aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/mauve/authentication.rb71
-rw-r--r--lib/mauve/configuration_builders/server.rb27
-rw-r--r--lib/mauve/server.rb98
-rw-r--r--test/alert_and_notification_logic.rb391
-rw-r--r--test/tc_mauve_authentication.rb168
-rw-r--r--test/tc_mauve_web_interface.rb18
-rw-r--r--test/test_mauve.rb21
-rw-r--r--test/th_mauve.rb4
8 files changed, 325 insertions, 473 deletions
diff --git a/lib/mauve/authentication.rb b/lib/mauve/authentication.rb
index 0fc6823..c467a1d 100644
--- a/lib/mauve/authentication.rb
+++ b/lib/mauve/authentication.rb
@@ -1,7 +1,6 @@
# encoding: UTF-8
require 'sha1'
require 'xmlrpc/client'
-require 'timeout'
#
# This allows poking of the SSL attributes of the http client.
@@ -28,8 +27,6 @@ module Mauve
raise ArgumentError.new("Password must be a string, not a #{password.class}") if String != password.class
raise ArgumentError.new("Login or/and password is/are empty.") if login.empty? || password.empty?
- return false unless Mauve::Configuration.current.people.has_key?(login)
-
false
end
@@ -73,7 +70,7 @@ module Mauve
unless true == result
logger.info "Authentication for #{login} failed"
# Rate limit
- sleep 5
+ sleep Server.instance.failed_login_delay
end
result
@@ -88,45 +85,6 @@ module Mauve
Mauve::Authentication::ORDER << self
- # Set up the Bytemark authenticator
- #
- # @todo allow configuration of where the server is.
- #
- # @param [String] srv Authentication server name
- # @param [String] port Port overwhich authentication should take place
- #
- # @return [Mauve::AuthBytemark]
- #
- def initialize (srv='auth.bytemark.co.uk', port=443)
- raise ArgumentError.new("Server must be a String, not a #{srv.class}") if String != srv.class
- raise ArgumentError.new("Port must be a Fixnum, not a #{port.class}") if Fixnum != port.class
- @srv = srv
- @port = port
- @timeout = 7
-
- self
- end
-
- # Tests to see if a server is alive, alive-o.
- #
- # @deprecated Not really needed.
- #
- # @return [Boolean]
- def ping
- begin
- Timeout.timeout(@timeout) do
- s = TCPSocket.open(@srv, @port)
- s.close()
- return true
- end
- rescue Timeout::Error => ex
- return false
- rescue => ex
- return false
- end
- return false
- end
-
# Authenticate against the Bytemark server
#
# @param [String] login
@@ -136,14 +94,27 @@ module Mauve
def authenticate(login, password)
super
- client = XMLRPC::Client.new(@srv,"/",@port,nil,nil,nil,nil,true,@timeout)
+ #
+ # Don't bother checking if no auth_url has been set.
+ #
+ return false unless Server.instance.bytemark_auth_url.is_a?(URI)
+
+ #
+ # Don't bother checking if the person doesn't exist.
+ #
+ return false unless Mauve::Configuration.current.people.has_key?(login)
+
+ uri = Server.instance.bytemark_auth_url
+ timeout = Server.instance.remote_http_timeout
+ # host=nil, path=nil, port=nil, proxy_host=nil, proxy_port=nil, user=nil, password=nil, use_ssl=nil, timeout=nil)
+ client = XMLRPC::Client.new(uri.host, uri.path, uri.port, nil, nil, uri.user, uri.password, uri.scheme == "https", timeout)
#
# Make sure we verify our peer before attempting login.
#
if client.http.use_ssl?
client.http.ca_path = "/etc/ssl/certs/"
- client.http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+ client.http.verify_mode = Server.instance.remote_https_verify_mode
end
begin
@@ -179,6 +150,16 @@ module Mauve
# @return [Boolean]
def authenticate(login,password)
super
+ #
+ # Don't bother checking if the person doesn't exist.
+ #
+ return false unless Mauve::Configuration.current.people.has_key?(login)
+
+ #
+ # Don't bother checking if no password has been set.
+ #
+ return false if Mauve::Configuration.current.people[login].password.nil?
