launchpad.net/~rogpeppe/juju-core/500-errgo-fix@v0.0.0-20140213181702-000000002356/state/api/keymanager/client_test.go (about)

     1  // Copyright 2013 Canonical Ltd.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package keymanager_test
     5  
     6  import (
     7  	gc "launchpad.net/gocheck"
     8  	"strings"
     9  
    10  	jujutesting "launchpad.net/juju-core/juju/testing"
    11  	"launchpad.net/juju-core/state/api/keymanager"
    12  	"launchpad.net/juju-core/state/api/params"
    13  	keymanagerserver "launchpad.net/juju-core/state/apiserver/keymanager"
    14  	keymanagertesting "launchpad.net/juju-core/state/apiserver/keymanager/testing"
    15  	"launchpad.net/juju-core/state/testing"
    16  	"launchpad.net/juju-core/utils/ssh"
    17  	sshtesting "launchpad.net/juju-core/utils/ssh/testing"
    18  )
    19  
    20  type keymanagerSuite struct {
    21  	jujutesting.JujuConnSuite
    22  
    23  	keymanager *keymanager.Client
    24  }
    25  
    26  var _ = gc.Suite(&keymanagerSuite{})
    27  
    28  func (s *keymanagerSuite) SetUpTest(c *gc.C) {
    29  	s.JujuConnSuite.SetUpTest(c)
    30  	s.keymanager = keymanager.NewClient(s.APIState)
    31  	c.Assert(s.keymanager, gc.NotNil)
    32  
    33  }
    34  
    35  func (s *keymanagerSuite) setAuthorisedKeys(c *gc.C, keys string) {
    36  	err := testing.UpdateConfig(s.BackingState, map[string]interface{}{"authorized-keys": keys})
    37  	c.Assert(err, gc.IsNil)
    38  }
    39  
    40  func (s *keymanagerSuite) TestListKeys(c *gc.C) {
    41  	key1 := sshtesting.ValidKeyOne.Key + " user@host"
    42  	key2 := sshtesting.ValidKeyTwo.Key
    43  	s.setAuthorisedKeys(c, strings.Join([]string{key1, key2}, "\n"))
    44  
    45  	keyResults, err := s.keymanager.ListKeys(ssh.Fingerprints, "admin")
    46  	c.Assert(err, gc.IsNil)
    47  	c.Assert(len(keyResults), gc.Equals, 1)
    48  	result := keyResults[0]
    49  	c.Assert(result.Error, gc.IsNil)
    50  	c.Assert(result.Result, gc.DeepEquals,
    51  		[]string{sshtesting.ValidKeyOne.Fingerprint + " (user@host)", sshtesting.ValidKeyTwo.Fingerprint})
    52  }
    53  
    54  func (s *keymanagerSuite) TestListKeysErrors(c *gc.C) {
    55  	keyResults, err := s.keymanager.ListKeys(ssh.Fingerprints, "invalid")
    56  	c.Assert(err, gc.IsNil)
    57  	c.Assert(len(keyResults), gc.Equals, 1)
    58  	result := keyResults[0]
    59  	c.Assert(result.Error, gc.ErrorMatches, `permission denied`)
    60  }
    61  
    62  func clientError(message string) *params.Error {
    63  	return &params.Error{
    64  		Message: message,
    65  		Code:    "",
    66  	}
    67  }
    68  
    69  func (s *keymanagerSuite) assertEnvironKeys(c *gc.C, expected []string) {
    70  	envConfig, err := s.State.EnvironConfig()
    71  	c.Assert(err, gc.IsNil)
    72  	keys := envConfig.AuthorizedKeys()
    73  	c.Assert(keys, gc.Equals, strings.Join(expected, "\n"))
    74  }
    75  
    76  func (s *keymanagerSuite) TestAddKeys(c *gc.C) {
    77  	key1 := sshtesting.ValidKeyOne.Key + " user@host"
    78  	s.setAuthorisedKeys(c, key1)
    79  
    80  	newKeys := []string{sshtesting.ValidKeyTwo.Key, sshtesting.ValidKeyThree.Key, "invalid"}
    81  	errResults, err := s.keymanager.AddKeys("admin", newKeys...)
