gluster-swift.git/test/functional_auth/gswauth, branch sp adding error handling to gswauth-cleanup-tokens tool 2014-02-05T14:23:04+00:00 Thiago da Silva thiago@redhat.com 2014-01-23T18:43:28+00:00 3ee9a70402764f21dbea387aa75d81999b224beb added input validation for a couple of options and error handling in case a non-existing account name is provided Change-Id: I6d703d584552fc7b7574f34e79ed25a2982b6d5e Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6767 Reviewed-by: Prashanth Pai <ppai@redhat.com> Tested-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: pushpesh sharma <psharma@redhat.com> Tested-by: pushpesh sharma <psharma@redhat.com> Reviewed-by: Chetan Risbud <crisbud@redhat.com> 
added input validation for a couple of options and
error handling in case a non-existing account name
is provided

Change-Id: I6d703d584552fc7b7574f34e79ed25a2982b6d5e
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6767
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
Fixes some TCs that assert for response code 403 2014-01-31T06:17:37+00:00 Pushpesh Sharma psharma@redhat.com 2014-01-28T10:54:18+00:00 ec2c548af9067e73e9e6c6a34a1438a3ff7e94a2 For some scenarios although the expected response as per the REST spec is 403, but due to technical limitation/performance improvements it is decided to go with 401.EX:An admin/regular user tries to add a reseller admin user. Change-Id: Ibc280a0be6e5cb81d4d2c46d9a758915ff60ae8f Reviewed-on: http://review.gluster.org/6833 Reviewed-by: Prashanth Pai <ppai@redhat.com> Reviewed-by: Chetan Risbud <crisbud@redhat.com> Tested-by: Chetan Risbud <crisbud@redhat.com> 
For some scenarios although the expected response as per the
REST spec is 403, but due to technical limitation/performance
improvements it is decided to go with 401.EX:An admin/regular
user tries to add a reseller admin user.

Change-Id: Ibc280a0be6e5cb81d4d2c46d9a758915ff60ae8f
Reviewed-on: http://review.gluster.org/6833
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
Tested-by: Chetan Risbud <crisbud@redhat.com>
Test cases for gswauth-cleanup-token 2014-01-24T16:12:15+00:00 Pushpesh Sharma psharma@redhat.com 2014-01-22T14:13:42+00:00 1f432663badbee97543d92dd68fc196b169a938d This commit creates a new class to validate the cleanup-token & set-account-service CLI utility.This test tries to cover all the psossible values that can be passed as user input valid/invalid. Change-Id: Ia8ca40ca9e63a296b70cb999c6507b7b1ffbdf61 Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6759 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
This commit creates a new class to validate the cleanup-token
& set-account-service CLI utility.This test tries to cover all the psossible values
that can be passed as user input valid/invalid.

Change-Id: Ia8ca40ca9e63a296b70cb999c6507b7b1ffbdf61
Signed-off-by: Pushpesh Sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6759
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Provide more generic string in testAssert of some TCs 2014-01-21T18:11:42+00:00 Pushpesh Sharma psharma@redhat.com 2014-01-16T06:05:10+00:00 22d8dffb366fc46b6810e068a771e3948fd89a3c CLI test case were failing on RHEL systems as the error string on Fedora19 and RHEL6.4 systems are different however a more gereric string is there on both of the systems and this is about that only. It replaces the 'ECONNREFUSED' & 'No address associated with hostname' with 'Check that the admin_url is valid'.Now the TCs pass on both of the OS. Change-Id: Iff8b2719e8917864ed8f80d961c55a7f9f6fc77b Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6718 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
CLI test case were failing on RHEL systems as the error string
on Fedora19 and RHEL6.4 systems are different however a more gereric
string is there on both of the systems and this is about that only.
It replaces the 'ECONNREFUSED' & 'No address associated with hostname'
with 'Check that the admin_url is valid'.Now the TCs pass on both of
the OS.

Change-Id: Iff8b2719e8917864ed8f80d961c55a7f9f6fc77b
Signed-off-by: Pushpesh Sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6718
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
fix error handing in swauth tools 2014-01-14T20:15:53+00:00 Thiago da Silva thiago@redhat.com 2013-12-04T23:12:12+00:00 62d07833db5412f482001b275d2d646abbf21c14 The swauth tools did not handle an invalid admin_url, so it just failed printing the stacktrace, which is not useful to end users. This fix catches the exception and prints an error message that can help user solve the issue. Change-Id: I806c1cf191b5921e904b155f65cdbde5f2aac695 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6431 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
The swauth tools did not handle an invalid admin_url, so it just failed
printing the stacktrace, which is not useful to end users.
This fix catches the exception and prints an error message that can
help user solve the issue.

Change-Id: I806c1cf191b5921e904b155f65cdbde5f2aac695
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6431
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Fix bug where admin is able to delete reseller_admin 2014-01-10T20:52:53+00:00 Thiago da Silva thiago@redhat.com 2013-12-16T17:00:38+00:00 205a6e4aa7e86b1e82babd3fa64d2cf002ccdaef Changed the code to only allow the super_admin to delete a reseller_admin. This follows the same logic of user creation, where only the super_admin can create a reseller_admin. Also, took the opportunity to refactor some code and implemented get_user_detail method to remove duplicated code Bug 1260239: https://bugs.launchpad.net/gluster-swift/+bug/1260239 Change-Id: I9e4866cd7ad08698f427846be566ab2364ad4850 Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6516 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
Changed the code to only allow the super_admin to delete a reseller_admin.
This follows the same logic of user creation, where only the super_admin
can create a reseller_admin.

