func (s *keyManagerSuite) TestNewKeyManagerAPIAcceptsEnvironManager(c *gc.C) {
anAuthoriser := s.authoriser
anAuthoriser.EnvironManager = true
endPoint, err := keymanager.NewKeyManagerAPI(s.State, s.resources, anAuthoriser)
c.Assert(err, gc.IsNil)
c.Assert(endPoint, gc.NotNil)
}
func (s *keyManagerSuite) TestNewKeyManagerAPIRefusesNonClient(c *gc.C) {
anAuthoriser := s.authoriser
anAuthoriser.Client = false
endPoint, err := keymanager.NewKeyManagerAPI(s.State, s.resources, anAuthoriser)
c.Assert(endPoint, gc.IsNil)
c.Assert(err, gc.ErrorMatches, "permission denied")
}
func (s *keyManagerSuite) TestAddJujuSystemKey(c *gc.C) {
anAuthoriser := s.authoriser
anAuthoriser.Client = false
anAuthoriser.EnvironManager = true
anAuthoriser.Tag = "machine-0"
var err error
s.keymanager, err = keymanager.NewKeyManagerAPI(s.State, s.resources, anAuthoriser)
c.Assert(err, gc.IsNil)
key1 := sshtesting.ValidKeyOne.Key + " user@host"
key2 := sshtesting.ValidKeyTwo.Key
initialKeys := []string{key1, key2}
s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n"))
newKey := sshtesting.ValidKeyThree.Key + " juju-system-key"
args := params.ModifyUserSSHKeys{
User: "******",
Keys: []string{newKey},
}
results, err := s.keymanager.AddKeys(args)
c.Assert(err, gc.IsNil)
c.Assert(results, gc.DeepEquals, params.ErrorResults{
Results: []params.ErrorResult{
{Error: nil},
},
})
s.assertEnvironKeys(c, append(initialKeys, newKey))
}
func (s *keyManagerSuite) SetUpTest(c *gc.C) {
s.JujuConnSuite.SetUpTest(c)
s.resources = common.NewResources()
s.AddCleanup(func(_ *gc.C) { s.resources.StopAll() })
s.authoriser = apiservertesting.FakeAuthorizer{
Tag: "user-admin",
LoggedIn: true,
Client: true,
}
var err error
s.keymanager, err = keymanager.NewKeyManagerAPI(s.State, s.resources, s.authoriser)
c.Assert(err, gc.IsNil)
}
func (s *keyManagerSuite) TestAddJujuSystemKeyNotMachine(c *gc.C) {
anAuthoriser := s.authoriser
anAuthoriser.Client = false
anAuthoriser.EnvironManager = true
anAuthoriser.Tag = "unit-wordpress-0"
var err error
s.keymanager, err = keymanager.NewKeyManagerAPI(s.State, s.resources, anAuthoriser)
c.Assert(err, gc.IsNil)
key1 := sshtesting.ValidKeyOne.Key
s.setAuthorisedKeys(c, key1)
newKey := sshtesting.ValidKeyThree.Key + " juju-system-key"
args := params.ModifyUserSSHKeys{
User: "******",
Keys: []string{newKey},
}
_, err = s.keymanager.AddKeys(args)
c.Assert(err, gc.ErrorMatches, "permission denied")
s.assertEnvironKeys(c, []string{key1})
}
func (s *keyManagerSuite) TestNewKeyManagerAPIAcceptsClient(c *gc.C) {
endPoint, err := keymanager.NewKeyManagerAPI(s.State, s.resources, s.authoriser)
c.Assert(err, gc.IsNil)
c.Assert(endPoint, gc.NotNil)
}
// KeyManager returns an object that provides access to the KeyManager API
// facade. The id argument is reserved for future use and currently
// needs to be empty.
func (r *srvRoot) KeyManager(id string) (*keymanager.KeyManagerAPI, error) {
if id != "" {
return nil, common.ErrBadId
}
return keymanager.NewKeyManagerAPI(r.srv.state, r.resources, r)
}