+
if ( Digest::SHA1.hexdigest(password) == Mauve::Configuration.current.people[login].password )
return true
else
diff --git a/lib/mauve/configuration_builders/server.rb b/lib/mauve/configuration_builders/server.rb
index feb75b8..d22ed87 100644
--- a/lib/mauve/configuration_builders/server.rb
+++ b/lib/mauve/configuration_builders/server.rb
@@ -170,7 +170,32 @@ module Mauve
#
is_attribute "use_packet_buffer"
is_attribute "use_notification_buffer"
-
+
+ #
+ # This is where the calendar is located. The request paths are hard-coded.
+ #
+ is_attribute "bytemark_calendar_url"
+
+ #
+ # This is where the Bytemark authentication server is located.
+ #
+ is_attribute "bytemark_auth_url"
+
+ #
+ # This is the level of SSL verification used when making external HTTPS connections.
+ #
+ is_attribute "remote_https_verify_mode"
+
+ #
+ # This is the default timeout when making remote HTTP requests
+ #
+ is_attribute "remote_http_timeout"
+
+ #
+ # This is the default sleep time after an authentication attempt has failed.
+ #
+ is_attribute "failed_login_delay"
+
def builder_setup
@result = Mauve::Server.instance
end
diff --git a/lib/mauve/server.rb b/lib/mauve/server.rb
index db5fda6..2b0e101 100644
--- a/lib/mauve/server.rb
+++ b/lib/mauve/server.rb
@@ -27,6 +27,7 @@ module Mauve
attr_reader :hostname, :database, :initial_sleep
attr_reader :packet_buffer, :notification_buffer, :started_at
+ attr_reader :bytemark_auth_url, :bytemark_calendar_url, :remote_http_timeout, :remote_https_verify_mode, :failed_login_delay
include Singleton
@@ -49,6 +50,23 @@ module Mauve
@notification_buffer = []
#
+ # Set the auth/calendar URLs
+ #
+ @bytemark_auth_url = nil
+ @bytemark_calendar_url = nil
+
+ #
+ # Set a couple of params for remote HTTP requests.
+ #
+ @remote_http_timeout = 5
+ @remote_https_verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+ #
+ # Rate limit login attempts to limit the success of brute-forcing.
+ #
+ @failed_login_delay = 1
+
+ #
# Set up a blank config.
#
Configuration.current = Configuration.new if Mauve::Configuration.current.nil?
@@ -70,14 +88,12 @@ module Mauve
@database = d
end
- #
# Sets up the packet buffer (or not). The argument can be "false" or "no"
# or a FalseClass object for no. Anything else makes no change.
#
# @param [String] arg
# @return [Array or nil]
def use_packet_buffer=(arg)
- logger.debug(arg)
if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i
@packet_buffer = nil
end
@@ -85,14 +101,12 @@ module Mauve
@packet_buffer
end
- #
# Sets up the notification buffer (or not). The argument can be "false" or
# "no" or a FalseClass object for no. Anything else makes no change.
#
# @param [String] arg
# @return [Array or nil]
def use_notification_buffer=(arg)
- logger.debug(arg)
if arg.is_a?(FalseClass) or arg =~ /^(n(o)?|f(alse)?)$/i
@notification_buffer = nil
end
@@ -100,6 +114,82 @@ module Mauve
@notification_buffer
end
+ # Set the calendar URL.
+ #
+ # @param [String] arg
+ # @return [URI]
+ def bytemark_calendar_url=(arg)
+ raise ArgumentError, "bytemark_calendar_url must be a string" unless arg.is_a?(String)
+
+ @bytemark_calendar_url = URI.parse(arg)
+
+ #
+ # Make sure we get an HTTP URL.
+ #
+ raise ArgumentError, "bytemark_calendar_url must be an HTTP(S) URL." unless %w(http https).include?(@bytemark_calendar_url.scheme)
+
+ #
+ # Set a default request path, if none was given
+ #
+ @bytemark_calendar_url.path="/" if @bytemark_calendar_url.path.empty?
+
+ @bytemark_calendar_url
+ end
+
+ # Set the Bytemark Authentication URL
+ #
+ # @param [String] arg
+ # @return [URI]
+ def bytemark_auth_url=(arg)
+ raise ArgumentError, "bytemark_auth_url must be a string" unless arg.is_a?(String)
+
+ @bytemark_auth_url = URI.parse(arg)
+ #
+ # Make sure we get an HTTP URL.
