github.com/altoros/juju-vmware@v0.0.0-20150312064031-f19ae857ccca/apiserver/rsyslog/rsyslog_test.go

github.com/altoros/juju-vmware@v0.0.0-20150312064031-f19ae857ccca/apiserver/rsyslog/rsyslog_test.go (about)

     1  // Copyright 2013 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package rsyslog_test
     5  
     6  import (
     7  	"encoding/pem"
     8  
     9  	"github.com/juju/names"
    10  	jc "github.com/juju/testing/checkers"
    11  	gc "gopkg.in/check.v1"
    12  
    13  	apirsyslog "github.com/juju/juju/api/rsyslog"
    14  	"github.com/juju/juju/apiserver/common"
    15  	commontesting "github.com/juju/juju/apiserver/common/testing"
    16  	"github.com/juju/juju/apiserver/params"
    17  	"github.com/juju/juju/apiserver/rsyslog"
    18  	apiservertesting "github.com/juju/juju/apiserver/testing"
    19  	"github.com/juju/juju/juju/testing"
    20  	"github.com/juju/juju/network"
    21  	"github.com/juju/juju/state"
    22  	coretesting "github.com/juju/juju/testing"
    23  )
    24  
    25  type rsyslogSuite struct {
    26  	testing.JujuConnSuite
    27  	*commontesting.EnvironWatcherTest
    28  	authorizer apiservertesting.FakeAuthorizer
    29  	resources  *common.Resources
    30  	rsyslog    *rsyslog.RsyslogAPI
    31  }
    32  
    33  var _ = gc.Suite(&rsyslogSuite{})
    34  
    35  func (s *rsyslogSuite) SetUpTest(c *gc.C) {
    36  	s.JujuConnSuite.SetUpTest(c)
    37  	s.authorizer = apiservertesting.FakeAuthorizer{
    38  		Tag:            names.NewMachineTag("1"),
    39  		EnvironManager: false,
    40  	}
    41  	s.resources = common.NewResources()
    42  	s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
    43  	api, err := rsyslog.NewRsyslogAPI(s.State, s.resources, s.authorizer)
    44  	c.Assert(err, jc.ErrorIsNil)
    45  	s.EnvironWatcherTest = commontesting.NewEnvironWatcherTest(
    46  		api, s.State, s.resources, commontesting.NoSecrets)
    47  }
    48  
    49  func verifyRsyslogCACert(c *gc.C, st *apirsyslog.State, expected string) {
    50  	cfg, err := st.GetRsyslogConfig("foo")
    51  	c.Assert(err, jc.ErrorIsNil)
    52  	c.Assert(cfg.CACert, gc.DeepEquals, expected)
    53  }
    54  
    55  func (s *rsyslogSuite) TestSetRsyslogCert(c *gc.C) {
    56  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    57  	err := m.SetAddresses(network.NewAddress("0.1.2.3", network.ScopeUnknown))
    58  	c.Assert(err, jc.ErrorIsNil)
    59  
    60  	err = st.Rsyslog().SetRsyslogCert(coretesting.CACert)
    61  	c.Assert(err, jc.ErrorIsNil)
    62  	verifyRsyslogCACert(c, st.Rsyslog(), coretesting.CACert)
    63  }
    64  
    65  func (s *rsyslogSuite) TestSetRsyslogCertNil(c *gc.C) {
    66  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    67  	err := m.SetAddresses(network.NewAddress("0.1.2.3", network.ScopeUnknown))
    68  	c.Assert(err, jc.ErrorIsNil)
    69  
    70  	err = st.Rsyslog().SetRsyslogCert("")
    71  	c.Assert(err, gc.ErrorMatches, "no certificates found")
    72  	verifyRsyslogCACert(c, st.Rsyslog(), "")
    73  }
    74  
    75  func (s *rsyslogSuite) TestSetRsyslogCertInvalid(c *gc.C) {
    76  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    77  	err := m.SetAddresses(network.NewAddress("0.1.2.3", network.ScopeUnknown))
    78  	c.Assert(err, jc.ErrorIsNil)
    79  
    80  	err = st.Rsyslog().SetRsyslogCert(string(pem.EncodeToMemory(&pem.Block{
    81  		Type:  "CERTIFICATE",
    82  		Bytes: []byte("not a valid certificate"),
    83  	})))
    84  	c.Assert(err, gc.ErrorMatches, ".*structure error.*")
    85  	verifyRsyslogCACert(c, st.Rsyslog(), "")
    86  }
    87  
    88  func (s *rsyslogSuite) TestSetRsyslogCertPerms(c *gc.C) {
    89  	// create a machine-0 so we have an addresss to log to
    90  	m, err := s.State.AddMachine("trusty", state.JobManageEnviron)
    91  	c.Assert(err, jc.ErrorIsNil)
    92  	err = m.SetAddresses(network.NewAddress("0.1.2.3", network.ScopeUnknown))
    93  	c.Assert(err, jc.ErrorIsNil)
    94  
    95  	unitState, _ := s.OpenAPIAsNewMachine(c, state.JobHostUnits)
    96  	err = unitState.Rsyslog().SetRsyslogCert(coretesting.CACert)
    97  	c.Assert(err, gc.ErrorMatches, "invalid entity name or password")
    98  	c.Assert(err, jc.Satisfies, params.IsCodeUnauthorized)
    99  	// Verify no change was effected.
   100  	verifyRsyslogCACert(c, unitState.Rsyslog(), "")
   101  }
   102  
   103  func (s *rsyslogSuite) TestUpgraderAPIAllowsUnitAgent(c *gc.C) {
   104  	anAuthorizer := s.authorizer
   105  	anAuthorizer.Tag = names.NewUnitTag("seven/9")
   106  	anUpgrader, err := rsyslog.NewRsyslogAPI(s.State, s.resources, anAuthorizer)
   107  	c.Check(err, jc.ErrorIsNil)
   108  	c.Check(anUpgrader, gc.NotNil)
   109  }
   110  
   111  func (s *rsyslogSuite) TestUpgraderAPIRefusesNonUnitNonMachineAgent(c *gc.C) {
   112  	anAuthorizer := s.authorizer
   113  	anAuthorizer.Tag = names.NewServiceTag("hadoop")
   114  	anUpgrader, err := rsyslog.NewRsyslogAPI(s.State, s.resources, anAuthorizer)
   115  	c.Check(err, gc.NotNil)
   116  	c.Check(anUpgrader, gc.IsNil)
   117  	c.Assert(err, gc.ErrorMatches, "permission denied")
   118  }