adapt init

README.md

@@ -27,9 +27,6 @@ chatmail-pyinfra
     pyproject.toml
     chatmail/__init__ ...
 
-    # tests against the deployed system 
-    tests/test_online_test.py
-
 # doveauth tool used by dovecot's auth mechanism on the host system 
 doveauth
     README.md
@@ -44,12 +41,18 @@ filtermail
     pyproject.toml
     .... 
 
+# online tests (after deploy)
+
+online-tests  # runnable via pytest 
+
+
 
 # scripts for setup/development/deployment 
 
 scripts/
     init.sh  # create venv/other perequires
     deploy.sh  # run pyinfra based deploy of everything
+    test.sh # run all local and online tests 
 
 ```
 

chatmail-pyinfra/src/chatmail/dovecot/dovecot.conf.j2

@@ -88,7 +88,7 @@ service auth {
 service auth-worker {
   # Default is root.
   # Drop privileges we don't need.
-  user = $default_internal_user
+  user = vmail
 }
 
 ssl = required

chatmail-pyinfra/tests/test_online_login.py

@@ -1,28 +0,0 @@
-import pytest
-import imaplib
-
-
-@pytest.fixture
-def conn():
-    return connect("c1.testrun.org")
-
-
-def login(conn, user, password):
-    print("trying to login", user, password)
-    conn.login(user, password)
-
-
-def connect(host):
-    print(f"connecting to {host}")
-    conn = imaplib.IMAP4_SSL(host)
-    return conn
-
-
-def test_login_ok(conn):
-    login(conn, "link2xt@c1.testrun.org", "Ahyei6ie")
-
-
-def test_login_fail(conn):
-    with pytest.raises(imaplib.IMAP4.error) as excinfo:
-        login(conn, "link2xt@c1.testrun.org", "qweqwe")
-    assert "AUTHENTICATIONFAILED" in str(excinfo)

doveauth/src/doveauth/database.py

@@ -0,0 +1,153 @@
+import sqlite3
+import contextlib
+import time
+from pathlib import Path
+
+
+class DBError(Exception):
+    """error during an operation on the database."""
+
+
+class Connection:
+    def __init__(self, sqlconn, write):
+        self._sqlconn = sqlconn
+        self._write = write
+
+    def close(self):
+        self._sqlconn.close()
+
+    def commit(self):
+        self._sqlconn.commit()
+
+    def rollback(self):
+        self._sqlconn.rollback()
+
+    def execute(self, query, params=()):
+        cur = self.cursor()
+        try:
+            cur.execute(query, params)
+        except sqlite3.IntegrityError as e:
+            raise DBError(e)
+        return cur
+
+    def cursor(self):
+        return self._sqlconn.cursor()
+
+    def create_user(self, addr: str, password: str):
+        """Create a row in the users table."""
+        self.execute("PRAGMA foreign_keys=on;")
+        q = """INSERT INTO users (addr, password, last_login)
+               VALUES (?, ?, ?)"""
+        self.execute(q, (addr, password, int(time.time())))
+
+    def get_user(self, addr: str) -> {}:
+        """Get a row from the users table."""
+        q = "SELECT addr, password, last_login from users WHERE addr = ?"
+        row = self._sqlconn.execute(q, (addr,)).fetchone()
+        result = {}
+        if row:
+            result = dict(
+                user=row[0],
+                password=row[1],
+                last_login=row[2],
+            )
+        return result
+
+    def set_config(self, name: str, value: str) -> str:
+        ok = [
+            "dbversion",
+        ]
+        assert name in ok, name
+        q = "INSERT OR REPLACE INTO config (key, value) VALUES (?, ?)"
+        self.cursor().execute(q, (name, value)).fetchone()
+        return value
+
+    def get_config(self, key: str) -> str:
+        q = "SELECT key, value from config WHERE name = ?"
