MAAS

Merge ~ack/maas:createadmin-ext-auth-messages into maas:master

  1. Git
  2. lp:~ack/maas
  3. createadmin-ext-auth-messages
  4. Merge into master
Proposed by Alberto Donato
Status: Merged
Approved by: Alberto Donato
Approved revision: 01369b67a2c198899bbcc8d895ce7dd62abf604a
Merge reported by: MAAS Lander
Merged at revision: not available
Proposed branch: ~ack/maas:createadmin-ext-auth-messages
Merge into: maas:master
Diff against target: 142 lines (+48/-23)
3 files modified
src/maascli/init.py (+17/-11)
src/maascli/tests/test_init.py (+30/-12)
src/maasserver/management/commands/configauth.py (+1/-0)
Reviewer Review Type Date Requested Status
Blake Rouse (community) Approve
MAAS Lander Approve
Review via email: mp+361565@code.launchpad.net

Commit message

LP: #1810803 - better messages for "maas configauth" with external authentication (both rbac and candid)

To post a comment you must log in.
Revision history for this message
MAAS Lander (maas-lander) wrote :

UNIT TESTS
-b createadmin-ext-auth-messages lp:~ack/maas/+git/maas into -b master lp:~maas-committers/maas

STATUS: SUCCESS
COMMIT: 01369b67a2c198899bbcc8d895ce7dd62abf604a

review: Approve
Revision history for this message
Blake Rouse (blake-rouse) wrote :

Looks good.

