func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
privateKeyFilePath := flag.String("rsa-private", "./dist/key.private", "RSA private key file path")
secureKeyFilePath := flag.String("secure-key", "./dist/secureKey", "password to encrypt the secure storage")
usersDataPath := flag.String("data-file", "./dist/data.txt", "Login information file")
flag.Parse()
ServicePath = cr.ServicePathPrefix + cr.Version + AmPrefix
resourcePath = listener + ServicePath + UsersPath
usersList := en.NewEntityManager()
signKey, verifyKey := app.TokenSetUp(*privateKeyFilePath)
loginKey := ss.GetSecureKey(*secureKeyFilePath)
en.LoadInfo(*usersDataPath, loginKey, usersList)
stRestful = libsecurity_restful.NewLibsecurityRestful()
stRestful.SetData(usersList, loginKey, verifyKey, signKey, nil)
rootCookieStr, _ := app.GenerateToken(stc.RootUserName, am.SuperUserPermission, listener, signKey)
cr.SetCookie(rootCookieStr)
for _, name := range usersName {
stRestful.UsersList.AddUser(name)
}
go runServer()
time.Sleep(100 * time.Millisecond)
}
// Generate a new secure storage minimal file that includes the root user with
// basic Account Management: the root user privilege and password
func createBasicFile(stFilePath string, name string, pass string, key []byte) {
saltStr, _ := salt.GetRandomSalt(saltLen)
_, err := salt.GenerateSaltedPassword([]byte(pass), password.MinPasswordLength, password.MaxPasswordLength, saltStr, -1)
if err != nil {
log.Fatalf("Error: can't generate salted password for '%v' user, error: %v", name, err)
}
ul := en.NewEntityManager()
ul.AddUser(name)
amUser, _ := am.NewUserAm(am.SuperUserPermission, []byte(pass), saltStr)
ul.AddPropertyToEntity(name, stc.AmPropertyName, amUser)
ul.StoreInfo(stFilePath, key)
}
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
usersList := en.NewEntityManager()
stRestful = libsecurity_restful.NewLibsecurityRestful()
stRestful.SetData(usersList, nil, nil, nil, nil)
stRestful.SetToFilterFlag(false)
ServicePath = cr.ServicePathPrefix + cr.Version + AclPrefix
resourcePath = listener + ServicePath
go runServer()
time.Sleep(100 * time.Millisecond)
}
func init() {
jwtUniqId = generateJwt(jwtLen)
usersList = en.NewEntityManager()
usersList.AddGroup(stc.SuperUserGroupName)
usersList.AddGroup(stc.AdminGroupName)
usersList.AddGroup(stc.UsersGroupName)
usersList.AddUserToGroup(stc.AdminGroupName, stc.SuperUserGroupName)
usersList.AddUserToGroup(stc.UsersGroupName, stc.SuperUserGroupName)
usersList.AddUserToGroup(stc.UsersGroupName, stc.AdminGroupName)
usersList.AddUserToGroup(stc.SuperUserGroupName, stc.RootUserName)
}
// Verify that get property from undefined user returns an error
// Verify that get property from user before setting the OTP property, returns an error
// Verify that get property from user after setting the property returns the same property as was setted to the user
// Verify that get property from user after removing the OTP property returns an error
// Verify that get property from user after readding the OTP property returns OK
// Verify that get property from user that was removed after OTP property was set, returns an error
// Verify that Add a property to user, remove the user, generate a new user with the same name and try to get the property returns an error
func testAddCheckRemoveUserProperty(t *testing.T, propertyName string, moduleData interface{}) {
name := "name1"
usersList := en.NewEntityManager()
_, err := usersList.GetPropertyAttachedToEntity(name, propertyName)
if err == nil {
t.Errorf("Test fail, Recived module '%v' of undefined user '%v'", propertyName, name)
}
usersList.AddResource(name)
_, err = usersList.GetPropertyAttachedToEntity(name, propertyName)
if err == nil {
t.Errorf("Test fail, Recived module '%v' of not registered yet module for user '%v'", propertyName, name)
