diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-08-30 04:27:10 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-08-30 04:27:10 +0000 |
| commit | a0e3892a6e4865a36ac3848d640198dc3a25d6c1 (patch) | |
| tree | 9dce0318522775a83595f4d3e9e61a5e062d006a /perl | |
| parent | 2e7b886b16e2e0adf723ac59efa715e15bb2e519 (diff) | |
Clean up all exception output when storing it in the error variable to
remove the " at line" stuff added by Perl and the newlines so that the
errors stored in objects are consistent.
Fix various bugs in the base object, including a few more type vs. name
inversions and use of object instead of name. Allow owners to be
specified as ACL names instead of IDs, and change the ID to a name in
show.
Add a new test suite for the base object implementation.
Diffstat (limited to 'perl')
| -rw-r--r-- | perl/Wallet/ACL.pm | 10 | ||||
| -rw-r--r-- | perl/Wallet/Object/Base.pm | 51 | ||||
| -rw-r--r-- | perl/Wallet/Object/Keytab.pm | 4 | ||||
| -rw-r--r-- | perl/Wallet/Server.pm | 16 | ||||
| -rwxr-xr-x | perl/t/object.t | 127 |
5 files changed, 189 insertions, 19 deletions
diff --git a/perl/Wallet/ACL.pm b/perl/Wallet/ACL.pm index 0d4685d..5a56c5c 100644 --- a/perl/Wallet/ACL.pm +++ b/perl/Wallet/ACL.pm @@ -151,6 +151,8 @@ sub rename { }; if ($@) { $self->{error} = "cannot rename ACL $self->{id} to $name: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } @@ -174,6 +176,8 @@ sub destroy { }; if ($@) { $self->{error} = "cannot destroy ACL $self->{id}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } @@ -201,6 +205,8 @@ sub add { }; if ($@) { $self->{error} = "cannot add $scheme:$identifier to $self->{id}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } @@ -230,6 +236,8 @@ sub remove { if ($@) { my $entry = "$scheme:$identifier"; $self->{error} = "cannot remove $entry from $self->{id}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } @@ -258,6 +266,8 @@ sub list { }; if ($@) { $self->{error} = "cannot retrieve ACL $self->{id}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return (undef); } else { return @entries; diff --git a/perl/Wallet/Object/Base.pm b/perl/Wallet/Object/Base.pm index 59aee9f..389bbef 100644 --- a/perl/Wallet/Object/Base.pm +++ b/perl/Wallet/Object/Base.pm @@ -34,7 +34,7 @@ $VERSION = '0.01'; # type in the object. If the object doesn't exist, returns undef. This will # probably be usable as-is by most object types. sub new { - my ($class, $type, $name, $dbh) = shift; + my ($class, $type, $name, $dbh) = @_; $dbh->{AutoCommit} = 0; $dbh->{RaiseError} = 1; $dbh->{PrintError} = 0; @@ -121,27 +121,29 @@ sub log_action { # the object record itself. Commit both changes as a transaction. We # assume that AutoCommit is turned off. eval { - my $sql = 'insert into object_history (oh_object, oh_type, oh_action, + my $sql = 'insert into object_history (oh_type, oh_name, oh_action, oh_by, oh_from, oh_on) values (?, ?, ?, ?, ?, ?)'; - $self->{dbh}->do ($sql, undef, $self->{name}, $self->{type}, $action, + $self->{dbh}->do ($sql, undef, $self->{type}, $self->{name}, $action, $user, $host, $time); if ($action eq 'get') { $sql = 'update objects set ob_downloaded_by = ?, ob_downloaded_from = ?, ob_downloaded_on = ? where - ob_name = ? and ob_type = ?'; - $self->{dbh}->do ($sql, undef, $user, $host, $time, $self->{name}, - $self->{type}); + ob_type = ? and ob_name = ?'; + $self->{dbh}->do ($sql, undef, $user, $host, $time, $self->{type}, + $self->{name}); } elsif ($action eq 'store') { $sql = 'update objects set ob_stored_by = ?, ob_stored_from = ?, - ob_stored_on = ? where ob_name = ? and ob_type = ?'; - $self->{dbh}->do ($sql, undef, $user, $host, $time, $self->{name}, - $self->{type}); + ob_stored_on = ? where ob_type = ? and ob_name = ?'; + $self->{dbh}->do ($sql, undef, $user, $host, $time, $self->{type}, + $self->{name}); } $self->{dbh}->commit; }; if ($@) { my $id = $self->{type} . ':' . $self->{name}; $self->{error} = "cannot update history for $id: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } @@ -168,10 +170,10 @@ sub log_set { unless ($fields{$field}) { die "invalid history field $field"; } - my $sql = "insert into object_history (oh_object, oh_type, oh_action, + my $sql = "insert into object_history (oh_type, oh_name, oh_action, oh_field, oh_type_field, oh_old, oh_new, oh_by, oh_from, oh_on) values (?, ?, 'set', ?, ?, ?, ?, ?, ?, ?)"; - $self->{dbh}->do ($sql, undef, $self->{name}, $self->{type}, $field, + $self->{dbh}->do ($sql, undef, $self->{type}, $self->{name}, $field, $type_field, $old, $new, $user, $host, $time); } @@ -203,6 +205,8 @@ sub _set_internal { if ($@) { my $id = $self->{type} . ':' . $self->{name}; $self->{error} = "cannot set $attr on $id: $@"; + chomp $self->{error}; + $self->{error} =~ s/ at .