From 9a1562fa00e7472317647808c302863db78b4c75 Mon Sep 17 00:00:00 2001
From: Mike McLean <mikem@redhat.com>
Date: Sep 15 2017 04:06:06 +0000
Subject: PR#493: modify activate_session to be easily used without CLI


Merges #493
https://pagure.io/koji/pull-request/493

Fixes #436
https://pagure.io/koji/issue/436

---

diff --git a/cli/koji_cli/lib.py b/cli/koji_cli/lib.py
index 4b4a504..124780a 100644
--- a/cli/koji_cli/lib.py
+++ b/cli/koji_cli/lib.py
@@ -540,21 +540,25 @@ def has_krb_creds():
 
 def activate_session(session, options):
     """Test and login the session is applicable"""
-    if options.authtype == "noauth" or options.noauth:
+    if isinstance(options, dict):
+        options = optparse.Values(options)
+    noauth = options.authtype == "noauth" or getattr(options, 'noauth', False)
+    runas = getattr(options, 'runas', None)
+    if noauth:
         #skip authentication
         pass
     elif options.authtype == "ssl" or os.path.isfile(options.cert) and options.authtype is None:
         # authenticate using SSL client cert
-        session.ssl_login(options.cert, None, options.serverca, proxyuser=options.runas)
-    elif options.authtype == "password" or options.user and options.authtype is None:
+        session.ssl_login(options.cert, None, options.serverca, proxyuser=runas)
+    elif options.authtype == "password" or getattr(options, 'user', None) and options.authtype is None:
         # authenticate using user/password
         session.login()
     elif options.authtype == "kerberos" or has_krb_creds() and options.authtype is None:
         try:
             if options.keytab and options.principal:
-                session.krb_login(principal=options.principal, keytab=options.keytab, proxyuser=options.runas)
+                session.krb_login(principal=options.principal, keytab=options.keytab, proxyuser=runas)
             else:
-                session.krb_login(proxyuser=options.runas)
+                session.krb_login(proxyuser=runas)
         except socket.error as e:
             warn(_("Could not connect to Kerberos authentication service: %s") % e.args[1])
         except Exception as e:
@@ -562,7 +566,7 @@ def activate_session(session, options):
                 error(_("Kerberos authentication failed: %s (%s)") % (e.args[1], e.args[0]))
             else:
                 raise
-    if not options.noauth and options.authtype != "noauth" and not session.logged_in:
+    if not noauth and not session.logged_in:
         error(_("Unable to log in, no authentication methods available"))
     ensure_connection(session)
     if options.debug:
diff --git a/tests/test_cli/test_activate_session.py b/tests/test_cli/test_activate_session.py
new file mode 100644
index 0000000..987f08d
--- /dev/null
+++ b/tests/test_cli/test_activate_session.py
@@ -0,0 +1,123 @@
+import mock
+import shutil
+import tempfile
+import unittest
+
+from koji_cli.lib import activate_session
+
+
+class TestActivateSession(unittest.TestCase):
+
+    def setUp(self):
+        self.tempdir = tempfile.mkdtemp()
+        self.warn = mock.patch('koji_cli.lib.warn').start()
+        self.error = mock.patch('koji_cli.lib.error').start()
+        # self.ensure_connection = mock.patch('koji_cli.lib.warn.ensure_connection').start()
+        self.has_krb_creds = mock.patch('koji_cli.lib.has_krb_creds').start()
+        self.has_krb_creds.return_value = False
+
+    def tearDown(self):
+        mock.patch.stopall()
+        shutil.rmtree(self.tempdir)
+
+    def test_activate_session_noauth(self):
+        session = mock.MagicMock()
+        session.logged_in = False
+        options = {'authtype': 'noauth', 'debug': False}
+        activate_session(session, options)
+        options = {'authtype': None, 'noauth': True, 'debug': False}
+        activate_session(session, options)
+        session.login.assert_not_called()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_not_called()
+
+    def test_activate_session_ssl(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        certfile = '%s/CERT' % self.tempdir
+        options = {'authtype': 'ssl',
+                'debug': False,
+                'cert': certfile,
+                'serverca': 'SERVERCA'}
+        activate_session(session, options)
+        session.ssl_login.assert_called_once_with(certfile, None, 'SERVERCA',
+                    proxyuser=None)
+        session.login.assert_not_called()
+        session.krb_login.assert_not_called()
+
+    def test_activate_session_ssl_implicit(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        certfile = '%s/CERT' % self.tempdir
+        open(certfile, 'w').close()
+        options = {'authtype': None,
+                'debug': False,
+                'cert': certfile,
+                'serverca': 'SERVERCA'}
+        activate_session(session, options)
+        session.ssl_login.assert_called_once_with(certfile, None, 'SERVERCA',
+                    proxyuser=None)
+        session.login.assert_not_called()
+        session.krb_login.assert_not_called()
+
+    def test_activate_session_pw(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        options = {'authtype': 'password', 'debug': False, 'cert': ''}
+        activate_session(session, options)
+        session.login.assert_called_once_with()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_not_called()
+
+    def test_activate_session_pw_implicit(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        options = {'authtype': None, 'debug': False, 'cert': '',
+                    'user': 'USER'}
+        activate_session(session, options)
+        session.login.assert_called_once_with()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_not_called()
+
+    def test_activate_session_krb(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        options = {'authtype': 'kerberos', 'debug': False, 'cert': '',
+                'keytab': None, 'principal': None}
+        activate_session(session, options)
+        session.login.assert_not_called()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_called_once_with(proxyuser=None)
+
+    def test_activate_session_krb_implicit(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        options = {'authtype': None, 'debug': False, 'cert': '',
+                'keytab': None, 'principal': None}
+        self.has_krb_creds.return_value = True
+        activate_session(session, options)
+        session.login.assert_not_called()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_called_once_with(proxyuser=None)
+
+    def test_activate_session_krb_keytab(self):
+        session = mock.MagicMock()
+        session.logged_in = True
+        options = {'authtype': 'kerberos', 'debug': False, 'cert': '',
+                'keytab': 'KEYTAB', 'principal': 'PRINCIPAL'}
+        activate_session(session, options)
+        session.login.assert_not_called()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_called_once_with(principal='PRINCIPAL',
+                    keytab='KEYTAB', proxyuser=None)
+
+    def test_activate_session_no_method(self):
+        session = mock.MagicMock()
+        session.logged_in = False
+        options = {'authtype': None, 'debug': False, 'cert': ''}
+        self.has_krb_creds.return_value = False
+        activate_session(session, options)
+        session.login.assert_not_called()
+        session.ssl_login.assert_not_called()
+        session.krb_login.assert_not_called()
+        self.error.assert_called_once()