}
usersList.AddPropertyToEntity(name, propertyName, moduleData)
tmp, err := usersList.GetPropertyAttachedToEntity(name, propertyName)
if err != nil {
t.Errorf("Test fail, Error while feteching module '%v' from user '%v', error: %v", propertyName, name, err)
}
if moduleData != tmp {
t.Errorf("Test fail, Added '%v' property '%v' is not equal to the fetched one '%v'", propertyName, moduleData, tmp)
}
usersList.RemovePropertyFromEntity(name, propertyName)
_, err = usersList.GetPropertyAttachedToEntity(name, propertyName)
if err == nil {
t.Errorf("Test fail, Removed module '%v' from user '%v' was successfully fetched", propertyName, name)
}
usersList.AddPropertyToEntity(name, propertyName, moduleData)
_, err = usersList.GetPropertyAttachedToEntity(name, propertyName)
if err != nil {
t.Errorf("Test fail, Error while feteching module '%v' from user '%v', error: %v", propertyName, name, err)
}
usersList.RemoveResource(name)
_, err = usersList.GetPropertyAttachedToEntity(name, propertyName)
if err == nil {
t.Errorf("Test fail, Module '%v' of removed user '%v' was successfully fetched", propertyName, name)
}
err = usersList.AddPropertyToEntity(name, propertyName, moduleData)
if err == nil {
t.Errorf("Test fail, Atteched module '%v' to removed user '%v'", propertyName, name)
}
usersList.AddResource(name)
_, err = usersList.GetPropertyAttachedToEntity(name, propertyName)
if err == nil {
t.Errorf("Test fail, Module '%v' was fetched before atttached to the user '%v'", propertyName, name)
}
}
func Test_StoreLoad(t *testing.T) {
filePath := "./try.txt"
secret := []byte("ABCDEFGH12345678")
el := en.NewEntityManager()
for i := 0; i < 3; i++ {
el.AddUser(fmt.Sprintf("User %d", i+1))
resourceName := fmt.Sprintf("Disk %d", i+1)
el.AddResource(resourceName)
a := NewACL()
el.AddPropertyToEntity(resourceName, stc.AclPropertyName, a)
}
if generateAcl(el) == false {
t.Error("Test fail, can't generate ACL")
t.FailNow()
}
el.StoreInfo(filePath, secret)
entityManager1 := en.NewEntityManager()
err := en.LoadInfo(filePath, secret, entityManager1)
if err != nil {
fmt.Println(err)
}
for n, _ := range el.Resources {
tmpE, _ := el.GetPropertyAttachedToEntity(n, stc.AclPropertyName)
a := tmpE.(*Acl)
tmpE1, _ := entityManager1.GetPropertyAttachedToEntity(n, stc.AclPropertyName)
a1 := tmpE1.(*Acl)
if a.IsEqual(*a1) == false {
t.Errorf("Test fail, Stored ACL property != loaded one")
fmt.Println("The stored ACL for resource:", n, a)
fmt.Println("The loaded ACL for resource:", n, a1)
}
}
}
func initEntityManager() *en.EntityManager {
entityManager := en.NewEntityManager()
for _, name := range usersName {
entityManager.AddUser(name)
}
entityManager.AddGroup(groupName)
for _, name := range groupUsersName {
entityManager.AddUser(name)
entityManager.AddUserToGroup(groupName, name)
}
entityManager.AddResource(resourceName)
a := acl.NewACL()
entityManager.AddPropertyToEntity(resourceName, stc.AclPropertyName, a)
return entityManager
}
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
ServicePath = cr.ServicePathPrefix + cr.Version + SsPrefix
resourcePath = listener + ServicePath + StoragePath
itemPath = listener + ServicePath + StorageItemPath
baseHeaderInfo[secretIdParam] = secretCode
usersList := en.NewEntityManager()
stRestful = libsecurity_restful.NewLibsecurityRestful()
secureStorage, _ := ss.NewStorage([]byte(secretCode))
stRestful.SetData(usersList, nil, nil, nil, secureStorage)
stRestful.SetToFilterFlag(false)
go runServer()
time.Sleep(100 * time.Millisecond)
}
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
EnServicePath = cr.ServicePathPrefix + cr.Version + UmPrefix
enResourcePath = listener + EnServicePath
enUserResourcePath = listener + EnServicePath + UsersPath
UsersServicePath = EnServicePath + UsersPath
