From 80c68a41fd39b3620da8cdf35280b58ae7a280da Mon Sep 17 00:00:00 2001
From: meejah <meejah@meejah.ca>
Date: Mon, 21 Dec 2020 00:49:56 -0700
Subject: [PATCH] cover more error-cases

---
 src/allmydata/test/cli/test_grid_manager.py | 56 ++++++++++++++++++
 src/allmydata/test/test_grid_manager.py     | 65 ++++++++++++++++++++-
 2 files changed, 119 insertions(+), 2 deletions(-)

diff --git a/src/allmydata/test/cli/test_grid_manager.py b/src/allmydata/test/cli/test_grid_manager.py
index a8b0315e0..a6f1f7ec2 100644
--- a/src/allmydata/test/cli/test_grid_manager.py
+++ b/src/allmydata/test/cli/test_grid_manager.py
@@ -44,6 +44,20 @@ class GridManagerCommandLine(SyncTestCase):
             result = self.runner.invoke(grid_manager, ["--config", "foo", "public-identity"])
             self.assertTrue(result.output.startswith("pub-v0-"))
 
+    def test_load_invalid(self):
+        """
+        An invalid config is reported to the user
+        """
+        with self.runner.isolated_filesystem():
+            with open("config.json", "w") as f:
+                json.dump({"not": "valid"}, f)
+            result = self.runner.invoke(grid_manager, ["--config", ".", "public-identity"])
+            self.assertNotEqual(result.exit_code, 0)
+            self.assertIn(
+                "Error loading Grid Manager",
+                result.output,
+            )
+
     def test_create_already(self):
         """
         It's an error to create a new grid-manager in an existing
@@ -85,6 +99,22 @@ class GridManagerCommandLine(SyncTestCase):
             cert = json.loads(sigcert['certificate'])
             self.assertEqual(cert["public_key"], pubkey)
 
+    def test_add_twice(self):
+        """
+        An error is reported trying to add an existing server
+        """
+        pubkey0 = "pub-v0-cbq6hcf3pxcz6ouoafrbktmkixkeuywpcpbcomzd3lqbkq4nmfga"
+        pubkey1 = "pub-v0-5ysc55trfvfvg466v46j4zmfyltgus3y2gdejifctv7h4zkuyveq"
+        with self.runner.isolated_filesystem():
+            self.runner.invoke(grid_manager, ["--config", "foo", "create"])
+            self.runner.invoke(grid_manager, ["--config", "foo", "add", "storage0", pubkey0])
+            result = self.runner.invoke(grid_manager, ["--config", "foo", "add", "storage0", pubkey1])
+            self.assertNotEquals(result.exit_code, 0)
+            self.assertIn(
+                "A storage-server called 'storage0' already exists",
+                result.output,
+            )
+
     def test_add_list_remove(self):
         """
         Add a storage server, list it, remove it.
@@ -108,6 +138,32 @@ class GridManagerCommandLine(SyncTestCase):
             result = self.runner.invoke(grid_manager, ["--config", "foo", "list"])
             self.assertEqual(result.output.strip(), "")
 
+    def test_remove_missing(self):
+        """
+        Error reported when removing non-existant server
+        """
+        with self.runner.isolated_filesystem():
+            self.runner.invoke(grid_manager, ["--config", "foo", "create"])
+            result = self.runner.invoke(grid_manager, ["--config", "foo", "remove", "storage0"])
+            self.assertNotEquals(result.exit_code, 0)
+            self.assertIn(
+                "No storage-server called 'storage0' exists",
+                result.output,
+            )
+
+    def test_sign_missing(self):
+        """
+        Error reported when signing non-existant server
+        """
+        with self.runner.isolated_filesystem():
+            self.runner.invoke(grid_manager, ["--config", "foo", "create"])
+            result = self.runner.invoke(grid_manager, ["--config", "foo", "sign", "storage0", "42"])
+            self.assertNotEquals(result.exit_code, 0)
+            self.assertIn(
+                "No storage-server called 'storage0' exists",
+                result.output,
+            )
+
 
 class TahoeAddGridManagerCert(AsyncTestCase):
     """
diff --git a/src/allmydata/test/test_grid_manager.py b/src/allmydata/test/test_grid_manager.py
index 734b54e4c..4c899257d 100644
--- a/src/allmydata/test/test_grid_manager.py
+++ b/src/allmydata/test/test_grid_manager.py
@@ -65,6 +65,32 @@ class GridManagerUtilities(SyncTestCase):
         certs = config.get_grid_manager_certificates()
         self.assertEqual([fake_cert], certs)
 
