synapse 2.176.0__py311-none-any.whl → 2.178.0__py311-none-any.whl

synapse/tests/test_lib_cell.py

@@ -23,6 +23,7 @@ import synapse.cortex as s_cortex
 import synapse.daemon as s_daemon
 import synapse.telepath as s_telepath
 
+import synapse.lib.auth as s_auth
 import synapse.lib.base as s_base
 import synapse.lib.cell as s_cell
 import synapse.lib.coro as s_coro
@@ -31,7 +32,6 @@ import synapse.lib.nexus as s_nexus
 import synapse.lib.certdir as s_certdir
 import synapse.lib.msgpack as s_msgpack
 import synapse.lib.version as s_version
-import synapse.lib.hiveauth as s_hiveauth
 import synapse.lib.lmdbslab as s_lmdbslab
 import synapse.lib.crypto.passwd as s_passwd
 import synapse.lib.platforms.linux as s_linux
@@ -133,7 +133,27 @@ async def altAuthCtor(cell):
     authconf = cell.conf.get('auth:conf')
     assert authconf['foo'] == 'bar'
     authconf['baz'] = 'faz'
-    return await s_cell.Cell._initCellHiveAuth(cell)
+
+    maxusers = cell.conf.get('max:users')
+
+    seed = s_common.guid((cell.iden, 'hive', 'auth'))
+
+    auth = await s_auth.Auth.anit(
+        cell.slab,
+        'auth',
+        seed=seed,
+        nexsroot=cell.getCellNexsRoot(),
+        maxusers=maxusers
+    )
+
+    auth.link(cell.dist)
+
+    def finilink():
+        auth.unlink(cell.dist)
+
+    cell.onfini(finilink)
+    cell.onfini(auth.fini)
+    return auth
 
 class CellTest(s_t_utils.SynTest):
 
@@ -417,8 +437,6 @@ class CellTest(s_t_utils.SynTest):
         # Ensure the cell and its auth have been fini'd
         self.true(echo.isfini)
         self.true(echo.auth.isfini)
-        root = await echo.auth.getUserByName('root')
-        self.true(root.isfini)
 
     async def test_cell_userapi(self):
 
@@ -617,7 +635,6 @@ class CellTest(s_t_utils.SynTest):
             async with self.getTestCell(s_cell.Cell, dirn=dir0, conf=conf) as cell00, \
                 cell00.getLocalProxy() as prox00:
 
-                self.true(cell00.nexsroot.map_async)
                 self.true(cell00.nexsroot.donexslog)
 
                 await prox00.addUser('test')
@@ -914,7 +931,7 @@ class CellTest(s_t_utils.SynTest):
                         pass
                 stream.seek(0)
                 buf = stream.read()
-                self.isin(f'...cell API (telepath): cell://root@{dirn}:*', buf)
+                self.isin(f'...cell API (telepath): tcp://0.0.0.0:27492', buf)
                 self.isin('...cell API (https): disabled', buf)
 
     async def test_cell_initargv_conf(self):
@@ -936,11 +953,11 @@ class CellTest(s_t_utils.SynTest):
                         # 1) cmdline
                         # 2) envars
                         # 3) cell.yaml
-                        self.true(cell.conf.reqConfValu('nexslog:en'))
-                        self.true(cell.conf.reqConfValu('nexslog:async'))
-                        self.none(cell.conf.reqConfValu('dmon:listen'))
-                        self.none(cell.conf.reqConfValu('https:port'))
-                        self.eq(cell.conf.reqConfValu('aha:name'), 'some:cell')
+                        self.true(cell.conf.req('nexslog:en'))
+                        self.true(cell.conf.req('nexslog:async'))
+                        self.none(cell.conf.req('dmon:listen'))
+                        self.none(cell.conf.req('https:port'))
+                        self.eq(cell.conf.req('aha:name'), 'some:cell')
                         root = cell.auth.rootuser
                         self.true(await root.tryPasswd('secret'))
 