ResourceServicePath = EnServicePath + ResourcesPath
enPath = listener + EnServicePath
usersList := en.NewEntityManager()
stRestful = libsecurity_restful.NewLibsecurityRestful()
stRestful.SetData(usersList, nil, nil, nil, nil)
stRestful.SetToFilterFlag(false)
go runServer()
time.Sleep(100 * time.Millisecond)
}
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
ServicePath = cr.ServicePathPrefix + cr.Version + PwdPrefix
resourcePath = listener + ServicePath + UsersPath
usersList := en.NewEntityManager()
stRestful = libsecurity_restful.NewLibsecurityRestful()
stRestful.SetData(usersList, nil, nil, nil, nil)
stRestful.SetToFilterFlag(false)
for _, name := range usersName {
stRestful.UsersList.AddUser(name)
}
go runServer()
time.Sleep(100 * time.Millisecond)
}
emptyRes = "{}"
protectedEntityManagerLen = 2 // set it if the EntityManager.protectedEntityManager is chaned
)
var (
enResourcePath string // = listener + EnServicePath
enUserResourcePath string //= listener + EnServicePath + UsersPath
enPath string
usersName = []string{userName1, userName2}
resourcesName = []string{resourceName1, resourceName2}
stRestful *libsecurity_restful.LibsecurityRestful
BasicUsers = en.NewEntityManager()
)
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
EnServicePath = cr.ServicePathPrefix + cr.Version + UmPrefix
enResourcePath = listener + EnServicePath
enUserResourcePath = listener + EnServicePath + UsersPath
UsersServicePath = EnServicePath + UsersPath
ResourceServicePath = EnServicePath + ResourcesPath
enPath = listener + EnServicePath
usersList := en.NewEntityManager()
stRestful = libsecurity_restful.NewLibsecurityRestful()
func registerComponents(configFile string, secureKeyFilePath string, privateKeyFilePath string, usersDataPath string) {
conf, err := readConfigFile(configFile)
if err != nil {
fmt.Fprintf(os.Stderr, "Fatal error while reading configuration file '%v', error: %v\n", configFile, err)
os.Exit(1)
}
wsContainer := restful.NewContainer()
usersList := en.NewEntityManager()
// amUsers := am.NewAmUsersList()
signKey, verifyKey = app.TokenSetUp(privateKeyFilePath)
loginKey = ss.GetSecureKey(secureKeyFilePath)
st := libsecurity_restful.NewLibsecurityRestful()
st.SetData(usersList, loginKey, verifyKey, signKey, nil)
l := accounts_restful.NewAmRestful()
l.SetData(st)
if conf[amToken] == fullToken {
l.RegisterFull(wsContainer)
} else { // login is mandatory
l.RegisterBasic(wsContainer)
}
um := en_restful.NewEnRestful()
um.SetData(st)
if conf[umToken] != noneToken {
um.RegisterBasic(wsContainer)
}
/*
a := acl_restful.NewAclRestful()
a.SetData(st)
if conf[aclToken] == basicToken || conf[appAclToken] == basicToken {
a.RegisterBasic(wsContainer)
}
*/
/*
appAclPermissions := appAcl.NewAppPermissions()
st.STool.SetAppAclData(appAclPermissions)
aa := appAcl_restful.NewAppAclRestful()
aa.SetData(appAclPermissions, st)
if conf[appAclToken] == basicToken {
aa.RegisterBasic(wsContainer)
}
*/
p := otp_restful.NewOtpRestful()
p.SetData(st)
if conf[otpToken] == basicToken {
p.RegisterBasic(wsContainer)
}
o := ocra_restful.NewOcraRestful()
o.SetData(st)
if conf[ocraToken] == basicToken {
o.RegisterBasic(wsContainer)
}
pwd := password_restful.NewPwdRestful()
pwd.SetData(st)
if conf[passwordToken] == basicToken {
pwd.RegisterBasic(wsContainer)
}
ss := storage_restful.NewSsRestful()
ss.SetData(st)
if conf[secureStorageToken] == basicToken {
ss.RegisterBasic(wsContainer)
}
st.RegisterBasic(wsContainer)
err = en.LoadInfo(usersDataPath, loginKey, usersList)
if err != nil {
fmt.Println("Load info error:", err)
}
runRestApi(wsContainer)
}
func initEntityManager() *en.EntityManager {
el := en.NewEntityManager()
el.AddResource(resourceName)
return el
}
func init() {
entityManager = en.NewEntityManager()
}