Reorganize our test / demo client scripts. Closes #10.

sandialabs · Jul 23, 2013 · 4099311 · 4099311
1 parent a80cdf4
commit 4099311
Show file tree

Hide file tree

Showing 10 changed files with 48 additions and 46 deletions.
diff --git a/testing/README.md b/testing/README.md
diff --git a/testing/slycat-security-test.py → web-client/slycat-check-security.py b/testing/slycat-security-test.py → web-client/slycat-check-security.py
@@ -2,6 +2,54 @@
 # DE-AC04-94AL85000 with Sandia Corporation, the U.S. Government retains certain
 # rights in this software.
 
+"""
+Slycat(tm) Security Test Procedure
+==================================
+
+To test the security of a Slycat instance, do the following:
+
+Choose User Accounts
+--------------------
+
+Choose user accounts to assume the following "roles" for the test:
+
+1. Server Administrator
+2. Project Administrator
+3. Project Writer
+4. Project Reader
+5. Non Project Member
+6. Non Server Member
+
+Note that (1), (2), (3), (4), and (5) must already have access to the Slycat
+instance to be tested; (1) must already be a server administrator for the
+Slycat instance to be tested; and (6) must not have access to the Slycat
+instance to be tested.
+
+Note that each account must be unique - a single user account cannot be used to
+play multiple roles.
+
+Run the Tests
+-------------
+
+From the Slycat source tree, run the security test script, passing each of the user names on the command line:
+
+    $ python slycat-security-test.py --server-administrator <Server Administrator> --project-administrator <Project Administrator> --project-writer <Project Writer> --project-reader <Project Reader> --non-project-member <Non Project Member> --non-server-member <Non Server Member>
+
+By default, the script assumes that the Slycat instance to be tested is
+accessable at http://localhost:8092 (the default for an unconfigured Slycat
+instance).  Use the --host option to specify a different location.  If your
+Slycat instance is behind an SSL proxy whose certificate can't be validated (if
+you generated your own certificate, for example), you may use the --no-verify
+option to bypass SSL host certificate verification.  Finally, you may need to
+use --http-proxy or --https-proxy to specify the correct proxy for your Slycat
+instance.
+
+When prompted by the script, enter the password for each account.  The script
+will then test every request type in Slycat to ensure that access is allowed /
+denied correctly for each role.  Unsuccessful tests will print an error message
+to the screen and exit with a non-zero error code.
+"""
+
 import cStringIO
 import getpass
 import json

diff --git a/web-client/slycat-csv-file-cca.py → web-client/slycat-csv-to-cca-model.py b/web-client/slycat-csv-file-cca.py → web-client/slycat-csv-to-cca-model.py
diff --git a/testing/slycat-delete-all.py → web-client/slycat-delete-all.py b/testing/slycat-delete-all.py → web-client/slycat-delete-all.py
diff --git a/testing/slycat-array-chunker-test.py → web-client/slycat-demo-array-chunker.py b/testing/slycat-array-chunker-test.py → web-client/slycat-demo-array-chunker.py
diff --git a/testing/slycat-cca-model-test.py → web-client/slycat-demo-cca-model.py b/testing/slycat-cca-model-test.py → web-client/slycat-demo-cca-model.py
diff --git a/testing/slycat-generic-model-test.py → web-client/slycat-demo-generic-model.py b/testing/slycat-generic-model-test.py → web-client/slycat-demo-generic-model.py
diff --git a/testing/slycat-duplicate-cca-model-test.py → web-client/slycat-demo-rerun-cca-model.py b/testing/slycat-duplicate-cca-model-test.py → web-client/slycat-demo-rerun-cca-model.py
diff --git a/testing/slycat-table-chunker-test.py → web-client/slycat-demo-table-chunker.py b/testing/slycat-table-chunker-test.py → web-client/slycat-demo-table-chunker.py
diff --git a/testing/slycat-timeseries-model-test.py → web-client/slycat-demo-timeseries-model.py b/testing/slycat-timeseries-model-test.py → web-client/slycat-demo-timeseries-model.py