diff options
author | Prashanth Pai <ppai@redhat.com> | 2014-01-02 12:20:20 +0530 |
---|---|---|
committer | Luis Pabon <lpabon@redhat.com> | 2014-01-07 13:50:30 -0800 |
commit | 94a3f539e75b069bb1f9df6f850adfe16d76b572 (patch) | |
tree | 61603e804fc97a878490d27201aa03f82b804c22 /test/functional_auth | |
parent | d1c7b1cc4b19a7a0c2c6a594dd47cf40f98223f9 (diff) |
Fix users not able to change their own password/key
Users were not able to update their own password/key
with the update operation resulting in 403 (HTTPForbidden).
EXAMPLES:
Command to update password/key of regular user:
gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass
Command to update password/key of account admin:
gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass
Command to update password/key of reseller_admin:
gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass
BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227
Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6650
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Diffstat (limited to 'test/functional_auth')
-rw-r--r-- | test/functional_auth/gswauth/test_gswauth.py | 7 | ||||
-rw-r--r-- | test/functional_auth/gswauth/test_gswauth_cli.py | 76 |
2 files changed, 75 insertions, 8 deletions
diff --git a/test/functional_auth/gswauth/test_gswauth.py b/test/functional_auth/gswauth/test_gswauth.py index 3ee3f5d..5219f13 100644 --- a/test/functional_auth/gswauth/test_gswauth.py +++ b/test/functional_auth/gswauth/test_gswauth.py @@ -227,15 +227,16 @@ class TestGSWauth(unittest.TestCase): # attempt to change password path = '%sv2/%s/%s' % (config['auth_prefix'], config['account'], config['username']) - headers = self._get_admin_headers() + headers = {'X-Auth-Admin-User': + config['account'] + ':' + config['username'], + 'X-Auth-Admin-Key': config['password']} headers.update({'X-Auth-User-Key': 'newpassword', 'Content-Length': '0', - 'X-Auth-Admin-Key': config['password'], 'X-Auth-User-Admin': 'true'}) conn = http_connect(config['auth_host'], config['auth_port'], 'PUT', path, headers) resp = conn.getresponse() - self.assertTrue(resp.status == 401) + self.assertTrue(resp.status == 201) finally: try: diff --git a/test/functional_auth/gswauth/test_gswauth_cli.py b/test/functional_auth/gswauth/test_gswauth_cli.py index 4e99e38..d07b9c3 100644 --- a/test/functional_auth/gswauth/test_gswauth_cli.py +++ b/test/functional_auth/gswauth/test_gswauth_cli.py @@ -438,11 +438,6 @@ class TestUser(unittest.TestCase): self.assertNotEqual(status, 0, 'user creation succeeded with user of other account: '+output) self.assertEqual('403 Forbidden' in output,True, 'user creation succeeded with user of other account: '+output) - #update password of own regular user - (status,output)=Utils.addUser('test', 'tester', 'testingupdated', user='test:tester', key='testing') - self.assertNotEqual(status, 0, 'regular user update password succeeded with own credentials: '+output) - self.assertEqual('403 Forbidden' in output,True, 'regular user update password succeeded with own credentials: '+output) - def testDeleteUser(self): #set test acc self.setTestAccUserEnv() @@ -577,3 +572,74 @@ class TestUser(unittest.TestCase): (status,output) = Utils.deleteUser('test', 'usertobedeletedbyitself',user='test:usertobedeletedbyitself',key='testing') self.assertEqual(status, 0, 'user deletion failed with own credentials : '+output) + def testChangeKey(self): + # Create account and users + (status, output) = Utils.addAccount('test') + self.assertEqual(status, 0, 'Account creation failed: ' + output) + + (status, output) = Utils.addAdminUser('test', 'admin', 'password') + self.assertEqual(status, 0, 'User addition failed: ' + output) + + (status, output) = Utils.addUser('test', 'user', 'password') + self.assertEqual(status, 0, 'User addition failed: ' + output) + + (status, output) = Utils.addResellerAdminUser('test', 'radmin', 'password') + self.assertEqual(status, 0, 'User addition failed: ' + output) + + # Change acccount admin password/key + (status, output) = Utils.addAdminUser('test', 'admin', 'new_password', user='test:admin', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Change regular user password/key + (status, output) = Utils.addUser('test', 'user', 'new_password', user='test:user', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Change reseller admin password/key + (status, output) = Utils.addResellerAdminUser('test', 'radmin', 'new_password', user='test:radmin', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # To verify that password was changed for real, re-run the above commands, but with the new password + # Change acccount admin password/key using the new password + (status, output) = Utils.addAdminUser('test', 'admin', 'password', user='test:admin', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Change regular user password/key using the new password + (status, output) = Utils.addUser('test', 'user', 'password', user='test:user', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Change reseller admin password/key using the new password + (status, output) = Utils.addResellerAdminUser('test', 'radmin', 'password', user='test:radmin', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Make sure that regular user cannot upgrade to admin + (status, output) = Utils.addAdminUser('test', 'user', 'password', user='test:user', key='password') + self.assertEqual('User creation failed' in output, True, 'Update key failed: ' + output) + + # Make sure that regular user cannot upgrade to reseller_admin + (status, output) = Utils.addResellerAdminUser('test', 'user', 'password', user='test:user', key='password') + self.assertEqual('User creation failed' in output, True, 'Update key failed: ' + output) + + # Make sure admin cannot update himself to reseller_admin + (status, output) = Utils.addResellerAdminUser('test', 'admin', 'password', user='test:admin', key='password') + self.assertEqual('User creation failed' in output, True, 'Update key failed: ' + output) + + # Account admin changing regular user password/key + (status, output) = Utils.addUser('test', 'user', 'new_password', user='test:admin', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + # Verify by running the command with new password + (status, output) = Utils.addUser('test', 'user', 'password', user='test:user', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Reseller admin changing regular user password/key + (status, output) = Utils.addUser('test', 'user', 'new_password', user='test:radmin', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + # Verify by running the command with new password + (status, output) = Utils.addUser('test', 'user', 'password', user='test:user', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + + # Reseller admin changing account admin password/key + (status, output) = Utils.addAdminUser('test', 'admin', 'new_password', user='test:radmin', key='password') + self.assertEqual(status, 0, 'Update key failed: ' + output) + # Verify by running the command with new password + (status, output) = Utils.addAdminUser('test', 'admin', 'password', user='test:admin', key='new_password') + self.assertEqual(status, 0, 'Update key failed: ' + output) |