Also, took the opportunity to refactor some code and implemented
get_user_detail method to remove duplicated code

Bug 1260239: https://bugs.launchpad.net/gluster-swift/+bug/1260239

Change-Id: I9e4866cd7ad08698f427846be566ab2364ad4850
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6516
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Fix users not able to change their own password/key 2014-01-07T21:50:30+00:00 Prashanth Pai ppai@redhat.com 2014-01-02T06:50:20+00:00 94a3f539e75b069bb1f9df6f850adfe16d76b572 Users were not able to update their own password/key with the update operation resulting in 403 (HTTPForbidden). EXAMPLES: Command to update password/key of regular user: gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass Command to update password/key of account admin: gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass Command to update password/key of reseller_admin: gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227 Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6650 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
Users were not able to update their own password/key
with the update operation resulting in 403 (HTTPForbidden).

EXAMPLES:
Command to update password/key of regular user:
gswauth-add-user -U account1:user1 -K old_pass account1 user1 new_pass

Command to update password/key of account admin:
gswauth-add-user -U account1:admin -K old_pass -a account1 admin new_pass

Command to update password/key of reseller_admin:
gswauth-add-user -U account1:radmin -K old_pass -r account1 radmin new_pass

BUG: https://bugs.launchpad.net/gluster-swift/+bug/1262227

Change-Id: I604da5aee67099b29541eb7e51a040a041f1961b
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6650
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Fixes,TCs for user/account operation by non super_admin users 2014-01-07T02:28:54+00:00 Pushpesh Sharma psharma@redhat.com 2013-12-18T14:52:15+00:00 331bc6ce85cf46a26f39634924ac0f49bd2a149f This commit does following: 1.New functions in Utils based on CLI 2.Fixes for existing suite 3.Test cases for non super_admin users doing user/account operations I tried to cover most of the possible test cases that can be duducted from the swauth dev guide and swuath user role matrix.These resources can be found here: https://raw.github.com/rbeede/swauth/master/doc/source/Draft%20Security%20Guide/swift_swauth_roles_matrix.png http://gholt.github.io/swauth/dev/ Change-Id: I3267a718e5432cddc751ec53fe9b05ef9061a5e3 Signed-off-by: Pushpesh Sharma <psharma@redhat.com> Reviewed-on: http://review.gluster.org/6537 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> 
This commit does following:
1.New functions in Utils based on CLI
2.Fixes for existing suite
3.Test cases for non super_admin users doing user/account operations

I tried to cover most of the possible test cases that can be duducted
from the swauth dev guide and swuath user role matrix.These resources
can be found here:
https://raw.github.com/rbeede/swauth/master/doc/source/Draft%20Security%20Guide/swift_swauth_roles_matrix.png
http://gholt.github.io/swauth/dev/

Change-Id: I3267a718e5432cddc751ec53fe9b05ef9061a5e3
Signed-off-by: Pushpesh Sharma <psharma@redhat.com>
Reviewed-on: http://review.gluster.org/6537
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
gswauth: Fix 403 being returned instead of 401 2013-12-18T12:12:43+00:00 Prashanth Pai ppai@redhat.com 2013-11-22T06:43:09+00:00 a8c84cb2da77ab294edbdc113985125f9a8acb95 - 401(Unauthorized) is to be returned when user credentials are wrong where as 403(Forbidden) is to be returned when user credentials are correct but the user doesn't have the priveleges to carry out the operation. - Also error messages displayed when using swauth-* command line utilities have been updated. Change-Id: I485786896ad14d3263f4325d1857cacc93adab96 Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6336 Reviewed-by: Luis Pabon <lpabon@redhat.com> Tested-by: Luis Pabon <lpabon@redhat.com> Signed-off-by: Prashanth Pai <ppai@redhat.com> Reviewed-on: http://review.gluster.org/6447 Reviewed-by: Thiago Da Silva <thiago@redhat.com> Tested-by: Thiago Da Silva <thiago@redhat.com> 
- 401(Unauthorized) is to be returned when user credentials are
  wrong where as 403(Forbidden) is to be returned when user
  credentials are correct but the user doesn't have the priveleges
  to carry out the operation.

- Also error messages displayed when using swauth-* command line
  utilities have been updated.

Change-Id: I485786896ad14d3263f4325d1857cacc93adab96
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6336
Reviewed-by: Luis Pabon <lpabon@redhat.com>
Tested-by: Luis Pabon <lpabon@redhat.com>
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6447
Reviewed-by: Thiago Da Silva <thiago@redhat.com>
Tested-by: Thiago Da Silva <thiago@redhat.com>
renaming swauth tools to gswauth 2013-12-06T15:44:08+00:00 Thiago da Silva thiago@redhat.com 2013-12-03T23:42:23+00:00 caa8818eee7a3224c7d2c4fc14d5110e7b41df39 cli tools for account and user mgmt have been renamed from swauth-* to gswauth-* Updated other configuration and test files accordingly Change-Id: Iced3bb27fbd09da45754ddb264f8fb4528ab423c Signed-off-by: Thiago da Silva <thiago@redhat.com> Reviewed-on: http://review.gluster.org/6417 Reviewed-by: pushpesh sharma <psharma@redhat.com> Tested-by: pushpesh sharma <psharma@redhat.com> Reviewed-by: Shilpa MJ <smanjara@redhat.com> Tested-by: Shilpa MJ <smanjara@redhat.com> Reviewed-by: Luis Pabon <lpabon@redhat.com> 
cli tools for account and user mgmt have been renamed
from swauth-* to gswauth-*

Updated other configuration and test files accordingly

Change-Id: Iced3bb27fbd09da45754ddb264f8fb4528ab423c
Signed-off-by: Thiago da Silva <thiago@redhat.com>
Reviewed-on: http://review.gluster.org/6417
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Shilpa MJ <smanjara@redhat.com>
Tested-by: Shilpa MJ <smanjara@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>