func (s *keyManagerSuite) TestDeleteKeys(c *gc.C) {
key1 := sshtesting.ValidKeyOne.Key + " user@host"
key2 := sshtesting.ValidKeyTwo.Key
initialKeys := []string{key1, key2, "bad key"}
s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n"))
args := params.ModifyUserSSHKeys{
User: state.AdminUser,
Keys: []string{sshtesting.ValidKeyTwo.Fingerprint, sshtesting.ValidKeyThree.Fingerprint, "invalid-key"},
}
results, err := s.keymanager.DeleteKeys(args)
c.Assert(err, gc.IsNil)
c.Assert(results, gc.DeepEquals, params.ErrorResults{
Results: []params.ErrorResult{
{Error: nil},
{Error: apiservertesting.ServerError("invalid ssh key: " + sshtesting.ValidKeyThree.Fingerprint)},
{Error: apiservertesting.ServerError("invalid ssh key: invalid-key")},
},
})
s.assertEnvironKeys(c, []string{"bad key", key1})
}
func (s *keyManagerSuite) TestAddKeys(c *gc.C) {
key1 := sshtesting.ValidKeyOne.Key + " user@host"
key2 := sshtesting.ValidKeyTwo.Key
initialKeys := []string{key1, key2, "bad key"}
s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n"))
newKey := sshtesting.ValidKeyThree.Key + " newuser@host"
args := params.ModifyUserSSHKeys{
User: state.AdminUser,
Keys: []string{key2, newKey, "invalid-key"},
}
results, err := s.keymanager.AddKeys(args)
c.Assert(err, gc.IsNil)
c.Assert(results, gc.DeepEquals, params.ErrorResults{
Results: []params.ErrorResult{
{Error: apiservertesting.ServerError(fmt.Sprintf("duplicate ssh key: %s", key2))},
{Error: nil},
{Error: apiservertesting.ServerError("invalid ssh key: invalid-key")},
},
})
s.assertEnvironKeys(c, append(initialKeys, newKey))
}
func (s *keyManagerSuite) TestImportKeys(c *gc.C) {
s.PatchValue(&keymanager.RunSSHImportId, keymanagertesting.FakeImport)
key1 := sshtesting.ValidKeyOne.Key + " user@host"
key2 := sshtesting.ValidKeyTwo.Key
key3 := sshtesting.ValidKeyThree.Key
initialKeys := []string{key1, key2, "bad key"}
s.setAuthorisedKeys(c, strings.Join(initialKeys, "\n"))
args := params.ModifyUserSSHKeys{
User: state.AdminUser,
Keys: []string{"lp:existing", "lp:validuser", "invalid-key"},
}
results, err := s.keymanager.ImportKeys(args)
c.Assert(err, gc.IsNil)
c.Assert(results, gc.DeepEquals, params.ErrorResults{
Results: []params.ErrorResult{
{Error: apiservertesting.ServerError(fmt.Sprintf("duplicate ssh key: %s", key2))},
{Error: nil},
{Error: apiservertesting.ServerError("invalid ssh key id: invalid-key")},
},
})
s.assertEnvironKeys(c, append(initialKeys, key3))
}
// Since removing a user just deacitvates them you cannot add a user
// that has been previously been removed
// TODO(mattyw) 2014-03-07 bug #1288745
func (s *userManagerSuite) TestCannotAddRemoveAdd(c *gc.C) {
arg := params.EntityPassword{
Tag: "addremove",
Password: "******",
}
removeArg := params.Entity{
Tag: "foobar",
}
args := params.EntityPasswords{Changes: []params.EntityPassword{arg}}
removeArgs := params.Entities{Entities: []params.Entity{removeArg}}
_, err := s.usermanager.AddUser(args)
c.Assert(err, gc.IsNil)
_, err = s.usermanager.RemoveUser(removeArgs)
c.Assert(err, gc.IsNil)
_, err = s.State.User("addremove")
result, err := s.usermanager.AddUser(args)
expectedError := apiservertesting.ServerError("Failed to create user: user already exists")
c.Assert(result, gc.DeepEquals, params.ErrorResults{
Results: []params.ErrorResult{
params.ErrorResult{expectedError}}})
}
func (s *uniterSuite) TestReadRemoteSettings(c *gc.C) {
rel := s.addRelation(c, "wordpress", "mysql")
relUnit, err := rel.Unit(s.wordpressUnit)
c.Assert(err, gc.IsNil)
settings := map[string]interface{}{
"some": "settings",
}
err = relUnit.EnterScope(settings)
c.Assert(err, gc.IsNil)
s.assertInScope(c, relUnit, true)
// First test most of the invalid args tests and try to read the
// (unset) remote unit settings.
