Disable get_user_password and change_user_password ad-hoc commands

darcs-hash:20070928204016-86b55-7ceadfd072f879632430f93039a5f83bdf0dcac0.gz

src/jcl/jabber/command.py

@@ -110,21 +110,25 @@ class CommandManager(object):
 
     def apply_command_action(self, info_query, command_name, action):
         """Apply action on command"""
-        must_be_admin = self.commands[command_name]
+        if self.commands.has_key(command_name):
-        if not must_be_admin or \
+            must_be_admin = self.commands[command_name]
-            (must_be_admin and
+            if not must_be_admin or \
-             unicode(info_query.get_from().bare()) in self.component.get_admins()):
+                   (must_be_admin and
-            short_command_name = self.get_short_command_name(command_name)
+                    unicode(info_query.get_from().bare()) in self.component.get_admins()):
-            action_command_method = "apply_" + action + "_command"
+                short_command_name = self.get_short_command_name(command_name)
-            if hasattr(self, action_command_method):
+                action_command_method = "apply_" + action + "_command"
-                return getattr(self, action_command_method)(info_query,
+                if hasattr(self, action_command_method):
-                                                            short_command_name)
+                    return getattr(self, action_command_method)(info_query,
+                                                                short_command_name)
+                else:
+                    return [info_query.make_error_response(\
+                        "feature-not-implemented")]
             else:
                 return [info_query.make_error_response(\
-                    "feature-not-implemented")]
+                    "forbidden")]
         else:
             return [info_query.make_error_response(\
-                    "forbidden")]
+                "feature-not-implemented")]
 
     def apply_execute_command(self, info_query, short_command_name):
         return self.execute_multi_step_command(\
@@ -260,8 +264,8 @@ class JCLCommandManager(CommandManager):
         self.commands["http://jabber.org/protocol/admin#disable-user"] = True
         self.commands["http://jabber.org/protocol/admin#reenable-user"] = True
         self.commands["http://jabber.org/protocol/admin#end-user-session"] = True
-        self.commands["http://jabber.org/protocol/admin#get-user-password"] = True
+        #self.commands["http://jabber.org/protocol/admin#get-user-password"] = True
-        self.commands["http://jabber.org/protocol/admin#change-user-password"] = True
+        #self.commands["http://jabber.org/protocol/admin#change-user-password"] = True
         self.commands["http://jabber.org/protocol/admin#get-user-roster"] = True
         self.commands["http://jabber.org/protocol/admin#get-user-lastlogin"] = True
         self.commands["http://jabber.org/protocol/admin#get-registered-users-num"] = True

src/jcl/jabber/tests/command.py

@@ -1279,215 +1279,217 @@ class JCLCommandManager_TestCase(JCLTestCase):
         self.assertEquals(presence_component.get_node().prop("type"),
                           "unavailable")
 
-    def test_execute_get_user_password(self):
+# disabled command
-        self.comp.account_manager.account_classes = (ExampleAccount,
+#     def test_execute_get_user_password(self):
-                                                     Example2Account)
+#         self.comp.account_manager.account_classes = (ExampleAccount,
-        model.db_connect()
+#                                                      Example2Account)
-        user1 = User(jid="test1@test.com")
+#         model.db_connect()
-        user2 = User(jid="test2@test.com")
+#         user1 = User(jid="test1@test.com")
-        account11 = ExampleAccount(user=user1,
+#         user2 = User(jid="test2@test.com")
-                                   name="account11",
+#         account11 = ExampleAccount(user=user1,
-                                   jid="account11@jcl.test.com")
+#                                    name="account11",
-        account11.password = "pass1"
+#                                    jid="account11@jcl.test.com")
-        account12 = Example2Account(user=user1,
+#         account11.password = "pass1"
-                                    name="account12",
+#         account12 = Example2Account(user=user1,
-                                    jid="account12@jcl.test.com")
+#                                     name="account12",
-        account21 = ExampleAccount(user=user2,
+#                                     jid="account12@jcl.test.com")
-                                   name="account21",
+#         account21 = ExampleAccount(user=user2,
-                                   jid="account21@jcl.test.com")
+#                                    name="account21",
-        account22 = ExampleAccount(user=user2,
+#                                    jid="account21@jcl.test.com")
-                                   name="account11",
+#         account22 = ExampleAccount(user=user2,
-                                   jid="account11@jcl.test.com")
+#                                    name="account11",
-        model.db_disconnect()
+#                                    jid="account11@jcl.test.com")
-        info_query = Iq(stanza_type="set",
+#         model.db_disconnect()
-                        from_jid="admin@test.com",
+#         info_query = Iq(stanza_type="set",
-                        to_jid="jcl.test.com")
+#                         from_jid="admin@test.com",
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#                         to_jid="jcl.test.com")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        result = self.command_manager.apply_command_action(info_query,
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
-                                                           "http://jabber.org/protocol/admin#get-user-password",
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "execute")
+#                                                            "http://jabber.org/protocol/admin#get-user-password",
-        self.assertNotEquals(result, None)
+#                                                            "execute")
-        self.assertEquals(len(result), 1)
+#         self.assertNotEquals(result, None)
-        xml_command = result[0].xpath_eval("c:command",
+#         self.assertEquals(len(result), 1)
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#         xml_command = result[0].xpath_eval("c:command",
-        self.assertEquals(xml_command.prop("status"), "executing")
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertNotEquals(xml_command.prop("sessionid"), None)
+#         self.assertEquals(xml_command.prop("status"), "executing")
-        self.__check_actions(result[0], ["next"])
+#         self.assertNotEquals(xml_command.prop("sessionid"), None)
+#         self.__check_actions(result[0], ["next"])
 