@@ -948,7 +965,7 @@ class CellTest(s_t_utils.SynTest):
                 with self.getTestDir() as dirn:
                     s_common.yamlsave({'nexslog:en': False}, dirn, 'cell.mods.yaml')
                     async with await s_cell.Cell.initFromArgv([dirn]) as cell:
-                        self.false(cell.conf.reqConfValu('nexslog:en'))
+                        self.false(cell.conf.req('nexslog:en'))
                         # We can remove the valu from the overrides file with the pop API
                         # This is NOT reactive API which causes the whole behavior
                         # of the cell to suddenly change. This is intended to be used with
@@ -1020,6 +1037,7 @@ class CellTest(s_t_utils.SynTest):
                     errinfo = info.get('lastexception')
                     laststart1 = info['laststart']
                     self.eq(errinfo['err'], 'SynErr')
+                    self.eq(errinfo['errinfo']['mesg'], 'backup subprocess start timed out')
 
                     # Test runners can take an unusually long time to spawn a process
                     with mock.patch.object(s_cell.Cell, 'BACKUP_SPAWN_TIMEOUT', 8.0):
@@ -1032,15 +1050,17 @@ class CellTest(s_t_utils.SynTest):
                         self.ne(laststart1, laststart2)
                         errinfo = info.get('lastexception')
                         self.eq(errinfo['err'], 'SynErr')
+                        self.eq(errinfo['errinfo']['mesg'], 'backup subprocess start timed out')
 
-                        with mock.patch.object(s_cell.Cell, '_backupProc', staticmethod(_exiterProc)):
-                            await self.asyncraises(s_exc.SpawnExit, proxy.runBackup('_exiterProc'))
+                    with mock.patch.object(s_cell.Cell, '_backupProc', staticmethod(_exiterProc)):
+                        await self.asyncraises(s_exc.SpawnExit, proxy.runBackup('_exiterProc'))
 
-                        info = await proxy.getBackupInfo()
-                        laststart3 = info['laststart']
-                        self.ne(laststart2, laststart3)
-                        errinfo = info.get('lastexception')
-                        self.eq(errinfo['err'], 'SpawnExit')
+                    info = await proxy.getBackupInfo()
+                    laststart3 = info['laststart']
+                    self.ne(laststart2, laststart3)
+                    errinfo = info.get('lastexception')
+                    self.eq(errinfo['err'], 'SpawnExit')
+                    self.eq(errinfo['errinfo']['code'], 1)
 
                     # Create rando slabs inside cell dir
                     slabpath = s_common.genpath(coredirn, 'randoslab')
@@ -1189,6 +1209,7 @@ class CellTest(s_t_utils.SynTest):
             async with await s_cell.Cell.anit(dirn, conf=conf) as cell:
                 self.eq('faz', cell.conf.get('auth:conf')['baz'])
                 await cell.auth.addUser('visi')
+                await cell._storCellAuthMigration()
 
     async def test_cell_auth_userlimit(self):
         maxusers = 3
@@ -1237,7 +1258,8 @@ class CellTest(s_t_utils.SynTest):
 
         with self.setTstEnvars(SYN_CELL_MAX_USERS=str(maxusers)):
             with self.getTestDir() as dirn:
-                async with await s_cell.Cell.initFromArgv([dirn]) as cell:
+                argv = [dirn, '--https', '0', '--telepath', 'tcp://0.0.0.0:0']
+                async with await s_cell.Cell.initFromArgv(argv) as cell:
                     await cell.auth.addUser('visi1')
                     await cell.auth.addUser('visi2')
                     await cell.auth.addUser('visi3')
@@ -1597,7 +1619,7 @@ class CellTest(s_t_utils.SynTest):
 