    82  	c.Assert(err, gc.IsNil)
    83  	c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{
    84  		{Error: nil},
    85  		{Error: nil},
    86  		{Error: clientError("invalid ssh key: invalid")},
    87  	})
    88  	s.assertEnvironKeys(c, append([]string{key1}, newKeys[:2]...))
    89  }
    90  
    91  func (s *keymanagerSuite) TestDeleteKeys(c *gc.C) {
    92  	key1 := sshtesting.ValidKeyOne.Key + " user@host"
    93  	key2 := sshtesting.ValidKeyTwo.Key
    94  	key3 := sshtesting.ValidKeyThree.Key
    95  	initialKeys := []string{key1, key2, key3, "invalid"}
    96  	s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n"))
    97  
    98  	errResults, err := s.keymanager.DeleteKeys("admin", sshtesting.ValidKeyTwo.Fingerprint, "user@host", "missing")
    99  	c.Assert(err, gc.IsNil)
   100  	c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{
   101  		{Error: nil},
   102  		{Error: nil},
   103  		{Error: clientError("invalid ssh key: missing")},
   104  	})
   105  	s.assertEnvironKeys(c, []string{"invalid", key3})
   106  }
   107  
   108  func (s *keymanagerSuite) TestImportKeys(c *gc.C) {
   109  	s.PatchValue(&keymanagerserver.RunSSHImportId, keymanagertesting.FakeImport)
   110  
   111  	key1 := sshtesting.ValidKeyOne.Key + " user@host"
   112  	s.setAuthorisedKeys(c, key1)
   113  
   114  	keyIds := []string{"lp:validuser", "invalid-key"}
   115  	errResults, err := s.keymanager.ImportKeys("admin", keyIds...)
   116  	c.Assert(err, gc.IsNil)
   117  	c.Assert(errResults, gc.DeepEquals, []params.ErrorResult{
   118  		{Error: nil},
   119  		{Error: clientError("invalid ssh key id: invalid-key")},
   120  	})
   121  	s.assertEnvironKeys(c, []string{key1, sshtesting.ValidKeyThree.Key})
   122  }
   123  
   124  func (s *keymanagerSuite) assertInvalidUserOperation(c *gc.C, test func(user string, keys []string) error) {
   125  	key1 := sshtesting.ValidKeyOne.Key + " user@host"
   126  	s.setAuthorisedKeys(c, key1)
   127  
   128  	// Run the required test code and check the error.
   129  	keys := []string{sshtesting.ValidKeyTwo.Key, sshtesting.ValidKeyThree.Key}
   130  	err := test("invalid", keys)
   131  	c.Assert(err, gc.ErrorMatches, `permission denied`)
   132  
   133  	// No environ changes.
   134  	s.assertEnvironKeys(c, []string{key1})
   135  }
   136  
   137  func (s *keymanagerSuite) TestAddKeysInvalidUser(c *gc.C) {
   138  	s.assertInvalidUserOperation(c, func(user string, keys []string) error {
   139  		_, err := s.keymanager.AddKeys(user, keys...)
   140  		return err
   141  	})
   142  }
   143  
   144  func (s *keymanagerSuite) TestDeleteKeysInvalidUser(c *gc.C) {
   145  	s.assertInvalidUserOperation(c, func(user string, keys []string) error {
   146  		_, err := s.keymanager.DeleteKeys(user, keys...)
   147  		return err
   148  	})
   149  }
   150  
   151  func (s *keymanagerSuite) TestImportKeysInvalidUser(c *gc.C) {
   152  	s.assertInvalidUserOperation(c, func(user string, keys []string) error {
   153  		_, err := s.keymanager.ImportKeys(user, keys...)
   154  		return err
   155  	})
   156  }