-        # Second step
+#         # Second step
-        info_query = Iq(stanza_type="set",
+#         info_query = Iq(stanza_type="set",
-                        from_jid="admin@test.com",
+#                         from_jid="admin@test.com",
-                        to_jid="jcl.test.com")
+#                         to_jid="jcl.test.com")
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
-        session_id = xml_command.prop("sessionid")
+#         session_id = xml_command.prop("sessionid")
-        command_node.setProp("sessionid", session_id)
+#         command_node.setProp("sessionid", session_id)
-        command_node.setProp("action", "next")
+#         command_node.setProp("action", "next")
-        submit_form = Form(xmlnode_or_type="submit")
+#         submit_form = Form(xmlnode_or_type="submit")
-        submit_form.add_field(field_type="jid-single",
+#         submit_form.add_field(field_type="jid-single",
-                              name="user_jid",
+#                               name="user_jid",
-                              value="test1@test.com")
+#                               value="test1@test.com")
-        submit_form.as_xml(command_node)
+#         submit_form.as_xml(command_node)
-        result = self.command_manager.apply_command_action(info_query,
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "http://jabber.org/protocol/admin#get-user-password",
+#                                                            "http://jabber.org/protocol/admin#get-user-password",
-                                                           "execute")
+#                                                            "execute")
-        self.assertNotEquals(result, None)
+#         self.assertNotEquals(result, None)
-        self.assertEquals(len(result), 1)
+#         self.assertEquals(len(result), 1)
-        xml_command = result[0].xpath_eval("c:command",
+#         xml_command = result[0].xpath_eval("c:command",
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertEquals(xml_command.prop("status"), "executing")
+#         self.assertEquals(xml_command.prop("status"), "executing")
-        self.assertEquals(xml_command.prop("sessionid"), session_id)
+#         self.assertEquals(xml_command.prop("sessionid"), session_id)
-        self.__check_actions(result[0], ["prev", "complete"], 1)
+#         self.__check_actions(result[0], ["prev", "complete"], 1)
-        context_session = self.command_manager.sessions[session_id][1]
+#         context_session = self.command_manager.sessions[session_id][1]
-        self.assertEquals(context_session["user_jid"],
+#         self.assertEquals(context_session["user_jid"],
-                          ["test1@test.com"])
+#                           ["test1@test.com"])
 