         async with self.getTestCell(s_cell.Cell, conf=conf) as cell:  # type: s_cell.Cell
             iden = s_common.guid((cell.iden, 'auth', 'user', 'foo@bar.mynet.com'))
-            user = cell.auth.user(iden)  # type: s_hiveauth.HiveUser
+            user = cell.auth.user(iden)  # type: s_auth.User
             self.eq(user.name, 'foo@bar.mynet.com')
             self.eq(user.pack().get('email'), 'foo@barcorp.com')
             self.false(user.isAdmin())
@@ -1607,7 +1629,7 @@ class CellTest(s_t_utils.SynTest):
             self.false(user.allowed(('newp', 'secret')))
 
             iden = s_common.guid((cell.iden, 'auth', 'user', 'sally@bar.mynet.com'))
-            user = cell.auth.user(iden)  # type: s_hiveauth.HiveUser
+            user = cell.auth.user(iden)  # type: s_auth.User
             self.eq(user.name, 'sally@bar.mynet.com')
             self.true(user.isAdmin())
 
@@ -1721,7 +1743,7 @@ class CellTest(s_t_utils.SynTest):
                                                'has different iden') as stream:
                     async with self.getTestCell(s_cell.Cell, dirn=path01, conf=conf01) as cell01:
                         await stream.wait(timeout=2)
-                        self.true(await cell01.waitfini(6))
+                        self.true(await cell01.nexsroot.waitfini(6))
 
     async def test_backup_restore_base(self):
 
@@ -1816,15 +1838,42 @@ class CellTest(s_t_utils.SynTest):
                         self.true(s_common.isguid(second_doneiden))
                     self.ne(doneiden, second_doneiden)
 
+    async def test_cell_mirrorboot_failure(self):
+        async with self.getTestAha() as aha:  # type: s_aha.AhaCell
+
+            with self.getTestDir() as dirn:
+                cdr0 = s_common.genpath(dirn, 'cell00')
+                cdr1 = s_common.genpath(dirn, 'cell01')
+
+                async with self.addSvcToAha(aha, '00.cell', s_cell.Cell, dirn=cdr0) as cell00:
+
+                    conf = {'mirror': 'aha://cell...'}
+                    with self.raises(s_exc.FatalErr) as cm:
+                        async with self.getTestCell(conf=conf, dirn=cdr1) as cell01:
+                            self.fail('Cell01 should never boot')
+                    self.isin('No aha:provision configuration has been provided to allow the service to bootstrap',
+                              cm.exception.get('mesg'))
+
+                    provurl = await aha.addAhaSvcProv('01.cell', provinfo={'mirror': 'cell'})
+                    conf = self.getCellConf({'aha:provision': provurl})
+                    async with self.getTestCell(conf=conf, dirn=cdr1) as cell01:
+                        await cell01.sync()
+                    os.unlink(s_common.genpath(cdr1, 'cell.guid'))
+
+                    conf = self.getCellConf({'aha:provision': provurl})
+                    with self.raises(s_exc.FatalErr) as cm:
+                        async with self.getTestCell(conf=conf, dirn=cdr1) as cell01:
+                            self.fail('Cell01 should never boot')
+                    self.isin('The aha:provision URL guid matches the service prov.done guid',
+                              cm.exception.get('mesg'))
+
     async def test_backup_restore_aha(self):
         # do a mirror provisioning of a Cell
         # promote the mirror to being a leader
         # ensure the mirror has a
         # backup the mirror
         # restore the backup
-        async with self.getTestAhaProv(conf={'auth:passwd': 'secret'}) as aha:  # type: s_aha.AhaCell
-            root = await aha.auth.getUserByName('root')
-            self.true(await root.tryPasswd('secret'))
+        async with self.getTestAha() as aha:  # type: s_aha.AhaCell
 
             with self.getTestDir() as dirn:
                 cdr0 = s_common.genpath(dirn, 'core00')
@@ -1907,9 +1956,7 @@ class CellTest(s_t_utils.SynTest):
         # ensure the mirror has a
         # backup the mirror
         # restore the backup
-        async with self.getTestAhaProv(conf={'auth:passwd': 'secret'}) as aha:  # type: s_aha.AhaCell
-            root = await aha.auth.getUserByName('root')
-            self.true(await root.tryPasswd('secret'))
+        async with self.getTestAha() as aha:  # type: s_aha.AhaCell
 
             with self.getTestDir() as dirn:
                 cdr0 = s_common.genpath(dirn, 'core00')
@@ -2036,6 +2083,23 @@ class CellTest(s_t_utils.SynTest):
                 self.true(await user.tryPasswd('hehe'))
                 self.false(await user.tryPasswd('secret1234'))
 