*//; $self->{dbh}->rollback; return; } @@ -216,6 +220,7 @@ sub _get_internal { $self->{error} = "invalid attribute $attr"; return; } + $attr = 'ob_' . $attr; my $name = $self->{name}; my $type = $self->{type}; my $sql = "select $attr from objects where ob_type = ? and ob_name = ?"; @@ -228,11 +233,15 @@ sub _get_internal { sub owner { my ($self, $owner, $user, $host, $time) = @_; if ($owner) { - if ($owner !~ /^\d+\z/) { - $self->{error} = "malformed owner ACL id $owner"; - return; + my $acl; + eval { $acl = Wallet::ACL->new ($owner, $self->{dbh}) }; + if ($@) { + $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; + return undef; } - return $self->_set_internal ('owner', $owner, $user, $host, $time); + return $self->_set_internal ('owner', $acl->id, $user, $host, $time); } else { return $self->_get_internal ('owner'); } @@ -244,14 +253,18 @@ sub acl { my ($self, $type, $id, $user, $host, $time) = @_; if ($type !~ /^(get|store|show|destroy|flags)\z/) { $self->{error} = "invalid ACL type $type"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return; } my $attr = "acl_$type"; if ($id) { my $acl; - eval { $acl = Wallet::ACL->new ($id) }; + eval { $acl = Wallet::ACL->new ($id, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } return $self->_set_internal ($attr, $acl->id, $user, $host, $time); @@ -326,12 +339,14 @@ sub show { }; if ($@) { $self->{error} = "cannot retrieve data for ${type}:${name}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } my $output = ''; for (my $i = 0; $i < @data; $i++) { next unless defined $data[$i]; - if ($attrs[$i][0] =~ /^ob_acl_/) { + if ($attrs[$i][0] =~ /^ob_(owner|acl_)/) { my $acl = eval { Wallet::ACL->new ($data[$i], $self->{dbh}) }; if ($acl and not $@) { $data[$i] = $acl->name || $data[$i]; @@ -362,6 +377,8 @@ sub destroy { }; if ($@) { $self->{error} = "cannot destroy ${type}:${name}: $@"; + chomp $self->{error}; + $self->{error} =~ / at .*$/; $self->{dbh}->rollback; return undef; } diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm index f83949c..8635bee 100644 --- a/perl/Wallet/Object/Keytab.pm +++ b/perl/Wallet/Object/Keytab.pm @@ -166,7 +166,7 @@ sub get { local *KEYTAB; unless (open (KEYTAB, '<', $file)) { my $princ = $self->{name}; - $self->{error} = "error creating keytab for principal $princ: $!"; + $self->{error} = "error opening keytab for principal $princ: $!"; return undef; } local $/; @@ -174,7 +174,7 @@ sub get { my $data = <KEYTAB>; if ($!) { my $princ = $self->{name}; - $self->{error} = "error creating keytab for principal $princ: $!"; + $self->{error} = "error reading keytab for principal $princ: $!"; return undef; } close KEYTAB; diff --git a/perl/Wallet/Server.pm b/perl/Wallet/Server.pm index dbf19bb..7c1443c 100644 --- a/perl/Wallet/Server.pm +++ b/perl/Wallet/Server.pm @@ -147,6 +147,8 @@ sub create { my $object = eval { $class->create ($type, $name, $dbh, $user, $host) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } else { return $object; @@ -165,6 +167,8 @@ sub retrieve { my $object = eval { $class->new ($type, $name, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } else { return $object; @@ -204,6 +208,8 @@ sub acl_check { my $acl = eval { Wallet::ACL->new ($id) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } my $status = $acl->check ($self->{user}); @@ -329,6 +335,8 @@ sub acl_create { my $acl = eval { Wallet::ACL->create ($name, $dbh, $user, $host) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } else { return $acl; @@ -359,6 +367,8 @@ sub acl_rename { my $acl = { Wallet::ACL->new ($id, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } unless ($acl->rename ($name)) { @@ -379,6 +389,8 @@ sub acl_destroy { my $acl = { Wallet::ACL->new ($id, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } unless ($acl->destroy ($self->{user}, $self->{host})) { @@ -399,6 +411,8 @@ sub acl_add { my $acl = { Wallet::ACL->new ($id, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } unless ($acl->add ($scheme, $identifier, $self->{user}, $self->{host})) { @@ -419,6 +433,8 @@ sub acl_remove { my $acl = { Wallet::ACL->new ($id, $self->{dbh}) }; if ($@) { $self->{error} = $@; + chomp $self->{error}; + $self->{error} =~ / at .