-        # Third step
+#         # Third step
-        info_query = Iq(stanza_type="set",
+#         info_query = Iq(stanza_type="set",
-                        from_jid="admin@test.com",
+#                         from_jid="admin@test.com",
-                        to_jid="jcl.test.com")
+#                         to_jid="jcl.test.com")
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#get-user-password")
-        command_node.setProp("sessionid", session_id)
+#         command_node.setProp("sessionid", session_id)
-        command_node.setProp("action", "complete")
+#         command_node.setProp("action", "complete")
-        submit_form = Form(xmlnode_or_type="submit")
+#         submit_form = Form(xmlnode_or_type="submit")
-        submit_form.add_field(field_type="list-single",
+#         submit_form.add_field(field_type="list-single",
-                              name="account_name",
+#                               name="account_name",
-                              value="account11/test1@test.com")
+#                               value="account11/test1@test.com")
-        submit_form.as_xml(command_node)
+#         submit_form.as_xml(command_node)
-        result = self.command_manager.apply_command_action(info_query,
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "http://jabber.org/protocol/admin#get-user-password",
+#                                                            "http://jabber.org/protocol/admin#get-user-password",
-                                                           "execute")
+#                                                            "execute")
-        xml_command = result[0].xpath_eval("c:command",
+#         xml_command = result[0].xpath_eval("c:command",
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertEquals(xml_command.prop("status"), "completed")
+#         self.assertEquals(xml_command.prop("status"), "completed")
-        self.assertEquals(xml_command.prop("sessionid"), session_id)
+#         self.assertEquals(xml_command.prop("sessionid"), session_id)
-        self.__check_actions(result[0])
+#         self.__check_actions(result[0])
-        self.assertEquals(context_session["account_name"],
+#         self.assertEquals(context_session["account_name"],
-                          ["account11/test1@test.com"])
+#                           ["account11/test1@test.com"])
-        stanza_sent = result
+#         stanza_sent = result
-        self.assertEquals(len(stanza_sent), 1)
+#         self.assertEquals(len(stanza_sent), 1)
-        iq_result = stanza_sent[0]
+#         iq_result = stanza_sent[0]
-        self.assertTrue(isinstance(iq_result, Iq))
+#         self.assertTrue(isinstance(iq_result, Iq))
-        self.assertEquals(iq_result.get_node().prop("type"), "result")
+#         self.assertEquals(iq_result.get_node().prop("type"), "result")
-        self.assertEquals(iq_result.get_from(), "jcl.test.com")
+#         self.assertEquals(iq_result.get_from(), "jcl.test.com")
-        self.assertEquals(iq_result.get_to(), "admin@test.com")
+#         self.assertEquals(iq_result.get_to(), "admin@test.com")
-        fields = iq_result.xpath_eval("c:command/data:x/data:field",
+#         fields = iq_result.xpath_eval("c:command/data:x/data:field",
-                                      {"c": "http://jabber.org/protocol/commands",
+#                                       {"c": "http://jabber.org/protocol/commands",
-                                       "data": "jabber:x:data"})
+#                                        "data": "jabber:x:data"})
-        self.assertEquals(len(fields), 3)
+#         self.assertEquals(len(fields), 3)
-        self.assertEquals(fields[0].prop("var"), "FORM_TYPE")
+#         self.assertEquals(fields[0].prop("var"), "FORM_TYPE")
-        self.assertEquals(fields[0].prop("type"), "hidden")
+#         self.assertEquals(fields[0].prop("type"), "hidden")
-        self.assertEquals(fields[0].children.name, "value")
+#         self.assertEquals(fields[0].children.name, "value")
-        self.assertEquals(fields[0].children.content,
+#         self.assertEquals(fields[0].children.content,
-                          "http://jabber.org/protocol/admin")
+#                           "http://jabber.org/protocol/admin")
-        self.assertEquals(fields[1].prop("var"), "accountjids")
+#         self.assertEquals(fields[1].prop("var"), "accountjids")
-        self.assertEquals(fields[1].children.name, "value")
+#         self.assertEquals(fields[1].children.name, "value")
-        self.assertEquals(fields[1].children.content,
+#         self.assertEquals(fields[1].children.content,
-                          "test1@test.com")
+#                           "test1@test.com")
-        self.assertEquals(fields[2].prop("var"), "password")
+#         self.assertEquals(fields[2].prop("var"), "password")
-        self.assertEquals(fields[2].children.name, "value")
+#         self.assertEquals(fields[2].children.name, "value")
-        self.assertEquals(fields[2].children.content,
+#         self.assertEquals(fields[2].children.content,
-                          "pass1")
+#                           "pass1")
 