+        c = self._sqlconn.cursor()
+        try:
+            return c.execute(q, key).fetchone()
+        except sqlite3.OperationalError:
+            return None
+
+
+class Database:
+    def __init__(self, path: str):
+        self.path = Path(path)
+        self.ensure_tables()
+
+    def _get_connection(self, write=False, transaction=False, closing=False) -> Connection:
+        # we let the database serialize all writers at connection time
+        # to play it very safe (we don't have massive amounts of writes).
+        mode = "ro"
+        if write:
+            mode = "rw"
+        if not self.path.exists():
+            mode = "rwc"
+        uri = "file:%s?mode=%s" % (self.path, mode)
+        sqlconn = sqlite3.connect(
+            uri,
+            timeout=60,
+            isolation_level=None if transaction else "DEFERRED",
+            uri=True,
+        )
+
+        # Enable Write-Ahead Logging to avoid readers blocking writers and vice versa.
+        if write:
+            sqlconn.execute("PRAGMA journal_mode=wal")
+
+        if transaction:
+            start_time = time.time()
+            while 1:
+                try:
+                    sqlconn.execute("begin immediate")
+                    break
+                except sqlite3.OperationalError:
+                    # another thread may be writing, give it a chance to finish
+                    time.sleep(0.1)
+                    if time.time() - start_time > 5:
+                        # if it takes this long, something is wrong
+                        raise
+        conn = Connection(sqlconn, write=write)
+        if closing:
+            conn = contextlib.closing(conn)
+        return conn
+
+    @contextlib.contextmanager
+    def write_transaction(self):
+        conn = self._get_connection(closing=False, write=True, transaction=True)
+        try:
+            yield conn
+        except Exception:
+            conn.rollback()
+            conn.close()
+            raise
+        else:
+            conn.commit()
+            conn.close()
+
+    def read_connection(self, closing=True) -> Connection:
+        return self._get_connection(closing=closing, write=False)
+
+    CURRENT_DBVERSION = 1
+
+    def ensure_tables(self):
+        with self.write_transaction() as conn:
+            conn.execute(
+                """
+                CREATE TABLE IF NOT EXISTS users (
+                    addr TEXT PRIMARY KEY,
+                    password TEXT,
+                    last_login INTEGER
+                )
+            """,
+            )
+            conn.execute(
+                """
+                CREATE TABLE IF NOT EXISTS config (
+                    key TEXT PRIMARY KEY,
+                    value TEXT
+                )
+            """,
+            )
+            conn.set_config("dbversion", self.CURRENT_DBVERSION)

doveauth/src/doveauth/doveauth.py

@@ -2,37 +2,40 @@
 import base64
 import sys
 
-
-def get_user_data(user):
-    if user.startswith("link2xt@"):
-        return dict(
-            uid="vmail",
-            gid="vmail",
-            password="Ahyei6ie",
-        )
-    return {}
+from .database import Database
 
 
-def create_user(user, password):
+def get_user_data(db, user):
+    with db.read_connection() as conn:
+        result = conn.get_user(user)
+    if result:
+        result['uid'] = "vmail"
+        result['gid'] = "vmail"
+    return result
+
+
+def create_user(db, user, password):
+    with db.write_transaction() as conn:
+        conn.create_user(user, password)
     return dict(home=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password)
 
 
-def verify_user(user, password):
-    userdata = get_user_data(user)
+def verify_user(db, user, password):
+    userdata = get_user_data(db, user)
     if userdata:
         if userdata.get("password") == password:
