* daemon,o/devicestate: move user creation and removal helpers to o/devicestate
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon,o/devicestate: move user create,remove tests to o/devicestate
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon: add new tests for user create,remove requests
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* o/devicestate: removed unused variable in users test
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* o/devicestate: move users test export to common export
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* o/devicestate: remove left behind commented code
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* o/devicestate: clean syntax in user helper
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon: use testutil.Backup() in api export tests
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* o/devicestate: use testutil.Backup() in api export tests
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon: cleanup user tests
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: join helper variables for mocking
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: remove extra line in addUser function
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestat: rename internal_err -> internalErr
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: change addUser fnc signature
addUser adds single user. Change function signarure to return single UserResponse
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: update error handling in CreateUser
Update error handling after merge from master
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: remove accidental file from merge conflict
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon,overlord: user error wrapper for user account actions
CreateUser, RemoveUser can fail for multiple reasons.
There is a need to distinguish between internal error and bad request.
Use UserError structure to wrap/ return error information.
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon,overlord: address review issues
- renaming UserResponse to CreatedUser
- fix typos
- fix error wrapping
- rename ue to error
- code cleanup
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: rework createUserOpts helper for user creation
- remove unused and confusing safe flag for create user operations
- remove state from struct and pass it as function argument
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate: add test for missing email in user creation
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* daemon,overlord: split CreateUser function for known and unknown users
Split CreateUser functionality into two new functions
- CreateKnownUsers for creation of known users
- CreateUser for creation of user defined by email
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord: use new auth.NewUserData structure
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
* overlord/devicestate,daemon: review feedback
Reorder functions, drop wrapping internal errors, assume state lock on function entry to match the style in managers
* daemon,overlord/devicestate: review feedback
add missing unit test, remove devicemanager parameter, fix doc string
* daemon: review feedback
simplify some else conditions, rename function and variable
* overlord/devicestate: review feedback
move createUser down to the structure it belongs to
* daemon: review feedback + changes to how we return users
simplify a lot of the methods, change to pointer instead so we can return nil's instead of empty structures. Remove the option structure for creating new users, update some docs
* daemon: review feedback
rename doUserWrapper/doCreateUser
* daemon: restore tests, restore the backwards compatible way of creating users
* daemon,overlord: review feedback
rewrite testPostCreateUserFromAssertion, it was no longer valid after code seperation, instead focus on testing the code in api_users.go
update checks in users_test.go, one was invalid (overwritten), rest was missing verification of calling
* daemon,overlord/devicestate: review feedback
redo some of the error messages, move the logic check for creating known users in compat-mode, update comments a bit
Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>
Co-authored-by: Philip Meulengracht <the_meulengracht@hotmail.com>
We should be careful not to concatenate variable strings into the first
argument of Sprintf/Printf/Errorf: if these variable strings end up
containing a percent character, it will break the way that the printfs
arguments are interpreted. Luckily, golang is smarter than C and is able
to detect mismatches between the number of '%' and the number of
arguments, but it still can lead to unexpected results:
$ sudo snap set core refresh.rate-limit='%[2]#v'
error: cannot perform the following tasks:
- Run configure hook of "core" snap (run hook "configure": cannot parse "%!#(BADINDEX)v": no numerical prefix)
also:
$ sudo snap set core refresh.rate-limit='%#v'
error: cannot perform the following tasks:
- Run configure hook of "core" snap (run hook "configure": cannot parse "&errors.errorString{s:"no numerical prefix"}": %!s(MISSING))
Moreover, it appears that all the occurrences of such pattern in our
code are situated either on unprivileged processes (like the `snap`
client), or, when in snapd, can only be triggered by the root user
(notice the `sudo` in the commands above).
Nevertheless, let's be defensive and fix these.
There are also other occurrences of concatenations in formatting
strings, but those are only constants so they don't pose a problem. But
to avoid the risk of these strings getting updated in the future with a
mutable version, let's explicitly mark these format prefixes as `const`.
This commit adds a comment to ssh keys writen to ~/.authorized_keys
that come from the store. This will enable us in the future to
update keys that come from the store because we now have the
information what keys got added by snapd and which were added by
other means.
this helps avoiding passing *Command around which complicates exposing
helpers if they actually want to be tested
with this we don't need to export ThemesCmd to the tests anymore
the option if set to false disables automatic user creation on assertion
auto-import
it is processed early which means its setting available
before snapd starts serving users API requests
The snap auto-import code right will always try to create all
known system-users when it imports any assertions. However this
leads to systemd errors and a degraded boot when a device is already
managed and a removable device with a user assertion is attached
to the device.
This commit changes the auto-import code to send a new
`automatic: true` json when running auto-imports. With that
option already managed device just return that no users are
created and no error.
This fixes https://bugs.launchpad.net/newparis/+bug/1893331