+        # Password policies do not prevent live migration of an existing password
+        with self.getRegrDir('cells', 'passwd-2.109.0') as dirn:
+            policy = {'complexity': {'length': 5}}
+            conf = {'auth:passwd:policy': policy}
+            async with self.getTestCell(s_cell.Cell, conf=conf, dirn=dirn) as cell:  # type: s_cell.Cell
+                root = await cell.auth.getUserByName('root')
+                shadow = root.info.get('passwd')
+                self.isinstance(shadow, tuple)
+                self.len(2, shadow)
+
+                # Old password works and is migrated to the new password scheme
+                self.false(await root.tryPasswd('newp'))
+                self.true(await root.tryPasswd('root'))
+                shadow = root.info.get('passwd')
+                self.isinstance(shadow, dict)
+                self.eq(shadow.get('type'), s_passwd.DEFAULT_PTYP)
+
         # Pre-nexus changes of root via auth:passwd work too.
         with self.getRegrDir('cells', 'passwd-2.109.0') as dirn:
             conf = {'auth:passwd': 'supersecretpassword'}
@@ -2625,6 +2689,122 @@ class CellTest(s_t_utils.SynTest):
             with self.raises(s_exc.NoSuchIden):
                 await cell.delUserApiKey(newp)
 
+    async def test_cell_iter_slab_data(self):
+        async with self.getTestCell(s_cell.Cell) as cell:
+            data = await s_t_utils.alist(cell.iterSlabData('cell:info'))
+            self.eq(data, (
+                ('cell:version', s_version.version),
+                ('nexus:version', s_cell.NEXUS_VERSION),
+                ('synapse:version', s_version.version)
+            ))
+            with self.raises(s_exc.BadArg):
+                await s_t_utils.alist(cell.iterSlabData('newp'))
+
+            sfkv = cell.slab.getSafeKeyVal('hehe', prefix='yup')
+            sfkv.set('wow', 'yes')
+            data = await s_t_utils.alist(cell.iterSlabData('hehe'))
+            self.eq(data, [('yupwow', 'yes')])
+            data = await s_t_utils.alist(cell.iterSlabData('hehe', prefix='yup'))
+            self.eq(data, [('wow', 'yes')])
+
+    async def test_cell_nexus_compat(self):
+        with mock.patch('synapse.lib.cell.NEXUS_VERSION', (0, 0)):
+            async with self.getRegrCore('hive-migration') as core0:
+                with mock.patch('synapse.lib.cell.NEXUS_VERSION', (2, 177)):
+                    conf = {'mirror': core0.getLocalUrl()}
+                    async with self.getRegrCore('hive-migration', conf=conf) as core1:
+                        await core1.sync()
+
+                        await core1.nodes('$lib.user.vars.set(foo, bar)')
+                        self.eq('bar', await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.vars.pop(foo)')
+                        self.none(await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.profile.set(bar, baz)')
+                        self.eq('baz', await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        await core1.nodes('$lib.user.profile.pop(bar)')
+                        self.none(await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        self.eq((0, 0), core1.nexsvers)
+                        await core0.setNexsVers((2, 177))
+                        await core1.sync()
+                        self.eq((2, 177), core1.nexsvers)
+
+                        await core1.nodes('$lib.user.vars.set(foo, bar)')
+                        self.eq('bar', await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.vars.pop(foo)')
+                        self.none(await core0.callStorm('return($lib.user.vars.get(foo))'))
+
+                        await core1.nodes('$lib.user.profile.set(bar, baz)')
+                        self.eq('baz', await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+                        await core1.nodes('$lib.user.profile.pop(bar)')
+                        self.none(await core0.callStorm('return($lib.user.profile.get(bar))'))
+
+    async def test_cell_hive_migration(self):
+
+        with self.getAsyncLoggerStream('synapse.lib.cell') as stream:
+
+            async with self.getRegrCore('hive-migration') as core:
+                visi = await core.auth.getUserByName('visi')
+                asvisi = {'user': visi.iden}
+
+                valu = await core.callStorm('return($lib.user.vars.get(foovar))', opts=asvisi)
+                self.eq('barvalu', valu)
+
