Enhanced error detection and reporting to more reliably catch all err…

…ors and provide useful error descriptions.

Curl commands now utilize cookies to avoid creating a new session for each request.

CHECKSUM

@@ -1,9 +1,8 @@
 The following checksum corresponds to the latest release of the 'ida' script:
 
-73f50f5f8a11349501a93e740643d344a2d396d01061514e75da436696aa685a
+b6e60d8811c62b8122d8e6fd915e73aedde6d75f60bc1fea41845644baf9faf0
 
 It should agree with the checksum reported when executing 'ida -h'.
 
 If the reported checksum does not match the above checksum, then your version
 of the ida script is not the latest.
-

README.md

@@ -164,6 +164,11 @@ The ignore file should contain one pattern per line, and will be applied only to
 or portions of pathnames. Patterns should be compatible with those understood by the `-name` option of the
 POSIX `find` command.
 
+## Cookie jar file
+
+The `ida` script utilizes a curl cookie jar stored as `.ida-cookie-jar` in your home directory. If you encounter
+authentication errors, try deleting the cookie jar file to clear any expired session cookies.
+
 ## Collision Avoidance for File Operations
 
 All users belonging to a given project have the same rights, and may interact with, add, and remove

tests/cli/test_cli.py

@@ -91,11 +91,10 @@ def setUp(self):
 
         # Clear any residual accounts, if they exist from a prior run
         self.success = True
-        noflush = self.config.get("NO_FLUSH_AFTER_TESTS", "false")
         self.config["NO_FLUSH_AFTER_TESTS"] = "false"
         self.tearDown()
         self.success = False
-        self.config["NO_FLUSH_AFTER_TESTS"] = noflush
+        self.config["NO_FLUSH_AFTER_TESTS"] = "true"
 
         print("(initializing)")
 
@@ -125,15 +124,17 @@ def setUp(self):
         f.write("IDA_PASSWORD=\"invalid\"\n")
         f.close()
 
-        # Create test project
-        cmd = "%s ADD %s 1" % (self.ida_project, self.project_name)
-        result = subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-        self.assertEqual(result, 0, "Failed to create test project")
+        # Clear any curl cookies
 
-        # Create test user account
-        cmd = "%s ADD %s %s" % (self.ida_user, self.user_name, self.project_name)
-        result = subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-        self.assertEqual(result, 0, "Failed to create test user account")
+        cmd = "%s/tests/utils/clear-cookies" % self.config["IDA_CLI_ROOT"]
+        result = os.system(cmd)
+        self.assertEquals(result, 0)
+
+        # Initialize test accounts
+
+        cmd = "sudo -u %s %s/tests/utils/initialize-test-accounts" % (self.config["HTTPD_USER"], self.config["IDA_CLI_ROOT"])
+        result = os.system(cmd)
+        self.assertEquals(result, 0)
 
 
     def tearDown(self):
@@ -157,23 +158,9 @@ def tearDown(self):
 
             shutil.rmtree(self.tempdir, ignore_errors=True)
 
-            cmd = "%s DISABLE %s" % (self.ida_project, self.project_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-
-            cmd = "%s DELETE PSO_%s" % (self.ida_user, self.project_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-
-            cmd = "%s DELETE %s" % (self.ida_user, self.user_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-
-            cmd = "rm -fr %s/PSO_%s/*" % (self.storage_root, self.project_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-
-            cmd = "rm -fr %s/PSO_%s" % (self.storage_root, self.project_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
-
-            cmd = "rm -fr %s/%s" % (self.storage_root, self.user_name)
-            subprocess.call(cmd, shell=True, stdout=subprocess.PIPE)
+            cmd = "sudo -u %s %s/tests/utils/initialize-test-accounts flush" % (self.config["HTTPD_USER"], self.config["IDA_CLI_ROOT"])
+            result = os.system(cmd)
+            self.assertEquals(result, 0)
 
         self.assertTrue(self.success)
 
@@ -268,6 +255,17 @@ def test_ida_cli(self):
             self.assertIn("Error: Missing target pathname.", output)
         self.assertTrue(failed, output)
 
