github.com/mattyw/juju@v0.0.0-20140610034352-732aecd63861/state/apiserver/rsyslog/rsyslog_test.go

github.com/mattyw/juju@v0.0.0-20140610034352-732aecd63861/state/apiserver/rsyslog/rsyslog_test.go (about)

     1  // Copyright 2013 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package rsyslog_test
     5  
     6  import (
     7  	"encoding/pem"
     8  
     9  	jc "github.com/juju/testing/checkers"
    10  	gc "launchpad.net/gocheck"
    11  
    12  	"github.com/juju/juju/instance"
    13  	"github.com/juju/juju/juju/testing"
    14  	"github.com/juju/juju/state"
    15  	"github.com/juju/juju/state/api/params"
    16  	apirsyslog "github.com/juju/juju/state/api/rsyslog"
    17  	"github.com/juju/juju/state/apiserver/common"
    18  	commontesting "github.com/juju/juju/state/apiserver/common/testing"
    19  	"github.com/juju/juju/state/apiserver/rsyslog"
    20  	apiservertesting "github.com/juju/juju/state/apiserver/testing"
    21  	coretesting "github.com/juju/juju/testing"
    22  )
    23  
    24  type rsyslogSuite struct {
    25  	testing.JujuConnSuite
    26  	*commontesting.EnvironWatcherTest
    27  	authorizer apiservertesting.FakeAuthorizer
    28  	resources  *common.Resources
    29  	rsyslog    *rsyslog.RsyslogAPI
    30  }
    31  
    32  var _ = gc.Suite(&rsyslogSuite{})
    33  
    34  func (s *rsyslogSuite) SetUpTest(c *gc.C) {
    35  	s.JujuConnSuite.SetUpTest(c)
    36  	s.authorizer = apiservertesting.FakeAuthorizer{
    37  		LoggedIn:       true,
    38  		EnvironManager: true,
    39  		MachineAgent:   true,
    40  	}
    41  	s.resources = common.NewResources()
    42  	api, err := rsyslog.NewRsyslogAPI(s.State, s.resources, s.authorizer)
    43  	c.Assert(err, gc.IsNil)
    44  	s.EnvironWatcherTest = commontesting.NewEnvironWatcherTest(
    45  		api, s.State, s.resources, commontesting.NoSecrets)
    46  }
    47  
    48  func verifyRsyslogCACert(c *gc.C, st *apirsyslog.State, expected string) {
    49  	cfg, err := st.GetRsyslogConfig("foo")
    50  	c.Assert(err, gc.IsNil)
    51  	c.Assert(cfg.CACert, gc.DeepEquals, expected)
    52  }
    53  
    54  func (s *rsyslogSuite) TestSetRsyslogCert(c *gc.C) {
    55  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    56  	err := m.SetAddresses(instance.NewAddress("0.1.2.3", instance.NetworkUnknown))
    57  	c.Assert(err, gc.IsNil)
    58  
    59  	err = st.Rsyslog().SetRsyslogCert(coretesting.CACert)
    60  	c.Assert(err, gc.IsNil)
    61  	verifyRsyslogCACert(c, st.Rsyslog(), coretesting.CACert)
    62  }
    63  
    64  func (s *rsyslogSuite) TestSetRsyslogCertNil(c *gc.C) {
    65  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    66  	err := m.SetAddresses(instance.NewAddress("0.1.2.3", instance.NetworkUnknown))
    67  	c.Assert(err, gc.IsNil)
    68  
    69  	err = st.Rsyslog().SetRsyslogCert("")
    70  	c.Assert(err, gc.ErrorMatches, "no certificates found")
    71  	verifyRsyslogCACert(c, st.Rsyslog(), "")
    72  }
    73  
    74  func (s *rsyslogSuite) TestSetRsyslogCertInvalid(c *gc.C) {
    75  	st, m := s.OpenAPIAsNewMachine(c, state.JobManageEnviron)
    76  	err := m.SetAddresses(instance.NewAddress("0.1.2.3", instance.NetworkUnknown))
    77  	c.Assert(err, gc.IsNil)
    78  
    79  	err = st.Rsyslog().SetRsyslogCert(string(pem.EncodeToMemory(&pem.Block{
    80  		Type:  "CERTIFICATE",
    81  		Bytes: []byte("not a valid certificate"),
    82  	})))
    83  	c.Assert(err, gc.ErrorMatches, ".*structure error.*")
    84  	verifyRsyslogCACert(c, st.Rsyslog(), "")
    85  }
    86  
    87  func (s *rsyslogSuite) TestSetRsyslogCertPerms(c *gc.C) {
    88  	// create a machine-0 so we have an addresss to log to
    89  	m, err := s.State.AddMachine("trusty", state.JobManageEnviron)
    90  	c.Assert(err, gc.IsNil)
    91  	err = m.SetAddresses(instance.NewAddress("0.1.2.3", instance.NetworkUnknown))
    92  	c.Assert(err, gc.IsNil)
    93  
    94  	unitState, _ := s.OpenAPIAsNewMachine(c, state.JobHostUnits)
    95  	err = unitState.Rsyslog().SetRsyslogCert(coretesting.CACert)
    96  	c.Assert(err, gc.ErrorMatches, "invalid entity name or password")
    97  	c.Assert(err, jc.Satisfies, params.IsCodeUnauthorized)
    98  	// Verify no change was effected.
    99  	verifyRsyslogCACert(c, unitState.Rsyslog(), "")
   100  }
   101  
   102  func (s *rsyslogSuite) TestUpgraderAPIAllowsUnitAgent(c *gc.C) {
   103  	anAuthorizer := s.authorizer
   104  	anAuthorizer.UnitAgent = true
   105  	anAuthorizer.MachineAgent = false
   106  	anUpgrader, err := rsyslog.NewRsyslogAPI(s.State, s.resources, anAuthorizer)
   107  	c.Check(err, gc.IsNil)
   108  	c.Check(anUpgrader, gc.NotNil)
   109  }
   110  
   111  func (s *rsyslogSuite) TestUpgraderAPIRefusesNonUnitNonMachineAgent(c *gc.C) {
   112  	anAuthorizer := s.authorizer
   113  	anAuthorizer.UnitAgent = false
   114  	anAuthorizer.MachineAgent = false
   115  	anUpgrader, err := rsyslog.NewRsyslogAPI(s.State, s.resources, anAuthorizer)
   116  	c.Check(err, gc.NotNil)
   117  	c.Check(anUpgrader, gc.IsNil)
   118  	c.Assert(err, gc.ErrorMatches, "permission denied")
   119  }