginWithValidator(c *gc.C, validator apiserver.LoginV
_, err = st.Machiner().Machine(names.NewMachineTag("0"))
c.Assert(err, gc.ErrorMatches, `unknown object type "Machiner"`)

adminUser := s.AdminUserTag(c)
// Since these are user login tests, the nonce is empty.
err = st.Login("user-admin", "dummy-secret", "")
err = st.Login(adminUser.String(), "dummy-secret", "")

checker(c, err, st)
}
Expand Down Expand Up @@ -565,8 +569,9 @@ func (s *loginSuite) TestLoginReportsAvailableFacadeVersions(c *gc.C) {
c.Assert(err, gc.IsNil)
defer st.Close()
var result params.LoginResult
adminUser := s.AdminUserTag(c)
creds := &params.Creds{
AuthTag: "user-admin",
AuthTag: adminUser.String(),
Password: "dummy-secret",
}
err = st.APICall("Admin", 0, "", "Login", creds, &result)
Expand Down
3 changes: 2 additions & 1 deletion apiserver/charmrevisionupdater/testing/suite.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,8 @@ func (s *CharmSuite) AddCharmWithRevision(c *gc.C, charmName string, rev int) *s
func (s *CharmSuite) AddService(c *gc.C, charmName, serviceName string, networks []string) {
ch, ok := s.charms[charmName]
c.Assert(ok, gc.Equals, true)
_, err := s.jcSuite.State.AddService(serviceName, "user-admin", ch, networks)
owner := s.jcSuite.AdminUserTag(c)
_, err := s.jcSuite.State.AddService(serviceName, owner.String(), ch, networks)
c.Assert(err, gc.IsNil)
}

Expand Down
2 changes: 1 addition & 1 deletion apiserver/client/api_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@ func (s *baseSuite) setUpScenario(c *gc.C) (entities []names.Tag) {
add := func(e state.Entity) {
entities = append(entities, e.Tag())
}
u, err := s.State.User(state.AdminUser)
u, err := s.State.User(s.AdminUserTag(c).Name())
c.Assert(err, gc.IsNil)
setDefaultPassword(c, u)
add(u)
Expand Down
15 changes: 9 additions & 6 deletions apiserver/client/run_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,22 +76,23 @@ func (s *runSuite) addUnit(c *gc.C, service *state.Service) *state.Unit {

func (s *runSuite) TestGetAllUnitNames(c *gc.C) {
charm := s.AddTestingCharm(c, "dummy")
magic, err := s.State.AddService("magic", "user-admin", charm, nil)
owner := s.AdminUserTag(c)
magic, err := s.State.AddService("magic", owner.String(), charm, nil)
s.addUnit(c, magic)
s.addUnit(c, magic)

notAssigned, err := s.State.AddService("not-assigned", "user-admin", charm, nil)
notAssigned, err := s.State.AddService("not-assigned", owner.String(), charm, nil)
c.Assert(err, gc.IsNil)
_, err = notAssigned.AddUnit()
c.Assert(err, gc.IsNil)

_, err = s.State.AddService("no-units", "user-admin", charm, nil)
_, err = s.State.AddService("no-units", owner.String(), charm, nil)
c.Assert(err, gc.IsNil)

wordpress, err := s.State.AddService("wordpress", "user-admin", s.AddTestingCharm(c, "wordpress"), nil)
wordpress, err := s.State.AddService("wordpress", owner.String(), s.AddTestingCharm(c, "wordpress"), nil)
c.Assert(err, gc.IsNil)
wordpress0 := s.addUnit(c, wordpress)
_, err = s.State.AddService("logging", "user-admin", s.AddTestingCharm(c, "logging"), nil)
_, err = s.State.AddService("logging", owner.String(), s.AddTestingCharm(c, "logging"), nil)
c.Assert(err, gc.IsNil)

eps, err := s.State.InferEndpoints([]string{"logging", "wordpress"})
Expand Down Expand Up @@ -261,7 +262,9 @@ func (s *runSuite) TestRunMachineAndService(c *gc.C) {
s.addMachineWithAddress(c, "10.3.2.1")

charm := s.AddTestingCharm(c, "dummy")
magic, err := s.State.AddService("magic", "user-admin", charm, nil)
owner := s.Factory.MakeUser(c, nil).Tag()
magic, err := s.State.AddService("magic", owner.String(), charm, nil)
c.Assert(err, gc.IsNil)
s.addUnit(c, magic)
s.addUnit(c, magic)

