func (s *userManagerSuite) TestNewUserManagerAPIRefusesNonClient(c *gc.C) { anAuthoriser := s.authorizer anAuthoriser.Client = false endPoint, err := usermanager.NewUserManagerAPI(s.State, nil, anAuthoriser) c.Assert(endPoint, gc.IsNil) c.Assert(err, gc.ErrorMatches, "permission denied") }
func (s *userManagerSuite) SetUpTest(c *gc.C) { s.JujuConnSuite.SetUpTest(c) user, err := s.State.User("admin") c.Assert(err, gc.IsNil) s.authorizer = apiservertesting.FakeAuthorizer{ Tag: names.NewUserTag("admin"), LoggedIn: true, Client: true, Entity: user, } s.usermanager, err = usermanager.NewUserManagerAPI(s.State, nil, s.authorizer) c.Assert(err, gc.IsNil) }
func (s *userManagerSuite) TestAgentUnauthorized(c *gc.C) { machine1, err := s.State.AddMachine("quantal", state.JobManageEnviron) c.Assert(err, gc.IsNil) // Create a FakeAuthorizer so we can check permissions, // set up assuming machine 1 has logged in. s.authorizer = apiservertesting.FakeAuthorizer{ Tag: machine1.Tag(), LoggedIn: true, MachineAgent: true, } s.usermanager, err = usermanager.NewUserManagerAPI(s.State, nil, s.authorizer) c.Assert(err, gc.ErrorMatches, "permission denied") }
// UserManager returns an object that provides access to the UserManager API // facade. The id argument is reserved for future use and currently // needs to be empty func (r *srvRoot) UserManager(id string) (*usermanager.UserManagerAPI, error) { if id != "" { return nil, common.ErrBadId } return usermanager.NewUserManagerAPI(r.srv.state, r) }