-    def test_execute_change_user_password(self):
+# disabled command
-        self.comp.account_manager.account_classes = (ExampleAccount,
+#     def test_execute_change_user_password(self):
-                                                     Example2Account)
+#         self.comp.account_manager.account_classes = (ExampleAccount,
-        model.db_connect()
+#                                                      Example2Account)
-        user1 = User(jid="test1@test.com")
+#         model.db_connect()
-        account11 = ExampleAccount(user=user1,
+#         user1 = User(jid="test1@test.com")
-                                   name="account11",
+#         account11 = ExampleAccount(user=user1,
-                                   jid="account11@jcl.test.com")
+#                                    name="account11",
-        account11.password = "pass1"
+#                                    jid="account11@jcl.test.com")
-        account12 = Example2Account(user=user1,
+#         account11.password = "pass1"
-                                    name="account12",
+#         account12 = Example2Account(user=user1,
-                                    jid="account12@jcl.test.com")
+#                                     name="account12",
-        user2 = User(jid="test2@test.com")
+#                                     jid="account12@jcl.test.com")
-        account21 = ExampleAccount(user=user2,
+#         user2 = User(jid="test2@test.com")
-                                   name="account21",
+#         account21 = ExampleAccount(user=user2,
-                                   jid="account21@jcl.test.com")
+#                                    name="account21",
-        account22 = ExampleAccount(user=user2,
+#                                    jid="account21@jcl.test.com")
-                                   name="account11",
+#         account22 = ExampleAccount(user=user2,
-                                   jid="account11@jcl.test.com")
+#                                    name="account11",
-        model.db_disconnect()
+#                                    jid="account11@jcl.test.com")
-        info_query = Iq(stanza_type="set",
+#         model.db_disconnect()
-                        from_jid="admin@test.com",
+#         info_query = Iq(stanza_type="set",
-                        to_jid="jcl.test.com")
+#                         from_jid="admin@test.com",
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#                         to_jid="jcl.test.com")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        result = self.command_manager.apply_command_action(info_query,
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
-                                                           "http://jabber.org/protocol/admin#change-user-password",
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "execute")
+#                                                            "http://jabber.org/protocol/admin#change-user-password",
-        self.assertNotEquals(result, None)
+#                                                            "execute")
-        self.assertEquals(len(result), 1)
+#         self.assertNotEquals(result, None)
-        xml_command = result[0].xpath_eval("c:command",
+#         self.assertEquals(len(result), 1)
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#         xml_command = result[0].xpath_eval("c:command",
-        self.assertEquals(xml_command.prop("status"), "executing")
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertNotEquals(xml_command.prop("sessionid"), None)
+#         self.assertEquals(xml_command.prop("status"), "executing")
-        self.__check_actions(result[0], ["next"])
+#         self.assertNotEquals(xml_command.prop("sessionid"), None)
+#         self.__check_actions(result[0], ["next"])
 
-        # Second step
+#         # Second step
-        info_query = Iq(stanza_type="set",
+#         info_query = Iq(stanza_type="set",
-                        from_jid="admin@test.com",
+#                         from_jid="admin@test.com",
-                        to_jid="jcl.test.com")
+#                         to_jid="jcl.test.com")
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
-        session_id = xml_command.prop("sessionid")
+#         session_id = xml_command.prop("sessionid")
-        command_node.setProp("sessionid", session_id)
+#         command_node.setProp("sessionid", session_id)
-        command_node.setProp("action", "next")
+#         command_node.setProp("action", "next")
-        submit_form = Form(xmlnode_or_type="submit")
+#         submit_form = Form(xmlnode_or_type="submit")
-        submit_form.add_field(field_type="jid-single",
+#         submit_form.add_field(field_type="jid-single",
-                              name="user_jid",
+#                               name="user_jid",
-                              value="test1@test.com")
+#                               value="test1@test.com")
-        submit_form.as_xml(command_node)
+#         submit_form.as_xml(command_node)
-        result = self.command_manager.apply_command_action(info_query,
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "http://jabber.org/protocol/admin#change-user-password",
+#                                                            "http://jabber.org/protocol/admin#change-user-password",
-                                                           "execute")
+#                                                            "execute")
-        self.assertNotEquals(result, None)
+#         self.assertNotEquals(result, None)
-        self.assertEquals(len(result), 1)
+#         self.assertEquals(len(result), 1)
-        xml_command = result[0].xpath_eval("c:command",
+#         xml_command = result[0].xpath_eval("c:command",
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertEquals(xml_command.prop("status"), "executing")
+#         self.assertEquals(xml_command.prop("status"), "executing")
-        self.assertEquals(xml_command.prop("sessionid"), session_id)
+#         self.assertEquals(xml_command.prop("sessionid"), session_id)
-        self.__check_actions(result[0], ["prev", "complete"], 1)
+#         self.__check_actions(result[0], ["prev", "complete"], 1)
-        context_session = self.command_manager.sessions[session_id][1]
+#         context_session = self.command_manager.sessions[session_id][1]
-        self.assertEquals(context_session["user_jid"],
+#         self.assertEquals(context_session["user_jid"],
-                          ["test1@test.com"])
+#                           ["test1@test.com"])
-        fields = result[0].xpath_eval("c:command/data:x/data:field",
+#         fields = result[0].xpath_eval("c:command/data:x/data:field",
-                                      {"c": "http://jabber.org/protocol/commands",
+#                                       {"c": "http://jabber.org/protocol/commands",
-                                       "data": "jabber:x:data"})
+#                                        "data": "jabber:x:data"})
-        self.assertEquals(len(fields), 2)
+#         self.assertEquals(len(fields), 2)
 