+                valu = await core.callStorm('return($lib.user.profile.get(fooprof))', opts=asvisi)
+                self.eq('barprof', valu)
+
+                msgs = await core.stormlist('cron.list')
+                self.stormIsInPrint('visi       8437c35a', msgs)
+                self.stormIsInPrint('[tel:mob:telem=*]', msgs)
+
+                msgs = await core.stormlist('dmon.list')
+                self.stormIsInPrint('0973342044469bc40b577969028c5079:  (foodmon             ): running', msgs)
+
+                msgs = await core.stormlist('trigger.list')
+                self.stormIsInPrint('visi       27f5dc524e7c3ee8685816ddf6ca1326', msgs)
+                self.stormIsInPrint('[ +#count test:str=$tag ]', msgs)
+
+                msgs = await core.stormlist('testcmd0 foo')
+                self.stormIsInPrint('foo haha', msgs)
+
+                msgs = await core.stormlist('testcmd1')
+                self.stormIsInPrint('hello', msgs)
+
+                msgs = await core.stormlist('model.deprecated.locks')
+                self.stormIsInPrint('ou:hasalias', msgs)
+
+                nodes = await core.nodes('_visi:int')
+                self.len(1, nodes)
+                node = nodes[0]
+                self.eq(node.get('tick'), 1577836800000,)
+                self.eq(node.get('._woot'), 5)
+                self.nn(node.getTagProp('test', 'score'), 6)
+
+                roles = s_t_utils.deguidify('[{"type": "role", "iden": "e1ef725990aa62ae3c4b98be8736d89f", "name": "all", "rules": [], "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"rules": [[true, ["layer", "read"]]]}, "4d50eb257549436414643a71e057091a": {"rules": [[true, ["view", "read"]]]}}}]')
+                users = s_t_utils.deguidify('[{"type": "user", "iden": "a357138db50780b62093a6ce0d057fd8", "name": "root", "rules": [], "roles": [], "admin": true, "email": null, "locked": false, "archived": false, "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"admin": true}, "4d50eb257549436414643a71e057091a": {"admin": true}}}, {"type": "user", "iden": "f77ac6744671a845c27e571071877827", "name": "visi", "rules": [[true, ["cron", "add"]], [true, ["dmon", "add"]], [true, ["trigger", "add"]]], "roles": [{"type": "role", "iden": "e1ef725990aa62ae3c4b98be8736d89f", "name": "all", "rules": [], "authgates": {"46cfde2c1682566602860f8df7d0cc83": {"rules": [[true, ["layer", "read"]]]}, "4d50eb257549436414643a71e057091a": {"rules": [[true, ["view", "read"]]]}}}], "admin": false, "email": null, "locked": false, "archived": false, "authgates": {"f21b7ae79c2dacb89484929a8409e5d8": {"admin": true}, "d7d0380dd4e743e35af31a20d014ed48": {"admin": true}}}]')
+                gates = s_t_utils.deguidify('[{"iden": "46cfde2c1682566602860f8df7d0cc83", "type": "layer", "users": [{"iden": "a357138db50780b62093a6ce0d057fd8", "rules": [], "admin": true}], "roles": [{"iden": "e1ef725990aa62ae3c4b98be8736d89f", "rules": [[true, ["layer", "read"]]], "admin": false}]}, {"iden": "d7d0380dd4e743e35af31a20d014ed48", "type": "trigger", "users": [{"iden": "f77ac6744671a845c27e571071877827", "rules": [], "admin": true}], "roles": []}, {"iden": "f21b7ae79c2dacb89484929a8409e5d8", "type": "cronjob", "users": [{"iden": "f77ac6744671a845c27e571071877827", "rules": [], "admin": true}], "roles": []}, {"iden": "4d50eb257549436414643a71e057091a", "type": "view", "users": [{"iden": "a357138db50780b62093a6ce0d057fd8", "rules": [], "admin": true}], "roles": [{"iden": "e1ef725990aa62ae3c4b98be8736d89f", "rules": [[true, ["view", "read"]]], "admin": false}]}, {"iden": "cortex", "type": "cortex", "users": [], "roles": []}]')
+
+                self.eq(roles, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.roles.list())'))))
+                self.eq(users, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.users.list())'))))
+                self.eq(gates, s_t_utils.deguidify(json.dumps(await core.callStorm('return($lib.auth.gates.list())'))))
+
+                with self.raises(s_exc.BadTag):
+                    await core.nodes('[ it:dev:str=foo +#test.newp ]')
+
+        stream.seek(0)
+        data = stream.getvalue()
+        newprole = s_common.guid('newprole')
+        newpuser = s_common.guid('newpuser')
+
+        self.isin(f'Unknown user {newpuser} on gate', data)
+        self.isin(f'Unknown role {newprole} on gate', data)
+        self.isin(f'Unknown role {newprole} on user', data)
+
     async def test_cell_check_sysctl(self):
         sysctls = s_linux.getSysctls()
 