Expand Down
18 changes: 9 additions & 9 deletions apiserver/uniter/uniter_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1181,7 +1181,7 @@ func (s *uniterSuite) TestRelation(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
{Relation: rel.Tag().String(), Unit: "unit-foo-0"},
{Relation: "relation-blah", Unit: "unit-wordpress-0"},
{Relation: "service-foo", Unit: "user-admin"},
{Relation: "service-foo", Unit: "user-foo"},
{Relation: "foo", Unit: "bar"},
{Relation: "unit-wordpress-0", Unit: rel.Tag().String()},
}}
Expand Down Expand Up @@ -1279,7 +1279,7 @@ func (s *uniterSuite) TestEnterScope(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
{Relation: rel.Tag().String(), Unit: "service-wordpress"},
{Relation: rel.Tag().String(), Unit: "service-mysql"},
{Relation: rel.Tag().String(), Unit: "user-admin"},
{Relation: rel.Tag().String(), Unit: "user-foo"},
}}
result, err := s.uniter.EnterScope(args)
c.Assert(err, gc.IsNil)
Expand Down Expand Up @@ -1330,7 +1330,7 @@ func (s *uniterSuite) TestLeaveScope(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
{Relation: rel.Tag().String(), Unit: "service-wordpress"},
{Relation: rel.Tag().String(), Unit: "service-mysql"},
{Relation: rel.Tag().String(), Unit: "user-admin"},
{Relation: rel.Tag().String(), Unit: "user-foo"},
}}
result, err := s.uniter.LeaveScope(args)
c.Assert(err, gc.IsNil)
Expand Down Expand Up @@ -1417,7 +1417,7 @@ func (s *uniterSuite) TestReadSettings(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
{Relation: rel.Tag().String(), Unit: "service-wordpress"},
{Relation: rel.Tag().String(), Unit: "service-mysql"},
{Relation: rel.Tag().String(), Unit: "user-admin"},
{Relation: rel.Tag().String(), Unit: "user-foo"},
}}
result, err := s.uniter.ReadSettings(args)
c.Assert(err, gc.IsNil)
Expand Down Expand Up @@ -1484,12 +1484,12 @@ func (s *uniterSuite) TestReadRemoteSettings(c *gc.C) {
{Relation: rel.Tag().String(), LocalUnit: "unit-wordpress-0", RemoteUnit: "unit-mysql-0"},
{Relation: "relation-42", LocalUnit: "unit-wordpress-0", RemoteUnit: ""},
{Relation: "relation-foo", LocalUnit: "", RemoteUnit: ""},
{Relation: "service-wordpress", LocalUnit: "unit-foo-0", RemoteUnit: "user-admin"},
{Relation: "service-wordpress", LocalUnit: "unit-foo-0", RemoteUnit: "user-foo"},
{Relation: "foo", LocalUnit: "bar", RemoteUnit: "baz"},
{Relation: rel.Tag().String(), LocalUnit: "unit-mysql-0", RemoteUnit: "unit-wordpress-0"},
{Relation: rel.Tag().String(), LocalUnit: "service-wordpress", RemoteUnit: "service-mysql"},
{Relation: rel.Tag().String(), LocalUnit: "service-mysql", RemoteUnit: "foo"},
{Relation: rel.Tag().String(), LocalUnit: "user-admin", RemoteUnit: "unit-wordpress-0"},
{Relation: rel.Tag().String(), LocalUnit: "user-foo", RemoteUnit: "unit-wordpress-0"},
}}
result, err := s.uniter.ReadRemoteSettings(args)

Expand Down Expand Up @@ -1607,7 +1607,7 @@ func (s *uniterSuite) TestUpdateSettings(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0", Settings: nil},
{Relation: rel.Tag().String(), Unit: "service-wordpress", Settings: nil},
{Relation: rel.Tag().String(), Unit: "service-mysql", Settings: nil},
{Relation: rel.Tag().String(), Unit: "user-admin", Settings: nil},
{Relation: rel.Tag().String(), Unit: "user-foo", Settings: nil},
}}
result, err := s.uniter.UpdateSettings(args)
c.Assert(err, gc.IsNil)
Expand Down Expand Up @@ -1658,7 +1658,7 @@ func (s *uniterSuite) TestWatchRelationUnits(c *gc.C) {
{Relation: rel.Tag().String(), Unit: "unit-mysql-0"},
{Relation: rel.Tag().String(), Unit: "service-wordpress"},
{Relation: rel.Tag().String(), Unit: "service-mysql"},
{Relation: rel.Tag().String(), Unit: "user-admin"},
{Relation: rel.Tag().String(), Unit: "user-foo"},
}}
result, err := s.uniter.WatchRelationUnits(args)
c.Assert(err, gc.IsNil)
Expand Down Expand Up @@ -1734,7 +1734,7 @@ func (s *uniterSuite) TestGetOwnerTag(c *gc.C) {
result, err := s.uniter.GetOwnerTag(args)
c.Assert(err, gc.IsNil)
c.Assert(result, gc.DeepEquals, params.StringResult{
Result: "user-admin",
Result: s.AdminUserTag(c).String(),
})
}

