def test_authority_roles(client, session, issuer_plugin):
auth = AuthorityFactory()
role = RoleFactory()
session.flush()
data = {
'owner': auth.owner,
'name': auth.name,
'description': auth.description,
'active': True,
'roles': [
{
'id': role.id
},
],
}
# Add role
resp = client.put(api.url_for(Authorities, authority_id=auth.id),
data=json.dumps(data),
headers=VALID_ADMIN_HEADER_TOKEN)
assert resp.status_code == 200
assert len(resp.json['roles']) == 1
assert set(auth.roles) == {role}
# Remove role
del data['roles'][0]
resp = client.put(api.url_for(Authorities, authority_id=auth.id),
data=json.dumps(data),
headers=VALID_ADMIN_HEADER_TOKEN)
assert resp.status_code == 200
assert len(resp.json['roles']) == 0
def test_authority_roles(client, session, issuer_plugin):
auth = AuthorityFactory()
role = RoleFactory()
session.flush()
data = {
"owner": auth.owner,
"name": auth.name,
"description": auth.description,
"active": True,
"roles": [{
"id": role.id
}],
}
# Add role
resp = client.put(
api.url_for(Authorities, authority_id=auth.id),
data=json.dumps(data),
headers=VALID_ADMIN_HEADER_TOKEN,
)
assert resp.status_code == 200
assert len(resp.json["roles"]) == 1
assert set(auth.roles) == {role}
# Remove role
del data["roles"][0]
resp = client.put(
api.url_for(Authorities, authority_id=auth.id),
data=json.dumps(data),
headers=VALID_ADMIN_HEADER_TOKEN,
)
assert resp.status_code == 200
assert len(resp.json["roles"]) == 0
def test_multiple_authority_certificate_association(session, client):
role = RoleFactory()
authority = AuthorityFactory()
certificate = CertificateFactory()
authority1 = AuthorityFactory()
certificate1 = CertificateFactory()
role.authorities.append(authority)
role.authorities.append(authority1)
role.certificates.append(certificate)
role.certificates.append(certificate1)
session.commit()
assert role.authorities[0].name == authority.name
assert role.authorities[1].name == authority1.name
assert role.certificates[0].name == certificate.name
assert role.certificates[1].name == certificate1.name
def create_ca_cert_that_expires_in_days(days):
now = arrow.utcnow()
not_after = now + timedelta(days=days, hours=1) # a bit more than specified since we'll check in the future
authority = AuthorityFactory()
certificate = CertificateFactory()
certificate.not_after = not_after
certificate.notify = True
certificate.root_authority_id = authority.id
certificate.authority_id = None
return certificate