@@ -2640,7 +2820,7 @@ class CellTest(s_t_utils.SynTest):
 
         stream.seek(0)
         data = stream.getvalue()
-        raw_mesgs = [m for m in data.split('\\n') if m]
+        raw_mesgs = [m for m in data.split('\n') if m]
         msgs = [json.loads(m) for m in raw_mesgs]
 
         self.len(1, msgs)

synapse/tests/test_lib_config.py

@@ -31,7 +31,7 @@ class SchemaCell(s_cell.Cell):
         await s_cell.Cell.__anit__(self, dirn, conf, readonly, *args, **kwargs)
         # This captures a design pattern that reduces boilerplate
         # code used by Cell implementators.
-        self.conf.reqConfValu('apikey')
+        self.conf.req('apikey')
 
 
 class ConfTest(s_test.SynTest):
@@ -162,7 +162,7 @@ class ConfTest(s_test.SynTest):
         })
 
         # We can ensure that certain vars are loaded
-        self.eq('Funky string time!', conf.reqConfValu('key:string'))
+        self.eq('Funky string time!', conf.req('key:string'))
         # And throw if they are not, or if the requested key isn't even schema valid
         self.raises(s_exc.NeedConfValu, conf.reqConfValu, 'key:bool:nodefval')
         self.raises(s_exc.BadArg, conf.reqConfValu, 'key:newp')
@@ -286,7 +286,8 @@ class ConfTest(s_test.SynTest):
                 # Trying to make a cell with a missing key it wants fails
                 async with await SchemaCell.anit(dirn, conf={}) as cell:
                     pass
-            self.eq(cm.exception.get('key'), 'apikey')
+
+            self.eq(cm.exception.get('name'), 'apikey')
 
     def test_hideconf(self):
         hide_schema = {

synapse/tests/test_lib_httpapi.py

@@ -525,7 +525,7 @@ class HttpApiTest(s_tests.SynTest):
 
                 async with self.getHttpSess() as noobsess:
                     info = {'user': 'noob', 'passwd': 'nooblet'}
-                    async with sess.post(f'https://localhost:{port}/api/v1/login', json=info) as resp:
+                    async with noobsess.post(f'https://localhost:{port}/api/v1/login', json=info) as resp:
                         item = await resp.json()
                         self.eq('AuthDeny', item.get('code'))
 
@@ -1136,6 +1136,11 @@ class HttpApiTest(s_tests.SynTest):
                     self.len(1, data['gates'])
                     self.eq(data['gates'][0]['iden'], 'cortex')
 
