1
diff --git a/README b/README
2
index 6171594..ab1584e 100644
3
--- a/README
4
+++ b/README
5
@@ -6,3 +6,26 @@ This repo contains a client to adminster a snapstore.
6
6
After authenticating with a snapstore the administrator can:
6
After authenticating with a snapstore the administrator can:
7
7
7
8
8
  - manage revision overrides
8
  - manage revision overrides
9
9
10
10
Building
11
11
--------
12
12
13
13
You may wish to perform these installations inside a LXD container.
14
14
15
15
Install the dependencies::
16
16
17
17
  cat dependencies | xargs sudo apt install -y
18
18
19
19
Create the environment
20
20
----------------------
21
21
22
22
Use the Makefile::
23
23
24
24
  make bootstrap
25
25
26
26
Running for development
27
27
-----------------------
28
28
29
29
The virtualenv environment is setup in /tmp::
30
30
31
31
  /tmp/snapstore-client.tmp/env/bin/python snapstore
32
diff --git a/snapstore b/snapstore
33
index a21a8a1..cd67b71 100755
34
--- a/snapstore
35
+++ b/snapstore
36
@@ -7,6 +7,7 @@
37
7
7
38
8
import argparse
8
import argparse
39
9
import logging
9
import logging
40
10
import os
41
10
import sys
11
import sys
42
11
12
43
12
from snapstore_client.cli import configure_logging
13
from snapstore_client.cli import configure_logging
44
@@ -16,6 +17,7 @@ from snapstore_client.logic.overrides import (
45
16
    list_overrides,
17
    list_overrides,
46
17
    override,
18
    override,
47
18
)
19
)
48
20
from snapstore_client.logic.push import push_snap
49
19
21
50
20
22
51
21
DEFAULT_SSO_URL = 'https://login.ubuntu.com/'
23
DEFAULT_SSO_URL = 'https://login.ubuntu.com/'
52
@@ -44,6 +46,8 @@ def parse_args():
53
44
    login_parser.add_argument('email', help='Ubuntu One SSO email', nargs='?')
46
    login_parser.add_argument('email', help='Ubuntu One SSO email', nargs='?')
54
45
    login_parser.add_argument('--sso-url', help='Ubuntu One SSO URL',
47
    login_parser.add_argument('--sso-url', help='Ubuntu One SSO URL',
55
46
                              default=DEFAULT_SSO_URL)
48
                              default=DEFAULT_SSO_URL)
56
49
    login_parser.add_argument('--offline', help="Use offline mode interaction",
57
50
                              action='store_true')
58
47
    login_parser.set_defaults(func=login)
51
    login_parser.set_defaults(func=login)
59
48
52
60
49
    list_overrides_parser = subparsers.add_parser(
53
    list_overrides_parser = subparsers.add_parser(
61
@@ -55,6 +59,11 @@ def parse_args():
62
55
    list_overrides_parser.add_argument(
59
    list_overrides_parser.add_argument(
63
56
        'snap_name',
60
        'snap_name',
64
57
        help='The name of the snap whose channel map should be listed.')
61
        help='The name of the snap whose channel map should be listed.')
65
62
    list_overrides_parser.add_argument(
66
63
        '--password',
67
64
        help='Password for interacting with an offline proxy',
68
65
        default=os.environ.get('SNAP_PROXY_PASSWORD')
69
66
    )
70
58
    list_overrides_parser.set_defaults(func=list_overrides)
67
    list_overrides_parser.set_defaults(func=list_overrides)
71
59
68
72
60
    override_parser = subparsers.add_parser(
69
    override_parser = subparsers.add_parser(
73
@@ -69,6 +78,11 @@ def parse_args():
74
69
    override_parser.add_argument(
78
    override_parser.add_argument(
75
70
        'channel_map_entries', nargs='+', metavar='channel_map_entry',
79
        'channel_map_entries', nargs='+', metavar='channel_map_entry',
76
71
        help='A channel map override, in the form <channel>=<revision>.')
80
        help='A channel map override, in the form <channel>=<revision>.')
77
81
    override_parser.add_argument(
78
82
        '--password',
79
83
        help='Password for interacting with an offline proxy',
80
84
        default=os.environ.get('SNAP_PROXY_PASSWORD')
81
85
    )
82
72
    override_parser.set_defaults(func=override)
86
    override_parser.set_defaults(func=override)
83
73
87
84
74
    delete_override_parser = subparsers.add_parser(
88
    delete_override_parser = subparsers.add_parser(
85
@@ -83,8 +97,30 @@ def parse_args():
86
83
    delete_override_parser.add_argument(
97
    delete_override_parser.add_argument(
87
84
        'channels', nargs='+', metavar='channel',
98
        'channels', nargs='+', metavar='channel',
88
85
        help='A channel whose overrides should be deleted.')
99
        help='A channel whose overrides should be deleted.')
89
100
    delete_override_parser.add_argument(
90
101
        '--password',
91
102
        help='Password for interacting with an offline proxy',
92
103
        default=os.environ.get('SNAP_PROXY_PASSWORD')
93
104
    )
94
86
    delete_override_parser.set_defaults(func=delete_override)
105
    delete_override_parser.set_defaults(func=delete_override)
95
87
106
96
107
    push_snap_parser = subparsers.add_parser(
97
108
        'push-snap', help='push a snap to an offline proxy')
98
109
    push_snap_parser.add_argument(
99
110
        'snap_tar_file',
100
111
        help='The .tar.gz file of a bundled downloaded snap')
101
112
    push_snap_parser.add_argument(
102
113
        '--push-channel-map',
103
114
        action='store_true',
104
115
        help="Force push of the channel map,"
105
116
             " removing any existing overrides")
106
117
    push_snap_parser.add_argument(
107
118
        '--password',
108
119
        help='Password for interacting with an offline proxy',
109
120
        default=os.environ.get('SNAP_PROXY_PASSWORD')
110
121
    )
111
122
    push_snap_parser.set_defaults(func=push_snap)
112
123
113
88
    if len(sys.argv) == 1:
124
    if len(sys.argv) == 1:
114
89
        # Display help if no arguments are provided.
125
        # Display help if no arguments are provided.
115
90
        parser.print_help()
126
        parser.print_help()
116
diff --git a/snapstore_client/logic/login.py b/snapstore_client/logic/login.py
117
index 7d3a313..9550988 100644
118
--- a/snapstore_client/logic/login.py
119
+++ b/snapstore_client/logic/login.py
120
@@ -31,6 +31,13 @@ def login(args):
121
31
    gw_url = args.store_url
31
    gw_url = args.store_url
122
32
    sso_url = args.sso_url
32
    sso_url = args.sso_url
123
33
33
124
34
    if args.offline:
125
35
        cfg = config.Config()
126
36
        store = cfg.store_section('default')
127
37
        store.set('gw_url', gw_url)
128
38
        cfg.save()
129
39
        return
130
40
131
34
    logger.info('Enter your Ubuntu One SSO credentials.')
41
    logger.info('Enter your Ubuntu One SSO credentials.')
132
35
    email = args.email
42
    email = args.email
133
36
    if not email:
43
    if not email:
134
diff --git a/snapstore_client/logic/overrides.py b/snapstore_client/logic/overrides.py
135
index 667bd0a..d3c8356 100644
136
--- a/snapstore_client/logic/overrides.py
137
+++ b/snapstore_client/logic/overrides.py
138
@@ -13,34 +13,16 @@ from snapstore_client.presentation_helpers import (
139
13
    channel_map_string_to_tuple,
13
    channel_map_string_to_tuple,
140
14
    override_to_string,
14
    override_to_string,
141
15
)
15
)
142
16
from snapstore_client.utils import (
143
17
    _check_default_store,
144
18
    _log_authorized_error,
145
19
    _log_credentials_error,
146
20
)
147
16
21
148
17
22
149
18
logger = logging.getLogger(__name__)
23
logger = logging.getLogger(__name__)
150
19
24
151
20
25
152
21
def _log_credentials_error(e):
153
22
    logger.error('%s', e)
154
23
    logger.error('Try to "snap-store-proxy-client login" again.')
155
24
156
25
157
26
def _log_authorized_error():
158
27
    logger.error(("Perhaps you have not been registered as an "
159
28
                  "admin with the proxy."))
160
29
    logger.error("Try 'snap-proxy add-admin' on the proxy host.")
161
30
162
31
163
32
def _check_default_store(cfg):
164
33
    """Load the default store from the config."""
165
34
    store = cfg.store_section('default')
166
35
    # If the gw URL is configured then everything else should be too.
167
36
    if not store.get('gw_url'):
168
37
        logger.error(
169
38
            'No store configuration found. '
170
39
            'Have you run "snap-store-proxy-client login"?')
