k2hr3-api 1.0.24 → 1.0.26

package/tests/auto_tenant_spec.js

@@ -0,0 +1,79 @@
+/*
+ * K2HR3 REST API
+ *
+ * Copyright 2023 Yahoo Japan Corporation.
+ *
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers 
+ * common management information for the cloud.
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
+ * These are stored as roles, resources, policies in K2hdkc, and the
+ * client system can dynamically read and modify these information.
+ *
+ * For the full copyright and license information, please view
+ * the license file that was distributed with this source code.
+ *
+ * AUTHOR:   Takeshi Nakatani
+ * CREATE:   Thu Jul 6 2023
+ * REVISION:
+ *
+ */
+
+'use strict';
+
+var	common		= require('./auto_common');				// Common objects for Chai
+var	chai		= common.chai;							// eslint-disable-line no-unused-vars
+var	chaiHttp	= common.chaiHttp;						// eslint-disable-line no-unused-vars
+var	app			= common.app;							// eslint-disable-line no-unused-vars
+var	assert		= common.assert;						// eslint-disable-line no-unused-vars
+var	expect		= common.expect;						// eslint-disable-line no-unused-vars
+var	subproc		= require('./auto_subprocesses');
+
+//--------------------------------------------------------------
+// Before in global section
+//--------------------------------------------------------------
+before(function(){										// eslint-disable-line no-undef
+	//
+	// Start all sub processes
+	//
+	subproc.start(this);
+});
+
+//--------------------------------------------------------------
+// After in global section
+//--------------------------------------------------------------
+after(function(){										// eslint-disable-line no-undef
+	//
+	// Stop all sub processes
+	//
+	subproc.stop(this);
+});
+
+//--------------------------------------------------------------
+// BeforeEach in global section
+//--------------------------------------------------------------
+beforeEach(function(){									// eslint-disable-line no-undef
+	// Nothing to do
+});
+
+//--------------------------------------------------------------
+// AfterEach in global section
+//--------------------------------------------------------------
+afterEach(function(){									// eslint-disable-line no-undef
+	// Nothing to do
+});
+
+//--------------------------------------------------------------
+// Sub describe section
+//--------------------------------------------------------------
+describe('SUB API TEST: TENANT', function(){			// eslint-disable-line no-undef
+	require('./auto_tenant');
+});
+
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
+ * vim<600: noexpandtab sw=4 ts=4
+ */

package/tests/auto_usertokens.js

@@ -431,11 +431,11 @@ describe('API : USER TOKEN', function(){				// eslint-disable-line no-undef
 				expect(res.body.scoped).to.be.a('boolean').to.be.false;
 				expect(res.body.user).to.be.a('string').to.equal('dummyuser');
 				expect(res.body.tenants).to.be.an.instanceof(Array).to.have.lengthOf(5);
-				expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', display: 'dummy_tenant_0'});
-				expect(res.body.tenants[1]).to.deep.equal({name: 'tenant1', display: 'dummy_tenant_1'});
-				expect(res.body.tenants[2]).to.deep.equal({name: 'tenant2', display: 'dummy_tenant_2'});
-				expect(res.body.tenants[3]).to.deep.equal({name: 'tenant3', display: 'dummy_tenant_3'});
-				expect(res.body.tenants[4]).to.deep.equal({name: 'tenant4', display: 'dummy_tenant_4'});
+				expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', id: '1000', description: 'dummy tenant no.0', display: 'dummy_tenant_0'});
+				expect(res.body.tenants[1]).to.deep.equal({name: 'tenant1', id: '1001', description: 'dummy tenant no.1', display: 'dummy_tenant_1'});
+				expect(res.body.tenants[2]).to.deep.equal({name: 'tenant2', id: '1002', description: 'dummy tenant no.2', display: 'dummy_tenant_2'});
+				expect(res.body.tenants[3]).to.deep.equal({name: 'tenant3', id: '1003', description: 'dummy tenant no.3', display: 'dummy_tenant_3'});
+				expect(res.body.tenants[4]).to.deep.equal({name: 'tenant4', id: '1004', description: 'dummy tenant no.4', display: 'dummy_tenant_4'});
 
