def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email( ) # emails are sent to owner and security; SNS only used for configured notification topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic() notification = NotificationFactory(plugin_name="aws-sns") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta( days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) assert send_expiration_notifications([], []) == (3, 0 ) # owner, SNS, and security received_messages = sqs_client.receive_message( QueueUrl=queue_url)["Messages"] assert len(received_messages) == 1 expected_message = format_message( certificate_notification_output_schema.dump(certificate).data, "expiration", notification.options) actual_message = json.loads(received_messages[0]["Body"])["Message"] assert actual_message == expected_message
def test_render_expiration_summary(certificate, notification, notification_plugin): from lemur.notifications.messaging import get_eligible_security_summary_certs verify_sender_email() expected_certs = defaultdict(list) # weird order to ensure they're not all sequential in the DB expected_certs["14"].append(create_cert_that_expires_in_days(14)) expected_certs["12"].append(create_cert_that_expires_in_days(12)) expected_certs["1"].append(create_cert_that_expires_in_days(1)) expected_certs["3"].append(create_cert_that_expires_in_days(3)) expected_certs["2"].append(create_cert_that_expires_in_days(2)) expected_certs["9"].append(create_cert_that_expires_in_days(9)) expected_certs["7"].append(create_cert_that_expires_in_days(7)) expected_certs["12"].append(create_cert_that_expires_in_days(12)) expected_certs["7"].append(create_cert_that_expires_in_days(7)) expected_certs["2"].append(create_cert_that_expires_in_days(2)) expected_certs["2"].append(create_cert_that_expires_in_days(2)) expected_certs["3"].append(create_cert_that_expires_in_days(3)) expected_certs["2"].append(create_cert_that_expires_in_days(2)) create_cert_that_expires_in_days(15) # over the limit, won't be included expected_certs["1"].append(create_cert_that_expires_in_days(1)) message_data = get_eligible_security_summary_certs(None) assert len(message_data) == len(expected_certs) # verify the expected number of intervals for interval in expected_certs: message_data_for_interval = [x for x in message_data if x['interval'] == int(interval)] assert len(message_data_for_interval) > 0 # verify the interval is present in the message data message_data_for_interval = message_data_for_interval[0] assert message_data_for_interval['certificates'] # verify the interval in the message data has a certs field for cert in expected_certs[interval]: message_data_for_cert = [x for x in message_data_for_interval['certificates'] if x['name'] == cert.name] assert message_data_for_cert # verify the expected cert is present for the expected interval
def test_render_expiring_deployed_certificate(certificate): verify_sender_email() cert_data = certificate_notification_output_schema.dump(certificate).data cert_data['domains_and_ports'] = [{'domain': 'subdomain.example.com', 'ports': [443]}, {'domain': 'example.com', 'ports': [443, 444]}] assert render_html("expiring_deployed_certificate", get_options(), [cert_data])
def test_send_reissue_no_endpoints_notification(certificate): from lemur.notifications.messaging import send_reissue_no_endpoints_notification verify_sender_email() new_certificate = CertificateFactory() new_certificate.replaces.append(certificate) verify_sender_email() assert send_reissue_no_endpoints_notification(certificate, new_certificate)
def test_send_pending_failure_notification(user, pending_certificate, async_issuer_plugin): from lemur.notifications.messaging import send_pending_failure_notification verify_sender_email() assert send_pending_failure_notification(pending_certificate) assert send_pending_failure_notification(pending_certificate, True, True) assert send_pending_failure_notification(pending_certificate, True, False) assert send_pending_failure_notification(pending_certificate, False, True) assert send_pending_failure_notification(pending_certificate, False, False)
def test_send_rotation_notification(endpoint, source_plugin): from lemur.notifications.messaging import send_rotation_notification from lemur.deployment.service import rotate_certificate new_certificate = CertificateFactory() rotate_certificate(endpoint, new_certificate) assert endpoint.certificate == new_certificate verify_sender_email() assert send_rotation_notification(new_certificate)
def prepare_test(): verify_sender_email() # emails are sent to owner and security; Slack only used for configured notification notification = NotificationFactory(plugin_name="slack-notification") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification)
def test_send_expiration_notification_disabled(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() assert send_expiration_notifications([], ['email-notification']) == (0, 0)
def test_send_expiration_notification_no_security_team(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory(name="TEST1") notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() assert send_expiration_notifications([], [], True) == (3, 0) # owner (1) and recipients (2)
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email() # emails are sent to owner and security; Slack only used for configured notification notification = NotificationFactory(plugin_name="slack-notification") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) assert send_expiration_notifications([]) == (3, 0) # owner, Slack, and security
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() # exclude "TEST1" certs so we don't pick up certs from the last test tests assert send_expiration_notifications(["TEST1"], []) == (4, 0) # owner (1), recipients (2), and security (1)
def prepare_test(): verify_sender_email() # emails are sent to owner and security; SNS only used for configured notification # set all existing notifications to disabled so we don't have multiple conflicting in the tests for prior_notification in service.get_all(): service.update(prior_notification.id, prior_notification.label, prior_notification.plugin_name, prior_notification.options, prior_notification.description, False, [], []) notification = NotificationFactory(plugin_name="aws-sns") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) return notification, certificate
def test_send_reissue_failed_notification(certificate): from lemur.notifications.messaging import send_reissue_failed_notification verify_sender_email() certificate.endpoints = [EndpointFactory()] assert send_reissue_failed_notification(certificate)
def test_send_revocation_notification(certificate, endpoint): from lemur.notifications.messaging import send_revocation_notification verify_sender_email() certificate.endpoints = [endpoint] assert send_revocation_notification(certificate)