171
40
        return None
172
41
    return store
173
42
174
43
175
44
def list_overrides(args):
26
def list_overrides(args):
176
45
    cfg = config.Config()
27
    cfg = config.Config()
177
46
    store = _check_default_store(cfg)
28
    store = _check_default_store(cfg)
178
@@ -48,9 +30,14 @@ def list_overrides(args):
179
48
        return 1
30
        return 1
180
49
31
181
50
    try:
32
    try:
185
51
        response = ws.refresh_if_necessary(
33
        if args.password:
186
52
            store, ws.get_overrides,
34
            response = ws.get_overrides(
187
53
            store, args.snap_name, series=args.series)
35
                store, args.snap_name,
188
36
                series=args.series, password=args.password)
189
37
        else:
190
38
            response = ws.refresh_if_necessary(
191
39
                store, ws.get_overrides,
192
40
                store, args.snap_name, series=args.series)
193
54
    except exceptions.InvalidCredentials as e:
41
    except exceptions.InvalidCredentials as e:
194
55
        _log_credentials_error(e)
42
        _log_credentials_error(e)
195
56
        return 1
43
        return 1
196
@@ -77,9 +64,13 @@ def override(args):
197
77
            'series': args.series,
64
            'series': args.series,
198
78
        })
65
        })
199
79
    try:
66
    try:
203
80
        response = ws.refresh_if_necessary(
67
        if args.password:
204
81
            store, ws.set_overrides,
68
            response = ws.set_overrides(
205
82
            store, overrides)
69
                store, overrides, password=args.password)
206
70
        else:
207
71
            response = ws.refresh_if_necessary(
208
72
                store, ws.set_overrides,
209
73
                store, overrides)
210
83
    except exceptions.InvalidCredentials as e:
74
    except exceptions.InvalidCredentials as e:
211
84
        _log_credentials_error(e)
75
        _log_credentials_error(e)
212
85
        return 1
76
        return 1
213
@@ -105,9 +96,13 @@ def delete_override(args):
214
105
            'series': args.series,
96
            'series': args.series,
215
106
        })
97
        })
216
107
    try:
98
    try:
220
108
        response = ws.refresh_if_necessary(
99
        if args.password:
221
109
            store, ws.set_overrides,
100
            response = ws.set_overrides(
222
110
            store, overrides)
101
                store, overrides, password=args.password)
223
102
        else:
224
103
            response = ws.refresh_if_necessary(
225
104
                store, ws.set_overrides,
226
105
                store, overrides)
227
111
    except exceptions.InvalidCredentials as e:
106
    except exceptions.InvalidCredentials as e:
228
112
        _log_credentials_error(e)
107
        _log_credentials_error(e)
229
113
        return 1
108
        return 1
230
diff --git a/snapstore_client/logic/push.py b/snapstore_client/logic/push.py
231
114
new file mode 100644
109
new file mode 100644
232
index 0000000..abd06e8
233
--- /dev/null
234
+++ b/snapstore_client/logic/push.py
235
@@ -0,0 +1,306 @@
236
1
import json
237
2
import logging
238
3
from pathlib import Path
239
4
import tarfile
240
5
import tempfile
241
6
from urllib.parse import urlsplit, urlunsplit
242
7
243
8
import requests
244
9
from requests.exceptions import HTTPError
245
10
246
11
from snapstore_client import (
247
12
    config,
248
13
    exceptions,
249
14
)
250
15
from snapstore_client.utils import (
251
16
    _check_default_store,
252
17
    _log_authorized_error,
253
18
    _log_credentials_error,
254
19
)
255
20
256
21
logger = logging.getLogger(__name__)
257
22
258
23
259
24
# XXX twom 2019-03-19 hardcoded for now, awaiting RBAC integration
260
25
USERNAME = 'admin'
261
26
262
27
263
28
class pushException(Exception):
264
29
    pass
265
30
266
31
267
32
class ChannelMapExistsException(Exception):
268
33
    pass
269
34
270
35
271
36
def _push_ident(store, password, downloaded_map):
272
37
    """push the snap details to snapident"""
273
38
274
39
    snap_id = downloaded_map['snap-id']
275
40
    snap_details = downloaded_map['snap']
276
41
    push_details = {
277
42
        'snap_id': snap_id,
278
43
        'snap_name': snap_details['name'],
279
44
        'private': False,  # If you're pushing to your own proxy
280
45
        'stores': ['ubuntu'],  # ditto
281
46
        'blob': snap_details,
282
47
        'publisher_id': snap_details['publisher']['id'],
283
48
        'publisher_name': snap_details['publisher']['display-name'],
284
49
        'publisher_title': snap_details['publisher']['username'],
285
50
        'publisher_validation': snap_details['publisher']['validation'],
286
51
        'license': snap_details['license'],
287
52
        'prices': snap_details['prices'],
288
53
        'summary': snap_details['summary'],
289
54
        'title': snap_details['title'],
290
55
    }
291
56
292
57
    url = store.get('gw_url')
293
58
294
59
    response = requests.post(
295
60
        url + '/snaps/update',
296
61
        json={'snaps': [push_details]},
297
62
        auth=requests.auth.HTTPBasicAuth(USERNAME, password)
298
63
    )
299
64
    if response.status_code != 200:
300
65
        raise pushException(
301
66
            "Failure in pushing to snapident: {}".format(
302
67
                response.content))
303
68
304
69
305
70
def _push_revs(store, password, downloaded_map):
306
71
    """push the revision information to snaprevs"""
307
72
    store_url = store.get('gw_url')
308
73
309
74
    snap_id = downloaded_map['snap-id']
310
75
    for instance in downloaded_map['channel-map']:
311
76
        # rewrite the download_url
312
77
        download_url = instance['download']['url']
313
78
314
79
        url = urlsplit(download_url)
315
80
        fqdn = urlsplit(store_url)
316
81
        # Rewrite scheme and location
317
82
        download_url = urlunsplit(url._replace(scheme=fqdn[0], netloc=fqdn[1]))
318
83
319
84
        # create the revision
320
85
        rev = {
321
86
            'snap_id': snap_id,
322
87
            'revision': instance['revision'],
323
88
            'version': instance['version'],
324
89
            'confinement': instance['confinement'],
325
90
            'architectures': instance['architectures'],
326
91
            'created_at': instance['created-at'],
327
92
            # This is required, but isn't available to retrieve from /info
328
93
            'created_by': '',
329
94
            'binary_path': download_url,
330
95
            'binary_filesize': instance['download']['size'],
331
96
            'binary_sha3_384': instance['download']['sha3-384'],
332
97
            'snap_yaml': instance.get('snap-yaml', ''),
333
98
            'epoch': instance['epoch'],
334
99
            'type': instance['type'],
335
100
            'base': instance['base'],
336
101
            'common_ids': instance['common-ids'],
337
102
        }
338
103
        revs_response = requests.post(
339
104
            store_url + '/revisions/create',
340
105
            json=[rev],
341
106
            auth=requests.auth.HTTPBasicAuth(USERNAME, password)
342
107
        )
343
108
        # 409 / Conflict - already exists
344
109
        if revs_response.status_code not in [201, 409]:
345
110
            raise pushException(
346
111
                "Failure to push revisions to snaprevs: {}".format(
347
112
                    revs_response.content))
348
113
349
114
350
115
def _push_channelmap(store, password, downloaded_map, force_push=False):
351
116
    """push the channel map to snaprevs"""
352
117
    store_url = store.get('gw_url')
353
118
354
119
    snap_id = downloaded_map['snap-id']
355
120
356
121
    # Check if we have an existing channel map
357
122
    existing = requests.post(
358
123
        store_url + '/channelmaps/filter',
359
124
        json={'filters': [{'series': '16', 'snap_id': snap_id}]},
360
125
        auth=requests.auth.HTTPBasicAuth(USERNAME, password))
361
126
    if existing.status_code != 200:
362
127
        raise pushException("Error retrieving current channelmap")
363
128
    if existing.json().get('channelmaps') and not force_push:
364
129
        raise ChannelMapExistsException("Channel map already exists.")