 				done();
 			});
@@ -455,7 +455,7 @@ describe('API : USER TOKEN', function(){				// eslint-disable-line no-undef
 				expect(res.body.scoped).to.be.a('boolean').to.be.true;
 				expect(res.body.user).to.be.a('string').to.equal('dummyuser');
 				expect(res.body.tenants).to.be.an.instanceof(Array).to.have.lengthOf(1);
-				expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', display: 'tenant0'});
+				expect(res.body.tenants[0]).to.deep.equal({name: 'tenant0', id: '1000', description: 'dummy tenant no.0', display: 'dummy_tenant_0'});
 
 				done();
 			});

package/tests/manual_acr_delete.js

@@ -63,6 +63,7 @@ function rawDeleteV1Acr(token, service)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_acr_get.js

@@ -86,6 +86,7 @@ function rawGetV1Acr(token, service, inputdata)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_acr_postput.js

@@ -78,6 +78,7 @@ function rawPutPostV1Acr(method, tenant, token, service)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_allusertenant_get.js

@@ -22,14 +22,69 @@
 
 var	k2hr3		= require('../lib/k2hr3dkc');
 
+var	apiutil		= require('../lib/k2hr3apiutil');
+var	r3Conf		= require('../lib/k2hr3config').r3ApiConfig;
+var	apiConf		= new r3Conf();
+
 // Debug logging objects
-//var r3logger	= require('../lib/dbglogging');
+var r3logger	= require('../lib/dbglogging');
 
-//
+//---------------------------------------------------------
+// Configuration and port number from Environment
+//---------------------------------------------------------
+var dkcconf	= null;
+var	dkcport	= null;
+var	dkccuk	= null;
+(function()
+{
+	if(!apiutil.isSafeEntity(dkcconf)){
+		var	tmpdkcconf = apiConf.getK2hdkcConfig();
+		if(!apiutil.checkFileExist(tmpdkcconf)){
+			r3logger.elog('k2hdkc slave configuration file(' + tmpdkcconf + ') specified in config json does not exist, then try to check K2HDKC_SLAVE_CONF environemnt.');
+
+			tmpdkcconf = apiutil.getSafeString(process.env.K2HDKC_SLAVE_CONF);
+			if(!apiutil.checkFileExist(tmpdkcconf)){
+				r3logger.elog('k2hdkc slave configuration file(' + tmpdkcconf + ') specified by K2HDKC_SLAVE_CONF environemnt does not exist, then use default path(/etc/k2hdkc/slave.ini).');
+				tmpdkcconf = '/etc/k2hdkc/slave.ini';
+			}
+		}
+		dkcconf = tmpdkcconf;
+	}
+	if(!apiutil.isSafeEntity(dkcport)){
+		var	tmpdkcport = apiConf.getK2hdkcPort();
+		if(isNaN(tmpdkcport) || null === tmpdkcport){
+			r3logger.elog('k2hdkc slave port number(' + JSON.stringify(tmpdkcport) + ') specified in config json is something wrong, then try to check K2HDKC_SLAVE_PORT environemnt.');
+
+			tmpdkcport = apiutil.getSafeString(process.env.K2HDKC_SLAVE_PORT);
+			if(!apiutil.isSafeString(tmpdkcport) || isNaN(tmpdkcport)){
+				r3logger.elog('k2hdkc slave port number(' + JSON.stringify(tmpdkcport) + ') specified by K2HDKC_SLAVE_PORT environment is something wrong, then use default port number(8031).');
+				tmpdkcport = 8031;
+			}
+		}
+		dkcport = parseInt(tmpdkcport);
+	}
+	if(!apiutil.isSafeEntity(dkccuk)){
+		var	tmpdkccuk = apiConf.getK2hdkcCuk();
+		if(null === tmpdkccuk){
+			r3logger.mlog('k2hdkc slave cuk is not specified. then try to check K2HDKC_SLAVE_CUK environemnt.');
+
+			tmpdkccuk = apiutil.getSafeString(process.env.K2HDKC_SLAVE_CUK);
+			if(!apiutil.isSafeString(tmpdkccuk)){
+				r3logger.mlog('k2hdkc slave cuk is not specified by K2HDKC_SLAVE_CUK environment is something wrong, then not use cuk(null).');
+				tmpdkccuk = null;
+			}
+		}
+		dkccuk = tmpdkccuk;
+	}
+}());
+
+//---------------------------------------------------------
 // call library function directly
-//
+//---------------------------------------------------------
 function printAllUserTenantService()
 {
+	console.log('\n[NOTE] You need to run this as root user for attaching CHMPX memory.\n');
+
 	//
 	// This is not API, so access to k2hdkc directly.
 	//

