add eipconfig spec and config object

author: kali <kali@leap.se> 2012-08-29 23:05:38 +0900
committer: kali <kali@leap.se> 2012-08-29 23:05:38 +0900
commit: ed4ad3a392caf0211e51a48d2d7b6c5a2f7bb17a (patch)
tree: 55958957a27f3784aef99f122673852becb4c1c2 /src
parent: 63c0b7aa3ded55426a834d0a5947fff798894c6b (diff)
8 files changed, 110 insertions, 45 deletions
diff --git a/src/leap/base/config.py b/src/leap/base/config.py
index 1ced471b..465016db 100644
--- a/src/leap/base/config.py
+++ b/src/leap/base/config.py
@@ -141,6 +141,9 @@ class JSONLeapConfig(BaseLeapConfig):
         config_file = get_config_file(filename, folder)
         return config_file
 
+    def exists(self):
+        return os.path.isfile(self.filename)
+
 
 #
 # utility functions
diff --git a/src/leap/base/providers.py b/src/leap/base/providers.py
index 71ccf139..677dd6ec 100644
--- a/src/leap/base/providers.py
+++ b/src/leap/base/providers.py
@@ -6,16 +6,16 @@ from leap.base import specs
 class LeapProviderDefinition(baseconfig.JSONLeapConfig):
     spec = specs.leap_provider_spec
 
-    def get_slug(self):
+    def _get_slug(self):
         provider_path = baseconfig.get_default_provider_path()
         return baseconfig.get_config_file(
             'definition.json',
             folder=provider_path)
 
-    def set_slug(self, *args, **kwargs):
+    def _set_slug(self, *args, **kwargs):
         raise AttributeError("you cannot set slug")
 
-    slug = property(get_slug, set_slug)
+    slug = property(_get_slug, _set_slug)
 
     # TODO (MVS+)
     # we will construct slug from providers/%s/definition.json
diff --git a/src/leap/base/tests/test_config.py b/src/leap/base/tests/test_config.py
index 54e4484c..ef897a23 100644
--- a/src/leap/base/tests/test_config.py
+++ b/src/leap/base/tests/test_config.py
@@ -35,7 +35,9 @@ class ProviderTest(BaseLeapTest):
 
 class BareHomeTestCase(ProviderTest):
 
-    __name__ = "provider_config_tests"
+    __name__ = "provider_config_tests_bare_home"
+
+    # XXX review. is it still needed?
 
     def test_should_raise_if_missing_eip_json(self):
         with self.assertRaises(exceptions.MissingConfigFileError):
@@ -59,27 +61,6 @@ class ProviderDefinitionTestCase(ProviderTest):
         with open(os.path.join(path, 'eip.json'), 'w') as fp:
             json.dump(eipconstants.EIP_SAMPLE_JSON, fp)
 
-    # moved to eip.test_checks.test_fetch_definition
-    #def test_complete_file(self):
-        #with mock.patch.object(requests, "get") as mock_method:
-            #mock_method.return_value.status_code = 200
-            #mock_method.return_value.json = {
-                #XXX get from providers template
-                #u'api_uri': u'https://api.testprovider.org/',
-                #u'api_version': u'0.1.0',
-                #u'ca_cert': u'8aab80ae4326fd30721689db813733783fe0bd7e',
-                #u'ca_cert_uri': u'https://testprovider.org/cacert.pem',
-                #u'description': {u'en': u'This is a test provider'},
-                #u'display_name': {u'en': u'Test Provider'},
-                #u'domain': u'testprovider.org',
-                #u'enrollment_policy': u'open',
-                #u'public_key': u'cb7dbd679f911e85bc2e51bd44afd7308ee19c21',
-                #u'serial': 1,
-                #u'services': [u'eip'],
-                #u'version': u'0.1.0'}
-            # XXX why init to localhost?
-            #cf = config.Configuration("http://localhost/")
-            #self.assertIn('default', cf.providers)
 
 #
 # provider fetch tests block
diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py
index 27320b1f..e5b8e971 100644
--- a/src/leap/eip/checks.py
+++ b/src/leap/eip/checks.py
@@ -52,6 +52,8 @@ class EIPConfigChecker(object):
         self.config = None
         self.fetcher = fetcher
 
