[Kimchi-devel] [PATCH 3/5] Add functions to check if a user/group exists
Daniel H Barboza
danielhb at linux.vnet.ibm.com
Mon Apr 14 18:31:17 UTC 2014
Reviewed-by: Daniel Barboza <danielhb at linux.vnet.ibm.com>
On 04/11/2014 05:57 PM, Aline Manera wrote:
> From: Aline Manera <alinefm at br.ibm.com>
>
> The user/group validation is done on the current system.
>
> Signed-off-by: Crístian Viana <vianac at linux.vnet.ibm.com>
> Signed-off-by: Aline Manera <alinefm at br.ibm.com>
> ---
> src/kimchi/auth.py | 22 ++++++++++++++++++++++
> tests/test_authorization.py | 19 +++++++++++++++++++
> 2 files changed, 41 insertions(+)
>
> diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
> index dc78ded..2186987 100644
> --- a/src/kimchi/auth.py
> +++ b/src/kimchi/auth.py
> @@ -25,6 +25,7 @@ import multiprocessing
> import os
> import PAM
> import pty
> +import pwd
> import re
> import termios
> import time
> @@ -96,6 +97,27 @@ class User(object):
> def get_user(self):
> return self.user
>
> + def exists(self):
> + try:
> + pwd.getpwnam(self.user[USER_NAME])
> + except KeyError:
> + return False
> + else:
> + return True
> +
> +
> +class Group(object):
> + def __init__(self, groupname):
> + self.groupname = groupname
> +
> + def exists(self):
> + try:
> + grp.getgrnam(self.groupname)
> + except KeyError:
> + return False
> + else:
> + return True
> +
>
> def authenticate(username, password, service="passwd"):
> '''Returns True if authenticate is OK via PAM.'''
> diff --git a/tests/test_authorization.py b/tests/test_authorization.py
> index b211e06..ab98987 100644
> --- a/tests/test_authorization.py
> +++ b/tests/test_authorization.py
> @@ -17,14 +17,17 @@
> # License along with this library; if not, write to the Free Software
> # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
>
> +import grp
> import json
> import os
> +import pwd
> import unittest
>
>
> from functools import partial
>
>
> +import kimchi.auth
> import kimchi.mockmodel
> from utils import get_free_port, patch_auth, request
> from utils import run_server
> @@ -119,3 +122,19 @@ class AuthorizationTests(unittest.TestCase):
> self.assertEquals(403, resp.status)
> resp = self.request('/vms', '{}', 'DELETE')
> self.assertEquals(403, resp.status)
> +
> +
> +class CurrentUserGroupTests(unittest.TestCase):
> + def test_current_user(self):
> + current_user = pwd.getpwuid(os.getuid()).pw_name
> + self.assertTrue(kimchi.auth.User(current_user).exists())
> +
> + invalid_user = "userdoesnotexist"
> + self.assertFalse(kimchi.auth.User(invalid_user).exists())
> +
> + def test_current_group(self):
> + current_group = grp.getgrgid(os.getgid()).gr_name
> + self.assertTrue(kimchi.auth.Group(current_group).exists())
> +
> + invalid_group = "groupdoesnotexist"
> + self.assertFalse(kimchi.auth.Group(invalid_group).exists())
More information about the Kimchi-devel
mailing list