Beispiel #1
0
func (s *userManagerSuite) TestUserInfoAll(c *gc.C) {
	admin, err := s.State.User(s.AdminUserTag(c))
	c.Assert(err, jc.ErrorIsNil)
	userFoo := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", DisplayName: "Foo Bar"})
	userAardvark := s.Factory.MakeUser(c, &factory.UserParams{Name: "aardvark", DisplayName: "Aard Vark", Disabled: true})

	args := params.UserInfoRequest{IncludeDisabled: true}
	results, err := s.usermanager.UserInfo(args)
	c.Assert(err, jc.ErrorIsNil)
	var expected params.UserInfoResults
	for _, r := range []struct {
		user *state.User
		info *params.UserInfo
	}{{
		user: userAardvark,
		info: &params.UserInfo{
			Username:    "******",
			DisplayName: "Aard Vark",
			Access:      "login",
			Disabled:    true,
		},
	}, {
		user: admin,
		info: &params.UserInfo{
			Username:    s.adminName,
			DisplayName: admin.DisplayName(),
			Access:      "superuser",
		},
	}, {
		user: userFoo,
		info: &params.UserInfo{
			Username:    "******",
			DisplayName: "Foo Bar",
			Access:      "login",
		},
	}} {
		r.info.CreatedBy = s.adminName
		r.info.DateCreated = r.user.DateCreated()
		r.info.LastConnection = lastLoginPointer(c, r.user)
		expected.Results = append(expected.Results, params.UserInfoResult{Result: r.info})
	}
	c.Assert(results, jc.DeepEquals, expected)

	results, err = s.usermanager.UserInfo(params.UserInfoRequest{})
	c.Assert(err, jc.ErrorIsNil)
	// Same results as before, but without the deactivated user
	expected.Results = expected.Results[1:]
	c.Assert(results, jc.DeepEquals, expected)
}
Beispiel #2
0
// UserInfo returns information on a user.
func (api *UserManagerAPI) UserInfo(request params.UserInfoRequest) (params.UserInfoResults, error) {
	var results params.UserInfoResults
	var infoForUser = func(user *state.User) params.UserInfoResult {
		var lastLogin *time.Time
		userLastLogin, err := user.LastLogin()
		if err != nil {
			if !state.IsNeverLoggedInError(err) {
				logger.Debugf("error getting last login: %v", err)
			}
		} else {
			lastLogin = &userLastLogin
		}
		return params.UserInfoResult{
			Result: &params.UserInfo{
				Username:       user.Name(),
				DisplayName:    user.DisplayName(),
				CreatedBy:      user.CreatedBy(),
				DateCreated:    user.DateCreated(),
				LastConnection: lastLogin,
				Disabled:       user.IsDisabled(),
			},
		}
	}

	argCount := len(request.Entities)
	if argCount == 0 {
		users, err := api.state.AllUsers(request.IncludeDisabled)
		if err != nil {
			return results, errors.Trace(err)
		}
		for _, user := range users {
			results.Results = append(results.Results, infoForUser(user))
		}
		return results, nil
	}

	results.Results = make([]params.UserInfoResult, argCount)
	for i, arg := range request.Entities {
		user, err := api.getUser(arg.Tag)
		if err != nil {
			results.Results[i].Error = common.ServerError(err)
			continue
		}
		results.Results[i] = infoForUser(user)
	}

	return results, nil
}
Beispiel #3
0
func (s *userManagerSuite) TestUserInfoAll(c *gc.C) {
	admin, err := s.State.User(s.AdminUserTag(c))
	c.Assert(err, jc.ErrorIsNil)
	userFoo := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", DisplayName: "Foo Bar"})
	userBar := s.Factory.MakeUser(c, &factory.UserParams{Name: "barfoo", DisplayName: "Bar Foo", Disabled: true})

	args := params.UserInfoRequest{IncludeDisabled: true}
	results, err := s.usermanager.UserInfo(args)
	c.Assert(err, jc.ErrorIsNil)
	expected := params.UserInfoResults{
		Results: []params.UserInfoResult{
			{
				Result: &params.UserInfo{
					Username:       "******",
					DisplayName:    "Bar Foo",
					CreatedBy:      s.adminName,
					DateCreated:    userBar.DateCreated(),
					LastConnection: userBar.LastLogin(),
					Disabled:       true,
				},
			}, {
				Result: &params.UserInfo{
					Username:       s.adminName,
					DisplayName:    admin.DisplayName(),
					CreatedBy:      s.adminName,
					DateCreated:    admin.DateCreated(),
					LastConnection: admin.LastLogin(),
				},
			}, {
				Result: &params.UserInfo{
					Username:       "******",
					DisplayName:    "Foo Bar",
					CreatedBy:      s.adminName,
					DateCreated:    userFoo.DateCreated(),
					LastConnection: userFoo.LastLogin(),
				},
			}},
	}
	c.Assert(results, jc.DeepEquals, expected)