+    def test_load_certificates_invalid_version(self):
+        """
+        An error is reported loading invalid certificate version
+        """
+        cert_path = self.mktemp()
+        fake_cert = {
+            "certificate": "{\"expires\":1601687822,\"public_key\":\"pub-v0-cbq6hcf3pxcz6ouoafrbktmkixkeuywpcpbcomzd3lqbkq4nmfga\",\"version\":22}",
+            "signature": "fvjd3uvvupf2v6tnvkwjd473u3m3inyqkwiclhp7balmchkmn3px5pei3qyfjnhymq4cjcwvbpqmcwwnwswdtrfkpnlaxuih2zbdmda"
+        }
+        with open(cert_path, "w") as f:
+            f.write(json.dumps(fake_cert))
+        config_data = (
+            "[grid_managers]\n"
+            "fluffy = pub-v0-vqimc4s5eflwajttsofisp5st566dbq36xnpp4siz57ufdavpvlq\n"
+            "[grid_manager_certificates]\n"
+            "ding = {}\n".format(cert_path)
+        )
+        config = config_from_string("/foo", "portnum", config_data, client_valid_config())
+        self.assertEqual(
+            {"fluffy": "pub-v0-vqimc4s5eflwajttsofisp5st566dbq36xnpp4siz57ufdavpvlq"},
+            config.enumerate_section("grid_managers")
+        )
+        certs = config.get_grid_manager_certificates()
+        self.assertEqual([fake_cert], certs)
+        print(certs)
+
 
 class GridManagerVerifier(SyncTestCase):
     """
@@ -182,6 +208,41 @@ class GridManagerVerifier(SyncTestCase):
             str(ctx.exception),
         )
 
+    def test_invalid_certificate_bad_version(self):
+        """
+        Invalid Grid Manager config containing a certificate with an
+        illegal version
+        """
+        tempdir = self.mktemp()
+        fp = FilePath(tempdir)
+        config = {
+            "grid_manager_config_version": 0,
+            "private_key": "priv-v0-ub7knkkmkptqbsax4tznymwzc4nk5lynskwjsiubmnhcpd7lvlqa",
+            "storage_servers": {
+                "alice": {
+                    "public_key": "pub-v0-cbq6hcf3pxcz6ouoafrbktmkixkeuywpcpbcomzd3lqbkq4nmfga"
+                }
+            }
+        }
+        bad_cert = {
+            "certificate": "{\"expires\":1601687822,\"public_key\":\"pub-v0-cbq6hcf3pxcz6ouoafrbktmkixkeuywpcpbcomzd3lqbkq4nmfga\",\"version\":0}",
+            "signature": "fvjd3uvvupf2v6tnvkwjd473u3m3inyqkwiclhp7balmchkmn3px5pei3qyfjnhymq4cjcwvbpqmcwwnwswdtrfkpnlaxuih2zbdmda"
+        }
+
+        fp.makedirs()
+        with fp.child("config.json").open("w") as f:
+            json.dump(config, f)
+        with fp.child("alice.cert.0").open("w") as f:
+            json.dump(bad_cert, f)
+
+        with self.assertRaises(ValueError) as ctx:
+            load_grid_manager(fp)
+
+        self.assertIn(
+            "Unknown certificate version",
+            str(ctx.exception),
+        )
+
     def test_invalid_no_private_key(self):
         """
         Invalid Grid Manager config with no private key
@@ -299,7 +360,7 @@ class GridManagerVerifier(SyncTestCase):
         self.assertTrue(verify())
 
 
-class GridManagerVerifier(SyncTestCase):
+class GridManagerInvalidVerifier(SyncTestCase):
     """
     Invalid certificate rejection tests
     """
@@ -309,7 +370,7 @@ class GridManagerVerifier(SyncTestCase):
         self.priv0, self.pub0 = ed25519.create_signing_keypair()
         self.gm.add_storage_server("test0", self.pub0)
         self.cert0 = self.gm.sign("test0", timedelta(seconds=86400))
-        return super(GridManagerVerifier, self).setUp()
+        return super(GridManagerInvalidVerifier, self).setUp()
 
     @given(
         base32text(),