+        #self.eipconfig = eipconfig.EIPConfig()
+
     def run_all(self, checker=None, skip_download=False):
         """
         runs all checks in a row.
@@ -208,10 +210,13 @@ class EIPConfigChecker(object):
         return baseconfig.get_config_file(eipconstants.EIP_CONFIG)
 
     def _is_there_default_eipconfig(self):
+        #XXX
+        #self.eipconfig.exists()
         return os.path.isfile(
             self._get_default_eipconfig_path())
 
     def _dump_default_eipconfig(self):
+        #XXX self.eipconfig.save()
         eipconfig.dump_default_eipconfig(
             self._get_default_eipconfig_path())
 
diff --git a/src/leap/eip/config.py b/src/leap/eip/config.py
index 2694ca61..34f05070 100644
--- a/src/leap/eip/config.py
+++ b/src/leap/eip/config.py
@@ -8,20 +8,17 @@ import socket
 from leap.util.fileutil import (which, mkdir_p,
                                 check_and_fix_urw_only)
 
-# from leap.base import config as baseconfig
-from leap.base.config import (get_default_provider_path,
-                              get_config_file,
-                              get_username,
-                              get_groupname,
-                              validate_ip)
+from leap.base import config as baseconfig
 from leap.baseapp.permcheck import (is_pkexec_in_system,
                                     is_auth_agent_running)
 from leap.eip import exceptions as eip_exceptions
 from leap.eip import constants as eipconstants
+from leap.eip import specs as eipspecs
 
 logger = logging.getLogger(name=__name__)
 logger.setLevel('DEBUG')
 
+# XXX deprecate per #447
 OPENVPN_CONFIG_TEMPLATE = """#Autogenerated by eip-client wizard
 remote {VPN_REMOTE_HOST} {VPN_REMOTE_PORT}
 
@@ -39,6 +36,18 @@ ca {LEAP_EIP_KEYS}
 """
 
 
+class EIPConfig(baseconfig.JSONLeapConfig):
+    spec = eipspecs.eipconfig_spec
+
+    def _get_slug(self):
+        return baseconfig.get_config_file('eip.json')
+
+    def _set_slug(self, *args, **kwargs):
+        raise AttributeError("you cannot set slug")
+
+    slug = property(_get_slug, _set_slug)
+
+
 def check_or_create_default_vpnconf(config):
     """
     checks that a vpn config file
@@ -47,12 +56,12 @@ def check_or_create_default_vpnconf(config):
     ATM REQURES A [provider] section in
     eip.cfg with _at least_ a remote_ip value
     """
-    default_provider_path = get_default_provider_path()
+    default_provider_path = baseconfig.get_default_provider_path()
 
     if not os.path.isdir(default_provider_path):
         mkdir_p(default_provider_path)
 
-    conf_file = get_config_file(
+    conf_file = baseconfig.get_config_file(
         'openvpn.conf',
         folder=default_provider_path)
 
@@ -74,7 +83,7 @@ def check_or_create_default_vpnconf(config):
         # and make a reverse resolv.
         remote_ip = config.get('provider',
                                'remote_ip')
-        validate_ip(remote_ip)
+        baseconfig.validate_ip(remote_ip)
 
     except ConfigParser.NoSectionError:
         raise eip_exceptions.EIPInitNoProviderError
@@ -91,19 +100,19 @@ def check_or_create_default_vpnconf(config):
 
     default_subpath = os.path.join("providers",
                                    "default")
-    default_provider_path = get_config_file(
+    default_provider_path = baseconfig.get_config_file(
         '',
         folder=default_subpath)
 
     if not os.path.isdir(default_provider_path):
         mkdir_p(default_provider_path)
 
-    conf_file = get_config_file(
+    conf_file = baseconfig.get_config_file(
         'openvpn.conf',
         folder=default_provider_path)
 
     # XXX keys have to be manually placed by now
-    keys_file = get_config_file(
+    keys_file = baseconfig.get_config_file(
         'openvpn.keys',
         folder=default_provider_path)
 
@@ -133,8 +142,8 @@ def build_ovpn_options(daemon=False):
 
     # get user/group name
     # also from config.
-    user = get_username()
-    group = get_groupname()
+    user = baseconfig.get_username()
+    group = baseconfig.get_groupname()
 
     opts = []
 
@@ -171,10 +180,10 @@ def build_ovpn_options(daemon=False):
 
     opts.append('--config')
 
-    default_provider_path = get_default_provider_path()
+    default_provider_path = baseconfig.get_default_provider_path()
 
