From 66dd4a9093be4562d2c7a7a7d253d2afb034aef8 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Wed, 16 Jul 2014 15:51:13 -0700 Subject: Include the Duo type in the name of Duo integrations Eventually, there will be multiple object types for different Duo integrations, and they will need to have unique names. Add the Duo type in parentheses after the name to help ensure this. Change-Id: I679130f9136077fc6bf5d8c6c9ad98ec83b400d0 Reviewed-on: https://gerrit.stanford.edu/1573 Reviewed-by: Russ Allbery Tested-by: Russ Allbery --- perl/t/object/duo.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'perl/t') diff --git a/perl/t/object/duo.t b/perl/t/object/duo.t index 4229afe..f73fe7e 100755 --- a/perl/t/object/duo.t +++ b/perl/t/object/duo.t @@ -70,7 +70,7 @@ $Wallet::Config::DUO_KEY_FILE = 't/data/duo/keys.json'; # Test creating an integration. note ('Test creating an integration'); my $expected = { - name => 'test', + name => 'test (unix)', notes => 'Managed by wallet', type => 'unix', }; -- cgit v1.2.3 From 3e913fa65e9e5c1d687372b89b5467edb3e77973 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Wed, 16 Jul 2014 16:20:10 -0700 Subject: Go back to recording the ADMIN ACL in history This turned out to not be necessary for testing since I was already using sqlite3 to load an unversioned schema. Remove the offending line and restore the old code with some cleanup. Change-Id: I282b6f3b4754e4899222be6366b77a47f0cb7189 Reviewed-on: https://gerrit.stanford.edu/1575 Reviewed-by: Russ Allbery Tested-by: Russ Allbery --- NEWS | 5 ----- perl/lib/Wallet/Admin.pm | 18 ++++-------------- perl/t/general/admin.t | 1 - perl/t/general/server.t | 18 ++++++++++++++---- 4 files changed, 18 insertions(+), 24 deletions(-) (limited to 'perl/t') diff --git a/NEWS b/NEWS index 5764ffc..039494e 100644 --- a/NEWS +++ b/NEWS @@ -67,11 +67,6 @@ wallet 1.1 (2014-07-16) are referencing. Should fix destroy in MySQL and other database engines that enforce referential integrity. - The initial creation and membership of the ADMIN ACL during database - initialization or reinitialization is no longer recorded in the - acl_history table. (This is fallout from making a specific type of - upgrade testable, and may be fixed in the future.) - The wallet server now requires Perl 5.8 or later (instead of 5.006 in previous versions) and is now built with Module::Build instead of ExtUtils::MakeMaker. This should be transparent to anyone not working diff --git a/perl/lib/Wallet/Admin.pm b/perl/lib/Wallet/Admin.pm index 8481979..33e2a7d 100644 --- a/perl/lib/Wallet/Admin.pm +++ b/perl/lib/Wallet/Admin.pm @@ -98,20 +98,10 @@ sub initialize { $self->default_data; # Create a default admin ACL. - eval { - my $guard = $self->{schema}->txn_scope_guard; - $self->{schema}->resultset ('Acl')->populate ([ - [ qw/ac_id ac_name/ ], - [ 1, 'ADMIN' ], - ]); - $self->{schema}->resultset ('AclEntry')->populate ([ - [ qw/ae_id ae_scheme ae_identifier/ ], - [ 1, 'krb5', $user ], - ]); - $guard->commit; - }; - if ($@) { - $self->error ("cannot add ADMIN ACL: $@"); + my $schema = $self->{schema}; + my $acl = Wallet::ACL->create ('ADMIN', $schema, $user, 'localhost'); + unless ($acl->add ('krb5', $user, $user, 'localhost')) { + $self->error ($acl->error); return; } return 1; diff --git a/perl/t/general/admin.t b/perl/t/general/admin.t index 7c62932..47396c6 100755 --- a/perl/t/general/admin.t +++ b/perl/t/general/admin.t @@ -61,7 +61,6 @@ is ($server->acl_add ('ADMIN', 'base', 'foo'), 1, ' and adding a base ACL now works'); # Test re-initialization of the database. -$Wallet::Schema::VERSION = '0.07'; is ($admin->reinitialize ('admin@EXAMPLE.COM'), 1, ' and re-initialization succeeds'); diff --git a/perl/t/general/server.t b/perl/t/general/server.t index b270733..0a527a5 100755 --- a/perl/t/general/server.t +++ b/perl/t/general/server.t @@ -54,8 +54,18 @@ is ($server->acl_show ('ADMIN'), is ($server->acl_show (1), "Members of ACL ADMIN (id: 1) are:\n krb5 $admin\n", ' including by number'); -is ($server->acl_history ('ADMIN'), '', ' and initial history is empty'); -is ($server->acl_history (1), '', ' including by number'); +my $history = <<"EOO"; +DATE create + by $admin from $host +DATE add krb5 $admin + by $admin from $host +EOO +my $result = $server->acl_history ('ADMIN'); +$result =~ s/^\d{4}-\d\d-\d\d \d\d:\d\d:\d\d/DATE/gm; +is ($result, $history, ' and displaying history works'); +$result = $server->acl_history (1); +$result =~ s/^\d{4}-\d\d-\d\d \d\d:\d\d:\d\d/DATE/gm; +is ($result, $history, ' including by number'); is ($server->acl_create (3), undef, 'Cannot create ACL with a numeric name'); is ($server->error, 'ACL name may not be all numbers', ' and returns the right error'); @@ -107,7 +117,7 @@ is ($server->acl_add ('both', 'krb5', $user2), 1, is ($server->acl_show ('both'), "Members of ACL both (id: 4) are:\n krb5 $user1\n krb5 $user2\n", ' and show returns the correct result'); -my $history = <<"EOO"; +$history = <<"EOO"; DATE create by $admin from $host DATE add krb5 $user1 @@ -115,7 +125,7 @@ DATE add krb5 $user1 DATE add krb5 $user2 by $admin from $host EOO -my $result = $server->acl_history ('both'); +$result = $server->acl_history ('both'); $result =~ s/^\d{4}-\d\d-\d\d \d\d:\d\d:\d\d/DATE/gm; is ($result, $history, ' as does history'); is ($server->acl_add ('empty', 'krb5', $user1), 1, ' and another to empty'); -- cgit v1.2.3