| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed the code to only allow the super_admin to delete a reseller_admin.
This follows the same logic of user creation, where only the super_admin
can create a reseller_admin.
Also, took the opportunity to refactor some code and implemented
get_user_detail method to remove duplicated code
Bug 1260239: https://bugs.launchpad.net/gluster-swift/+bug/1260239
Change-Id: I9e4866cd7ad08698f427846be566ab2364ad4850
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6516
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6690
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit does following:
1.New functions in Utils based on CLI
2.Fixes for existing suite
3.Test cases for non super_admin users doing user/account operations
I tried to cover most of the possible test cases that can be duducted
from the swauth dev guide and swuath user role matrix.These resources
can be found here:
https://raw.github.com/rbeede/swauth/master/doc/source/Draft%20Security%20Guide/swift_swauth_roles_matrix.png
http://gholt.github.io/swauth/dev/
Change-Id: I45d99252825b82008abb679cffcc980732c815ea
Signed-off-by: Pushpesh Sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6676
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Users were not able to update their own password/key
with the update operation resulting in 403 (HTTPForbidden).
EXAMPLES:
Command to update password/key of regular user:
gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass
Command to update password/key of account admin:
gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass
Command to update password/key of reseller_admin:
gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass
BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227
Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6650
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6668
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
Tested-by: Chetan Risbud <crisbud@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Fix spelling of "privileges" in gswauth-* commands.
Add comment to clarify use of req.credentials_valid.
Change-Id: Ibb4d331f57df29e28670252b1360b3a72ea688cf
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6448
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cli tools for account and user mgmt have been renamed
from swauth-* to gswauth-*
Updated other configuration and test files accordingly
Change-Id: Iced3bb27fbd09da45754ddb264f8fb4528ab423c
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6417
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Shilpa MJ <smanjara@redhat.com>
Tested-by: Shilpa MJ <smanjara@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6466
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- 401(Unauthorized) is to be returned when user credentials are
wrong where as 403(Forbidden) is to be returned when user
credentials are correct but the user doesn't have the priveleges
to carry out the operation.
- Also error messages displayed when using swauth-* command line
utilities have been updated.
Change-Id: I485786896ad14d3263f4325d1857cacc93adab96
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6336
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All the configuration files were missing settings used when
gluster-swift is installed
Change-Id: I4ff877241a5965f2b0359e0549629614596045bb
Signed-off-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6430
Reviewed-by: Thiago Da Silva <thiago@redhat.com>
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6439
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
swauth-list now shows lists of accounts, users and groups
in a tabular format (default). JSON and plain-text options
are still available
Change-Id: I897009f5f6c05aa4c14e306bb6ad35234e993fcd
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6347
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6372
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test suite plans to tests following gswauth commands:-
1. swauth-prep
2. swauth-add-account
3. swauth-delete-account
4. swauth-add-user
5. swauth-delete-user
6. swauth-set-account-service
7. swauth-cleanup-tokens
8. swauth-list
It uses 'commands' python module to execute gswauthcommands,
and capture the status and output of commands followed by
asserts to verify if the captured status and output is same
as expected ones.This initial draft has tests for first 1-5
commands.
Change-Id: I8591884e87c6ffd88446aacd04a1db2daab2d189
Signed-off-by: Pushpesh Sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6277
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6327
|
|
|
|
|
|
|
|
|
|
|
|
| |
changed code where appropriate to gswauth
instead of swauth
Change-Id: Iadcec4f379fae3f063379b4899797b375290cc7b
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6226
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6278
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New tests around account and user modifications
Testing password changes and invalid admin rights
porting changes to havana branch
Change-Id: I2e867c2bb3ed10f375cc3f20fa66506e2cdd96e6
Reviewed-on: http://review.gluster.org/6223
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6260
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These tests cover account registration and de-registration
user creation/delete, and listing of both account and user.
Some functions were renamed to better represent their purpose
and make them generic enough to be used by other tests
Change-Id: Ie622daccfc8e2d2fb45565952a99d7d832ce1189
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6212
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6257
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
changed code to look at configuration file for
the metadata gluster volume name. The default is still
gsmetadata
Change-Id: I9bf74b9566ea1c9716c42f7ced0f999e02824868
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6225
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Reviewed-on: http://review.gluster.org/6258
|
|
commiting first gswauth functional tests.
Currently there are two tests, to create account
and to create an user. Each test is self contained
in that it goes through the process of creating and deleting
accounts and users as needed.
More tests will be added shortly.
Change-Id: I26d577790aed8c79c9de11f224516423e9769962
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6188
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6211
|