// Verift that 2 entity list are equal only if all their data is equal
func Test_EntityManagerIsEqual(t *testing.T) {
names := []string{"g1", "g2", "g3"}
userName := "******"
len := 3
var el [3]*EntityManager
for i := 0; i < len; i++ {
el[i] = NewEntityManager()
addEntities(el[i], groupTypeStr, names, true)
if i > 0 {
if el[i].IsEqual(el[i-1]) == false {
t.Errorf("Test fail: entity list %v: %v must be equal to entity list %v %v", i, el[i], i-1, el[i-1])
}
}
}
a1, _ := am.NewUserAm(am.UserPermission, []byte("123456"), []byte("abcd"))
el[0].AddPropertyToEntity(getGroupFormat(names[1]), stc.AmPropertyName, a1)
el[2].AddPropertyToEntity(getGroupFormat(names[1]), stc.AmPropertyName, a1)
el[1].AddUser(userName)
el[1].AddUserToGroup(getGroupFormat(names[1]), userName)
el[2].RemovePropertyFromEntity(getGroupFormat(names[1]), stc.AmPropertyName)
for i := 0; i < len; i++ {
for j := 0; j < len; j++ {
if i != j && el[i].IsEqual(el[j]) == true {
t.Errorf("Test fail: entity list %v:\n%v is not equal to entity list %v:\n%v", i, el[i].getEntityManagerStrWithProperties(), j, el[j].getEntityManagerStrWithProperties())
}
}
}
}
// Generate a new secure storage minimal file that includes the root user with
// basic Account Management: the root user privilege and password
func createBasicFile(stFilePath string, name string, pass string, key []byte) {
saltStr, _ := salt.GetRandomSalt(saltLen)
_, err := salt.GenerateSaltedPassword([]byte(pass), password.MinPasswordLength, password.MaxPasswordLength, saltStr, -1)
if err != nil {
log.Fatalf("Error: can't generate salted password for '%v' user, error: %v", name, err)
}
ul := en.NewEntityManager()
ul.AddUser(name)
amUser, _ := am.NewUserAm(am.SuperUserPermission, []byte(pass), saltStr)
ul.AddPropertyToEntity(name, stc.AmPropertyName, amUser)
ul.StoreInfo(stFilePath, key)
}
func GenerateUserData(el *EntityManager, usersName []string, secret []byte, salt []byte) {
el.AddUser(usersName[0])
amData, _ := am.NewUserAm(am.SuperUserPermission, secret, salt)
el.AddPropertyToEntity(usersName[0], stc.AmPropertyName, amData)
otpData, _ := otp.NewSimpleOtpUser(secret)
el.AddPropertyToEntity(usersName[0], stc.OtpPropertyName, otpData)
pwdData, _ := password.NewUserPwd(secret, salt)
el.AddPropertyToEntity(usersName[0], stc.PwdPropertyName, pwdData)
ocraData, _ := ocra.NewOcraUser([]byte("ABCD1234"), "OCRA-1:HOTP-SHA512-8:C-QH08-T1M-S064-PSHA256")
el.AddPropertyToEntity(usersName[0], stc.OcraPropertyName, ocraData)
el.AddUser(usersName[1])
el.AddPropertyToEntity(usersName[1], stc.OtpPropertyName, otpData)
}
func (l amRestful) restAddAm(request *restful.Request, response *restful.Response) {
name := request.PathParameter(userIdParam)
privilege := l.getPrivilegePwd(request, response)
if privilege == nil {
return
}
saltStr, _ := salt.GetRandomSalt(SaltLen)
data, err := am.NewUserAm(privilege.Privilege, []byte(privilege.Password), saltStr)
if err != nil {
l.setError(response, http.StatusBadRequest, err)
return
}
l.st.UsersList.AddPropertyToEntity(name, stc.AmPropertyName, data)
response.WriteHeader(http.StatusCreated)
response.WriteEntity(l.getUrlPath(request, name))
}
func Test_AddCheckRemoveAMUserProperty(t *testing.T) {
moduleData, _ := am.NewUserAm(am.SuperUserPermission, secret, salt)
testAddCheckRemoveUserProperty(t, stc.AmPropertyName, moduleData)
}