+ #
+ raise ArgumentError, "bytemark_auth_url must be an HTTP(S) URL." unless %w(http https).include?(@bytemark_auth_url.scheme)
+
+ #
+ # Set a default request path, if none was given
+ #
+ @bytemark_auth_url.path="/" if @bytemark_auth_url.path.empty?
+
+ @bytemark_auth_url
+ end
+
+ # Sets the timeout when making remote HTTP requests
+ #
+ # @param [Integer] arg
+ # @return [Integer]
+ def remote_http_timeout=(arg)
+ raise ArgumentError, "initial_sleep must be an integer" unless s.is_a?(Integer)
+ @remote_http_timeout = arg
+ end
+
+ # Sets the SSL verification mode when makeing remote HTTPS requests
+ #
+ # @param [String] arg must be one of "none" or "peer"
+ # @return [Constant]
+ def remote_https_verify_mode=(arg)
+ @remote_https_verify_mode = case arg
+ when "peer"
+ OpenSSL::SSL::VERIFY_PEER
+ when "none"
+ OpenSSL::SSL::VERIFY_NONE
+ else
+ raise ArgumentError, "remote_https_verify_mode must be either 'peer' or 'none'"
+ end
+ end
+
+ # Set the delay added following a failed login attempt.
+ #
+ # @param [Numeric] arg Number of seconds to delay following a failed login attempt
+ # @return [Numeric]
+ #
+ def failed_login_delay=(arg)
+ raise ArgumentError, "initial_sleep must be numeric" unless arg.is_a?(Numeric)
+ @failed_login_delay = arg
+ end
# Set the sleep period during which notifications about old alerts are
# suppressed.
diff --git a/test/alert_and_notification_logic.rb b/test/alert_and_notification_logic.rb
deleted file mode 100644
index 19b2478..0000000
--- a/test/alert_and_notification_logic.rb
+++ /dev/null
@@ -1,391 +0,0 @@
-# Mauve server tests - alerts and notification logic. Define the basic workings
-# so that we know what should happen when we send sequences of alerts at
-# different times.
-#
-# These aren't really unit tests, just narrative specifications as to what
-# should happen under what stimuli. I suspect I will break these down into
-# smaller units if things break under otherwise difficult conditions.
-#
-
-$: << __FILE__.split("/")[0..-2].join("/")
-require 'test/unit'
-require 'mauve_test_helper'
-require 'mauve_time'
-
-class AlertAndNotificationLogic < Test::Unit::TestCase
- include MauveTestHelper
-
- def configuration_template
- <<-TEMPLATE
- # This is the head of all the configuration files. Filenames are relative
- # to the cwd, which is assumed to be a fleeting test directory.
-
- server {
- ip "127.0.0.1"
- port #{@port_alerts ||= 44444}
- log_file ENV['TEST_LOG'] ? STDOUT : "#{dir}/log"
- log_level 0
- database "sqlite3:///#{dir}/mauve_test.db"
- transmission_id_expire_time 600
-
- # doesn't restart nicely at the moment
- #web_interface {
- # port #{@port_web ||= 44444}
- #}
- }
-
- #
- # All notifications are sent to files which we can open up and check during
- # our tests. Network delivery is not tested in this script.
- #
-
- notification_method("xmpp") {
- deliver_to_queue AlertAndNotificationLogic::Notifications
- deliver_to_file "#{dir}/xmpp.txt"
- disable_normal_delivery!
-
- jid "mauveserv@chat.bytemark.co.uk"
- password "foo"
- }
-
- notification_method("email") {
- deliver_to_queue AlertAndNotificationLogic::Notifications
- deliver_to_file "#{dir}/email.txt"
- disable_normal_delivery!
-
- # add in SMTP server, username, password etc.
- # default to sending through localhost
- from "matthew@bytemark.co.uk"
- server "bytemail.bytemark.co.uk"
- subject_prefix "[Bytemark alerts] "
-
- }
-
- notification_method("sms") {
- provider "AQL"
- deliver_to_queue AlertAndNotificationLogic::Notifications
- deliver_to_file "#{dir}/sms.txt"
- disable_normal_delivery!
