1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
raise SkipTest unless service?(:couchdb)
require 'json'
class CouchDB < LeapTest
depends_on "Network"
def setup
end
def test_00_Are_daemons_running?
assert_running 'bin/beam'
if multimaster?
assert_running 'bin/epmd'
end
pass
end
#
# check to make sure we can get welcome response from local couchdb
#
def test_01_Is_CouchDB_running?
assert_get(couchdb_url) do |body|
assert_match /"couchdb":"Welcome"/, body, "Could not get welcome message from #{couchdb_url}. Probably couchdb is not running."
end
pass
end
#
# compare the configured nodes to the nodes that are actually listed in bigcouch
#
def test_02_Is_cluster_membership_ok?
return unless multimaster?
url = couchdb_backend_url("/nodes/_all_docs")
neighbors = assert_property('couch.bigcouch.neighbors')
neighbors << assert_property('domain.full')
neighbors.sort!
assert_get(url) do |body|
response = JSON.parse(body)
nodes_in_db = response['rows'].collect{|row| row['id'].sub(/^bigcouch@/, '')}.sort
assert_equal neighbors, nodes_in_db, "The couchdb replication node list is wrong (/nodes/_all_docs)"
end
pass
end
#
# all configured nodes are in 'cluster_nodes'
# all nodes online and communicating are in 'all_nodes'
#
# this seems backward to me, so it might be the other way around.
#
def test_03_Are_configured_nodes_online?
return unless multimaster?
url = couchdb_url("/_membership", :username => 'admin')
assert_get(url) do |body|
response = JSON.parse(body)
nodes_configured_but_not_available = response['cluster_nodes'] - response['all_nodes']
nodes_available_but_not_configured = response['all_nodes'] - response['cluster_nodes']
if nodes_configured_but_not_available.any?
warn "These nodes are configured but not available:", nodes_configured_but_not_available
end
if nodes_available_but_not_configured.any?
warn "These nodes are available but not configured:", nodes_available_but_not_configured
end
if response['cluster_nodes'] == response['all_nodes']
pass
end
end
end
def test_04_Do_ACL_users_exist?
acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'soledad', 'webapp', 'replication']
url = couchdb_backend_url("/_users/_all_docs", :username => 'admin')
assert_get(url) do |body|
response = JSON.parse(body)
assert_equal acl_users.count, response['total_rows']
actual_users = response['rows'].map{|row| row['id'].sub(/^org.couchdb.user:/, '') }
assert_equal acl_users.sort, actual_users.sort
end
pass
end
def test_05_Do_required_databases_exist?
dbs_that_should_exist = ["customers","identities","keycache","shared","tickets","users", "tmp_users"]
dbs_that_should_exist << "tokens_#{rotation_suffix}"
dbs_that_should_exist << "sessions_#{rotation_suffix}"
dbs_that_should_exist.each do |db_name|
url = couchdb_url("/"+db_name, :username => 'admin')
assert_get(url) do |body|
assert response = JSON.parse(body)
assert_equal db_name, response['db_name']
end
end
pass
end
# disable ACL enforcement, because it's a known issue with bigcouch
# and will only confuse the user
# see https://leap.se/code/issues/6030 for more details
#
## for now, this just prints warnings, since we are failing these tests.
##
#def test_06_Is_ACL_enforced?
# ok = assert_auth_fail(
# couchdb_url('/users/_all_docs', :username => 'leap_mx'),
# {:limit => 1}
# )
# ok = assert_auth_fail(
# couchdb_url('/users/_all_docs', :username => 'leap_mx'),
# {:limit => 1}
# ) && ok
# pass if ok
#end
def test_07_Can_records_be_created?
record = DummyRecord.new
url = couchdb_url("/tokens_#{rotation_suffix}", :username => 'admin')
assert_post(url, record, :format => :json) do |body|
assert response = JSON.parse(body), "POST response should be JSON"
assert response["ok"], "POST response should be OK"
assert_delete(File.join(url, response["id"]), :rev => response["rev"]) do |body|
assert response = JSON.parse(body), "DELETE response should be JSON"
assert response["ok"], "DELETE response should be OK"
end
end
pass
end
private
def multimaster?
mode == "multimaster"
end
def mode
assert_property('couch.mode')
end
# TODO: admin port is hardcoded for now but should be configurable.
def couchdb_backend_url(path="", options={})
options = {port: multimaster? && "5986"}.merge options
couchdb_url(path, options)
end
def rotation_suffix
rotation_suffix = Time.now.utc.to_i / 2592000 # monthly
end
require 'securerandom'
require 'digest/sha2'
class DummyRecord < Hash
def initialize
self['data'] = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')
self['_id'] = Digest::SHA512.hexdigest(self['data'])
end
end
end
|