Commit abe8f7b4 authored by Jérome Perrin's avatar Jérome Perrin

stack/erp5: new option to enable XML-RPC for zope

Zope no longer serve XML-RPC in ERP5, unless it is explicitly enabled
using this.
parent 10e90dee
Pipeline #34489 failed with stage
in 0 seconds
...@@ -131,6 +131,11 @@ ...@@ -131,6 +131,11 @@
"default": false, "default": false,
"type": "boolean" "type": "boolean"
}, },
"xml-rpc": {
"description": "Serve XML-RPC queries",
"default": false,
"type": "boolean"
},
"activity-timeout": { "activity-timeout": {
"description": "Override global activity timeout", "description": "Override global activity timeout",
"type": [ "type": [
......
...@@ -190,6 +190,19 @@ class TestDefaultParameters(ERP5InstanceTestCase, TestPublishedURLIsReachableMix ...@@ -190,6 +190,19 @@ class TestDefaultParameters(ERP5InstanceTestCase, TestPublishedURLIsReachableMix
installed['request-frontend-default']['connection-secure_access'], installed['request-frontend-default']['connection-secure_access'],
self.getRootPartitionConnectionParameterDict()['url-frontend-default']) self.getRootPartitionConnectionParameterDict()['url-frontend-default'])
def test_xml_rpc_disabled(self):
param_dict = self.getRootPartitionConnectionParameterDict()
# don't verify certificate
ssl_context = ssl.create_default_context()
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
with xmlrpc.client.ServerProxy(
param_dict['family-default-v6'],
context=ssl_context,
) as cli:
with self.assertRaises(xmlrpc.client.ProtocolError):
cli.getId()
class TestExternalCaucase(ERP5InstanceTestCase, TestPublishedURLIsReachableMixin): class TestExternalCaucase(ERP5InstanceTestCase, TestPublishedURLIsReachableMixin):
"""Test providing the URL of an external caucase in parameters. """Test providing the URL of an external caucase in parameters.
...@@ -654,8 +667,22 @@ class TestWatchActivities(ERP5InstanceTestCase): ...@@ -654,8 +667,22 @@ class TestWatchActivities(ERP5InstanceTestCase):
class ZopeSkinsMixin: class ZopeSkinsMixin:
"""Mixins with utility methods to test zope behaviors. """Mixins with utility methods to test zope behaviors, needs XML-RPC enabled
for family `default`
""" """
@classmethod
def getInstanceParameterDict(cls):
return {
'_':
json.dumps({
"family-override": {
"default": {
"xml-rpc": True,
}
}
})
}
@classmethod @classmethod
def _setUpClass(cls): def _setUpClass(cls):
super()._setUpClass() super()._setUpClass()
...@@ -753,6 +780,11 @@ class ZopeTestMixin(ZopeSkinsMixin, CrontabMixin): ...@@ -753,6 +780,11 @@ class ZopeTestMixin(ZopeSkinsMixin, CrontabMixin):
"port-base": 2210, "port-base": 2210,
}, },
}, },
"family-override": {
"default": {
"xml-rpc": True
}
}
}), }),
} }
...@@ -1138,11 +1170,15 @@ class TestZopePublisherTimeout(ZopeSkinsMixin, ERP5InstanceTestCase): ...@@ -1138,11 +1170,15 @@ class TestZopePublisherTimeout(ZopeSkinsMixin, ERP5InstanceTestCase):
json.dumps({ json.dumps({
# a default timeout of 3 # a default timeout of 3
"publisher-timeout": 3, "publisher-timeout": 3,
# and a family without timeout
"family-override": { "family-override": {
"no-timeout": { "no-timeout": {
# and a family without timeout
"publisher-timeout": None, "publisher-timeout": None,
}, },
# enable XML-RPC for ZopeSkinsMixin
"default": {
"xml-rpc": True,
}
}, },
"zope-partition-dict": { "zope-partition-dict": {
# a family to process activities, so that our test # a family to process activities, so that our test
...@@ -1207,6 +1243,12 @@ class TestCloudooo(ZopeSkinsMixin, ERP5InstanceTestCase): ...@@ -1207,6 +1243,12 @@ class TestCloudooo(ZopeSkinsMixin, ERP5InstanceTestCase):
'https://cloudooo2.example.com/', 'https://cloudooo2.example.com/',
], ],
'cloudooo-retry-count': 123, 'cloudooo-retry-count': 123,
# enable XML-RPC for ZopeSkinsMixin
"family-override": {
"default": {
"xml-rpc": True,
}
}
}) })
} }
......
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
# not need these here). # not need these here).
[template-erp5] [template-erp5]
filename = instance-erp5.cfg.in filename = instance-erp5.cfg.in
md5sum = 38eab3283d175230231c998fa4a3416e md5sum = d0009cd600d341935679a7fb193f34d1
[template-balancer] [template-balancer]
filename = instance-balancer.cfg.in filename = instance-balancer.cfg.in
......