             userdata["status"] = "ok"
         else:
             userdata["status"] = "fail"
     else:
-        userdata = create_user(user, password)
+        userdata = create_user(db, user, password)
         userdata["status"] = "ok"
 
     return userdata
 
 
-def lookup_user(user):
-    userdata = get_user_data(user)
+def lookup_user(db, user):
+    userdata = get_user_data(db, user)
     if userdata:
         userdata["status"] = "ok"
     else:
@@ -46,14 +49,15 @@ def dump_result(res):
 
 
 def main():
+    db = Database("/home/vmail/passdb.sqlite")
     if sys.argv[1] == "hexauth":
         login = base64.b16decode(sys.argv[2]).decode()
         password = base64.b16decode(sys.argv[3]).decode()
-        res = verify_user(login, password)
+        res = verify_user(db, login, password)
         dump_result(res)
     elif sys.argv[1] == "hexlookup":
         login = base64.b16decode(sys.argv[2]).decode()
-        res = lookup_user(login)
+        res = lookup_user(db, login)
         dump_result(res)
 
 

doveauth/src/doveauth/test_doveauth.py

@@ -1,19 +1,21 @@
 import subprocess
 import pytest
 
-from doveauth.doveauth import get_user_data, verify_user
+from doveauth.doveauth import get_user_data, verify_user, Database
 
 
-def test_basic():
-    data = get_user_data("link2xt@c1.testrun.org")
+def test_basic(tmpdir):
+    db = Database(tmpdir / "passdb.sqlite")
+    verify_user(db, "link2xt@c1.testrun.org", "asdf")
+    data = get_user_data(db, "link2xt@c1.testrun.org")
     assert data
 
 
-@pytest.mark.xfail(reason="no persistence yet")
-def test_verify_or_create():
-    res = verify_user("newuser1@something.org", "kajdlkajsldk12l3kj1983")
+def test_verify_or_create(tmpdir):
+    db = Database(tmpdir / "passdb.sqlite")
+    res = verify_user(db, "newuser1@something.org", "kajdlkajsldk12l3kj1983")
     assert res["status"] == "ok"
-    res = verify_user("newuser1@something.org", "kajdlqweqwe")
+    res = verify_user(db, "newuser1@something.org", "kajdlqweqwe")
     assert res["status"] == "fail"
 
 

online-tests/conftest.py

@@ -0,0 +1,101 @@
+import os
+import io
+import imaplib
+import smtplib
+import itertools
+import pytest
+
+
+@pytest.fixture
+def maildomain():
+    return os.environ.get("CHATMAIL_DOMAIN", "c1.testrun.org")
+
+
+@pytest.fixture
+def imap(maildomain):
+    return ImapConn(maildomain)
+
+
+class ImapConn:
+    def __init__(self, host):
+        self.host = host
+
+    def connect(self):
+        print(f"imap-connect {self.host}")
+        self.conn = imaplib.IMAP4_SSL(self.host)
+
+    def login(self, user, password):
+        print(f"imap-login {user!r} {password!r}")
+        self.conn.login(user, password)
+
+
+@pytest.fixture
+def smtp(maildomain):
+    return SmtpConn(maildomain)
+
+
+class SmtpConn:
+    def __init__(self, host):
+        self.host = host
+
+    def connect(self):
+        print(f"smtp-connect {self.host}")
+        self.conn = smtplib.SMTP_SSL(self.host)
+
+    def login(self, user, password):
+        print(f"smtp-login {user!r} {password!r}")
+        self.conn.login(user, password)
+
+
+@pytest.fixture
+def gencreds(maildomain):
+    count = itertools.count()
+
+    def gen():
+        while 1:
+            num = next(count)
+            yield f"user{num}@{maildomain}", f"password{num}"
+
+    return lambda: next(gen())
+
+
+#
+# Delta Chat testplugin re-use
+# use the cmfactory fixture to get chatmail instance accounts
+#
+
+class ChatmailTestProcess:
+    """Provider for chatmail instance accounts as used by deltachat.testplugin.acfactory """
+    def __init__(self, pytestconfig, maildomain, gencreds):
+        self.pytestconfig = pytestconfig
+        self.maildomain = maildomain
+        self.gencreds = gencreds
+        self._addr2files = {}
+
+    def get_liveconfig_producer(self):