+                    deflayr, defview = await core.callStorm('''
+                        $view = $lib.view.get()
+                        return(($view.layers.0.iden, $view.iden))
+                    ''')
+
                     # user add. couple of messages fall out from it
                     await core.callStorm('auth.user.add beep --email beep@vertex.link')
                     mesg = await sock.receive_json()
@@ -1151,18 +1156,6 @@ class HttpApiTest(s_tests.SynTest):
                     mesg = await sock.receive_json()
                     data = mesg['data']
                     self.eq(data['event'], 'user:info')
-                    self.eq(data['info']['name'], 'email')
-                    self.eq(data['info']['valu'], 'beep@vertex.link')
-                    self.gt(data['offset'], base)
-                    base = data['offset']
-
-                    mesg = await sock.receive_json()
-                    data = mesg['data']
-                    deflayr, defview = await core.callStorm('''
-                        $view = $lib.view.get()
-                        return(($view.layers.0.iden, $view.iden))
-                    ''')
-                    self.eq(data['event'], 'user:info')
                     self.eq(data['info']['name'], 'role:grant')
                     self.eq(data['info']['iden'], beepiden)
                     self.eq(data['info']['role']['iden'], rall.iden)
@@ -1174,6 +1167,14 @@ class HttpApiTest(s_tests.SynTest):
                     self.gt(data['offset'], base)
                     base = data['offset']
 
+                    mesg = await sock.receive_json()
+                    data = mesg['data']
+                    self.eq(data['event'], 'user:info')
+                    self.eq(data['info']['name'], 'email')
+                    self.eq(data['info']['valu'], 'beep@vertex.link')
+                    self.gt(data['offset'], base)
+                    base = data['offset']
+
                     # set password
                     await core.callStorm('$lib.auth.users.byname("beep").setPasswd("plzdontdothis")')
                     mesg = await sock.receive_json()
@@ -1893,7 +1894,10 @@ class HttpApiTest(s_tests.SynTest):
                     self.eq(roles, {'all', 'ninjas'})
 
             # Remove the role from the Auth subsystem.
-            core.auth.rolesbyiden.pop(ninjas.get('iden'))
+            core.auth.roledefs.delete(ninjas.get('iden'))
+            core.auth.roleidenbyname.delete('ninjas')
+            core.auth.rolebyidencache.pop(ninjas.get('iden'))
+            core.auth.roleidenbynamecache.pop('ninjas')
 
             async with self.getHttpSess() as sess:
                 async with sess.post(f'https://localhost:{port}/api/v1/login',

synapse/tests/test_lib_layer.py

@@ -7,11 +7,11 @@ import synapse.common as s_common
 import synapse.cortex as s_cortex
 import synapse.telepath as s_telepath
 
+import synapse.lib.auth as s_auth
 import synapse.lib.time as s_time
 import synapse.lib.layer as s_layer
 import synapse.lib.msgpack as s_msgpack
 import synapse.lib.spooled as s_spooled
-import synapse.lib.hiveauth as s_hiveauth
 
 import synapse.tools.backup as s_tools_backup
 
@@ -1369,6 +1369,8 @@ class LayerTest(s_t_utils.SynTest):
             readlayr = core.getLayer(readlayrinfo.get('iden'))
             self.true(readlayr.readonly)
 
+            self.none(await core._cloneLayer(readlayrinfo['iden'], readlayrinfo, None))
+
     async def test_layer_ro(self):
         with self.getTestDir() as dirn:
             async with self.getTestCore(dirn=dirn) as core:
@@ -1966,7 +1968,7 @@ class LayerTest(s_t_utils.SynTest):
                 parent = core.view.layers[0]
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2015,7 +2017,7 @@ class LayerTest(s_t_utils.SynTest):
                 ''', opts=opts)
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2046,7 +2048,7 @@ class LayerTest(s_t_utils.SynTest):
                 })
 
