sdk/pam/tests/test_integration.py

   1 import os
   2 if os.path.exists('/usr/share/pam-configs/arvados') and os.getuid() == 0:
   3     """These tests assume we are running (in a docker container) with
   4     arvados_pam configured and a test API server running.
   5     """
   6     import pam
   7     import unittest
   8
   9     # From services/api/test/fixtures/api_client_authorizations.yml
  10     # because that file is not available during integration tests:
  11     ACTIVE_TOKEN = '3kg6k6lzmp9kj5cpkcoxie963cmvjahbt2fod9zru30k1jqdmi'
  12     SPECTATOR_TOKEN = 'zw2f4gwx8hw8cjre7yp6v1zylhrhn3m5gvjq73rtpwhmknrybu'
  13
  14     class IntegrationTest(unittest.TestCase):
  15         def setUp(self):
  16             self.p = pam.pam()
  17
  18         def test_allow(self):
  19             self.assertTrue(self.p.authenticate('active', ACTIVE_TOKEN, service='login'))
  20
  21         def test_deny_bad_token(self):
  22             self.assertFalse(self.p.authenticate('active', 'thisisaverybadtoken', service='login'))
  23
  24         def test_deny_empty_token(self):
  25             self.assertFalse(self.p.authenticate('active', '', service='login'))
  26
  27         def test_deny_permission(self):
  28             self.assertFalse(self.p.authenticate('spectator', SPECTATOR_TOKEN, service='login'))