*$/; return undef; } my $user = $self->{user}; diff --git a/perl/t/object.t b/perl/t/object.t new file mode 100755 index 0000000..0ce184f --- /dev/null +++ b/perl/t/object.t @@ -0,0 +1,127 @@ +#!/usr/bin/perl -w +# $Id$ +# +# t/object.t -- Tests for the basic object implementation. + +use Test::More tests => 51; + +use DBD::SQLite; +use Wallet::Config; +use Wallet::Object::Base; +use Wallet::Server; + +# Use a local SQLite database for testing. +$Wallet::Config::DB_DRIVER = 'SQLite'; +$Wallet::Config::DB_INFO = 'wallet-db'; + +# Some global defaults to use. +my $user = 'admin@EXAMPLE.COM'; +my $host = 'localhost'; +my @trace = ($user, $host); +my $princ = 'service/test@EXAMPLE.COM'; + +# Use Wallet::Server to set up the database. +my $server = eval { Wallet::Server->initialize ($user) }; +is ($@, '', 'Database initialization did not die'); +ok ($server->isa ('Wallet::Server'), ' and returned the right class'); +my $dbh = $server->dbh; + +# Okay, now we have a database. Test create and new. We make believe this is +# a keytab object; it won't matter for what we're doing. +my $created = time; +my $object = eval { Wallet::Object::Base->create ('keytab', $princ, $dbh, + @trace, $created) }; +is ($@, '', 'Object creation did not die'); +ok ($object->isa ('Wallet::Object::Base'), ' and returned the right class'); +my $repeat = + eval { Wallet::Object::Base->create ('keytab', $princ, $dbh, @trace) }; +like ($@, qr/^cannot create object \Qkeytab:$princ: /, 'Repeating fails'); +$object = eval { Wallet::Object::Base->new ('keytab', "a$princ", $dbh) }; +is ($@, "cannot find keytab:a$princ\n", 'Searching for unknown object fails'); +$object = eval { Wallet::Object::Base->new ('keytab', $princ, $dbh) }; +is ($@, '', 'Object new did not die'); +ok ($object->isa ('Wallet::Object::Base'), ' and returned the right class'); + +# Simple accessor tests. +is ($object->type, 'keytab', 'Type accessor works'); +is ($object->name, $princ, 'Name accessor works'); + +# We'll use this for later tests. +my $acl = Wallet::ACL->new ('ADMIN', $dbh); + +# Owner. +is ($object->owner, undef, 'Owner is not set to start'); +if ($object->owner ('ADMIN', @trace)) { + ok (1, ' and setting it to ADMIN works'); +} else { + is ($object->error, '', ' and setting it to ADMIN works'); +} +is ($object->owner, $acl->id, ' at which point it is ADMIN'); +ok (! $object->owner ('unknown', @trace), + ' but setting it to something bogus fails'); +is ($object->error, 'ACL unknown not found', ' with the right error'); + +# Expires. +is ($object->expires, undef, 'Expires is not set to start'); +my $now = time; +if ($object->expires ($now, @trace)) { + ok (1, ' and setting it works'); +} else { + is ($object->error, '', ' and setting it works'); +} +is ($object->expires, $now, ' at which point it matches'); +ok (! $object->expires ('13/13/13 13:13:13', @trace), + ' but setting it to something bogus fails'); +is ($object->error, 'malformed expiration time 13/13/13 13:13:13', + ' with the right error'); + +# ACLs. +for my $type (qw/get store show destroy flags/) { + is ($object->acl ($type), undef, "ACL $type is not set to start"); + if ($object->acl ($type, $acl->id, @trace)) { + ok (1, ' and setting it to ADMIN (numeric) works'); + } else { + is ($object->error, '', ' and setting it to ADMIN (numeric) works'); + } + is ($object->acl ($type), $acl->id, ' at which point it is ADMIN'); + ok (! $object->acl ($type, 22, @trace), + ' but setting it to something bogus fails'); + is ($object->error, 'ACL 22 not found', ' with the right error'); +} + +# Test stub methods. +eval { $object->get }; +is ($@, "Do not instantiate Wallet::Object::Base directly\n", + 'Get fails with the right error'); +ok (! $object->store ("Some data", @trace), 'Store fails'); +is ($object->error, "cannot store keytab:$princ: object type is immutable", + ' with the right error'); + +# Test show. +my $output = <<"EOO"; + Type: keytab + Name: $princ + Owner: ADMIN + Get ACL: ADMIN + Store ACL: ADMIN + Show ACL: ADMIN + Destroy ACL: ADMIN + Flags ACL: ADMIN + Expires: $now + Created by: $user + Created from: $host + Created on: $created +EOO +is ($object->show, $output, 'Show output is correct'); + +# Test destroy. +if ($object->destroy (@trace)) { + ok (1, 'Destroy is successful'); +} else { + is ($object->error, '', 'Destroy is successful'); +} +$object = eval { Wallet::Object::Base->new ('keytab', $princ, $dbh) }; +is ($@, "cannot find keytab:$princ\n", ' and object is all gone'); + +# Clean up. +unlink 'wallet-db'; |