+        print("Attempt to upload file to pathname exceeding maximum allowed URL encoded pathname length")
+        cmd = "%s upload %s /XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_201_characters %s/Contact.txt" % (self.cli, self.args, self.testdata)
+        failed = False
+        try:
+            output = subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT).decode(sys.stdout.encoding)
+        except subprocess.CalledProcessError as error:
+            failed = True
+            output = error.output.decode(sys.stdout.encoding)
+            self.assertIn("Error: URL encoded pathname exceeds maximum allowed length of 200 characters:", output)
+        self.assertTrue(failed, output)
+
         print("Attempt to upload file using unspecified local pathname")
         cmd = "%s upload %s /Contact.txt" % (self.cli, self.args)
         failed = False

tests/utils/clear-cookies

@@ -0,0 +1,31 @@
+#!/bin/bash
+#--------------------------------------------------------------------------------
+# This file is part of the IDA research data storage service
+#
+# Copyright (C) 2022 Ministry of Education and Culture, Finland
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License,
+# or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# @author   CSC - IT Center for Science Ltd., Espoo Finland <[email protected]>
+# @license  GNU Affero General Public License, version 3
+# @link     https://research.csc.fi/
+#--------------------------------------------------------------------------------
+#
+# This script deletes the curl cookie jar file if it exists.
+#
+#--------------------------------------------------------------------------------
+
+rm $HOME/.ida-cookie-jar 2>/dev/null
+exit 0
+

