cb8e7c1f8f
Moves everything OpenStack-specific (dashboards, apis, etc.) into the openstack_dashboard project, achieving a much cleaner separation between the project-specific code and the generic Horizon framework code. Change-Id: I7235b41d449b26c980668fc3eb4360b24508717b
197 lines
8.2 KiB
Python
197 lines
8.2 KiB
Python
# vim: tabstop=4 shiftwidth=4 softtabstop=4
|
|
|
|
# Copyright 2012 Nebula, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
import os
|
|
|
|
from django.core.exceptions import ValidationError
|
|
|
|
from horizon.test import helpers as test
|
|
from horizon.utils import fields
|
|
from horizon.utils import secret_key
|
|
|
|
|
|
class ValidatorsTests(test.TestCase):
|
|
def test_validate_ipv4_cidr(self):
|
|
GOOD_CIDRS = ("192.168.1.1/16",
|
|
"192.0.0.1/17",
|
|
"0.0.0.0/16",
|
|
"10.144.11.107/4",
|
|
"255.255.255.255/0",
|
|
"0.1.2.3/16",
|
|
"0.0.0.0/32",
|
|
# short form
|
|
"128.0/16",
|
|
"128/4")
|
|
BAD_CIDRS = ("255.255.255.256\\",
|
|
"256.255.255.255$",
|
|
"1.2.3.4.5/41",
|
|
"0.0.0.0/99",
|
|
"127.0.0.1/",
|
|
"127.0.0.1/33",
|
|
"127.0.0.1/-1",
|
|
"127.0.0.1/100",
|
|
# some valid IPv6 addresses
|
|
"fe80::204:61ff:254.157.241.86/4",
|
|
"fe80::204:61ff:254.157.241.86/0",
|
|
"2001:0DB8::CD30:0:0:0:0/60",
|
|
"2001:0DB8::CD30:0/90")
|
|
ip = fields.IPField(mask=True, version=fields.IPv4)
|
|
for cidr in GOOD_CIDRS:
|
|
self.assertIsNone(ip.validate(cidr))
|
|
for cidr in BAD_CIDRS:
|
|
self.assertRaises(ValidationError, ip.validate, cidr)
|
|
|
|
def test_validate_ipv6_cidr(self):
|
|
GOOD_CIDRS = ("::ffff:0:0/56",
|
|
"2001:0db8::1428:57ab/17",
|
|
"FEC0::/10",
|
|
"fe80::204:61ff:254.157.241.86/4",
|
|
"fe80::204:61ff:254.157.241.86/0",
|
|
"2001:0DB8::CD30:0:0:0:0/60",
|
|
"2001:0DB8::CD30:0/90",
|
|
"::1/128")
|
|
BAD_CIDRS = ("1111:2222:3333:4444:::/",
|
|
"::2222:3333:4444:5555:6666:7777:8888:\\",
|
|
":1111:2222:3333:4444::6666:1.2.3.4/1000",
|
|
"1111:2222::4444:5555:6666::8888@",
|
|
"1111:2222::4444:5555:6666:8888/",
|
|
"::ffff:0:0/129",
|
|
"1.2.3.4:1111:2222::5555//22",
|
|
"fe80::204:61ff:254.157.241.86/200",
|
|
# some valid IPv4 addresses
|
|
"10.144.11.107/4",
|
|
"255.255.255.255/0",
|
|
"0.1.2.3/16")
|
|
ip = fields.IPField(mask=True, version=fields.IPv6)
|
|
for cidr in GOOD_CIDRS:
|
|
self.assertIsNone(ip.validate(cidr))
|
|
for cidr in BAD_CIDRS:
|
|
self.assertRaises(ValidationError, ip.validate, cidr)
|
|
|
|
def test_validate_mixed_cidr(self):
|
|
GOOD_CIDRS = ("::ffff:0:0/56",
|
|
"2001:0db8::1428:57ab/17",
|
|
"FEC0::/10",
|
|
"fe80::204:61ff:254.157.241.86/4",
|
|
"fe80::204:61ff:254.157.241.86/0",
|
|
"2001:0DB8::CD30:0:0:0:0/60",
|
|
"0.0.0.0/16",
|
|
"10.144.11.107/4",
|
|
"255.255.255.255/0",
|
|
"0.1.2.3/16",
|
|
# short form
|
|
"128.0/16",
|
|
"10/4")
|
|
BAD_CIDRS = ("1111:2222:3333:4444::://",
|
|
"::2222:3333:4444:5555:6666:7777:8888:",
|
|
":1111:2222:3333:4444::6666:1.2.3.4/1/1",
|
|
"1111:2222::4444:5555:6666::8888\\2",
|
|
"1111:2222::4444:5555:6666:8888/",
|
|
"1111:2222::4444:5555:6666::8888/130",
|
|
"127.0.0.1/",
|
|
"127.0.0.1/33",
|
|
"127.0.0.1/-1")
|
|
ip = fields.IPField(mask=True, version=fields.IPv4 | fields.IPv6)
|
|