-        # Third step
+#         # Third step
-        info_query = Iq(stanza_type="set",
+#         info_query = Iq(stanza_type="set",
-                        from_jid="admin@test.com",
+#                         from_jid="admin@test.com",
-                        to_jid="jcl.test.com")
+#                         to_jid="jcl.test.com")
-        command_node = info_query.set_new_content(command.COMMAND_NS, "command")
+#         command_node = info_query.set_new_content(command.COMMAND_NS, "command")
-        command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
+#         command_node.setProp("node", "http://jabber.org/protocol/admin#change-user-password")
-        command_node.setProp("sessionid", session_id)
+#         command_node.setProp("sessionid", session_id)
-        command_node.setProp("action", "complete")
+#         command_node.setProp("action", "complete")
-        submit_form = Form(xmlnode_or_type="submit")
+#         submit_form = Form(xmlnode_or_type="submit")
-        submit_form.add_field(field_type="list-single",
+#         submit_form.add_field(field_type="list-single",
-                              name="account_name",
+#                               name="account_name",
-                              value="account11/test1@test.com")
+#                               value="account11/test1@test.com")
-        submit_form.add_field(field_type="text-private",
+#         submit_form.add_field(field_type="text-private",
-                              name="password",
+#                               name="password",
-                              value="pass2")
+#                               value="pass2")
-        submit_form.as_xml(command_node)
+#         submit_form.as_xml(command_node)
-        result = self.command_manager.apply_command_action(info_query,
+#         result = self.command_manager.apply_command_action(info_query,
-                                                           "http://jabber.org/protocol/admin#change-user-password",
+#                                                            "http://jabber.org/protocol/admin#change-user-password",
-                                                           "execute")
+#                                                            "execute")
-        xml_command = result[0].xpath_eval("c:command",
+#         xml_command = result[0].xpath_eval("c:command",
-                                           {"c": "http://jabber.org/protocol/commands"})[0]
+#                                            {"c": "http://jabber.org/protocol/commands"})[0]
-        self.assertEquals(xml_command.prop("status"), "completed")
+#         self.assertEquals(xml_command.prop("status"), "completed")
-        self.assertEquals(xml_command.prop("sessionid"), session_id)
+#         self.assertEquals(xml_command.prop("sessionid"), session_id)
-        self.__check_actions(result[0])
+#         self.__check_actions(result[0])
-        self.assertEquals(context_session["account_name"],
+#         self.assertEquals(context_session["account_name"],
-                          ["account11/test1@test.com"])
+#                           ["account11/test1@test.com"])
-        self.assertEquals(context_session["password"],
+#         self.assertEquals(context_session["password"],
-                          ["pass2"])
+#                           ["pass2"])
-        self.assertEquals(account11.password, "pass2")
+#         self.assertEquals(account11.password, "pass2")
 
     def test_execute_get_user_roster(self):
         self.comp.account_manager.account_classes = (ExampleAccount,

src/jcl/jabber/tests/component.py

@@ -770,7 +770,7 @@ class JCLComponent_TestCase(JCLTestCase):
                         to_jid="jcl.test.com")
         disco_items = self.comp.disco_get_items("http://jabber.org/protocol/commands",
                                                 info_query)
-        self.assertEquals(len(disco_items.get_items()), 24)
+        self.assertEquals(len(disco_items.get_items()), 22)
 
     ###########################################################################
     # 'handle_get_version' tests