review: Approve

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/maascli/init.py b/src/maascli/init.py
2index 5f860c6..bcd40a6 100644
3--- a/src/maascli/init.py
4+++ b/src/maascli/init.py
5@@ -130,6 +130,7 @@ def create_admin_account(options):
6 def create_account_external_auth(auth_config, maas_config,
7 bakery_client=None):
8 """Make the user login via external auth to create the first admin."""
9+ print_msg('Please login with MAAS to ensure authentication is set up')
10 if bakery_client is None:
11 bakery_client = httpbakery.Client()
12
13@@ -153,18 +154,23 @@ def create_account_external_auth(auth_config, maas_config,
14
15 result = resp.json()
16 username = result['username']
17- if result['is_superuser']:
18- print_msg("Administrator user '{}' created".format(username))
19+ if auth_config['rbac_url']:
20+ message = 'Authentication is working.'
21+ if result['is_superuser']:
22+ message += " User '{}' is an Administrator".format(username)
23 else:
24- admin_group = auth_config['external_auth_admin_group']
25- message = dedent(
26- """\
27- A user with username '{username}' has been created, but it's not
28- a superuser. Please log in to MAAS with a user that belongs to
29- the '{admin_group}' group to create an administrator user.
30- """)
31- print_msg(
32- message.format(username=username, admin_group=admin_group))
33+ if result['is_superuser']:
34+ message = "Administrator user '{}' created".format(username)
35+ else:
36+ admin_group = auth_config['external_auth_admin_group']
37+ message = dedent(
38+ """\
39+ A user with username '{username}' has been created, but it's
40+ not a superuser. Please log in to MAAS with a user that
41+ belongs to the '{admin_group}' group to create an
42+ administrator user.
43+ """).format(username=username, admin_group=admin_group)
44+ print_msg(message)
45
46
47 def configure_authentication(options):
48diff --git a/src/maascli/tests/test_init.py b/src/maascli/tests/test_init.py
49index 61888dd..a2e6532 100644
50--- a/src/maascli/tests/test_init.py
51+++ b/src/maascli/tests/test_init.py
52@@ -296,7 +296,9 @@ class TestCreateAccountExternalAuth(MAASTestCase):
53 def setUp(self):
54 super().setUp()
55 self.mock_print_msg = self.patch(init, 'print_msg')
56- self.auth_config = {'external_auth_admin_group': 'admins'}
57+ self.auth_config = {
58+ 'rbac_url': '',
59+ 'external_auth_admin_group': 'admins'}
60 self.maas_config = {'maas_url': 'http://example.com/MAAS'}
61
62 def mock_bakery_client(self, status_code=200, user_is_admin=True):
63@@ -310,32 +312,48 @@ class TestCreateAccountExternalAuth(MAASTestCase):
64 mock_client.request.return_value = mock_response
65 return mock_client
66
67- def assert_message_printed(self, message):
68- [call] = self.mock_print_msg.mock_calls
69- self.assertIn(message, call[1][0])
70+ def test_create_admin_no_rbac(self):
71+ mock_client = self.mock_bakery_client()
72+ init.create_account_external_auth(
73+ self.auth_config, self.maas_config, bakery_client=mock_client)
74+ mock_client.request.assert_called()
75+ self.mock_print_msg.assert_called_with(
76+ "Administrator user 'user' created")
77
78- def test_create_admin(self):
79+ def test_create_no_rbac_not_admin(self):
80+ mock_client = self.mock_bakery_client(user_is_admin=False)
81+ init.create_account_external_auth(
82+ self.auth_config, self.maas_config, bakery_client=mock_client)
83+ mock_client.request.assert_called()
84+ self.mock_print_msg.assert_called_with(
85+ "A user with username 'user' has been created, but it's\n"
86+ "not a superuser. Please log in to MAAS with a user that\n"
87+ "belongs to the 'admins' group to create an\nadministrator "
88+ "user.\n")
89+
90+ def test_create_admin_rbac(self):
91+ self.auth_config['rbac_url'] = 'http://rbac'
92 mock_client = self.mock_bakery_client()
93 init.create_account_external_auth(
94 self.auth_config, self.maas_config, bakery_client=mock_client)
95 mock_client.request.assert_called()
96- self.assert_message_printed("Administrator user 'user' created")
97+ self.mock_print_msg.assert_called_with(
98+ "Authentication is working. User 'user' is an Administrator")
99
100- def test_create_not_admin(self):
101+ def test_create_rbac_not_admin(self):
102+ self.auth_config['rbac_url'] = 'http://rbac'
103 mock_client = self.mock_bakery_client(user_is_admin=False)
104 init.create_account_external_auth(
105 self.auth_config, self.maas_config, bakery_client=mock_client)
106 mock_client.request.assert_called()
107- self.assert_message_printed(
108- "A user with username 'user' has been created, but it's not\n"
109- "a superuser")
110+ self.mock_print_msg.assert_called_with('Authentication is working.')
111
112 def test_request_error_code(self):
113 mock_client = self.mock_bakery_client(status_code=500)
114 init.create_account_external_auth(
115 self.auth_config, self.maas_config, bakery_client=mock_client)
116 mock_client.request.assert_called()
117- self.assert_message_printed(
118+ self.mock_print_msg.assert_called_with(
119 "An error occurred while waiting for the first user creation: "
120 "request failed with code 500")
121
122@@ -345,7 +363,7 @@ class TestCreateAccountExternalAuth(MAASTestCase):
123 init.create_account_external_auth(
124 self.auth_config, self.maas_config, bakery_client=mock_client)
125 mock_client.request.assert_called()
126- self.assert_message_printed(
127+ self.mock_print_msg.assert_called_with(
128 "An error occurred while waiting for the first user creation: "
129 "something wrong happened")
130
131diff --git a/src/maasserver/management/commands/configauth.py b/src/maasserver/management/commands/configauth.py
132index 4e82186..36c713f 100644
133--- a/src/maasserver/management/commands/configauth.py
134+++ b/src/maasserver/management/commands/configauth.py
135@@ -70,6 +70,7 @@ def update_auth_details_from_agent_file(agent_file_name, auth_details):
136
137 def update_auth_details_from_rbac_registration(
138 auth_details, service_name):
139+ print('Please authenticate with the RBAC service to register this MAAS')
140 client = RBACUserClient(auth_details.rbac_url)
141 services = {
142 service['name']: service

Subscribers

People subscribed via source and target branches