for cidr in GOOD_CIDRS:
|
|
self.assertIsNone(ip.validate(cidr))
|
|
for cidr in BAD_CIDRS:
|
|
self.assertRaises(ValidationError, ip.validate, cidr)
|
|
|
|
def test_validate_IPs(self):
|
|
GOOD_IPS_V4 = ("0.0.0.0",
|
|
"10.144.11.107",
|
|
"169.144.11.107",
|
|
"172.100.11.107",
|
|
"255.255.255.255",
|
|
"0.1.2.3")
|
|
GOOD_IPS_V6 = ("",
|
|
"::ffff:0:0",
|
|
"2001:0db8::1428:57ab",
|
|
"FEC0::",
|
|
"fe80::204:61ff:254.157.241.86",
|
|
"fe80::204:61ff:254.157.241.86",
|
|
"2001:0DB8::CD30:0:0:0:0")
|
|
BAD_IPS_V4 = ("1111:2222:3333:4444:::",
|
|
"::2222:3333:4444:5555:6666:7777:8888:",
|
|
":1111:2222:3333:4444::6666:1.2.3.4",
|
|
"1111:2222::4444:5555:6666::8888",
|
|
"1111:2222::4444:5555:6666:8888/",
|
|
"1111:2222::4444:5555:6666::8888/130",
|
|
"127.0.0.1/",
|
|
"127.0.0.1/33",
|
|
"127.0.0.1/-1")
|
|
BAD_IPS_V6 = ("1111:2222:3333:4444:::",
|
|
"::2222:3333:4444:5555:6666:7777:8888:",
|
|
":1111:2222:3333:4444::6666:1.2.3.4",
|
|
"1111:2222::4444:5555:6666::8888",
|
|
"1111:2222::4444:5555:6666:8888/",
|
|
"1111:2222::4444:5555:6666::8888/130")
|
|
ipv4 = fields.IPField(required=True, version=fields.IPv4)
|
|
ipv6 = fields.IPField(required=False, version=fields.IPv6)
|
|
ipmixed = fields.IPField(required=False,
|
|
version=fields.IPv4 | fields.IPv6)
|
|
|
|
for ip_addr in GOOD_IPS_V4:
|
|
self.assertIsNone(ipv4.validate(ip_addr))
|
|
self.assertIsNone(ipmixed.validate(ip_addr))
|
|
|
|
for ip_addr in GOOD_IPS_V6:
|
|
self.assertIsNone(ipv6.validate(ip_addr))
|
|
self.assertIsNone(ipmixed.validate(ip_addr))
|
|
|
|
for ip_addr in BAD_IPS_V4:
|
|
self.assertRaises(ValidationError, ipv4.validate, ip_addr)
|
|
self.assertRaises(ValidationError, ipmixed.validate, ip_addr)
|
|
|
|
for ip_addr in BAD_IPS_V6:
|
|
self.assertRaises(ValidationError, ipv6.validate, ip_addr)
|
|
self.assertRaises(ValidationError, ipmixed.validate, ip_addr)
|
|
|
|
self.assertRaises(ValidationError, ipv4.validate, "") # required=True
|
|
|
|
iprange = fields.IPField(required=False,
|
|
mask=True,
|
|
mask_range_from=10,
|
|
version=fields.IPv4 | fields.IPv6)
|
|
self.assertRaises(ValidationError, iprange.validate,
|
|
"fe80::204:61ff:254.157.241.86/6")
|
|
self.assertRaises(ValidationError, iprange.validate,
|
|
"169.144.11.107/8")
|
|
self.assertIsNone(iprange.validate("fe80::204:61ff:254.157.241.86/36"))
|
|
self.assertIsNone(iprange.validate("169.144.11.107/18"))
|
|
|
|
|
|
class SecretKeyTests(test.TestCase):
|
|
def test_generate_secret_key(self):
|
|
key = secret_key.generate_key(32)
|
|
self.assertEqual(len(key), 32)
|
|
self.assertNotEqual(key, secret_key.generate_key(32))
|
|
|
|
def test_generate_or_read_key_from_file(self):
|
|
key_file = ".test_secret_key_store"
|
|
key = secret_key.generate_or_read_from_file(key_file)
|
|
|
|
# Consecutive reads should come from the already existing file:
|
|
self.assertEqual(key, secret_key.generate_or_read_from_file(key_file))
|
|
|
|
# Key file only be read/writable by user:
|
|
self.assertEqual(oct(os.stat(key_file).st_mode & 0777), "0600")
|
|
os.chmod(key_file, 0777)
|
|
self.assertRaises(secret_key.FilePermissionError,
|
|
secret_key.generate_or_read_from_file, key_file)
|
|
os.remove(key_file)
|