package/tests/manual_extdata_get.js

@@ -74,6 +74,7 @@ function getV1ExtData(uri, path, ua, is_gzip)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_list_gethead.js

@@ -82,6 +82,7 @@ function getV1ChildrenList(method, token, type, service, path, is_expand)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_policy_delete.js

@@ -64,6 +64,7 @@ function deleteV1Policy(token, name)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_policy_gethead.js

@@ -70,6 +70,7 @@ function getV1Policy(token, name, service)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -133,6 +134,7 @@ function headV1Policy(tenant, name, action, resource)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -208,7 +210,7 @@ cliutil.getConsoleInput('Method(GET/HEAD)             : ', true, false, function
 			});
 		});
 
-	}else if(!apiutil.compareCaseString('head', _method)){
+	}else if(apiutil.compareCaseString('head', _method)){
 		cliutil.getConsoleInput('Tenant name(allow null)      : ', true, false, function(isbreak, tenant)
 		{
 			if(isbreak){

package/tests/manual_policy_postput.js

@@ -126,6 +126,7 @@ function postV1Policy(method, token, name, effect, action, resource, alias)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_resource_delete.js

@@ -139,6 +139,7 @@ function deleteV1Resource(token_type, token, name, data_type, keynames, aliases,
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_resource_gethead.js

@@ -129,6 +129,7 @@ function getV1Resource(is_get_req, token_type, token, name, service, is_expand,
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_resource_postput.js

@@ -165,6 +165,7 @@ function postV1Resource(method, token, querypath, name, datatype, data, reskeys,
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_role_delete.js

@@ -86,6 +86,7 @@ function deleteV1Role(token, name, target_host, port, cuk)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -173,6 +174,7 @@ function deleteV1_IPByCuk(addrs, port, cuk)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_role_gethead.js

@@ -64,6 +64,7 @@ function getV1Role(token, name, is_expand)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -130,6 +131,7 @@ function getV1RoleToken(token, name, expire)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -191,6 +193,7 @@ function getV1RoleTokenList(token, name, expand)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -264,6 +267,7 @@ function headV1Role(token, roleyrn, port, cuk)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_role_postput.js

@@ -107,6 +107,7 @@ function postV1Role(method, token, name, policies, alias)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{
@@ -244,6 +245,7 @@ function postV1RoleHost(method, is_user_token, token, name, target_host, port, c
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_service_delete.js

@@ -69,6 +69,7 @@ function rawDeleteV1Service(token, service, tenant)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_service_gethead.js

@@ -69,6 +69,7 @@ function rawGetHeadV1Service(method, token, service, tenant)
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_service_postput.js

@@ -142,6 +142,7 @@ function rawPutPostV1Service(method, token, service, is_create, verify, is_verif
 		if(null !== cacerts.ca){
 			options.ca = cacerts.ca;
 		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
 		options.agent	= new https.Agent(options);
 		httpobj			= https;
 	}else{