365
130
366
131
    for instance in downloaded_map['channel-map']:
367
132
        if instance['channel']['track'] == 'latest':
368
133
            track = None
369
134
        else:
370
135
            track = instance['channel']['track']
371
136
        chan_map = {
372
137
            # This is wrong, it should be the current developer id
373
138
            # but the pusher might not be a developer
374
139
            # XXX (twom): can we get this from upstream?
375
140
            'developer_id': downloaded_map['snap']['publisher']['id'],
376
141
            'release_requests': [
377
142
                {
378
143
                    'snap_id': snap_id,
379
144
                    'channel': [
380
145
                        track,
381
146
                        instance['channel']['risk'],
382
147
                        None,  # We can't deal in 'branch', it's not on the API
383
148
                    ],
384
149
                    'architecture': instance['channel']['architecture'],
385
150
                    'series': '16',
386
151
                    'revision': instance['revision']
387
152
                }
388
153
            ]
389
154
        }
390
155
        map_response = requests.post(
391
156
            store_url + '/channelmaps/update',
392
157
            json=chan_map,
393
158
            auth=requests.auth.HTTPBasicAuth(USERNAME, password)
394
159
        )
395
160
        if map_response.status_code != 200:
396
161
            raise pushException("Error pushing channel map")
397
162
398
163
399
164
def _load_assertion_file(assert_path):
400
165
    with open(str(assert_path)) as assert_file:
401
166
        raw_contents = assert_file.read().splitlines()
402
167
    return raw_contents
403
168
404
169
405
170
def _split_assertions(raw_contents):
406
171
    # split the file into separate asserts
407
172
    available_asserts = []
408
173
    current_assert = []
409
174
    for line in raw_contents:
410
175
        # if we've encountered a new assert, save the old one, start a new one
411
176
        if line.startswith('type: ') and current_assert:
412
177
            available_asserts.append(current_assert)
413
178
            current_assert = []
414
179
        current_assert.append(line)
415
180
    # account for the last one in the file
416
181
    available_asserts.append(current_assert)
417
182
418
183
    # Because we've split the file, we've ended up with the newlines
419
184
    # from between the concatenated asserts.
420
185
    # Remove it from the ones that have it so they're clean to push
421
186
    for assertion in available_asserts:
422
187
        assertion[:] = assertion[:-1] if assertion[-1] == '' else assertion
423
188
    return available_asserts
424
189
425
190
426
191
def _add_assertion_to_service(store, password, list_assertions):
427
192
    store_url = store.get('gw_url')
428
193
429
194
    # push the split asserts
430
195
    for assertion in list_assertions:
431
196
        # get the type
432
197
        assert_type = assertion[0].split('type: ')[1]
433
198
        # ignore the account-key of canonical, it's already a trusted assert
434
199
        # and will error on push
435
200
        canonical_key = 'account-id: canonical'
436
201
        if (assert_type == 'account-key' and canonical_key in assertion):
437
202
            continue
438
203
        if (assert_type == 'account' and canonical_key in assertion):
439
204
            continue
440
205
        response = requests.post(
441
206
            store_url + '/v1/assertions',
442
207
            '\n'.join(assertion),
443
208
            headers={'Content-Type': 'application/x.ubuntu.assertion'},
444
209
            auth=requests.auth.HTTPBasicAuth(USERNAME, password))
445
210
        if response.status_code != 201:
446
211
            raise pushException(
447
212
                "Failed to push: {} - {}".format(
448
213
                    response.status_code, response.content))
449
214
450
215
451
216
def _push_assertions(store, password, assert_path):
452
217
    """Split a .assert and push individual assertions to snapassert"""
453
218
454
219
    # load the file
455
220
    raw_contents = _load_assertion_file(assert_path)
456
221
    # split the assert file into single assertions for push
457
222
    current_asserts = _split_assertions(raw_contents)
458
223
    # push the assertions to the internal snap-assertion-service
459
224
    try:
460
225
        _add_assertion_to_service(store, password, current_asserts)
461
226
    except pushException:
462
227
        raise pushException("Assertion file: {}".format(assert_path))
463
228
464
229
465
230
def _push_file_to_nginx_cache(store, password, snap_path, snap_id, revision):
466
231
    """Add the file to the nginx cache via the snapproxy service"""
467
232
    store_url = store.get('gw_url')
468
233
    target_filename = '{}_{}.snap'.format(snap_id, revision)
469
234
    files = {target_filename: open(snap_path, 'rb')}
470
235
    response = requests.post(
471
236
        store_url + '/files/upload',
472
237
        files=files,
473
238
        auth=requests.auth.HTTPBasicAuth(USERNAME, password))
474
239
    if response.status_code != 200:
475
240
        print(response.status_code)
476
241
        raise pushException("Failed to push file to proxy cache")
477
242
478
243
479
244
def _push(store, tar_file, password, force_channel_map=False):
480
245
    """
481
246
    push a given .snap with matching .assert and .json
482
247
    to an offline proxy
483
248
    """
484
249
    extract_dir = Path(tempfile.mkdtemp())
485
250
    with tarfile.open(str(tar_file), 'r:gz') as tar:
486
251
        tar.extractall(str(extract_dir))
487
252
488
253
    json_file = extract_dir / 'channel-map.json'
489
254
    json_path = Path(json_file)
490
255
    if not json_path.exists():
491
256
        logger.error("Snap information file not found at {}".format(json_path))
492
257
        return
493
258
494
259
    with json_path.open() as fh:
495
260
        downloaded_map = json.load(fh)
496
261
497
262
    _push_ident(store, password, downloaded_map)
498
263
    _push_revs(store, password, downloaded_map)
499
264
    try:
500
265
        _push_channelmap(
501
266
            store, password, downloaded_map, force_channel_map)
502
267
    except ChannelMapExistsException as e:
503
268
        logger.info(str(e))
504
269
        logger.info(
505
270
            "Not updating the channel map, either manage revisions using "
506
271
            "`snap-proxy override` or try again with `--push-channel-map`")
507
272
508
273
    for instance in downloaded_map['channel-map']:
509
274
        snap_name = downloaded_map['snap']['name']
510
275
        snap_file_name = '{}_{}.snap'.format(
511
276
            snap_name, instance['revision'])
512
277
        assert_file_name = '{}_{}.assert'.format(
513
278
            snap_name, instance['revision'])
514
279
        snap_path = str(json_path.parent / snap_file_name)
515
280
        assert_path = str(json_path.parent / assert_file_name)
516
281
        _push_file_to_nginx_cache(
517
282
            store, password, snap_path,
518
283
            downloaded_map['snap-id'], instance['revision'])
519
284
        _push_assertions(store, password, assert_path)
520
285
521
286
522
287
def push_snap(args):
523
288
    cfg = config.Config()
524
289
    store = _check_default_store(cfg)
525
290
    if not store:
526
