~launchpad-pqm/launchpad/devel

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# Copyright 2011 Canonical Ltd.  This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).

"""Tests the security.cfg auditor."""

__metaclass__ = type

from lp.scripts.utilities.settingsauditor import SettingsAuditor
from lp.testing import TestCase
from lp.testing.layers import BaseLayer


class TestAuditSecuritySettings(TestCase):

    layer = BaseLayer

    def setUp(self):
        super(TestAuditSecuritySettings, self).setUp()
        self.test_settings = (
            '# This is the header.\n'
            '[good]\n'
            'public.foo = SELECT\n'
            'public.bar = SELECT, INSERT\n'
            'public.baz = SELECT\n'
            '\n'
            '[bad]\n'
            'public.foo = SELECT\n'
            'public.bar = SELECT, INSERT\n'
            'public.bar = SELECT\n'
            'public.baz = SELECT')

    def test_getHeader(self):
        sa = SettingsAuditor(self.test_settings)
        header = sa._getHeader()
        self.assertEqual(
            header,
            '# This is the header.\n')

    def test_extract_config_blocks(self):
        test_settings = self.test_settings.replace(
            '# This is the header.\n', '')
        sa = SettingsAuditor(test_settings)
        sa._separateConfigBlocks()
        self.assertContentEqual(
            ['[good]', '[bad]'],
            sa.config_blocks.keys())

    def test_audit_block(self):
        sa = SettingsAuditor('')
        test_block = (
            '[bad]\n'
            'public.foo = SELECT\n'
            'public.bar = SELECT, INSERT\n'
            'public.bar = SELECT\n'
            'public.baz = SELECT\n')
        sa.config_blocks = {'[bad]': test_block}
        sa.config_labels = ['[bad]']
        sa._processBlocks()
        expected = (
            '[bad]\n'
            'public.bar = SELECT\n'
            'public.bar = SELECT, INSERT\n'
            'public.baz = SELECT\n'
            'public.foo = SELECT')
        self.assertEqual(expected, sa.config_blocks['[bad]'])
        expected_error = '[bad]\n\tDuplicate setting found: public.bar'
        self.assertTrue(expected_error in sa.error_data)

    def test_audit(self):
        sa = SettingsAuditor(self.test_settings)
        new_settings = sa.audit()
        expected_settings = (
            '# This is the header.\n'
            '[good]\n'
            'public.bar = SELECT, INSERT\n'
            'public.baz = SELECT\n'
            'public.foo = SELECT\n'
            '\n'
            '[bad]\n'
            'public.bar = SELECT\n'
            'public.bar = SELECT, INSERT\n'
            'public.baz = SELECT\n'
            'public.foo = SELECT')
        self.assertEqual(expected_settings, new_settings)

    def test_comments_stipped(self):
        sa = SettingsAuditor('')
        test_data = (
            '#[foo]\n'
            '#public.foo = SELECT\n')
        data = sa._strip(test_data)
        self.assertEqual('', data)