package/tests/manual_tenant_delete.js

@@ -0,0 +1,152 @@
+/*
+ * K2HR3 REST API
+ *
+ * Copyright 2023 Yahoo Japan Corporation.
+ *
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers 
+ * common management information for the cloud.
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
+ * These are stored as roles, resources, policies in K2hdkc, and the
+ * client system can dynamically read and modify these information.
+ *
+ * For the full copyright and license information, please view
+ * the license file that was distributed with this source code.
+ *
+ * AUTHOR:   Takeshi Nakatani
+ * CREATE:   Mon Jun 3 2023
+ * REVISION:
+ *
+ */
+
+'use strict';
+
+var	http		= require('http');
+var	https		= require('https');
+
+var	cacerts		= require('../lib/cacerts');
+var	apiutil		= require('../lib/k2hr3apiutil');
+var cliutil		= require('../lib/k2hr3cliutil');
+
+// Debug logging objects
+var r3logger	= require('../lib/dbglogging');
+
+//
+// Hostname and port from env
+//
+var hostname = apiutil.getSafeString(process.env.APIHOST);
+var	hostport = apiutil.getSafeString(process.env.APIPORT);
+var	is_https = apiutil.compareCaseString('yes', process.env.HTTPS_ENV);
+
+//
+// Request API for test
+//
+function deleteV1Tenant(token, name, id)
+{
+	var	headers = {
+		'Content-Type':		'application/json',
+		'Content-Length':	0,
+		'X-Auth-Token':		token
+	};
+	var	options = {
+		'host':				hostname,
+		'port':				hostport,
+		'path': 			'/v1/tenant/' + name + encodeURI('?id=' + id),
+		'method':			'DELETE',
+		'headers':			headers
+	};
+
+	r3logger.dlog('request options   = ' + JSON.stringify(options));
+	r3logger.dlog('request headers   = ' + JSON.stringify(headers));
+
+	var	httpobj;
+	if(is_https){
+		if(null !== cacerts.ca){
+			options.ca = cacerts.ca;
+		}
+		options.rejectUnauthorized	= false;			// always insecure for this manual test
+		options.agent	= new https.Agent(options);
+		httpobj			= https;
+	}else{
+		options.agent	= new http.Agent(options);
+		httpobj			= http;
+	}
+
+	var	req	= httpobj.request(options, function(res)
+	{
+		var	response = '';
+		console.log('RESPONSE CODE = ' + res.statusCode);
+		r3logger.dlog('response status   = ' + res.statusCode);
+		r3logger.dlog('response header   = ' + JSON.stringify(res.headers));
+		res.setEncoding('utf8');
+
+		res.on('data', function (chunk)
+		{
+			r3logger.dlog('response chunk    = ' + chunk);
+			response += chunk;
+		});
+
+		res.on('end', function(result)					// eslint-disable-line no-unused-vars
+		{
+			r3logger.mlog(r3logger.dump(response));		// response is object(or not)
+			console.log('RESPONSE BODY = ' + JSON.stringify(response));
+			process.exit(0);
+		});
+	});
+
+	req.on('error', function(e)
+	{
+		r3logger.elog('problem with request: ' + e.message);
+	});
+	req.end();
+}
+
+//
+// run
+//
+cliutil.getConsoleInput('Unscoped(or Scoped) user token       : ', true, false, function(isbreak, token)
+{
+	if(isbreak){
+		process.exit(0);
+	}
+	var	_token = token;
+
+	cliutil.getConsoleInput('Tenant name                          : ', true, false, function(isbreak, tenant)
+	{
+		if(isbreak){
+			process.exit(0);
+		}
+
+		if(!apiutil.isSafeString(tenant)){
+			console.log('method DELETE must specify tenant name');
+			process.exit(0);
+		}
+		var	_tenant = apiutil.getSafeString(tenant);
+
+		cliutil.getConsoleInput('Tenant id                            : ', true, false, function(isbreak, id)
+		{
+			if(isbreak){
+				process.exit(0);
+			}
+
+			if(!apiutil.isSafeString(id)){
+				console.log('method DELETE must specify tenant id');
+				process.exit(0);
+			}
+			var	_id = apiutil.getSafeString(id);
+
+			//
+			// Run
+			//
+			deleteV1Tenant(_token, _tenant, _id);
+		});
+	});
+});
+
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
+ * vim<600: noexpandtab sw=4 ts=4
+ */