291
        return 1
527
292
528
293
    try:
529
294
        if args.password:
530
295
            _push(store, args.snap_tar_file,
531
296
                  args.password, args.push_channel_map)
532
297
        else:
533
298
            logger.error(
534
299
                "This command only works with a supplied password"
535
300
                " and a proxy in offline mode")
536
301
    except exceptions.InvalidCredentials as e:
537
302
        _log_credentials_error(e)
538
303
        return 1
539
304
    except HTTPError:
540
305
        _log_authorized_error()
541
306
        return 1
542
diff --git a/snapstore_client/logic/tests/test-snap-assert.assert b/snapstore_client/logic/tests/test-snap-assert.assert
543
0
new file mode 100644
307
new file mode 100644
544
index 0000000..b6b2ebd
545
--- /dev/null
546
+++ b/snapstore_client/logic/tests/test-snap-assert.assert
547
@@ -0,0 +1,101 @@
548
1
type: account-key
549
2
authority-id: canonical
550
3
revision: 2
551
4
public-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
552
5
account-id: canonical
553
6
name: store
554
7
since: 2016-04-01T00:00:00.0Z
555
8
body-length: 717
556
9
sign-key-sha3-384: -CvQKAwRQ5h3Ffn10FILJoEZUXOv6km9FwA80-Rcj-f-6jadQ89VRswHNiEB9Lxk
557
10
558
11
AcbBTQRWhcGAARAA0KKYYQWuHOrsFVi4p4l7ZzSvX7kLgJFFeFgOkzdWKBTHEnsMKjl5mefFe9ji
559
12
qe8NlmJdfY7BenP7XeBtwKp700H/t9lLrZbpTNAPHXYxEWFJp5bPqIcJYBZ+29oLVLN1Tc5X482R
560
13
vCiDqL8+pPYqBrK2fNlyPlNNSum9wI70rDDL4r6FVvr+osTnGejibdV8JphWX+lrSQDnRSdM8KJi
561
14
UM43vTgLGTi9W54oRhsA2OFexRfRksTrnqGoonCjqX5wO3OFSaMDzMsO2MJ/hPfLgDqw53qjzuKL
562
15
Iec9OL3k5basvu2cj5u9tKwVFDsCKK2GbKUsWWpx2KTpOifmhmiAbzkTHbH9KaoMS7p0kJwhTQGA
563
16
o9aJ9VMTWHJc/NCBx7eu451u6d46sBPCXS/OMUh2766fQmoRtO1OwCTxsRKG2kkjbMn54UdFULl9
564
17
VfzvyghMNRKIezsEkmM8wueTqGUGZWa6CEZqZKwhe/PROxOPYzqtDH18XZknbU1n5lNb7vNfem9F
565
18
2ai+3+JyFnW9UhfvpVF7gzAgdyCqNli4C6BIN43uwoS8HkykocZS/+Gv52aUQ/NZ8BKOHLw+7ant
566
19
Q0o8W9ltSLZbEMxFIPSN0stiZlkXAp6DLyvh1Y4wXSynDjUondTpej2fSvSlCz/W5v5V7qA4nIcG
567
20
vUvV7RjVzv17ut0AEQEAAQ==
568
21
569
22
AcLDXAQAAQoABgUCV83k9QAKCRDUpVvql9g3IBT8IACKZ7XpiBZ3W4lqbPssY6On81WmxQLtvsMV
570
23
WTp6zZpl/wWOSt2vMNUk9pvcmrNq1jG9CuhDfWFLGXEjcrrmVkN3YuCOajMSPFCGrxsIBLSRt/bP
571
24
nrKykdLAAzMfG8rP1d82bjFFiIieE+urQ0Kcv09Jtdvavq3JT1Tek5mFyyfhHNlQEKOzWqmRWiLg
572
25
3c3VOZUs1ZD8TSlnuq/x+5T0X0YtOyGjSlVxk7UybbyMNd6MZfNaMpIG4x+mxD3KHFtBAC7O6kLe
573
26
eX3i6j5nCY5UABfA3DZEAkWP4zlmdBEOvZ9t293NaDdOpzsUHRkoi0Zez/9BHQ/kwx/uNc2WqrYm
574
27
inCmu16JGNeXqsyinnLl7Ghn2RwhvDMlLxF6RTx8xdx1yk6p3PBTwhZMUvuZGjUtN/AG8BmVJQ19
575
28
rsGSRkkSywvnhVJRB2sudnrMBmNS2goJbzSbmJnOlBrd2WsV0T9SgNMWZBiov3LvU4o2SmAb6b+k
576
29
rYwh8H5QHcuuYJuxDjFhPswIp6Wes5T6hUicf3SWtObcDS4HSkVS4ImBjjX9YgCuFy7QdnooOWEY
577
30
aPvkRw3XCVeYq0K6w9GRsk1YFErD4XmXXZjDYY650MX9v42Sz5MmphHV8jdIY5ssbadwFSe2rCQI
578
31
6UX08zy7RsIb19hTndE6ncvSNDChUR9eEnCm73eYaWTWTnq1cxdVP/s52r8uss++OYOkPWqh5nOu
579
32
haRn7INjH/yZX4qXjNXlTjo0PnHH0q08vNKDwLhxS+D9du+70FeacXFyLIbcWllSbJ7DmbumGpFo
580
33
yYbtj3FDDPzachFQdIG3lSt+cSUGeyfSs6wVtc3cIPka/2Urx7RprfmoWSI6+a5NcLdj0u2z8O96
581
34
HxeIgxDpg/3gT8ZIuFKePMcLDM19Fh/p0ysCsX+84B9chNWtsMSmIaE57V+959MVtsLu7SLb9gi7
582
35
skrju0pQCwsu2wHMLTNd1f3PTHmrr49hxetTus07HSQUApMtAGKzQilF5zqFjbyaTd4xgQbd+PKW
583
36
CjFyzQTDOcUhXpuUGt/IzlqiFfsCsmbj2K4KdSNYMlqIgZ3Azu8KvZLIhsyN7v5vNIZSPfEbjdeu
584
37
ClU9r0VRiJmtYBUjcSghD9LWn+yRLwOxhfQVjm0cBwIt5R/yPF/qC76yIVuWUtM5Y2/zJR1J8OFq
585
38
qWchvlImHtvDzS9FQeLyzJAOjvZ2CnWp2gILgUz0WQdOk1Dq8ax7KS9BQ42zxw9EZAEPw3PEFqRy
586
39
IQsRTONp+iVS8YxSmoYZjDlCgRMWUmawez/Fv5b9Fb/XkO5Eq4e+KfrpUujXItaipb+tV8h5v3tr
587
40
oG3Ie3WOHrVjCLXIdYslpL1O4nadqR6Xv58pHj6k
588
41
589
42
type: account
590
43
authority-id: canonical
591
44
account-id: 1RgHGj7Zp3nyycrGa5sODDbZznzJAwAX
592
45
display-name: Tom Wardill
593
46
timestamp: 2018-02-06T09:22:49.118291Z
594
47
username: twom
595
48
validation: unproven
596
49
sign-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
597
50
598
51
AcLBUgQAAQoABgUCWnlz6QAA40sQALjt4pGWbG9icFARLbNSnx0ldc9cEytJ5ctLVvG0x3P7hP3u
599
52
6VntHcurt5mkQmW9nTJ8CY3R5uAPVkVda1gFabFlIqZPl4fAv0KqH9vziqSsc1rn05nyLcPMEu2P
600
53
WmWsOh/F7O3IqJrvdX1Xpuv0BsDjZi9merN20BHcY8LDVPd5qUDyN/BISbNzogzHC3MdilYAP75p
601
54
YoYYhH7dHruLgPREOKEhAjIoFguvPtML1xAUFz5XDpvm0sHDURuDYN/cwpFOLsOkPCDokyYC/Udb
602
55
Bh9foT4o1FYvBQOi2DjFBs0UFgAk/2ud8Rv9N10O2MnsQ0ZGerAsGAVIARkz5zjSHZPFokL5PJQ/
603
56
AzJBVRR2NPtRvBEnF/bG0xR5JR/5AZK2K7mIKrQt22CFL4M4iL7uQI1Q1i7PBpysYT7vZwyyFkEP
604
57
M2NXmvpZ34i+5JnyEtdn2H+JVhvQS1RpqdwDwfpqn+lYkJBvDN8B9aDtyp+yMdDTLoLt74JZKP4V
605
58
YeptgPiaMUHOQJx6gdp/Fa9FJAQiNUFjXe9/lfF1yebu0CVXdO6CaSRGBXrQfk2E/WpZNsmZOTq+
606
59
Rc0dGtlMeulEo8fY9RcJlsKe7hjlzX1Yk7JFkGqb60Fzqy0AzoJwDXjTnQPo0AKyNz+ryqly3Sur
607
60
c58OOgdNDw9KbjYoVXvjFLzAyA/k
608
61
609
62
type: snap-declaration
610
63
authority-id: canonical
611
64
series: 16
612
65
snap-id: p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM
613
66
publisher-id: 1RgHGj7Zp3nyycrGa5sODDbZznzJAwAX
614
67
snap-name: gif-cli
615
68
timestamp: 2018-10-02T15:43:27.762767Z
616
69
sign-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
617
70
618
71
AcLBUgQAAQoABgUCW7OSHwAAV/cQAB9wlV5pNd/+20BSCv6tsBAUugrHbFRVjIMHsYoj7Can0mSB
619
72
9vRSbDnFB91VWk+6gBpR+xXtHJithiyCl3fitf2tNuRKm/W6M4fhdctQXX8pcPSsonfSq1+1apgT
620
73
vy7BZaChVEMROY3y5/NZNj4x/+1t38cA4dqxOHIXbhc1B/SifKpFQWq8hu+GMSFFVSxWCJp7rLor
621
74
sqfBFUY1cFeCGsW/iawAPTXk3z7tZhkhoi1FQeu9KrQGMCY0aaD1uZhPLfCwP4mDmsuW3lxJ5QIt
622
75
fhQdO46jh6Ea9nahjAMWrIYPL6G1Yk5aFH6cQ7LfcQq/JHEcDvFUXbtM5jQJU4gPcjnSkFlRCSNA
623
76
aig1trd/RjqQyVMiIBDGRvOPZZij7AdnQ+P88CH1k5oWppNTgk4VM0UsSCdFFXVw7sQlPUWjRaYP
624
77
PHfy1xkMZBw11jLDytOVwLKjPIZs8dCTHKkPfAD4oTP0+W/OvOBerUoHGeaxlZ8Cx17wFcfllEcO
625
78
fiYmnYOAd0JRIXeOXH9/LTbSnb9dMPaaL9jIz0YhmNJOPuzUPpfGeoEQMlt61OfTtEuvjDAq+Nh/
626
79
mhCDl0RnvH+8rjLv0ksYLETsFCkKlOYYMugoj0ruBjl3ss6GU/36RFX9quKEdDyyyus71C1V6ohF
627
80
VzUiaij6jfTkWC4rMPyl69L3Z7fw
628
81
629
82
type: snap-revision
630
83
authority-id: canonical
631
84
snap-sha3-384: MrP3xzTBH8SQLC1oOfMNIigeJ_0GUE1yqugKZzx2dKdqO2fHbzYa2SfJtxS5JWMe
632
85
developer-id: 1RgHGj7Zp3nyycrGa5sODDbZznzJAwAX
633
86
snap-id: p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM
634
87
snap-revision: 3
635
88
snap-size: 9678848
636
89
timestamp: 2018-10-14T20:48:18.733551Z
637
90
sign-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
638
91
639
92
AcLBUgQAAQoABgUCW8OrkgAAm/oQAAnCsfsbDBJt59mPG9A1BRHYZHV7EqYis75QxZPzMLlkpoUG
640
93
Xqc8g0aHgEt+STwrrAqUli9G5Yg3Tk8rWb7CV7MlB3c/pBgnW8XLWm3zp1S4ZonDPpKYmgeBcmui
641
94
hH9lXPlHHnL9dGbObhPk7jbAFHOmqgC9S5lD6Uuj7RTn8Hv+hT7YbvZ8LpjcRfLfUJAIhfCCcxHm
642
95
euwRMyGP5NFwOLWIj4XZNKhKf6Tj8bUJV9Kcf7MBZ/cvdwzPiTkU5EleHid4bdZcUkrcNTt8wFI4
643
96
NxU+CH8m3mzP2/EF+amxoqHc5+9qMYWtu2iou1E8oY5M7s+QujTHPipzgPQkkMLSocyoO1ntezd1
644
97
YhUu2GkXw2IRmmgVvaMjmXcE+voGNsT+W2CeHqQNvZvip3KDKvQG3G8tX9Sf6V7NSjqn1+IwpJpS
645
98
Bx61HphfypyHbho7KgYcSYhdqCQF8XiLwQ3pWtE6l654I3kHzuzyrYKR+Ts1byHB+w5sLx4fw7xV
646
99
7/CbvzO6konCrW00bG3UGKHZk4zJGBlv5cfGQxuq5GNaaDWZ9Pg5awSrgB8kShAGzOpdABle8eYg
647
100
RVUbPo53cZO3ditJ+B7VT1pA0on1BiyQGKQUQplr+glZtplPsu6q+A0HzLZ3Wg7EFUdrSThhDh6N
648
101
46jdhxSAwRSPVHtzHm/fgUcGXuMJ
649
diff --git a/snapstore_client/logic/tests/test-snap-map.json b/snapstore_client/logic/tests/test-snap-map.json
650
0
new file mode 100644
102
new file mode 100644
651
index 0000000..0b28b16
652
--- /dev/null
653
+++ b/snapstore_client/logic/tests/test-snap-map.json
654
@@ -0,0 +1,73 @@
655
1
{
656
2
    "channel-map": [{
657
3