tests/utils/initialize-test-accounts

@@ -0,0 +1,241 @@
+#!/bin/bash
+#--------------------------------------------------------------------------------
+# This file is part of the IDA research data storage service
+#
+# Copyright (C) 2022 Ministry of Education and Culture, Finland
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License,
+# or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
+# License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# @author   CSC - IT Center for Science Ltd., Espoo Finland <[email protected]>
+# @license  GNU Affero General Public License, version 3
+# @link     https://research.csc.fi/
+#--------------------------------------------------------------------------------
+#
+# This script initializes a set of explicit test accounts (project groups, users,
+# group memberships, and files) used by the automated tests.
+#
+# Notes: 
+#
+# If the single argument "flush" is given to this script, then all existing
+# accounts and data are purged and no new accounts created.
+#
+# This script expects the IDA configuration and constants files to reside in
+# specific pathnames. If needed, edit the definitions immediately below.
+#
+#--------------------------------------------------------------------------------
+
+. "/var/ida/config/config.sh"
+. "/var/ida/lib/constants.sh"
+
+if [ "$ROOT" = "" ]; then
+    echo "Error: Failed to properly initialize script. Aborting." >&2
+    exit 1
+fi
+
+#--------------------------------------------------------------------------------
+# Verify that we are in a test environment
+
+if [ "$IDA_ENVIRONMENT" == "PRODUCTION" ]; then
+    errorExit "Error: This script can not be run in a production environment. Aborting."
+fi
+
+#--------------------------------------------------------------------------------
+# Ensure script is run as apache
+
+ID=`id -u -n`
+if [ "$ID" != "$HTTPD_USER" ]; then
+    echo "You must execute this script as $HTTPD_USER"
+    exit 1
+fi
+
+#--------------------------------------------------------------------------------
+
+PROJECTS="test_project_cli"
+USERS="test_user_cli"
+BASIC_RELATIONS="test_user_cli:test_project_cli"
+
+#--------------------------------------------------------------------------------
+
+CURL_POST='curl --fail -k -s -S -X POST -u'
+
+PADDING="-50"
+
+function failure {
+    echo "FAILED: " "$@"
+}
+
+function success {
+    echo "OK"
+}
+
+#--------------------------------------------------------------------------------
+
+echo "Flushing all action and file records from IDA service database..."
+
+for PROJECT in $PROJECTS; do
+    STEP="   Flushing $PROJECT"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$CURL_POST $NC_ADMIN_USER:$NC_ADMIN_PASS "$URL_BASE_IDA/api/flush?project=$PROJECT" 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT (ignored)"
+    else
+        success
+    fi
+done
+
+if [ "$METAX_AVAILABLE" = "1" ]; then
+
+    echo "Flushing all frozen file records from METAX database..."
+
+    for PROJECT in $PROJECTS; do
+        STEP="   Flushing $PROJECT"
+        printf "%${PADDING}s" "$STEP"
+        OUT=`$CURL_POST $METAX_API_USER:$METAX_API_PASS "$METAX_API_RPC_URL/files/flush_project?project_identifier=$PROJECT" 2>&1`
+        if [ "$?" -ne 0 ]; then
+            failure "$OUT (ignored)"
+        else
+            success
+        fi
+    done
+fi
+
+echo "Flushing all replicated files..."
+
+for PROJECT in $PROJECTS; do
+    STEP="   Flushing $PROJECT"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`/bin/rm -fr $DATA_REPLICATION_ROOT/projects/$PROJECT 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT (ignored)"
+    else
+        success
+    fi
+done
+
+#--------------------------------------------------------------------------------
+
+echo "Cleaning up any existing test projects..."
+
+echo "Deleting any existing test users..."
+
+for USER in $USERS; do
+    STEP="   Deleting $USER"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$ROOT/admin/ida_user DELETE $USER 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT (ignored)"
+    else
+        success
+    fi
+done
+
+echo "Deleting any existing test projects..."
+
+for PROJECT in $PROJECTS; do
+    STEP="   Deleting $PROJECT"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$ROOT/admin/ida_project DISABLE $PROJECT 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT (ignored)"
+    else
+        success
+    fi
+done
+
+echo "Deleting any existing project share owners..."
+
+for PROJECT in $PROJECTS; do
+    USER="$PROJECT_USER_PREFIX""$PROJECT"
+    STEP="   Deleting $USER"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$ROOT/admin/ida_user DELETE $USER 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT (ignored)"
+    else
+        success
+    fi
+done
+
+echo "Deleting any residual test user directories..."
+
+for USER in $USERS; do
+    if [ -d "$STORAGE_OC_DATA_ROOT/$USER" ]; then
+        STEP="   Deleting $USER "
+        printf "%${PADDING}s" "$STEP"
+        OUT=`rm -fr "$STORAGE_OC_DATA_ROOT/$USER"`
+        if [ "$?" -ne 0 ]; then
+            failure "$OUT (ignored)"
+        else
+            success
+        fi
+    fi
+done
+
+echo "Deleting any residual project share owner directories and links..."
+
+for PROJECT in $PROJECTS; do
+    for CANDIDATE_STORAGE_VOLUME in ${STORAGE_CANDIDATES[*]}; do
+        TARGET="${CANDIDATE_STORAGE_VOLUME}/${PROJECT_USER_PREFIX}${PROJECT}"
+        if [ -e "$TARGET" ]; then
+            STEP="   Deleting $TARGET "
+            printf "%${PADDING}s" "$STEP"
+            OUT=`rm -fr "$TARGET"`
+            if [ "$?" -ne 0 ]; then
+                failure "$OUT (ignored)"
+            else
+                success
+            fi
+        fi
+    done
+done
+
+#--------------------------------------------------------------------------------
+
+if [ "$1" = "flush" ]; then
+    exit
+fi
+
+#--------------------------------------------------------------------------------
+
+echo "Creating test accounts..."
+
+echo "Creating projects..."
+
+for PROJECT in $PROJECTS; do
+    STEP="   Creating $PROJECT"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$ROOT/admin/ida_project ADD $PROJECT 1 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT"
+        exit 1
+    else
+        success
+    fi
+done
+
+echo "Creating users..."
+
+for RELATION in $BASIC_RELATIONS; do
+    USER=`echo $RELATION | sed -e 's/:.*$//'`
+    PROJECT=`echo $RELATION | sed -e 's/^.*://'`
+    STEP="   Creating $USER in $PROJECT"
+    printf "%${PADDING}s" "$STEP"
+    OUT=`$ROOT/admin/ida_user ADD $USER $PROJECT 2>&1`
+    if [ "$?" -ne 0 ]; then
+        failure "$OUT"
+        exit 1
+    else
+        success
+    fi
+done