// fetchData gets all the data from the given path relative to the given base URL.
// It returns the data found and the full URL used.
func fetchData(baseURL, path string, requireSigned bool) (data []byte, dataURL string, err error) {
dataURL = baseURL
if !strings.HasSuffix(dataURL, "/") {
dataURL += "/"
}
dataURL += path
resp, err := http.Get(dataURL)
if err != nil {
return nil, dataURL, errors.NotFoundf("invalid URL %q", dataURL)
}
defer resp.Body.Close()
if resp.StatusCode == http.StatusNotFound {
return nil, dataURL, errors.NotFoundf("cannot find URL %q", dataURL)
}
if resp.StatusCode == http.StatusUnauthorized {
return nil, dataURL, errors.Unauthorizedf("unauthorised access to URL %q", dataURL)
}
if resp.StatusCode != http.StatusOK {
return nil, dataURL, fmt.Errorf("cannot access URL %q, %q", dataURL, resp.Status)
}
if requireSigned {
data, err = DecodeCheckSignature(resp.Body)
} else {
data, err = ioutil.ReadAll(resp.Body)
}
if err != nil {
return nil, dataURL, fmt.Errorf("cannot read URL data, %v", err)
}
return data, dataURL, nil
}
func (s *BootstrapSuite) TestInitialPassword(c *C) {
machineConf, cmd, err := s.initBootstrapCommand(c, "--env-config", testConfig)
c.Assert(err, IsNil)
err = cmd.Run(nil)
c.Assert(err, IsNil)
// Check that we cannot now connect to the state without a
// password.
info := &state.Info{
Addrs: []string{testing.MgoAddr},
CACert: []byte(testing.CACert),
}
testOpenState(c, info, errors.Unauthorizedf(""))
// Check we can log in to mongo as admin.
info.Tag, info.Password = "", testPasswordHash()
st, err := state.Open(info, state.DefaultDialOpts())
c.Assert(err, IsNil)
// Reset password so the tests can continue to use the same server.
defer st.Close()
defer st.SetAdminMongoPassword("")
// Check that the admin user has been given an appropriate
// password
u, err := st.User("admin")
c.Assert(err, IsNil)
c.Assert(u.PasswordValid(testPassword), Equals, true)
// Check that the machine configuration has been given a new
// password and that we can connect to mongo as that machine
// and that the in-mongo password also verifies correctly.
machineConf1, err := agent.ReadConf(machineConf.DataDir, "machine-0")
c.Assert(err, IsNil)
c.Assert(machineConf1.OldPassword, Equals, "")
c.Assert(machineConf1.APIInfo.Password, Not(Equals), "")
c.Assert(machineConf1.StateInfo.Password, Equals, machineConf1.APIInfo.Password)
// Check that no other information has been lost.
machineConf.OldPassword = ""
machineConf.APIInfo.Password = machineConf1.APIInfo.Password
machineConf.StateInfo.Password = machineConf1.StateInfo.Password
c.Assert(machineConf1, DeepEquals, machineConf)
info.Tag, info.Password = "******", machineConf1.StateInfo.Password
st, err = state.Open(info, state.DefaultDialOpts())
c.Assert(err, IsNil)
defer st.Close()
m, err := st.Machine("0")
c.Assert(err, IsNil)
c.Assert(m.PasswordValid(machineConf1.StateInfo.Password), Equals, true)
}
func (s *verifyStorageSuite) TestVerifyStorageFails(c *C) {
defer testing.MakeFakeHome(c, existingEnv, "existing").Restore()
environ, err := environs.NewFromName("test")
c.Assert(err, IsNil)
storage := environ.Storage()
someError := errors.Unauthorizedf("you shall not pass")
dummy.Poison(storage, "bootstrap-verify", someError)
err = environs.VerifyStorage(storage)
c.Assert(err, Equals, environs.VerifyStorageError)
}
func (s *checkEnvironmentSuite) TestCheckEnvironmentGetFails(c *C) {
defer testing.MakeFakeHome(c, checkEnv, "existing").Restore()
environ, err := environs.NewFromName("test")
c.Assert(err, IsNil)
// VerifyStorage is sufficient for our tests and much simpler
// than Bootstrap which calls it.
storage := environ.Storage()
err = environs.VerifyStorage(storage)
c.Assert(err, IsNil)
// When fetching the verification file from storage fails,
// we get an InvalidEnvironmentError.
someError := errors.Unauthorizedf("you shall not pass")
dummy.Poison(storage, "bootstrap-verify", someError)
err = environs.CheckEnvironment(environ)
c.Assert(err, Equals, someError)
}
)
type errorsSuite struct {
testing.LoggingSuite
}
var _ = Suite(&errorsSuite{})
var errorTransformTests = []struct {
err error
code string
}{{
err: errors.NotFoundf("hello"),
code: params.CodeNotFound,
}, {
err: errors.Unauthorizedf("hello"),
code: params.CodeUnauthorized,
}, {
err: state.ErrCannotEnterScopeYet,
code: params.CodeCannotEnterScopeYet,
}, {
err: state.ErrCannotEnterScope,
code: params.CodeCannotEnterScope,
}, {
err: state.ErrExcessiveContention,
code: params.CodeExcessiveContention,
}, {
err: state.ErrUnitHasSubordinates,
code: params.CodeUnitHasSubordinates,
}, {
err: common.ErrBadId,