        "architectures": ["amd64"],
658
4
        "base": "core18",
659
5
        "channel": {
660
6
            "architecture": "amd64",
661
7
            "name": "stable",
662
8
            "released-at": "2018-11-08T18:30:43.652281+00:00",
663
9
            "risk": "stable",
664
10
            "track": "latest"
665
11
        },
666
12
        "common-ids": [],
667
13
        "confinement": "strict",
668
14
        "created-at": "2018-10-14T20:48:12.808884+00:00",
669
15
        "download": {
670
16
            "deltas": [],
671
17
            "sha3-384": "32b3f7c734c11fc4902c2d6839f30d22281e27fd06504d72aae80a673c7674a76a3b67c76f361ad927c9b714b925631e",
672
18
            "size": 9678848,
673
19
            "url": "https://api.snapcraft.io/api/v1/snaps/download/p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM_3.snap"
674
20
        },
675
21
        "epoch": {
676
22
            "read": [0],
677
23
            "write": [0]
678
24
        },
679
25
        "revision": 3,
680
26
        "snap-yaml": "name: gif-cli\nversion: 0.0.3\nsummary: CLI tool to search for gifs\ndescription: 'CLI tool to search for gifs\n\n  '\nbase: core18\narchitectures:\n- amd64\nconfinement: strict\ngrade: stable\napps:\n  gif-cli:\n    command: command-gif-cli.wrapper\n    plugs:\n    - network-bind\n    - network\n",
681
27
        "type": "app",
682
28
        "version": "0.0.3"
683
29
    }, {
684
30
        "architectures": ["amd64"],
685
31
        "base": "core18",
686
32
        "channel": {
687
33
            "architecture": "amd64",
688
34
            "name": "edge",
689
35
            "released-at": "2018-10-14T20:49:19.242435+00:00",
690
36
            "risk": "edge",
691
37
            "track": "latest"
692
38
        },
693
39
        "common-ids": [],
694
40
        "confinement": "strict",
695
41
        "created-at": "2018-10-14T20:48:12.808884+00:00",
696
42
        "download": {
697
43
            "deltas": [],
698
44
            "sha3-384": "32b3f7c734c11fc4902c2d6839f30d22281e27fd06504d72aae80a673c7674a76a3b67c76f361ad927c9b714b925631e",
699
45
            "size": 9678848,
700
46
            "url": "https://api.snapcraft.io/api/v1/snaps/download/p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM_3.snap"
701
47
        },
702
48
        "epoch": {
703
49
            "read": [0],
704
50
            "write": [0]
705
51
        },
706
52
        "revision": 3,
707
53
        "snap-yaml": "name: gif-cli\nversion: 0.0.3\nsummary: CLI tool to search for gifs\ndescription: 'CLI tool to search for gifs\n\n  '\nbase: core18\narchitectures:\n- amd64\nconfinement: strict\ngrade: stable\napps:\n  gif-cli:\n    command: command-gif-cli.wrapper\n    plugs:\n    - network-bind\n    - network\n",
708
54
        "type": "app",
709
55
        "version": "0.0.3"
710
56
    }],
711
57
    "name": "gif-cli",
712
58
    "snap": {
713
59
        "license": "unset",
714
60
        "name": "gif-cli",
715
61
        "prices": {},
716
62
        "publisher": {
717
63
            "display-name": "Tom Wardill",
718
64
            "id": "1RgHGj7Zp3nyycrGa5sODDbZznzJAwAX",
719
65
            "username": "twom",
720
66
            "validation": "unproven"
721
67
        },
722
68
        "snap-id": "p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM",
723
69
        "summary": "CLI tool to search for gifs",
724
70
        "title": "gif-cli"
725
71
    },
726
72
    "snap-id": "p5QNTakkyYmjqa9TRKQWHtZ58GTftzrM"
727
73
}
728
diff --git a/snapstore_client/logic/tests/test_login.py b/snapstore_client/logic/tests/test_login.py
729
index 25ef14f..d7854cc 100644
730
--- a/snapstore_client/logic/tests/test_login.py
731
+++ b/snapstore_client/logic/tests/test_login.py
732
@@ -54,11 +54,13 @@ class LoginTests(TestCase):
733
54
        iter_responses = iter(full_responses)
54
        iter_responses = iter(full_responses)
734
55
        return lambda request: next(iter_responses)
55
        return lambda request: next(iter_responses)
735
56
56
737
57
    def make_args(self, store_url=None, sso_url=None, email=None):
57
    def make_args(self, store_url=None,
738
58
                  sso_url=None, email=None, offline=False):
739
58
        return factory.Args(
59
        return factory.Args(
740
59
            store_url=store_url or self.default_gw_url,
60
            store_url=store_url or self.default_gw_url,
741
60
            sso_url=sso_url or self.default_sso_url,
61
            sso_url=sso_url or self.default_sso_url,
742
61
            email=email,
62
            email=email,
743
63
            offline=offline,
744
62
        )
64
        )
745
63
65
746
64
    def add_issue_store_admin_response(self, *response_templates, gw_url=None):
66
    def add_issue_store_admin_response(self, *response_templates, gw_url=None):
747
diff --git a/snapstore_client/logic/tests/test_overrides.py b/snapstore_client/logic/tests/test_overrides.py
748
index 1f2f2d0..05e32fc 100644
749
--- a/snapstore_client/logic/tests/test_overrides.py
750
+++ b/snapstore_client/logic/tests/test_overrides.py
751
@@ -32,7 +32,7 @@ class OverridesTests(TestCase):
752
32
            'Have you run "snap-store-proxy-client login"?\n')
32
            'Have you run "snap-store-proxy-client login"?\n')
753
33
33
754
34
    @responses.activate
34
    @responses.activate
756
35
    def test_list_overrides(self):
35
    def test_list_overrides_online(self):
757
36
        self.useFixture(testfixtures.ConfigFixture())
36
        self.useFixture(testfixtures.ConfigFixture())
758
37
        logger = self.useFixture(fixtures.FakeLogger())
37
        logger = self.useFixture(fixtures.FakeLogger())
759
38
        snap_id = factory.generate_snap_id()
38
        snap_id = factory.generate_snap_id()
760
@@ -52,18 +52,55 @@ class OverridesTests(TestCase):
761
52
        responses.add(
52
        responses.add(
762
53
            'GET', overrides_url, status=200, json={'overrides': overrides})
53
            'GET', overrides_url, status=200, json={'overrides': overrides})
763
54
54
765
55
        list_overrides(factory.Args(snap_name='mysnap', series='16'))
55
        list_overrides(
766
56
            factory.Args(snap_name='mysnap', series='16', password=False))
767
56
        self.assertEqual(
57
        self.assertEqual(
768
57
            'mysnap stable amd64 1 (upstream 2)\n'
58
            'mysnap stable amd64 1 (upstream 2)\n'
769
58
            'mysnap foo/stable i386 3 (upstream 4)\n',
59
            'mysnap foo/stable i386 3 (upstream 4)\n',
770
59
            logger.output)
60
            logger.output)
771
61
        # We shouldn't have Basic Authorization headers, but Macaroon
772
62
        self.assertNotIn(
773
63
            'Basic',
774
64
            responses.calls[0].request.headers['Authorization'])
775
65
776
66
    @responses.activate
777
67
    def test_list_overrides_offline(self):
778
68
        self.useFixture(testfixtures.ConfigFixture())
779
69
        logger = self.useFixture(fixtures.FakeLogger())
780
70
        snap_id = factory.generate_snap_id()
781
71
        overrides = [
782
72
            factory.SnapDeviceGateway.Override(
783
73
                snap_id=snap_id, snap_name='mysnap'),
784
74
            factory.SnapDeviceGateway.Override(
785
75
                snap_id=snap_id, snap_name='mysnap', revision=3,
786
76
                upstream_revision=4, channel='foo/stable',
787
77
                architecture='i386'),
788
78
        ]
789
79
        # XXX cjwatson 2017-06-26: Use acceptable-generated doubles once
790
80
        # they exist.
791
81
        overrides_url = urljoin(
792
82
            config.Config().store_section('default').get('gw_url'),
793
83
            '/v2/metadata/overrides/mysnap')
794
84
        responses.add(
795
85
            'GET', overrides_url, status=200, json={'overrides': overrides})
796
86
797
87
        list_overrides(
798
88
            factory.Args(snap_name='mysnap', series='16', password='test'))
799
89
        self.assertEqual(
800
90
            'mysnap stable amd64 1 (upstream 2)\n'
801
91
            'mysnap foo/stable i386 3 (upstream 4)\n',
802
92
            logger.output)
803
93
        self.assertEqual(
804
94
            'Basic YWRtaW46dGVzdA==',
805
95
            responses.calls[0].request.headers['Authorization'])
806
60
96
807
61
    def test_override_no_store_config(self):
97
    def test_override_no_store_config(self):
808
62
        self.useFixture(testfixtures.ConfigFixture(empty=True))
98
        self.useFixture(testfixtures.ConfigFixture(empty=True))
809
63
        logger = self.useFixture(fixtures.FakeLogger())
99
        logger = self.useFixture(fixtures.FakeLogger())
810
64
        rc = override(factory.Args(
100
        rc = override(factory.Args(
811
65
            snap_name='some-snap', channel_map_entries=['stable=1'],
101
            snap_name='some-snap', channel_map_entries=['stable=1'],
813
66
            series='16'))
102
            series='16',
814
103
            password=False))
815
67
        self.assertEqual(rc, 1)
104
        self.assertEqual(rc, 1)
816
68
        self.assertEqual(
105
        self.assertEqual(
817
69
            logger.output,
106
            logger.output,
818
@@ -71,7 +108,56 @@ class OverridesTests(TestCase):
819
71
            'Have you run "snap-store-proxy-client login"?\n')
108
            'Have you run "snap-store-proxy-client login"?\n')
820
72
109
821
73
    @responses.activate
110
    @responses.activate
823
74
    def test_override(self):
111
    def test_override_online(self):
824
112
        self.useFixture(testfixtures.ConfigFixture())
825
113
        logger = self.useFixture(fixtures.FakeLogger())
826
114
        snap_id = factory.generate_snap_id()
827
115
        overrides = [
828
116
            factory.SnapDeviceGateway.Override(
829
117
                snap_id=snap_id, snap_name='mysnap'),
830
118
            factory.SnapDeviceGateway.Override(
831
119
                snap_id=snap_id, snap_name='mysnap', revision=3,
832
120
                upstream_revision=4, channel='foo/stable',
833
121
                architecture='i386'),
834
122
        ]
835
123
        # XXX cjwatson 2017-06-26: Use acceptable-generated doubles once
836
124
        # they exist.
837
125
        overrides_url = urljoin(
838
126
            config.Config().store_section('default').get('gw_url'),
839
127
            '/v2/metadata/overrides')
840
128
        responses.add(
841
129
            'POST', overrides_url, status=200, json={'overrides': overrides})
842
130
843
131
        override(factory.Args(
844
132
            snap_name='mysnap',
845
133
            channel_map_entries=['stable=1', 'foo/stable=3'],
846
134
            series='16',
847
135
            password=False))
848
136
        self.assertEqual([
849
137
            {
850
138
                'snap_name': 'mysnap',
851
139
                'revision': 1,
852
140
                'channel': 'stable',
853
141
                'series': '16',
854
142
            },
855
143
            {
856
144
                'snap_name': 'mysnap',
857
145
                'revision': 3,
858
146
                'channel': 'foo/stable',
859
147
                'series': '16',
860
148
            },
861
149
        ], json.loads(responses.calls[0].request.body.decode()))
862
150
        self.assertEqual(
863
151
            'mysnap stable amd64 1 (upstream 2)\n'
864
152
            'mysnap foo/stable i386 3 (upstream 4)\n',
865
153
            logger.output)
866
154
        # We shouldn't have Basic Authorization headers, but Macaroon
867
155
        self.assertNotIn(
868
156
            'Basic',
869
157
            responses.calls[0].request.headers['Authorization'])
870
158
871
159
    @responses.activate
872
160
    def test_override_offline(self):
873
75
        self.useFixture(testfixtures.ConfigFixture())
161
        self.useFixture(testfixtures.ConfigFixture())
874
76
        logger = self.useFixture(fixtures.FakeLogger())
162
        logger = self.useFixture(fixtures.FakeLogger())
875
77
        snap_id = factory.generate_snap_id()
163
        snap_id = factory.generate_snap_id()
876
@@ -94,7 +180,8 @@ class OverridesTests(TestCase):
877
94
        override(factory.Args(
180
        override(factory.Args(
878
95
            snap_name='mysnap',
181
            snap_name='mysnap',
879
96
            channel_map_entries=['stable=1', 'foo/stable=3'],
182
            channel_map_entries=['stable=1', 'foo/stable=3'],
881
97
            series='16'))
183
            series='16',
882
184
            password='test'))
883
98
        self.assertEqual([
185
        self.assertEqual([
884
99
            {
186
            {
885
100
                'snap_name': 'mysnap',
187
                'snap_name': 'mysnap',
886
@@ -113,12 +200,16 @@ class OverridesTests(TestCase):
887
113
            'mysnap stable amd64 1 (upstream 2)\n'
200
            'mysnap stable amd64 1 (upstream 2)\n'
888
114
            'mysnap foo/stable i386 3 (upstream 4)\n',
201
            'mysnap foo/stable i386 3 (upstream 4)\n',
889
115
            logger.output)
202
            logger.output)
890
203
        self.assertEqual(
891
204
            'Basic YWRtaW46dGVzdA==',
892
205
            responses.calls[0].request.headers['Authorization'])
893
116
206
894
117
    def test_delete_override_no_store_config(self):
207
    def test_delete_override_no_store_config(self):
895
118
        self.useFixture(testfixtures.ConfigFixture(empty=True))
208
        self.useFixture(testfixtures.ConfigFixture(empty=True))
896
119
        logger = self.useFixture(fixtures.FakeLogger())
209
        logger = self.useFixture(fixtures.FakeLogger())
897
120
        rc = delete_override(factory.Args(
210
        rc = delete_override(factory.Args(
899
121
            snap_name='some-snap', channels=['stable'], series='16'))
211
            snap_name='some-snap', channels=['stable'],
900
212
            series='16', password=False))
901
122
        self.assertEqual(rc, 1)
213
        self.assertEqual(rc, 1)
902
123
        self.assertEqual(
214
        self.assertEqual(
903
124
            logger.output,
215
            logger.output,
904
@@ -126,7 +217,56 @@ class OverridesTests(TestCase):
905
126
            'Have you run "snap-store-proxy-client login"?\n')
217
            'Have you run "snap-store-proxy-client login"?\n')
906
127
218
907
128
    @responses.activate
219
    @responses.activate
909
129
    def test_delete_override(self):
220
    def test_delete_override_online(self):
910
221
        self.useFixture(testfixtures.ConfigFixture())
911
222
        logger = self.useFixture(fixtures.FakeLogger())
912
223
        snap_id = factory.generate_snap_id()
913
224
        overrides = [
914
225
            factory.SnapDeviceGateway.Override(
915
226
                snap_id=snap_id, snap_name='mysnap', revision=None),
916
227
            factory.SnapDeviceGateway.Override(
917
228
                snap_id=snap_id, snap_name='mysnap', revision=None,
918
229
                upstream_revision=4, channel='foo/stable',
919
230
                architecture='i386'),
920
231
        ]
921
232
        # XXX cjwatson 2017-06-26: Use acceptable-generated doubles once
922
233
        # they exist.
923
234
        overrides_url = urljoin(
924
235
            config.Config().store_section('default').get('gw_url'),
925
236
            '/v2/metadata/overrides')
926
237
        responses.add(
927
238
            'POST', overrides_url, status=200, json={'overrides': overrides})
928
239
929
240
        delete_override(factory.Args(
930
241
            snap_name='mysnap',
931
242
            channels=['stable', 'foo/stable'],
932
243
            series='16',
933
244
            password=False))
934
245
        self.assertEqual([
935
246
            {
936
247
                'snap_name': 'mysnap',
937
248
                'revision': None,
938
249
                'channel': 'stable',
939
250
                'series': '16',
940
251
            },
941
252
            {
942
253
                'snap_name': 'mysnap',
943
254
                'revision': None,
944
255
                'channel': 'foo/stable',
945
256
                'series': '16',
946
257
            },
947
258
        ], json.loads(responses.calls[0].request.body.decode()))
948
259
        self.assertEqual(
949
260
            'mysnap stable amd64 is tracking upstream (revision 2)\n'
950
261
            'mysnap foo/stable i386 is tracking upstream (revision 4)\n',
951
262
            logger.output)
952
263
        # We shouldn't have Basic Authorization headers, but Macaroon
953
264
        self.assertNotIn(
954
265
            'Basic',
955
266
            responses.calls[0].request.headers['Authorization'])
956
267
957
268
    @responses.activate
958
269
    def test_delete_override_offline(self):
959
130
        self.useFixture(testfixtures.ConfigFixture())
270
        self.useFixture(testfixtures.ConfigFixture())
960
131
        logger = self.useFixture(fixtures.FakeLogger())
271
        logger = self.useFixture(fixtures.FakeLogger())
961
132
        snap_id = factory.generate_snap_id()
272
        snap_id = factory.generate_snap_id()
962
@@ -149,7 +289,8 @@ class OverridesTests(TestCase):
963
149
        delete_override(factory.Args(
289
        delete_override(factory.Args(
964
150
            snap_name='mysnap',
290
            snap_name='mysnap',
965
151
            channels=['stable', 'foo/stable'],
291
            channels=['stable', 'foo/stable'],
967
152
            series='16'))
292
            series='16',
968
293
            password='test'))
969
153
        self.assertEqual([
294
        self.assertEqual([
970
154
            {
295
            {
971
155
                'snap_name': 'mysnap',
296
                'snap_name': 'mysnap',
972
@@ -168,3 +309,6 @@ class OverridesTests(TestCase):
973
168
            'mysnap stable amd64 is tracking upstream (revision 2)\n'
309
            'mysnap stable amd64 is tracking upstream (revision 2)\n'
974
169
            'mysnap foo/stable i386 is tracking upstream (revision 4)\n',
310
            'mysnap foo/stable i386 is tracking upstream (revision 4)\n',
975
170
            logger.output)
311
            logger.output)
976
312
        self.assertEqual(
977
313
            'Basic YWRtaW46dGVzdA==',
978
314
            responses.calls[0].request.headers['Authorization'])
979
diff --git a/snapstore_client/logic/tests/test_push.py b/snapstore_client/logic/tests/test_push.py
980
171
new file mode 100644
315
new file mode 100644
981
index 0000000..7fedbbd
982
--- /dev/null
983
+++ b/snapstore_client/logic/tests/test_push.py
984
@@ -0,0 +1,169 @@
985
1
import json
986
2
from pathlib import Path
987
3
from urllib.parse import urljoin
988
4
989
5
import fixtures
990
6
import responses
991
7
from testtools import TestCase
992
8
993
9
from snapstore_client.logic.push import (
994
10
    ChannelMapExistsException,
995
11
    pushException,
996
12
    _add_assertion_to_service,
997
13
    _split_assertions,
998
14
    _push_channelmap,
999
15
    _push_ident,
1000
16
    _push_revs,
1001
17
)
1002
18
1003
19
1004
20
class pushTests(TestCase):
1005
21
1006
22
    def setUp(self):
1007
23
        super().setUp()
1008
24
        self.default_gw_url = 'http://store.local'
1009
25
        self.logger = self.useFixture(fixtures.FakeLogger())
1010
26
        current_path = Path(__file__).resolve().parent
1011
27
        with (current_path / 'test-snap-map.json').open() as fh:
1012
28
            self.snap_map = json.load(fh)
1013
29
        with (current_path / 'test-snap-assert.assert').open() as fh:
1014
30
            self.snap_assert = fh.read().splitlines()
1015
31
        self.store = {'gw_url': self.default_gw_url}
1016
32
1017
33
    @responses.activate
1018
34
    def test_push_ident(self):
1019
35
        ident_url = urljoin(self.default_gw_url, '/snaps/update')
1020
36
        responses.add('POST', ident_url, status=200)
1021
37
1022
38
        _push_ident(self.store, 'test', self.snap_map)
1023
39
1024
40
        self.assertEqual(
1025
41
            'Basic YWRtaW46dGVzdA==',
1026
42
            responses.calls[0].request.headers['Authorization'])
1027
43
1028
44
    @responses.activate
1029
45
    def test_push_ident_failed(self):
1030
46
        ident_url = urljoin(self.default_gw_url, '/snaps/update')
1031
47
        responses.add('POST', ident_url, status=500)
1032
48
1033
49
        self.assertRaises(
1034
50
            pushException, _push_ident, self.store, 'test', self.snap_map)
1035
51
1036
52
    @responses.activate
1037
53
    def test_push_revs(self):
1038
54
        revs_url = urljoin(self.default_gw_url, '/revisions/create')
1039
55
        responses.add('POST', revs_url, status=201)
1040
56
1041
57
        _push_revs(self.store, 'test', self.snap_map)
1042
58
1043
59
        self.assertEqual(
1044
60
            'Basic YWRtaW46dGVzdA==',
1045
61
            responses.calls[0].request.headers['Authorization'])
1046
62
1047
63
    @responses.activate
1048
64
    def test_push_revs_unexpected_status_code(self):
1049
65
        revs_url = urljoin(self.default_gw_url, '/revisions/create')
1050
66
        responses.add('POST', revs_url, status=302)
1051
67
1052
68
        self.assertRaises(
1053
69
            pushException, _push_revs, self.store, 'test', self.snap_map)
1054
70
1055
71
    @responses.activate
1056
72
    def test_push_revs_failed(self):
1057
73
        revs_url = urljoin(self.default_gw_url, '/revisions/create')
1058
74
        responses.add('POST', revs_url, status=500)
1059
75
1060
76
        self.assertRaises(
1061
77
            pushException, _push_revs, self.store, 'test', self.snap_map)
1062
78
1063
79
    @responses.activate
1064
80
    def test_push_map(self):
1065
81
        filter_url = urljoin(self.default_gw_url, '/channelmaps/filter')
1066
82
        update_url = urljoin(self.default_gw_url, '/channelmaps/update')
1067
83
        responses.add('POST', filter_url, status=200, json={})
1068
84
        responses.add('POST', update_url, status=200)
1069
85
1070
86
        _push_channelmap(self.store, 'test', self.snap_map)
1071
87
1072
88
        self.assertEqual(
1073
89
            'Basic YWRtaW46dGVzdA==',
1074
90
            responses.calls[0].request.headers['Authorization'])
1075
91
1076
92
    @responses.activate
1077
93
    def test_push_map_failed(self):
1078
94
        filter_url = urljoin(self.default_gw_url, '/channelmaps/filter')
1079
95
        update_url = urljoin(self.default_gw_url, '/channelmaps/update')
1080
96
        responses.add('POST', filter_url, status=200, json={})
1081
97
        responses.add('POST', update_url, status=500)
1082
98
1083
99
        self.assertRaises(
1084
100
            pushException, _push_channelmap,
1085
101
            self.store, 'test', self.snap_map)
1086
102
1087
103
    @responses.activate
1088
104
    def test_push_map_exists(self):
1089
105
        filter_url = urljoin(self.default_gw_url, '/channelmaps/filter')
1090
106
        update_url = urljoin(self.default_gw_url, '/channelmaps/update')
1091
107
        exists = {'channelmaps': ['thing that exists']}
1092
108
        responses.add('POST', filter_url, status=200, json=exists)
1093
109
        responses.add('POST', update_url, status=200)
1094
110
1095
111
        self.assertRaises(
1096
112
            ChannelMapExistsException, _push_channelmap,
1097
113
            self.store, 'test', self.snap_map)
1098
114
1099
115
    @responses.activate
1100
116
    def test_push_map_exists_force_push(self):
1101
117
        filter_url = urljoin(self.default_gw_url, '/channelmaps/filter')
1102
118
        update_url = urljoin(self.default_gw_url, '/channelmaps/update')
1103
119
        exists = {'channelmaps': ['thing that exists']}
1104
120
        responses.add('POST', filter_url, status=200, json=exists)
1105
121
        responses.add('POST', update_url, status=200)
1106
122
1107
123
        _push_channelmap(self.store, 'test', self.snap_map, True)
1108
124
1109
125
        self.assertEqual(
1110
126
            'Basic YWRtaW46dGVzdA==',
1111
127
            responses.calls[0].request.headers['Authorization'])
1112
128
1113
129
    def test_split_assertions(self):
1114
130
        result = _split_assertions(self.snap_assert)
1115
131
        assert len(result) == 4
1116
132
1117
133
        # We should have 4 different types of assertion
1118
134
        assert result[0][0] == 'type: account-key'
1119
135
        assert result[1][0] == 'type: account'
1120
136
        assert result[2][0] == 'type: snap-declaration'
1121
137
        assert result[3][0] == 'type: snap-revision'
1122
138
1123
139
    @responses.activate
1124
140
    def test_add_assertion_to_service(self):
1125
141
        assert_url = urljoin(self.default_gw_url, '/v1/assertions')
1126
142
        responses.add('POST', assert_url, status=201)
1127
143
1128
144
        split_assertions = _split_assertions(self.snap_assert)
1129
145
        _add_assertion_to_service(self.store, 'test', split_assertions)
1130
146
1131
147
        self.assertEqual(
1132
148
            'Basic YWRtaW46dGVzdA==',
1133
149
            responses.calls[0].request.headers['Authorization'])
1134
150
1135
151
    @responses.activate
1136
152
    def test_add_assertion_to_service_unexpected_status_code(self):
1137
153
        assert_url = urljoin(self.default_gw_url, '/v1/assertions')
1138
154
        responses.add('POST', assert_url, status=302)
1139
155
1140
156
        split_assertions = _split_assertions(self.snap_assert)
1141
157
        self.assertRaises(
1142
158
            pushException,
1143
159
            _add_assertion_to_service, self.store, 'test', split_assertions)
1144
160
1145
161
    @responses.activate
1146
162
    def test_add_assertion_to_service_failed(self):
1147
163
        assert_url = urljoin(self.default_gw_url, '/v1/assertions')
1148
164
        responses.add('POST', assert_url, status=500)
1149
165
1150
166
        split_assertions = _split_assertions(self.snap_assert)
1151
167
        self.assertRaises(
1152
168
            pushException,
1153
169
            _add_assertion_to_service, self.store, 'test', split_assertions)
1154
diff --git a/snapstore_client/utils.py b/snapstore_client/utils.py
1155
0
new file mode 100644
170
new file mode 100644
1156
index 0000000..461a1c3
1157
--- /dev/null
1158
+++ b/snapstore_client/utils.py
1159
@@ -0,0 +1,26 @@
1160
1
import logging
1161
2
1162
3
logger = logging.getLogger(__name__)
1163
4
1164
5
1165
6
def _log_credentials_error(e):
1166
7
    logger.error('%s', e)
1167
8
    logger.error('Try to "snap-store-proxy-client login" again.')
1168
9
1169
10
1170
11
def _log_authorized_error():
1171
12
    logger.error(("Perhaps you have not been registered as an "
1172
13
                  "admin with the proxy."))
1173
14
    logger.error("Try 'snap-proxy add-admin' on the proxy host.")
1174
15
1175
16
1176
17
def _check_default_store(cfg):
1177
18
    """Load the default store from the config."""
1178
19
    store = cfg.store_section('default')
1179
20
    # If the gw URL is configured then everything else should be too.
1180
21
    if not store.get('gw_url'):
1181
22
        logger.error(
1182
23
            'No store configuration found. '
1183
24
            'Have you run "snap-store-proxy-client login"?')
1184
25
        return None
1185
26
    return store
1186
diff --git a/snapstore_client/webservices.py b/snapstore_client/webservices.py
1187
index e8e618f..3ebf149 100644
1188
--- a/snapstore_client/webservices.py
1189
+++ b/snapstore_client/webservices.py
1190
@@ -1,6 +1,7 @@
1191
1
# Copyright 2017 Canonical Ltd.  This software is licensed under the
1
# Copyright 2017 Canonical Ltd.  This software is licensed under the
1192
2
# GNU General Public License version 3 (see the file LICENSE).
2
# GNU General Public License version 3 (see the file LICENSE).
1193
3
3
1194
4
import base64
1195
4
import json
5
import json
1196
5
import logging
6
import logging
1197
6
import urllib.parse
7
import urllib.parse
1198
@@ -96,6 +97,19 @@ def _get_macaroon_auth(store):
1199
96
        root_raw, bound_discharge_raw)
97
        root_raw, bound_discharge_raw)
1200
97
98
1201
98
99
1202
100
def _get_basic_auth(password):
1203
101
    """Build the basic auth for interacting with an offline proxy"""
1204
102
    # XXX twom 2019-03-15 Hardcoded username, awaiting user management
1205
103
    username = 'admin'
1206
104
    credentials = '{}:{}'.format(username, password)
1207
105
    try:
1208
106
        encoded_credentials = base64.b64encode(credentials.encode('UTF-8'))
1209
107
    except UnicodeEncodeError:
1210
108
        logger.error('Unable to encode password to UTF-8')
1211
109
        raise
1212
110
    return 'Basic {}'.format(encoded_credentials.decode())
1213
111
1214
112
1215
99
def _raise_needs_refresh(response):
113
def _raise_needs_refresh(response):
1216
100
    if (response.status_code == 401 and
114
    if (response.status_code == 401 and
1217
101
            response.headers.get('WWW-Authenticate') == (
115
            response.headers.get('WWW-Authenticate') == (
1218
@@ -115,15 +129,18 @@ def refresh_if_necessary(store, func, *args, **kwargs):
1219
115
        return func(*args, **kwargs)
129
        return func(*args, **kwargs)
1220
116
130
1221
117
131
1223
118
def get_overrides(store, snap_name, series='16'):
132
def get_overrides(store, snap_name, series='16', password=None):
1224
119
    """Get all overrides for a snap."""
133
    """Get all overrides for a snap."""
1225
120
    overrides_url = urllib.parse.urljoin(
134
    overrides_url = urllib.parse.urljoin(
1226
121
        store.get('gw_url'),
135
        store.get('gw_url'),
1227
122
        '/v2/metadata/overrides/{}'.format(urllib.parse.quote_plus(snap_name)))
136
        '/v2/metadata/overrides/{}'.format(urllib.parse.quote_plus(snap_name)))
1228
123
    headers = {
137
    headers = {
1229
124
        'Authorization': _get_macaroon_auth(store),
1230
125
        'X-Ubuntu-Series': series,
138
        'X-Ubuntu-Series': series,
1231
126
    }
139
    }
1232
140
    if password:
1233
141
        headers['Authorization'] = _get_basic_auth(password)
1234
142
    else:
1235
143
        headers['Authorization'] = _get_macaroon_auth(store)
1236
127
    resp = requests.get(overrides_url, headers=headers)
144
    resp = requests.get(overrides_url, headers=headers)
1237
128
    _raise_needs_refresh(resp)
145
    _raise_needs_refresh(resp)
1238
129
    if resp.status_code != 200:
146
    if resp.status_code != 200:
1239
@@ -132,11 +149,14 @@ def get_overrides(store, snap_name, series='16'):
1240
132
    return resp.json()
149
    return resp.json()
1241
133
150
1242
134
151
1244
135
def set_overrides(store, overrides):
152
def set_overrides(store, overrides, password=None):
1245
136
    """Add or remove channel map overrides for a snap."""
153
    """Add or remove channel map overrides for a snap."""
1246
137
    overrides_url = urllib.parse.urljoin(
154
    overrides_url = urllib.parse.urljoin(
1247
138
        store.get('gw_url'), '/v2/metadata/overrides')
155
        store.get('gw_url'), '/v2/metadata/overrides')
1249
139
    headers = {'Authorization': _get_macaroon_auth(store)}
156
    if password:
1250
157
        headers = {'Authorization': _get_basic_auth(password)}
1251
158
    else:
1252
159
        headers = {'Authorization': _get_macaroon_auth(store)}
1253
140
    resp = requests.post(overrides_url, headers=headers, json=overrides)
160
    resp = requests.post(overrides_url, headers=headers, json=overrides)
1254
141
    _raise_needs_refresh(resp)
161
    _raise_needs_refresh(resp)
1255
142
    if resp.status_code != 200:
162
    if resp.status_code != 200:
Status:	Merged
Approved by:	Tom Wardill on 2019-06-24
Approved revision:	00476d8bc59f05203b169e8793855c1731a67ad1
Merge reported by:	Otto Co-Pilot
Merged at revision:	not available
Proposed branch:	~twom/snapstore-client:add-upload-authentication
Merge into:	snapstore-client:master
Diff against target:	1255 lines (+947/-45) 12 files modified README (+23/-0) snapstore (+36/-0) snapstore_client/logic/login.py (+7/-0) snapstore_client/logic/overrides.py (+27/-32) snapstore_client/logic/push.py (+306/-0) snapstore_client/logic/tests/test-snap-assert.assert (+101/-0) snapstore_client/logic/tests/test-snap-map.json (+73/-0) snapstore_client/logic/tests/test_login.py (+3/-1) snapstore_client/logic/tests/test_overrides.py (+152/-8) snapstore_client/logic/tests/test_push.py (+169/-0) snapstore_client/utils.py (+26/-0) snapstore_client/webservices.py (+24/-4)
Related bugs:	Link a bug report
Reviewer	Review Type	Date Requested	Status
Tony Simpson (community)		2019-03-21	Approve on 2019-06-23
Review via email: mp+364917@code.launchpad.net