...@@ -306,6 +306,7 @@ config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }} ...@@ -306,6 +306,7 @@ config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-with-max-rlimit-nofile = {{ dumps(slapparameter_dict.get('with-max-rlimit-nofile', false)) }} config-with-max-rlimit-nofile = {{ dumps(slapparameter_dict.get('with-max-rlimit-nofile', false)) }}
{# BBB: zope_parameter_dict used to contain 'webdav', so fallback to it -#} {# BBB: zope_parameter_dict used to contain 'webdav', so fallback to it -#}
config-webdav = {{ dumps(current_zope_family_override_dict.get('webdav', zope_parameter_dict.get('webdav', False))) }} config-webdav = {{ dumps(current_zope_family_override_dict.get('webdav', zope_parameter_dict.get('webdav', False))) }}
config-xml-rpc = {{ dumps(current_zope_family_override_dict.get('xml-rpc', False)) }}
config-publisher-timeout = {{ dumps(current_zope_family_override_dict.get('publisher-timeout', global_publisher_timeout)) }} config-publisher-timeout = {{ dumps(current_zope_family_override_dict.get('publisher-timeout', global_publisher_timeout)) }}
config-activity-timeout = {{ dumps(current_zope_family_override_dict.get('activity-timeout', global_activity_timeout)) }} config-activity-timeout = {{ dumps(current_zope_family_override_dict.get('activity-timeout', global_activity_timeout)) }}
{% if test_runner_enabled -%} {% if test_runner_enabled -%}
......
...@@ -74,7 +74,7 @@ md5sum = ca0cb83950dd9079cc289891cce08e76 ...@@ -74,7 +74,7 @@ md5sum = ca0cb83950dd9079cc289891cce08e76
[template-erp5] [template-erp5]
filename = instance-erp5.cfg.in filename = instance-erp5.cfg.in
md5sum = 6f57c834eb3f774d265c3fd6661429d8 md5sum = edce1c63c13f0d8ec477711ea646444f
[template-zeo] [template-zeo]
filename = instance-zeo.cfg.in filename = instance-zeo.cfg.in
...@@ -86,7 +86,7 @@ md5sum = 0ac4b74436f554cd677f19275d18d880 ...@@ -86,7 +86,7 @@ md5sum = 0ac4b74436f554cd677f19275d18d880
[template-zope] [template-zope]
filename = instance-zope.cfg.in filename = instance-zope.cfg.in
md5sum = 8725a6b42de735b64b51d9bac598f94b md5sum = 34da5e6d80b2992689825bb00bcd911d
[template-balancer] [template-balancer]
filename = instance-balancer.cfg.in filename = instance-balancer.cfg.in
......
...@@ -302,6 +302,7 @@ config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }} ...@@ -302,6 +302,7 @@ config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-with-max-rlimit-nofile = {{ dumps(with_max_rlimit_nofile_enable) }} config-with-max-rlimit-nofile = {{ dumps(with_max_rlimit_nofile_enable) }}
{# BBB: zope_parameter_dict used to contain 'webdav', so fallback to it -#} {# BBB: zope_parameter_dict used to contain 'webdav', so fallback to it -#}
config-webdav = {{ dumps(current_zope_family_override_dict.get('webdav', zope_parameter_dict.get('webdav', False))) }} config-webdav = {{ dumps(current_zope_family_override_dict.get('webdav', zope_parameter_dict.get('webdav', False))) }}
config-xml-rpc = {{ dumps(current_zope_family_override_dict.get('xml-rpc', False)) }}
config-publisher-timeout = {{ dumps(current_zope_family_override_dict.get('publisher-timeout', global_publisher_timeout)) }} config-publisher-timeout = {{ dumps(current_zope_family_override_dict.get('publisher-timeout', global_publisher_timeout)) }}
config-activity-timeout = {{ dumps(current_zope_family_override_dict.get('activity-timeout', global_activity_timeout)) }} config-activity-timeout = {{ dumps(current_zope_family_override_dict.get('activity-timeout', global_activity_timeout)) }}
{% if test_runner_enabled -%} {% if test_runner_enabled -%}
......
...@@ -349,6 +349,7 @@ wrapped-command-line = ...@@ -349,6 +349,7 @@ wrapped-command-line =
--access-log-file={{ '${' ~ conf_parameter_name ~ ':z2-log}' }} --access-log-file={{ '${' ~ conf_parameter_name ~ ':z2-log}' }}
{% if longrequest_logger_interval > 0 %} --long-request-log-file={{ '${' ~ conf_parameter_name ~ ':longrequest-logger-file}' }} {% endif %} {% if longrequest_logger_interval > 0 %} --long-request-log-file={{ '${' ~ conf_parameter_name ~ ':longrequest-logger-file}' }} {% endif %}
{% if webdav %}-w{% endif %} {% if webdav %}-w{% endif %}
{% if slapparameter_dict['xml-rpc'] %}--enable-xml-rpc{% endif %}
{% if with_max_rlimit_nofile %}--with-max-rlimit-nofile{% endif %} {% if with_max_rlimit_nofile %}--with-max-rlimit-nofile{% endif %}
{{ ipv4 }}:${:port} {{ ipv4 }}:${:port}
{% if timerserver_interval %}--timerserver-interval={{ timerserver_interval }}{% endif %} {% if timerserver_interval %}--timerserver-interval={{ timerserver_interval }}{% endif %}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment