1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
|
#!/usr/bin/perl -w
# $Id$
#
# t/object.t -- Tests for the basic object implementation.
use Test::More tests => 93;
use Wallet::ACL;
use Wallet::Config;
use Wallet::Object::Base;
use Wallet::Server;
# Use a local SQLite database for testing.
$Wallet::Config::DB_DRIVER = 'SQLite';
$Wallet::Config::DB_INFO = 'wallet-db';
unlink 'wallet-db';
# Some global defaults to use.
my $user = 'admin@EXAMPLE.COM';
my $host = 'localhost';
my @trace = ($user, $host);
my $princ = 'service/test@EXAMPLE.COM';
# Use Wallet::Server to set up the database.
my $server = eval { Wallet::Server->initialize ($user) };
is ($@, '', 'Database initialization did not die');
ok ($server->isa ('Wallet::Server'), ' and returned the right class');
my $dbh = $server->dbh;
# Okay, now we have a database. Test create and new. We make believe this is
# a keytab object; it won't matter for what we're doing.
my $created = time;
my $object = eval { Wallet::Object::Base->create ('keytab', $princ, $dbh,
@trace, $created) };
is ($@, '', 'Object creation did not die');
ok ($object->isa ('Wallet::Object::Base'), ' and returned the right class');
my $other =
eval { Wallet::Object::Base->create ('keytab', $princ, $dbh, @trace) };
like ($@, qr/^cannot create object \Qkeytab:$princ: /, 'Repeating fails');
$other = eval { Wallet::Object::Base->create ('', $princ, $dbh, @trace) };
is ($@, "invalid object type\n", 'Using an empty type fails');
$other = eval { Wallet::Object::Base->create ('keytab', '', $dbh, @trace) };
is ($@, "invalid object name\n", ' as does an empty name');
$object = eval { Wallet::Object::Base->new ('keytab', "a$princ", $dbh) };
is ($@, "cannot find keytab:a$princ\n", 'Searching for unknown object fails');
$object = eval { Wallet::Object::Base->new ('keytab', $princ, $dbh) };
is ($@, '', 'Object new did not die');
ok ($object->isa ('Wallet::Object::Base'), ' and returned the right class');
# Simple accessor tests.
is ($object->type, 'keytab', 'Type accessor works');
is ($object->name, $princ, 'Name accessor works');
# We'll use this for later tests.
my $acl = Wallet::ACL->new ('ADMIN', $dbh);
# Owner.
is ($object->owner, undef, 'Owner is not set to start');
if ($object->owner ('ADMIN', @trace)) {
ok (1, ' and setting it to ADMIN works');
} else {
is ($object->error, '', ' and setting it to ADMIN works');
}
is ($object->owner, $acl->id, ' at which point it is ADMIN');
ok (! $object->owner ('unknown', @trace),
' but setting it to something bogus fails');
is ($object->error, 'ACL unknown not found', ' with the right error');
if ($object->owner ('', @trace)) {
ok (1, ' and clearing it works');
} else {
is ($object->error, '', ' and clearing it works');
}
is ($object->owner, undef, ' at which point it is cleared');
is ($object->owner ('ADMIN', @trace), 1, ' and setting it again works');
# Expires.
is ($object->expires, undef, 'Expires is not set to start');
my $now = time;
if ($object->expires ($now, @trace)) {
ok (1, ' and setting it works');
} else {
is ($object->error, '', ' and setting it works');
}
is ($object->expires, $now, ' at which point it matches');
ok (! $object->expires ('13/13/13 13:13:13', @trace),
' but setting it to something bogus fails');
is ($object->error, 'malformed expiration time 13/13/13 13:13:13',
' with the right error');
if ($object->expires ('', @trace)) {
ok (1, ' and clearing it works');
} else {
is ($object->error, '', ' and clearing it works');
}
is ($object->expires, undef, ' at which point it is cleared');
is ($object->expires ($now, @trace), 1, ' and setting it again works');
# ACLs.
for my $type (qw/get store show destroy flags/) {
is ($object->acl ($type), undef, "ACL $type is not set to start");
if ($object->acl ($type, $acl->id, @trace)) {
ok (1, ' and setting it to ADMIN (numeric) works');
} else {
is ($object->error, '', ' and setting it to ADMIN (numeric) works');
}
is ($object->acl ($type), $acl->id, ' at which point it is ADMIN');
ok (! $object->acl ($type, 22, @trace),
' but setting it to something bogus fails');
is ($object->error, 'ACL 22 not found', ' with the right error');
if ($object->acl ($type, '', @trace)) {
ok (1, ' and clearing it works');
} else {
is ($object->error, '', ' and clearing it works');
}
is ($object->acl ($type), undef, ' at which point it is cleared');
is ($object->acl ($type, $acl->id, @trace), 1,
' and setting it again works');
}
# Flags.
my @flags = $object->flag_list;
is (scalar (@flags), 0, 'No flags set to start');
is ($object->flag_check ('locked'), 0, ' and locked is not set');
is ($object->flag_set ('locked', @trace), 1, ' and setting locked works');
is ($object->flag_check ('locked'), 1, ' and now locked is set');
@flags = $object->flag_list;
is (scalar (@flags), 1, ' and there is one flag');
is ($flags[0], 'locked', ' which is locked');
is ($object->flag_set ('locked', @trace), undef, 'Setting locked again fails');
is ($object->error,
"cannot set flag locked on keytab:$princ: flag already set",
' with the right error');
is ($object->flag_set ('unchanging', @trace), 1,
' but setting unchanging works');
is ($object->flag_check ('unchanging'), 1, ' and unchanging is now set');
@flags = $object->flag_list;
is (scalar (@flags), 2, ' and there are two flags');
is ($flags[0], 'locked', ' which are locked');
is ($flags[1], 'unchanging', ' and unchanging');
is ($object->flag_clear ('locked', @trace), 1, 'Clearing locked works');
is ($object->flag_check ('locked'), 0, ' and now it is not set');
is ($object->flag_check ('unchanging'), 1, ' but unchanging still is');
is ($object->flag_clear ('locked', @trace), undef,
' and clearing it again fails');
is ($object->error,
"cannot clear flag locked on keytab:$princ: flag not set",
' with the right error');
if ($object->flag_set ('locked', @trace)) {
ok (1, ' and setting it again works');
} else {
is ($object->error, '', ' and setting it again works');
}
# Test stub methods.
eval { $object->get };
is ($@, "Do not instantiate Wallet::Object::Base directly\n",
'Get fails with the right error');
ok (! $object->store ("Some data", @trace), 'Store fails');
is ($object->error, "cannot store keytab:$princ: object type is immutable",
' with the right error');
# Test show.
my $output = <<"EOO";
Type: keytab
Name: $princ
Owner: ADMIN
Get ACL: ADMIN
Store ACL: ADMIN
Show ACL: ADMIN
Destroy ACL: ADMIN
Flags ACL: ADMIN
Expires: $now
Flags: locked unchanging
Created by: $user
Created from: $host
Created on: $created
Members of ACL ADMIN (id: 1) are:
krb5 $user
EOO
is ($object->show, $output, 'Show output is correct');
# Test destroy.
if ($object->destroy (@trace)) {
ok (1, 'Destroy is successful');
} else {
is ($object->error, '', 'Destroy is successful');
}
$object = eval { Wallet::Object::Base->new ('keytab', $princ, $dbh) };
is ($@, "cannot find keytab:$princ\n", ' and object is all gone');
# Clean up.
unlink 'wallet-db';
|
