particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/test_composer_auth.py
robojerk 4eeaa43c39
Some checks failed
Tests / 🛃 Unit tests (push) Failing after 13s
Details
Tests / 🗄 DB tests (push) Failing after 19s
Details
Tests / 🐍 Lint python scripts (push) Failing after 1s
Details
Tests / ⌨ Golang Lint (push) Failing after 1s
Details
Tests / 📦 Packit config lint (push) Failing after 1s
Details
Tests / 🔍 Check source preparation (push) Failing after 1s
Details
Tests / 🔍 Check for valid snapshot urls (push) Failing after 1s
Details
Tests / 🔍 Check for missing or unused runner repos (push) Failing after 1s
Details
Tests / 🐚 Shellcheck (push) Failing after 1s
Details
Tests / 📦 RPMlint (push) Failing after 1s
Details
Tests / Gitlab CI trigger helper (push) Failing after 1s
Details
Tests / 🎀 kube-linter (push) Failing after 1s
Details
Tests / 🧹 cloud-cleaner-is-enabled (push) Successful in 3s
Details
Tests / 🔍 Check spec file osbuild/images dependencies (push) Failing after 1s
Details
did stuff
2025-08-26 10:34:42 -07:00

206 lines
6.9 KiB
Python
Raw Permalink Blame History

#!/usr/bin/env python3
"""
Test script for Debian Forge Composer Client with Authentication
This script tests the enhanced composer client functionality including:
- User authentication
- Permission-based access control
- Secure API operations
"""
from composer_client import ComposerClient
from user_management import UserManager
import os
def test_composer_authentication():
"""Test the composer client authentication and permissions"""
# Use a test database
test_db = "test_users.db"
# Clean up any existing test database
if os.path.exists(test_db):
os.remove(test_db)
print("🧪 Testing Debian Forge Composer Client Authentication")
print("=" * 60)
# Initialize user manager and create test users
user_mgr = UserManager(test_db)
# Create test users
user_mgr.create_user("admin", "admin@debian-forge.org", "admin123", "admin")
user_mgr.create_user("user1", "user1@debian-forge.org", "user123", "user")
user_mgr.create_user("viewer1", "viewer1@debian-forge.org", "viewer123", "viewer")
print("✅ Test users created")
# Test 1: Composer client without authentication
print("\n1. Testing composer client without authentication...")
client_no_auth = ComposerClient()
# Should not have any permissions
if not client_no_auth.check_permission("read"):
print(" ✅ Unauthenticated client correctly has no permissions")
else:
print(" ❌ Unauthenticated client incorrectly has permissions")
return False
# Test 2: Composer client with admin authentication
print("\n2. Testing composer client with admin authentication...")
client_admin = ComposerClient(username="admin", password="admin123")
# Admin should have all permissions
if client_admin.check_permission("read"):
print(" ✅ Admin client can read")
else:
print(" ❌ Admin client cannot read")
return False
if client_admin.check_permission("build"):
print(" ✅ Admin client can build")
else:
print(" ❌ Admin client cannot build")
return False
if client_admin.check_permission("admin"):
print(" ✅ Admin client can admin")
else:
print(" ❌ Admin client cannot admin")
return False
# Test 3: Composer client with user authentication
print("\n3. Testing composer client with user authentication...")
client_user = ComposerClient(username="user1", password="user123")
# User should have read and build permissions
if client_user.check_permission("read"):
print(" ✅ User client can read")
else:
print(" ❌ User client cannot read")
return False
if client_user.check_permission("build"):
print(" ✅ User client can build")
else:
print(" ❌ User client cannot build")
return False
if not client_user.check_permission("admin"):
print(" ✅ User client correctly cannot admin")
else:
print(" ❌ User client incorrectly can admin")
return False
# Test 4: Composer client with viewer authentication
print("\n4. Testing composer client with viewer authentication...")
client_viewer = ComposerClient(username="viewer1", password="viewer123")
# Viewer should only have read permissions
if client_viewer.check_permission("read"):
print(" ✅ Viewer client can read")
else:
print(" ❌ Viewer client cannot read")
return False
if not client_viewer.check_permission("build"):
print(" ✅ Viewer client correctly cannot build")
else:
print(" ❌ Viewer client incorrectly can build")
return False
if not client_viewer.check_permission("admin"):
print(" ✅ Viewer client correctly cannot admin")
else:
print(" ❌ Viewer client incorrectly can admin")
return False
# Test 5: Dynamic authentication
print("\n5. Testing dynamic authentication...")
client_dynamic = ComposerClient()
# Initially no permissions
if not client_dynamic.check_permission("read"):
print(" ✅ Dynamic client initially has no permissions")
else:
print(" ❌ Dynamic client initially has permissions")
return False
# Authenticate as admin
client_dynamic.authenticate("admin", "admin123")
# Now should have admin permissions
if client_dynamic.check_permission("admin"):
print(" ✅ Dynamic client can admin after authentication")
else:
print(" ❌ Dynamic client cannot admin after authentication")
return False
# Test 6: Permission-based method access
print("\n6. Testing permission-based method access...")
# Create a test blueprint file
test_blueprint = "test-blueprint.json"
with open(test_blueprint, 'w') as f:
f.write('{"name": "test", "version": "0.0.1"}')
# Admin should be able to submit blueprint
try:
client_admin.submit_blueprint(test_blueprint)
print(" ✅ Admin can submit blueprint (permission check passed)")
except PermissionError:
print(" ❌ Admin cannot submit blueprint (permission check failed)")
return False
except Exception as e:
# Expected to fail due to no actual composer server, but permission check should pass
if "permission" in str(e).lower():
print(" ❌ Admin permission check failed")
return False
else:
print(" ✅ Admin can submit blueprint (permission check passed, server error expected)")
# Viewer should not be able to submit blueprint
try:
client_viewer.submit_blueprint(test_blueprint)
print(" ❌ Viewer incorrectly can submit blueprint")
return False
except PermissionError:
print(" ✅ Viewer correctly cannot submit blueprint")
except Exception as e:
if "permission" in str(e).lower():
print(" ✅ Viewer correctly cannot submit blueprint")
else:
print(" ❌ Viewer permission check failed")
return False
# Clean up test files
if os.path.exists(test_blueprint):
os.remove(test_blueprint)
print("\n" + "=" * 60)
print("🎉 All composer authentication tests passed successfully!")
# Clean up test database
if os.path.exists(test_db):
os.remove(test_db)
print("🧹 Test database cleaned up")
return True
if __name__ == "__main__":
try:
success = test_composer_authentication()
if success:
print("\n✅ Composer client authentication is working correctly")
exit(0)
else:
print("\n❌ Composer client authentication has issues")
exit(1)
except Exception as e:
print(f"\n💥 Test failed with exception: {e}")
exit(1)
Reference in a new issue View git blame Copy permalink