-
- username "x"
- password "x"
- from "01904890890"
- max_messages_per_alert 3
- }
-
- # a person common to all our tests
-
- person("joe_bloggs") {
- urgent { sms("12345") }
- normal { email("12345@joe_bloggs.email") }
- low { xmpp("12345@joe_bloggs.xmpp") }
- }
-
- person("jimmy_junior") {
- urgent { sms("66666") }
- normal { email("jimmy@junior.email") }
- low { email("jimmy@junior.email") }
- }
-
- alert_group {
- includes { source == "rare-and-important" }
- acknowledgement_time 60.minutes
- level URGENT
-
- notify("joe_bloggs") { every 10.minutes }
- }
-
- alert_group {
- includes { source == "noisy-and-annoying" || alert_id == "whine" }
- acknowledgement_time 24.hours
- level LOW
-
- notify("jimmy_junior") { every 2.hours }
- notify("joe_bloggs") {
- every 30.minutes
- during {
- unacknowledged 6.hours
- }
- }
- }
-
- alert_group {
- includes { source == "can-wait-until-monday" }
- level NORMAL
-
- notify("jimmy_junior") {
- every 30.minutes
- during { days_in_week(1..5) && hours_in_day(9..5) }
- }
- notify("joe_bloggs") {
- every 2.hours
- during { days_in_week(1..5) && hours_in_day(9..5) }
- }
- }
-
- # catch-all
- alert_group {
- acknowledgement_time 1.minute
- level NORMAL
-
- notify("joe_bloggs") { every 1.hour }
- }
- TEMPLATE
- end
-
- def setup
- start_server(configuration_template)
- end
-
- def teardown
- stop_server
- # no tests should leave notifications on the stack
- assert_no_notification
- end
-
- # Raise one alert, check representation in database, and that alert is
- # received as expected.
- #
- def test_basic_fields_are_recognised
- mauvesend("-o my_source -i alert1 -s \"alert1 summary\" -d \"alert1 detail\" -u \"alert1 subject\"")
-
- assert_not_nil(alert = Alert.first)
- assert_equal("my_source", alert.source)
- assert_equal("alert1", alert.alert_id)
- assert_equal("alert1 summary", alert.summary)
- assert_equal("alert1 detail", alert.detail)
- assert_equal("alert1 subject", alert.subject)
- assert(alert.raised?)
- assert(!alert.cleared?)
- assert(!alert.acknowledged?)
-
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal("12345@joe_bloggs.email", destination)
- assert_equal(Alert.first, this_alert)
- assert_equal([Alert.first], other_alerts)
- end
-
- end
-
- # Check that a simple automatic raise, acknowledge & auto-clear request
- # work properly.
- #
- def test_auto_raise_and_clear
- # Raise the alert, wait for it to be processed
- mauvesend("-o my_source -i alert1 -s \"alert1 summary\" -d \"alert1 detail\" -u \"alert1 subject\" -r +5m -c +10m")
-
- # Check internal state
- #
- assert(!Alert.first.raised?, "Auto-raising alert raised early")
- assert(!Alert.first.cleared?, "Auto-clearing alert cleared early")
- assert(!Alert.first.acknowledged?, "Alert acknowledged when I didn't expect it")
-
- # We asked for it to be raised in 5 minutes, so no alert yet...
- #
- assert_no_notification
-
- # Push forward to when the alert should be raised, check it has been
- #
- Time.advance(5.minutes)
- assert(Alert.first.raised?, "#{Alert.first.inspect} should be raised by now")
- assert(!Alert.first.cleared?, "#{Alert.first.inspect} should not be cleared")
-
- # Check that we have a notification
- #
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal("12345@joe_bloggs.email", destination)
- assert_equal(Alert.first, this_alert)
- assert_equal('raised', this_alert.update_type)
- end
-
- # Simulate manual acknowledgement
- #
- Alert.first.acknowledge!(Configuration.current.people["joe_bloggs"])
- Timers.restart_and_then_wait_until_idle
- assert(Alert.first.acknowledged?, "Acknowledgement didn't work")
-
- # Check that the acknowledgement has caused a notification
- #
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal("12345@joe_bloggs.email", destination)
- assert_equal(Alert.first, this_alert)
- assert_equal('acknowledged', this_alert.update_type, this_alert.inspect)
- end
- assert(Alert.first.acknowledged?)
