launchpad.net/~rogpeppe/juju-core/500-errgo-fix@v0.0.0-20140213181702-000000002356/state/api/keymanager/client_test.go (about) 1 // Copyright 2013 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package keymanager_test 5 6 import ( 7 gc "launchpad.net/gocheck" 8 "strings" 9 10 jujutesting "launchpad.net/juju-core/juju/testing" 11 "launchpad.net/juju-core/state/api/keymanager" 12 "launchpad.net/juju-core/state/api/params" 13 keymanagerserver "launchpad.net/juju-core/state/apiserver/keymanager" 14 keymanagertesting "launchpad.net/juju-core/state/apiserver/keymanager/testing" 15 "launchpad.net/juju-core/state/testing" 16 "launchpad.net/juju-core/utils/ssh" 17 sshtesting "launchpad.net/juju-core/utils/ssh/testing" 18 ) 19 20 type keymanagerSuite struct { 21 jujutesting.JujuConnSuite 22 23 keymanager *keymanager.Client 24 } 25 26 var _ = gc.Suite(&keymanagerSuite{}) 27 28 func (s *keymanagerSuite) SetUpTest(c *gc.C) { 29 s.JujuConnSuite.SetUpTest(c) 30 s.keymanager = keymanager.NewClient(s.APIState) 31 c.Assert(s.keymanager, gc.NotNil) 32 33 } 34 35 func (s *keymanagerSuite) setAuthorisedKeys(c *gc.C, keys string) { 36 err := testing.UpdateConfig(s.BackingState, map[string]interface{}{"authorized-keys": keys}) 37 c.Assert(err, gc.IsNil) 38 } 39 40 func (s *keymanagerSuite) TestListKeys(c *gc.C) { 41 key1 := sshtesting.ValidKeyOne.Key + " user@host" 42 key2 := sshtesting.ValidKeyTwo.Key 43 s.setAuthorisedKeys(c, strings.Join([]string{key1, key2}, "\n")) 44 45 keyResults, err := s.keymanager.ListKeys(ssh.Fingerprints, "admin") 46 c.Assert(err, gc.IsNil) 47 c.Assert(len(keyResults), gc.Equals, 1) 48 result := keyResults[0] 49 c.Assert(result.Error, gc.IsNil) 50 c.Assert(result.Result, gc.DeepEquals, 51 []string{sshtesting.ValidKeyOne.Fingerprint + " (user@host)", sshtesting.ValidKeyTwo.Fingerprint}) 52 } 53 54 func (s *keymanagerSuite) TestListKeysErrors(c *gc.C) { 55 keyResults, err := s.keymanager.ListKeys(ssh.Fingerprints, "invalid") 56 c.Assert(err, gc.IsNil) 57 c.Assert(len(keyResults), gc.Equals, 1) 58 result := keyResults[0] 59 c.Assert(result.Error, gc.ErrorMatches, `permission denied`) 60 } 61 62 func clientError(message string) *params.Error { 63 return ¶ms.Error{ 64 Message: message, 65 Code: "", 66 } 67 } 68 69 func (s *keymanagerSuite) assertEnvironKeys(c *gc.C, expected []string) { 70 envConfig, err := s.State.EnvironConfig() 71 c.Assert(err, gc.IsNil) 72 keys := envConfig.AuthorizedKeys() 73 c.Assert(keys, gc.Equals, strings.Join(expected, "\n")) 74 } 75 76 func (s *keymanagerSuite) TestAddKeys(c *gc.C) { 77 key1 := sshtesting.ValidKeyOne.Key + " user@host" 78 s.setAuthorisedKeys(c, key1) 79 80 newKeys := []string{sshtesting.ValidKeyTwo.Key, sshtesting.ValidKeyThree.Key, "invalid"} 81 errResults, err := s.keymanager.AddKeys("admin", newKeys...) 82 c.Assert(err, gc.IsNil) 83 c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{ 84 {Error: nil}, 85 {Error: nil}, 86 {Error: clientError("invalid ssh key: invalid")}, 87 }) 88 s.assertEnvironKeys(c, append([]string{key1}, newKeys[:2]...)) 89 } 90 91 func (s *keymanagerSuite) TestDeleteKeys(c *gc.C) { 92 key1 := sshtesting.ValidKeyOne.Key + " user@host" 93 key2 := sshtesting.ValidKeyTwo.Key 94 key3 := sshtesting.ValidKeyThree.Key 95 initialKeys := []string{key1, key2, key3, "invalid"} 96 s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n")) 97 98 errResults, err := s.keymanager.DeleteKeys("admin", sshtesting.ValidKeyTwo.Fingerprint, "user@host", "missing") 99 c.Assert(err, gc.IsNil) 100 c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{ 101 {Error: nil}, 102 {Error: nil}, 103 {Error: clientError("invalid ssh key: missing")}, 104 }) 105 s.assertEnvironKeys(c, []string{"invalid", key3}) 106 } 107 108 func (s *keymanagerSuite) TestImportKeys(c *gc.C) { 109 s.PatchValue(&keymanagerserver.RunSSHImportId, keymanagertesting.FakeImport) 110 111 key1 := sshtesting.ValidKeyOne.Key + " user@host" 112 s.setAuthorisedKeys(c, key1) 113 114 keyIds := []string{"lp:validuser", "invalid-key"} 115 errResults, err := s.keymanager.ImportKeys("admin", keyIds...) 116 c.Assert(err, gc.IsNil) 117 c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{ 118 {Error: nil}, 119 {Error: clientError("invalid ssh key id: invalid-key")}, 120 }) 121 s.assertEnvironKeys(c, []string{key1, sshtesting.ValidKeyThree.Key}) 122 } 123 124 func (s *keymanagerSuite) assertInvalidUserOperation(c *gc.C, test func(user string, keys []string) error) { 125 key1 := sshtesting.ValidKeyOne.Key + " user@host" 126 s.setAuthorisedKeys(c, key1) 127 128 // Run the required test code and check the error. 129 keys := []string{sshtesting.ValidKeyTwo.Key, sshtesting.ValidKeyThree.Key} 130 err := test("invalid", keys) 131 c.Assert(err, gc.ErrorMatches, `permission denied`) 132 133 // No environ changes. 134 s.assertEnvironKeys(c, []string{key1}) 135 } 136 137 func (s *keymanagerSuite) TestAddKeysInvalidUser(c *gc.C) { 138 s.assertInvalidUserOperation(c, func(user string, keys []string) error { 139 _, err := s.keymanager.AddKeys(user, keys...) 140 return err 141 }) 142 } 143 144 func (s *keymanagerSuite) TestDeleteKeysInvalidUser(c *gc.C) { 145 s.assertInvalidUserOperation(c, func(user string, keys []string) error { 146 _, err := s.keymanager.DeleteKeys(user, keys...) 147 return err 148 }) 149 } 150 151 func (s *keymanagerSuite) TestImportKeysInvalidUser(c *gc.C) { 152 s.assertInvalidUserOperation(c, func(user string, keys []string) error { 153 _, err := s.keymanager.ImportKeys(user, keys...) 154 return err 155 }) 156 }