                 seen.clear()
-                with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+                with mock.patch.object(s_auth.User, 'confirm', confirm):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                         with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                             await layr.confirmLayerEditPerms(user, layr.iden, delete=True)
@@ -2107,7 +2109,7 @@ class LayerTest(s_t_utils.SynTest):
             parent = core.view.layers[0]
 
             seen.clear()
-            with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+            with mock.patch.object(s_auth.User, 'confirm', confirm):
                 with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                         await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2122,7 +2124,7 @@ class LayerTest(s_t_utils.SynTest):
             await user.delRule((False, ('node', 'data', 'set', 'hehe')))
 
             seen.clear()
-            with mock.patch.object(s_hiveauth.HiveUser, 'confirm', confirm):
+            with mock.patch.object(s_auth.User, 'confirm', confirm):
                 with mock.patch.object(s_cortex.Cortex, 'confirmPropSet', confirmPropSet):
                     with mock.patch.object(s_cortex.Cortex, 'confirmPropDel', confirmPropDel):
                         await layr.confirmLayerEditPerms(user, parent.iden)
@@ -2189,30 +2191,28 @@ class LayerTest(s_t_utils.SynTest):
 
     async def test_push_pull_default_migration(self):
         async with self.getRegrCore('2.159.0-layr-pdefs') as core:
-            def_tree = await core.saveHiveTree(('cortex', 'layers', '507ebf7e6ec7aadc47ace6f1f8f77954'))
-            dst_tree = await core.saveHiveTree(('cortex', 'layers', '9bf7a3adbf69bd16832529ab1fcd1c83'))
-
-            epulls = {'value':
-                          {'28cb757e9e390a234822f55b922f3295':
-                               {'chunk:size': 1000,
-                                'iden': '28cb757e9e390a234822f55b922f3295',
-                                'offs': 0,
-                                'queue:size': 10000,
-                                'time': 1703781215891,
-                                'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
-                                'user': '1d8e6e87a2931f8d27690ff408debdab'}}}
-            epushs = {'value':
-                          {'e112f93f09e43f3a10ae945b84721778':
-                               {'chunk:size': 1000,
-                                'iden': 'e112f93f09e43f3a10ae945b84721778',
-                                'offs': 0,
-                                'queue:size': 10000,
-                                'time': 1703781208684,
-                                'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
-                                'user': '1d8e6e87a2931f8d27690ff408debdab'}}}
-
-            self.eq(def_tree.get('kids').get('pulls'), epulls)
-            self.eq(def_tree.get('kids').get('pushs'), epushs)
-
-            self.notin('pulls', dst_tree.get('kids'))
-            self.notin('pushs', dst_tree.get('kids'))
+            def_tree = core.getLayer('507ebf7e6ec7aadc47ace6f1f8f77954').layrinfo
+            dst_tree = core.getLayer('9bf7a3adbf69bd16832529ab1fcd1c83').layrinfo
+
+            epulls = {'28cb757e9e390a234822f55b922f3295':
+                           {'chunk:size': 1000,
+                            'iden': '28cb757e9e390a234822f55b922f3295',
+                            'offs': 0,
+                            'queue:size': 10000,
+                            'time': 1703781215891,
+                            'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
+                            'user': '1d8e6e87a2931f8d27690ff408debdab'}}
+            epushs = {'e112f93f09e43f3a10ae945b84721778':
+                           {'chunk:size': 1000,
+                            'iden': 'e112f93f09e43f3a10ae945b84721778',
+                            'offs': 0,
+                            'queue:size': 10000,
+                            'time': 1703781208684,
+                            'url': 'cell://./cells/pdefmigr00:*/layer/9bf7a3adbf69bd16832529ab1fcd1c83',
+                            'user': '1d8e6e87a2931f8d27690ff408debdab'}}
+
+            self.eq(def_tree.get('pulls'), epulls)
+            self.eq(def_tree.get('pushs'), epushs)
+
+            self.notin('pulls', dst_tree)
+            self.notin('pushs', dst_tree)