- assert(Alert.first.raised?)
- assert(!Alert.first.cleared?)
-
- # Now with the config set to un-acknowledge alerts after only 1 minute,
- # try winding time on and check that this happens.
- #
- Time.advance(2.minutes)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal("12345@joe_bloggs.email", destination)
- assert_equal(Alert.first, this_alert)
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
-
- # Check that auto-clearing works four minutes later
- #
- Time.advance(5.minutes)
- assert(Alert.first.cleared?)
- assert(!Alert.first.raised?)
-
- # Finally check for a notification that auto-clearing has happened
- #
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal("12345@joe_bloggs.email", destination)
- assert_equal(Alert.first, this_alert)
- assert_equal('cleared', this_alert.update_type, this_alert.inspect)
- end
-
- # And see that no further reminders are sent a while later
- Time.advance(1.day)
- assert_no_notification
- end
-
- def test_one_alert_changes_from_outside
- # Raise our test alert, wait for it to be processed
- mauvesend("-o my_source -i alert1 -s \"alert1 summary\" -d \"alert1 detail\" -u \"alert1 subject\"")
-
- # Check internal representation, external notification
- #
- assert(Alert.first.raised?)
- assert(!Alert.first.cleared?)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
-
- # Check we get reminders every hour, and no more
- #
- 12.times do
- Time.advance(1.hour)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
- assert_no_notification
- end
-
- # Clear the alert, wait for it to be processed
- mauvesend("-o my_source -i alert1 -c now")
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('cleared', this_alert.update_type, this_alert.inspect)
- end
-
- # Check we can raise the same alert again
- Time.advance(1.minute)
- mauvesend("-o my_source -i alert1 -s \"alert1 summary\" -d \"alert1 detail\" -u \"alert1 subject\" -r now")
- assert(Alert.first.raised?, Alert.first.inspect)
- assert(!Alert.first.cleared?, Alert.first.inspect)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
- end
-
- def test_alert_groups
- # check that this alert is reminded more often than normal
- mauvesend("-o rare-and-important -i alert1 -s \"rare and important alert\"")
- assert(Alert.first.raised?)
- assert(!Alert.first.cleared?)
-
- 10.times do
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- assert_equal('12345', destination)
- Time.advance(10.minutes)
- end
- end
- discard_next_notification
- end
-
- def test_future_raising
- mauvesend("-i heartbeat -c now -r +10m -s \"raise in the future\"")
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- assert_no_notification
-
- # Check the future alert goes off
- #
- Time.advance(10.minutes)
- assert(Alert.first.raised?)
- assert(!Alert.first.cleared?)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
-
- # Check that a repeat of the "heartbeat" update clears it, and we get
- # a notification.
- #
- mauvesend("-i heartbeat -c now -r +10m -s \"raise in the future\"")
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('cleared', this_alert.update_type, this_alert.inspect)
- end
-
- # Check that a re-send of the same clear alert doesn't send another
- # notification
- #
- Time.advance(1.minute)
- mauvesend("-i heartbeat -c now -r +10m -s \"raise in the future\"")
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- assert_no_notification
-
- # Check that a skewed resend doesn't confuse it
- #
- mauvesend("-i heartbeat -c +1m -r +11m -s \"raise in the future\"")
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- Time.advance(1.minute)
- assert(!Alert.first.raised?)
- assert(Alert.first.cleared?)
- assert_no_notification
- end
-
- # Make sure that using the "replace all flag" works as expected.
- #
- def test_replace_flag
- mauvesend("-p")
- #mauvesend("-p")
- assert_no_notification
-
- mauvesend("-i test1 -s\"\test1\"")
- assert(Alert.first.raised?)