args := params.RelationUnitPairs{RelationUnitPairs: []params.RelationUnitPair{
{Relation: "relation-42", LocalUnit: "unit-foo-0", RemoteUnit: "foo"},
{Relation: rel.Tag(), LocalUnit: "unit-wordpress-0", RemoteUnit: "unit-wordpress-0"},
{Relation: rel.Tag(), LocalUnit: "unit-wordpress-0", RemoteUnit: "unit-mysql-0"},
{Relation: "relation-42", LocalUnit: "unit-wordpress-0", RemoteUnit: ""},
{Relation: "relation-foo", LocalUnit: "", RemoteUnit: ""},
{Relation: "service-wordpress", LocalUnit: "unit-foo-0", RemoteUnit: "user-admin"},
{Relation: "foo", LocalUnit: "bar", RemoteUnit: "baz"},
{Relation: rel.Tag(), LocalUnit: "unit-mysql-0", RemoteUnit: "unit-wordpress-0"},
{Relation: rel.Tag(), LocalUnit: "service-wordpress", RemoteUnit: "service-mysql"},
{Relation: rel.Tag(), LocalUnit: "service-mysql", RemoteUnit: "foo"},
{Relation: rel.Tag(), LocalUnit: "user-admin", RemoteUnit: "unit-wordpress-0"},
}}
result, err := s.uniter.ReadRemoteSettings(args)
// We don't set the remote unit settings on purpose to test the error.
expectErr := `cannot read settings for unit "mysql/0" in relation "wordpress:db mysql:server": settings not found`
c.Assert(err, gc.IsNil)
c.Assert(result, jc.DeepEquals, params.RelationSettingsResults{
Results: []params.RelationSettingsResult{
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ServerError(expectErr)},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
{Error: apiservertesting.ErrUnauthorized},
},
})
// Now leave the mysqlUnit and re-enter with new settings.
relUnit, err = rel.Unit(s.mysqlUnit)
c.Assert(err, gc.IsNil)
settings = map[string]interface{}{
"other": "things",
}
err = relUnit.LeaveScope()
c.Assert(err, gc.IsNil)
s.assertInScope(c, relUnit, false)
err = relUnit.EnterScope(settings)
c.Assert(err, gc.IsNil)
s.assertInScope(c, relUnit, true)
// Test the remote unit settings can be read.
args = params.RelationUnitPairs{RelationUnitPairs: []params.RelationUnitPair{{
Relation: rel.Tag(),
LocalUnit: "unit-wordpress-0",
RemoteUnit: "unit-mysql-0",
}}}
expect := params.RelationSettingsResults{
Results: []params.RelationSettingsResult{
{Settings: params.RelationSettings{
"other": "things",
}},
},
}
result, err = s.uniter.ReadRemoteSettings(args)
c.Assert(err, gc.IsNil)
c.Assert(result, gc.DeepEquals, expect)
// Now destroy the remote unit, and check its settings can still be read.
err = s.mysqlUnit.Destroy()
c.Assert(err, gc.IsNil)
err = s.mysqlUnit.EnsureDead()
c.Assert(err, gc.IsNil)
err = s.mysqlUnit.Remove()
c.Assert(err, gc.IsNil)
result, err = s.uniter.ReadRemoteSettings(args)
c.Assert(err, gc.IsNil)
c.Assert(result, gc.DeepEquals, expect)
}