Closed ja5087 closed 5 years ago
Code looks good, however now tests are failing because the test runner can't find the password file. I think the best way to deal with this would be to move the tests to the manual
section and prompt for the password there.
I'm going to try and mock the function instead of moving the tests to manual (where they may never get run), but that isn't working yet
Thanks for this, I think the new code is good now.
Instead of mocking functions, I'd say it's fine to give the test runner access to the password (it's accessible to all staff anyways) and actually running the functions. This will probably require a PR to Puppet.
This commit needs to be temporary reverted, as it breaks ocfweb. We got the following rootspam this morning: (i've redacted some extra information here)
A problem was encountered and reported via ocflib:
An exception occured in ocfweb:
Traceback (most recent call last):
File "/opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/ocfweb/ocfweb/auth.py", line 53, in wrapper
return fn(request, *args, **kwargs)
File "/opt/ocfweb/ocfweb/account/register.py", line 51, in request_account
if not user_attrs_ucb(calnet_uid):
File "/opt/ocfweb/venv/lib/python3.5/site-packages/ocflib/account/search.py", line 56, in user_attrs_ucb
base=UCB_LDAP_PEOPLE)
File "/opt/ocfweb/venv/lib/python3.5/site-packages/ocflib/account/search.py", line 47, in user_attrs
with connection(dn, password) as c:
File "/opt/ocfweb/venv/lib/python3.5/site-packages/ocflib/infra/ldap.py", line 81, in ldap_ucb_privileged
password = _read_ucb_password()
File "/opt/ocfweb/venv/lib/python3.5/site-packages/ocflib/infra/ldap.py", line 256, in _read_ucb_password
with open(UCB_LDAP_PASSWORD_PATH, 'r') as passwordFile:
FileNotFoundError: [Errno 2] No such file or directory: '/etc/ucbldap.passwd'
Request:
* Host: www.ocf.berkeley.edu
* Path: /account/register/
* Method: GET
* Secure: True
Request Headers:
{'CSRF_COOKIE': '<REDACTED>',
'HTTP_CONNECTION': 'close',
'HTTP_COOKIE': '<REDACTED>',
'HTTP_HOST': 'www.ocf.berkeley.edu',
'HTTP_REFERER': 'https://auth.berkeley.edu/cas/login?((redacted))
'HTTP_VIA': '1.1 www.ocf.berkeley.edu',
'HTTP_X_FORWARDED_HOST': 'www.ocf.berkeley.edu',
'HTTP_X_FORWARDED_PROTO': 'https',
'HTTP_X_FORWARDED_SERVER': 'www.ocf.berkeley.edu',
'PATH_INFO': '/account/register/',
'QUERY_STRING': '',
'RAW_URI': '/account/register/',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_PORT': '52574',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': '',
'SERVER_NAME': '127.0.0.1',
'SERVER_PORT': '8080',
'SERVER_PROTOCOL': 'HTTP/1.0',
'SERVER_SOFTWARE': 'gunicorn/19.9.0',
'gunicorn.socket': <socket.socket fd=9, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('127.0.0.1', 8080), raddr=('127.0.0.1', 52574)>,
'wsgi.errors': <gunicorn.http.wsgi.WSGIErrorsWrapper object at 0x7f6f312256d8>,
'wsgi.file_wrapper': <class 'gunicorn.http.wsgi.FileWrapper'>,
'wsgi.input': <gunicorn.http.body.Body object at 0x7f6f31225860>,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'https',
'wsgi.version': (1, 0)}
Session:
{'calnet_uid': ((redacted)), 'login_return_path': '/about/staff'}
====
Hostname: ce044e06d63a
Callstack:
at /opt/ocfweb/venv/lib/python3.5/site-packages/ocflib/misc/mail.py:95 (send_problem_report)
by /opt/ocfweb/ocfweb/middleware/errors.py:86 (process_exception)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/base.py:166 (process_exception_by_middleware)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/base.py:126 (_get_response)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/ocfweb/middleware/errors.py:42 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/utils/deprecation.py:91 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/exception.py:34 (inner)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/base.py:78 (get_response)
by /opt/ocfweb/venv/lib/python3.5/site-packages/django/core/handlers/wsgi.py:142 (__call__)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/sync.py:176 (handle_request)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/sync.py:135 (handle)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/sync.py:30 (accept)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/sync.py:68 (run_for_one)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/sync.py:124 (run)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/workers/base.py:134 (init_process)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/arbiter.py:583 (spawn_worker)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/arbiter.py:616 (spawn_workers)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/arbiter.py:545 (manage_workers)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/arbiter.py:203 (run)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/app/base.py:72 (run)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/app/base.py:223 (run)
by /opt/ocfweb/venv/lib/python3.5/site-packages/gunicorn/app/wsgiapp.py:61 (run)
by /opt/ocfweb/venv/bin/gunicorn:11 (<module>)
Looks like this is happening because the password file isn't inside the docker container that ocfweb is running in. We'll have to change the container configuration. The password should also perhaps be part of the ocfweb development configuration.
addresses #142