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('raised', this_alert.update_type, this_alert.inspect)
- end
- assert_no_notification
-
- mauvesend("-p")
- #mauvesend("-p")
- with_next_notification do |destination, this_alert, other_alerts|
- assert_equal('cleared', this_alert.update_type, this_alert.inspect)
- end
- assert_no_notification
- end
-
- def test_earliest_date
- alert = Alert.create!(
- :alert_id => "test_id",
- :source => "test1",
- :subject => "test subject",
- :summary => "test summary",
- :raised_at => nil,
- :will_raise_at => Time.now + 60,
- :will_clear_at => Time.now + 120,
- :update_type => "cleared",
- :updated_at => Time.now
- )
- assert(alert)
-
- assert(AlertEarliestDate.first.alert == alert)
- end
-
-end
-
-
-
-
diff --git a/test/tc_mauve_authentication.rb b/test/tc_mauve_authentication.rb
new file mode 100644
index 0000000..d0f2d4f
--- /dev/null
+++ b/test/tc_mauve_authentication.rb
@@ -0,0 +1,168 @@
+$:.unshift "../lib"
+
+
+require 'th_mauve'
+require 'th_mauve_resolv'
+
+require 'mauve/server'
+require 'mauve/authentication'
+require 'mauve/configuration'
+require 'mauve/configuration_builder'
+require 'mauve/configuration_builders'
+
+class TcMauveAuthentication < Mauve::UnitTest
+ include Mauve
+
+
+ def setup
+ super
+ setup_database
+ end
+
+ def teardown
+ teardown_database
+ super
+ end
+
+ def test_default_auth_always_fails
+ config=<<EOF
+server {
+ failed_login_delay 0
+}
+EOF
+
+ Configuration.current = ConfigurationBuilder.parse(config)
+ Server.instance.setup
+ assert_equal(false, Authentication.authenticate("test","password"))
+ #
+ # No warning
+ #
+ assert_nil(logger_shift)
+
+ end
+
+ def test_local_auth
+ config=<<EOF
+server {
+ failed_login_delay 0
+}
+
+person ("test") {
+ password "#{Digest::SHA1.new.hexdigest("password")}"
+ all { true }
+}
+EOF
+
+ Configuration.current = ConfigurationBuilder.parse(config)
+ Server.instance.setup
+ assert(!Authentication.authenticate("test","badpassword"))
+ #
+ # Should warn that a bad password has been used.
+ #
+ assert_match(/AuthLocal for test failed/, logger_shift)
+ assert(Authentication.authenticate("test","password"))
+ #
+ # No warnings
+ #
+ assert_nil(logger_shift)
+ end
+
+
+ def test_local_auth
+ config=<<EOF
+server {
+ failed_login_delay 0
+}
+
+person ("nopass") { }
+
+person ("test") {
+ password "#{Digest::SHA1.new.hexdigest("password")}"
+}
+EOF
+
+ Configuration.current = ConfigurationBuilder.parse(config)
+ Server.instance.setup
+ assert(!Authentication.authenticate("nopass","badpassword"))
+ logger_shift
+ assert(!Authentication.authenticate("test","badpassword"))
+ logger_shift
+ assert(Authentication.authenticate("test","password"))
+ end
+
+ def test_bytemark_auth
+ #
+ # BytemarkAuth test users are:
+ # test1: ummVRu7qF
+ # test2: POKvBqLT7
+ #
+ config=<<EOF
+server {
+ failed_login_delay 0
+ bytemark_auth_url "https://auth.bytemark.co.uk/"
+}
+
+person ("test1") { }
+
+person ("test2") {
+ password "#{Digest::SHA1.new.hexdigest("password")}"
+}
+
+person ("test3") {
+ password "#{Digest::SHA1.new.hexdigest("password")}"
+}
+EOF
+
+ Configuration.current = ConfigurationBuilder.parse(config)
+ Server.instance.setup
+
+ #
+ # Test to make sure auth can fail
+ #
+ assert(!Authentication.authenticate("test1","password"))
+ #
+ # Should issue a warning for just bytemark auth failing, and no more.
+ #
+ assert_match(/AuthBytemark for test1 failed/, logger_shift)
+ assert_nil(logger_shift)
+
+ assert(Authentication.authenticate("test1","ummVRu7qF"))
+ #
+ # Shouldn't issue any warnings.
+ #
+ assert_nil(logger_shift)
+
+ #
+ # Test to make sure that in the event of failure we fall back to local
+ # auth, which should also fail in this case.