+        while 1:
+            user, password = self.gencreds()
+            config = {"addr": user, "mail_pw": password}
+            yield config
+
+    def cache_maybe_retrieve_configured_db_files(self, cache_addr, db_target_path):
+        pass
+
+    def cache_maybe_store_configured_db_files(self, acc):
+        pass
+
+
+@pytest.fixture
+def cmfactory(request, maildomain, gencreds, tmpdir, data):
+    # cloned from deltachat.testplugin.amfactory
+    pytest.importorskip("deltachat")
+    from deltachat.testplugin import ACFactory
+    testproc = ChatmailTestProcess(request.config, maildomain, gencreds)
+    am = ACFactory(request=request, tmpdir=tmpdir, testprocess=testproc, data=data)
+    yield am
+    if hasattr(request.node, "rep_call") and request.node.rep_call.failed:
+        if testprocess.pytestconfig.getoption("--extra-info"):
+            logfile = io.StringIO()
+            am.dump_imap_summary(logfile=logfile)
+            print(logfile.getvalue())
+            # request.node.add_report_section("call", "imap-server-state", s)

online-tests/test_deltachat.py

@@ -0,0 +1,13 @@
+
+
+class TestMailSending:
+    def test_one_on_one(self, cmfactory, lp):
+        ac1, ac2 = cmfactory.get_online_accounts(2)
+        chat = cmfactory.get_accepted_chat(ac1, ac2)
+
+        lp.sec("ac1: prepare and send text message to ac2")
+        msg1 = chat.send_text("message0")
+
+        lp.sec("wait for ac2 to receive message")
+        msg2 = ac2._evtracker.wait_next_incoming_message()
+        assert msg2.text == "message0"

online-tests/test_login.py

@@ -0,0 +1,42 @@
+import pytest
+import imaplib
+import smtplib
+
+
+class TestDovecot:
+    def test_login_ok(self, imap, gencreds):
+        user, password = gencreds()
+        imap.connect()
+        imap.login(user, password)
+        # verify it works on another connection
+        imap.connect()
+        imap.login(user, password)
+
+    def test_login_fail(self, imap, gencreds):
+        user, password = gencreds()
+        imap.connect()
+        imap.login(user, password)
+        imap.connect()
+        with pytest.raises(imaplib.IMAP4.error) as excinfo:
+            imap.login(user, password + "wrong")
+        assert "AUTHENTICATIONFAILED" in str(excinfo)
+
+
+class TestPostfix:
+    def test_login_ok(self, smtp, gencreds):
+        user, password = gencreds()
+        smtp.connect()
+        smtp.login(user, password)
+        # verify it works on another connection
+        smtp.connect()
+        smtp.login(user, password)
+
+    def test_login_fail(self, smtp, gencreds):
+        user, password = gencreds()
+        smtp.connect()
+        smtp.login(user, password)
+        smtp.connect()
+        with pytest.raises(smtplib.SMTPAuthenticationError) as excinfo:
+            smtp.login(user, password + "wrong")
+        assert excinfo.value.smtp_code == 535
+        assert "authentication failed" in str(excinfo)

plan.txt

@@ -3,7 +3,6 @@
 ## Dovecot goals/steps
 
 1. create-user-on-login ("doveauth")
-  - persistence of accounts
 
 2. per-user quota (adaptive)
 

scripts/init.sh

@@ -3,6 +3,10 @@ python3 -m venv chatmail-pyinfra/venv
 chatmail-pyinfra/venv/bin/pip install pyinfra pytest
 chatmail-pyinfra/venv/bin/pip install -e chatmail-pyinfra
 chatmail-pyinfra/venv/bin/pip install -e doveauth
+
 python3 -m venv doveauth/venv
 doveauth/venv/bin/pip install pytest build
 doveauth/venv/bin/pip install -e doveauth
+
+python3 -m venv online-tests/venv
+online-tests/venv/bin/pip install pytest pytest-timeout pdbpp deltachat

scripts/test.sh

@@ -1,4 +1,6 @@
-#!/bin/sh
-chatmail-pyinfra/venv/bin/pytest chatmail-pyinfra/tests
-cd doveauth/src/doveauth
+#!/bin/bash
+pushd doveauth/src/doveauth
 ../../venv/bin/pytest
+popd
+
+online-tests/venv/bin/pytest online-tests/ -vrx --durations=5