     # XXX get rid of config_file at all
-    ovpncnf = get_config_file(
+    ovpncnf = baseconfig.get_config_file(
         'openvpn.conf',
         folder=default_provider_path)
     opts.append(ovpncnf)
@@ -296,7 +305,7 @@ def get_config(config_file=None):
     config = ConfigParser.ConfigParser(defaults)
 
     if not config_file:
-        fpath = get_config_file('eip.cfg')
+        fpath = baseconfig.get_config_file('eip.cfg')
         if not os.path.isfile(fpath):
             dpath, cfile = os.path.split(fpath)
             if not os.path.isdir(dpath):
@@ -343,9 +352,9 @@ def check_vpn_keys(config):
     if config.has_option(*keyopt):
         keyfile = config.get(*keyopt)
     else:
-        keyfile = get_config_file(
+        keyfile = baseconfig.get_config_file(
             'openvpn.keys',
-            folder=get_default_provider_path())
+            folder=baseconfig.get_default_provider_path())
         logger.debug('keyfile = %s', keyfile)
 
     # if no keys, raise error.
diff --git a/src/leap/eip/constants.py b/src/leap/eip/constants.py
index 6161d744..31974926 100644
--- a/src/leap/eip/constants.py
+++ b/src/leap/eip/constants.py
@@ -1,5 +1,8 @@
 EIP_CONFIG = "eip.json"
 
+# XXX deprecate. EIPConfig used instead
+# can move for testing purposes.
+
 EIP_SAMPLE_JSON = {
     "provider": "testprovider.example.org",
     "transport": "openvpn",
diff --git a/src/leap/eip/specs.py b/src/leap/eip/specs.py
new file mode 100644
index 00000000..572177dd
--- /dev/null
+++ b/src/leap/eip/specs.py
@@ -0,0 +1,64 @@
+import os
+
+from leap.base import config as baseconfig
+
+
+provider_ca_path = os.path.join(
+    baseconfig.get_default_provider_path(),
+    'keys', 'ca',
+    'testprovider-ca-cert.pem'
+)
+
+client_cert_path = os.path.join(
+    baseconfig.get_default_provider_path(),
+    'keys', 'client',
+    'openvpn.pem'
+)
+
+eipconfig_spec = {
+    'provider': {
+        'type': unicode,
+        'default': u"testprovider.example.org",
+        'required': True,
+    },
+    'transport': {
+        'type': unicode,
+        'default': u"openvpn",
+    },
+    'openvpn_protocol': {
+        'type': unicode,
+        'default': u"tcp"
+    },
+    'openvpn_port': {
+        'type': int,
+        'default': 80
+    },
+    'oepnvpn_ca_certificate': {
+        'type': unicode,  # path
+        'default': provider_ca_path
+    },
+    'openvpn_client_certificate': {
+        'type': unicode,  # path
+        'default': client_cert_path
+    },
+    'connect_on_login': {
+        'type': bool,
+        'default': True
+    },
+    'block_cleartext_tr affic': {
+        'type': bool,
+        'default': True
+    },
+    'primary_gateway': {
+        'type': unicode,
+        'default': u"usa_west",
+        'required': True
+    },
+    'secondary_gateway': {
+        'type': unicode,
+        'default': u"france"
+    },
+    'management_password': {
+        'type': unicode
+    }
+}
diff --git a/src/leap/eip/tests/test_config.py b/src/leap/eip/tests/test_config.py
index fac4729d..16219648 100644
--- a/src/leap/eip/tests/test_config.py
+++ b/src/leap/eip/tests/test_config.py
@@ -82,7 +82,7 @@ class EIPConfigTest(BaseLeapTest):
         self.assertEqual(args, self.get_expected_openvpn_args())
 
     # XXX TODO:
-    # - should use touch_exec to plant an "executabe" in the path
+    # - should use touch_exec to plant an "executable" in the path
     # - should check that "which" for openvpn returns what's expected.
author	kali <kali@leap.se>	2012-08-29 23:05:38 +0900
committer	kali <kali@leap.se>	2012-08-29 23:05:38 +0900
commit	ed4ad3a392caf0211e51a48d2d7b6c5a2f7bb17a (patch)
tree	55958957a27f3784aef99f122673852becb4c1c2 /src
parent	63c0b7aa3ded55426a834d0a5947fff798894c6b (diff)