+ #
+ assert(!Authentication.authenticate("test2","badpassword"))
+ assert_match(/AuthBytemark for test2 failed/, logger_shift)
+ assert_match(/AuthLocal for test2 failed/, logger_shift)
+
+ #
+ # Test to make sure that in the event of failure we fall back to local
+ # auth, which should pass in this case.
+ #
+ assert(Authentication.authenticate("test2","password"))
+ #
+ # Should issue a warning for just bytemark auth failing, and no more.
+ #
+ assert_match(/AuthBytemark for test2 failed/, logger_shift)
+ assert_nil(logger_shift)
+
+ #
+ # Finally test to make sure local-only still works
+ #
+ assert(Authentication.authenticate("test3","password"))
+ #
+ # Should issue a warning for just bytemark auth failing, and no more.
+ #
+ assert_match(/AuthBytemark for test3 failed/, logger_shift)
+ assert_nil(logger_shift)
+
+ end
+
+
+
+end
diff --git a/test/tc_mauve_web_interface.rb b/test/tc_mauve_web_interface.rb
index 69828e9..54c9697 100644
--- a/test/tc_mauve_web_interface.rb
+++ b/test/tc_mauve_web_interface.rb
@@ -53,12 +53,6 @@ class WebInterfaceTest < Mauve::UnitTest
super
setup_database
- #
- # BytemarkAuth test users are:
- #
- # test1: ummVRu7qF
- # test2: POKvBqLT7
- #
config =<<EOF
server {
hostname "localhost"
@@ -70,13 +64,8 @@ server {
}
}
-person ("test0") {
- password "#{Digest::SHA1.new.hexdigest("password")}"
- all { true }
-}
-
person ("test1") {
- password "#{Digest::SHA1.new.hexdigest("ummVRu7qF")}"
+ password "#{Digest::SHA1.new.hexdigest("goodpassword")}"
all { true }
}
@@ -156,9 +145,10 @@ EOF
#
logger_pop ; logger_pop
- post '/login', :username => 'test1', :password => 'ummVRu7qF'
+ post '/login', :username => 'test1', :password => 'goodpassword'
follow_redirect! while last_response.redirect?
assert last_response.body.include?('Mauve: ')
+ assert last_response.ok?
get '/logout'
follow_redirect! while last_response.redirect?
@@ -166,7 +156,7 @@ EOF
end
def test_alerts_show_subject
- post '/login', :username => 'test1', :password => 'ummVRu7qF'
+ post '/login', :username => 'test1', :password => 'goodpassword'
follow_redirect! while last_response.redirect?
assert last_response.body.include?('Mauve: ')
diff --git a/test/test_mauve.rb b/test/test_mauve.rb
index ce83c6c..a0531d7 100644
--- a/test/test_mauve.rb
+++ b/test/test_mauve.rb
@@ -8,24 +8,9 @@ require 'pp'
require 'test/unit'
require 'th_mauve'
-%w(
-tc_mauve_alert_changed.rb
-tc_mauve_alert_group.rb
-tc_mauve_alert.rb
-tc_mauve_configuration_builder.rb
-tc_mauve_configuration_builders_alert_group.rb
-tc_mauve_configuration_builders_logger.rb
-tc_mauve_configuration_builders_notification_method.rb
-tc_mauve_configuration_builders_person.rb
-tc_mauve_configuration_builders_server.rb
-tc_mauve_history.rb
-tc_mauve_notification.rb
-tc_mauve_people_list.rb
-tc_mauve_person.rb
-tc_mauve_source_list.rb
-tc_mauve_time.rb
-tc_mauve_web_interface.rb
-).each do |s|
+%w(. test).each do |dir|
+Dir.glob(File.join(dir,"tc_*.rb")).each do |s|
require s
end
+end
diff --git a/test/th_mauve.rb b/test/th_mauve.rb
index 2b97e64..ce29e11 100644
--- a/test/th_mauve.rb
+++ b/test/th_mauve.rb
@@ -77,6 +77,10 @@ module Mauve
def logger_pop
@outputter.pop
end
+
+ def logger_shift
+ @outputter.shift
+ end
def teardown_logger
logger = Log4r::Logger['Mauve']