	results, err = s.usermanager.UserInfo(params.UserInfoRequest{})
	c.Assert(err, jc.ErrorIsNil)
	// Same results as before, but without the deactivated barfoo user
	expected.Results = expected.Results[1:]
	c.Assert(results, jc.DeepEquals, expected)
}
Beispiel #4
0
func (s *userManagerSuite) TestUserInfo(c *gc.C) {
	userFoo := s.Factory.MakeUser(c, &factory.UserParams{Name: "foobar", DisplayName: "Foo Bar"})
	userBar := s.Factory.MakeUser(c, &factory.UserParams{Name: "barfoo", DisplayName: "Bar Foo", Disabled: true})

	args := params.UserInfoRequest{
		Entities: []params.Entity{
			{
				Tag: userFoo.Tag().String(),
			}, {
				Tag: userBar.Tag().String(),
			}, {
				Tag: names.NewLocalUserTag("ellie").String(),
			}, {
				Tag: names.NewUserTag("not@remote").String(),
			}, {
				Tag: "not-a-tag",
			},
		}}

	results, err := s.usermanager.UserInfo(args)
	c.Assert(err, jc.ErrorIsNil)
	var expected params.UserInfoResults
	for _, r := range []struct {
		user *state.User
		info *params.UserInfo
		err  *params.Error
	}{
		{
			user: userFoo,
			info: &params.UserInfo{
				Username:    "******",
				DisplayName: "Foo Bar",
			},
		}, {
			user: userBar,
			info: &params.UserInfo{
				Username:    "******",
				DisplayName: "Bar Foo",
				Disabled:    true,
			},
		}, {
			err: &params.Error{
				Message: "permission denied",
				Code:    params.CodeUnauthorized,
			},
		}, {
			err: &params.Error{
				Message: "permission denied",
				Code:    params.CodeUnauthorized,
			},
		}, {
			err: &params.Error{
				Message: `"not-a-tag" is not a valid tag`,
			},
		},
	} {
		if r.info != nil {
			r.info.DateCreated = r.user.DateCreated()
			r.info.LastConnection = lastLoginPointer(c, r.user)
			r.info.CreatedBy = s.adminName
		}
		expected.Results = append(expected.Results, params.UserInfoResult{Result: r.info, Error: r.err})
	}

	c.Assert(results, jc.DeepEquals, expected)
}
Beispiel #5
0
// UserInfo returns information on a user.
func (api *UserManagerAPI) UserInfo(request params.UserInfoRequest) (params.UserInfoResults, error) {
	var results params.UserInfoResults
	isAdmin, err := api.hasControllerAdminAccess()
	if err != nil {
		return results, errors.Trace(err)
	}

	var accessForUser = func(userTag names.UserTag, result *params.UserInfoResult) {
		// Lookup the access the specified user has to the controller.
		_, controllerUserAccess, err := common.UserAccess(api.state, userTag)
		if err == nil {
			result.Result.Access = string(controllerUserAccess.Access)
		} else if err != nil && !errors.IsNotFound(err) {
			result.Result = nil
			result.Error = common.ServerError(err)
		}
	}

	var infoForUser = func(user *state.User) params.UserInfoResult {
		var lastLogin *time.Time
		userLastLogin, err := user.LastLogin()
		if err != nil {
			if !state.IsNeverLoggedInError(err) {
				logger.Debugf("error getting last login: %v", err)
			}
		} else {
			lastLogin = &userLastLogin
		}
		result := params.UserInfoResult{
			Result: &params.UserInfo{
				Username:       user.Name(),
				DisplayName:    user.DisplayName(),
				CreatedBy:      user.CreatedBy(),
				DateCreated:    user.DateCreated(),
				LastConnection: lastLogin,
				Disabled:       user.IsDisabled(),
			},
		}
		accessForUser(user.UserTag(), &result)
		return result
	}

	argCount := len(request.Entities)
	if argCount == 0 {
		users, err := api.state.AllUsers(request.IncludeDisabled)
		if err != nil {
			return results, errors.Trace(err)
		}
		for _, user := range users {
			if !isAdmin && !api.authorizer.AuthOwner(user.Tag()) {
				continue
			}
			results.Results = append(results.Results, infoForUser(user))
		}
		return results, nil
	}

	// Create the results list to populate.
	for _, arg := range request.Entities {
		userTag, err := names.ParseUserTag(arg.Tag)
		if err != nil {
			results.Results = append(results.Results, params.UserInfoResult{Error: common.ServerError(err)})
			continue
		}
		if !isAdmin && !api.authorizer.AuthOwner(userTag) {
			results.Results = append(results.Results, params.UserInfoResult{Error: common.ServerError(common.ErrPerm)})
			continue
		}
		if !userTag.IsLocal() {
			// TODO(wallyworld) record login information about external users.
			result := params.UserInfoResult{
				Result: &params.UserInfo{
					Username: userTag.Id(),
				},
			}
			accessForUser(userTag, &result)
			results.Results = append(results.Results, result)
			continue
		}
		user, err := api.getUser(arg.Tag)
		if err != nil {
			results.Results = append(results.Results, params.UserInfoResult{Error: common.ServerError(err)})
			continue
		}
		results.Results = append(results.Results, infoForUser(user))
	}

	return results, nil
}