Exemplo n.º 1
0
func init() {
	logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
	privateKeyFilePath := flag.String("rsa-private", "./dist/key.private", "RSA private key file path")
	secureKeyFilePath := flag.String("secure-key", "./dist/secureKey", "password to encrypt the secure storage")
	usersDataPath := flag.String("data-file", "./dist/data.txt", "Login information file")
	flag.Parse()

	ServicePath = cr.ServicePathPrefix + cr.Version + AmPrefix
	resourcePath = listener + ServicePath + UsersPath

	usersList := en.New()
	signKey, verifyKey := app.TokenSetUp(*privateKeyFilePath)
	loginKey := ss.GetSecureKey(*secureKeyFilePath)
	en.LoadInfo(*usersDataPath, loginKey, usersList)

	stRestful = libsecurity_restful.NewLibsecurityRestful()
	stRestful.SetData(usersList, loginKey, verifyKey, signKey, nil)

	rootCookieStr, _ := app.GenerateToken(stc.RootUserName, am.SuperUserPermission, clientIP, signKey)
	cr.SetCookie(rootCookieStr)

	for _, name := range usersName {
		stRestful.UsersList.AddUser(name)
	}

	go runServer()
	time.Sleep(100 * time.Millisecond)
}
Exemplo n.º 2
0
func initAListOfUsers(t *testing.T, usersList []string) string {
	cookieStr, _ := app.GenerateToken(stc.RootUserName, am.SuperUserPermission, clientIP, stRestful.SignKey)
	cr.SetCookie(cookieStr)

	for _, name := range usersList {
		okUrlJ := cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, name)}
		url := resourcePath + "/" + name
		exeCommandCheckRes(t, cr.PUT_STR, url, http.StatusCreated, string(uData), okUrlJ)
		data, _ := stRestful.UsersList.GetPropertyAttachedToEntity(name, propertyName)
		exeCommandCheckRes(t, cr.GET_STR, url, http.StatusOK, "", data.(*am.AmUserInfo))
	}
	return string(uData)
}
Exemplo n.º 3
0
// 1. As a user: Update the password, verify the results
// 2. As a root: Fail to update the password to the root
// 3. As a root: Update the password, verify that it is allowed
func TestUpdatePassword(t *testing.T) {
	userName := usersName[0]

	//	initAListOfUsers(t, usersName)
	cookieStr, _ := app.GenerateToken(userName, am.UserPermission, clientIP, stRestful.SignKey)
	cr.SetCookie(cookieStr)

	url := listener + ServicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[handleUserPwdCommand]), UsersPath, userName, PwdPath)
	okUrlJ := cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, userName)}
	pwd, _ := json.Marshal(cr.UpdateSecret{OldPassword: secretCode, NewPassword: secretCode + "1"})
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusCreated, string(pwd), okUrlJ)

	url = listener + ServicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[handleUserPwdCommand]), UsersPath, stc.RootUserName, PwdPath)
	okUrlJ = cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, stc.RootUserName)}
	pwd, _ = json.Marshal(cr.UpdateSecret{OldPassword: rootPwd, NewPassword: secretCode + "2"})
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusMethodNotAllowed, string(pwd), cr.Error{Code: http.StatusMethodNotAllowed})

	cookieStr, _ = app.GenerateToken(stc.RootUserName, am.SuperUserPermission, clientIP, stRestful.SignKey)
	cr.SetCookie(cookieStr)
	url = listener + ServicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[handleUserPwdCommand]), UsersPath, stc.RootUserName, PwdPath)
	okUrlJ = cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, stc.RootUserName)}
	pwd, _ = json.Marshal(cr.UpdateSecret{OldPassword: rootPwd, NewPassword: secretCode + "1"})
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusCreated, string(pwd), okUrlJ)
}
Exemplo n.º 4
0
// 1. As a root: Update the user privilege, verify the results
// 2. As a root: Update the root privilege, verify that it is not allowed
// 3. As the user: Update the user privilege, verify that it is not allowed
func TestUpdatePrivilege(t *testing.T) {
	userName := usersName[0]

	initAListOfUsers(t, usersName)
	url := listener + ServicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[handleUserPwdCommand]), UsersPath, userName, PrivilegePath)
	okUrlJ := cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, userName)}
	privilege, _ := json.Marshal(privilegePwd{Privilege: am.SuperUserPermission})
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusCreated, string(privilege), okUrlJ)

	url = listener + ServicePath + fmt.Sprintf(cr.ConvertCommandToRequest(urlCommands[handleUserPwdCommand]), UsersPath, stc.RootUserName, PrivilegePath)
	okUrlJ = cr.Url{Url: fmt.Sprintf("%v/%v", ServicePath, stc.RootUserName)}
	privilege, _ = json.Marshal(privilegePwd{Privilege: am.SuperUserPermission})
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusBadRequest, string(privilege), cr.Error{Code: http.StatusBadRequest})

	cookieStr, _ := app.GenerateToken(userName, am.UserPermission, clientIP, stRestful.SignKey)
	cr.SetCookie(cookieStr)
	exeCommandCheckRes(t, cr.PATCH_STR, url, http.StatusMethodNotAllowed, string(privilege), cr.Error{Code: http.StatusMethodNotAllowed})
}