Expand Down
25 changes: 13 additions & 12 deletions apiserver/usermanager/usermanager_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,19 +21,20 @@ type userManagerSuite struct {

usermanager *usermanager.UserManagerAPI
authorizer apiservertesting.FakeAuthorizer
user *state.User
adminName string
}

var _ = gc.Suite(&userManagerSuite{})

func (s *userManagerSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)

user, err := s.State.User("admin")
c.Assert(err, gc.IsNil)
adminTag := s.AdminUserTag(c)
s.adminName = adminTag.Name()
s.authorizer = apiservertesting.FakeAuthorizer{
Tag: user.Tag(),
Tag: adminTag,
}
var err error
s.usermanager, err = usermanager.NewUserManagerAPI(s.State, nil, s.authorizer)
c.Assert(err, gc.IsNil)
}
Expand Down Expand Up @@ -139,15 +140,15 @@ func (s *userManagerSuite) TestUserInfoUsersExist(c *gc.C) {
Result: &usermanager.UserInfo{
Username: "foobar",
DisplayName: "Foo Bar",
CreatedBy: "admin",
CreatedBy: s.adminName,
DateCreated: userFoo.DateCreated(),
LastConnection: userFoo.LastLogin(),
},
}, {
Result: &usermanager.UserInfo{
Username: "barfoo",
DisplayName: "Bar Foo",
CreatedBy: "admin",
CreatedBy: s.adminName,
DateCreated: userBar.DateCreated(),
LastConnection: userBar.LastLogin(),
},
Expand All @@ -173,7 +174,7 @@ func (s *userManagerSuite) TestUserInfoUserExists(c *gc.C) {
Result: &usermanager.UserInfo{
Username: "foobar",
DisplayName: "Foo Bar",
CreatedBy: "admin",
CreatedBy: s.adminName,
DateCreated: user.DateCreated(),
LastConnection: user.LastLogin(),
},
Expand Down Expand Up @@ -264,15 +265,15 @@ func (s *userManagerSuite) TestAgentUnauthorized(c *gc.C) {
func (s *userManagerSuite) TestSetPassword(c *gc.C) {
args := usermanager.ModifyUsers{
Changes: []usermanager.ModifyUser{{
Username: "admin",
Username: s.adminName,
Password: "new-password",
}}}
results, err := s.usermanager.SetPassword(args)
c.Assert(err, gc.IsNil)
c.Assert(results.Results, gc.HasLen, 1)
c.Assert(results.Results[0], gc.DeepEquals, params.ErrorResult{Error: nil})

adminUser, err := s.State.User("admin")
adminUser, err := s.State.User(s.adminName)
c.Assert(err, gc.IsNil)

c.Assert(adminUser.PasswordValid("new-password"), gc.Equals, true)
Expand All @@ -292,11 +293,11 @@ func (s *userManagerSuite) TestSetMultiplePasswords(c *gc.C) {
args := usermanager.ModifyUsers{
Changes: []usermanager.ModifyUser{
{
Username: "admin",
Username: s.adminName,
Password: "new-password1",
},
{
Username: "admin",
Username: s.adminName,
Password: "new-password2",
}}}
results, err := s.usermanager.SetPassword(args)
Expand All @@ -305,7 +306,7 @@ func (s *userManagerSuite) TestSetMultiplePasswords(c *gc.C) {
c.Assert(results.Results[0], gc.DeepEquals, params.ErrorResult{Error: nil})
c.Assert(results.Results[1], gc.DeepEquals, params.ErrorResult{Error: nil})

adminUser, err := s.State.User("admin")
adminUser, err := s.State.User(s.adminName)
c.Assert(err, gc.IsNil)

c.Assert(adminUser.PasswordValid("new-password2"), gc.Equals, true)
Expand Down
Loading

0 comments on commit 47a07ba

Please sign in to comment.