def test_send_expiration_notification():
from lemur.notifications.messaging import send_expiration_notifications
verify_sender_email(
) # emails are sent to owner and security; SNS only used for configured notification
topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic()
notification = NotificationFactory(plugin_name="aws-sns")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(
days=10,
hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
assert send_expiration_notifications([],
[]) == (3, 0
) # owner, SNS, and security
received_messages = sqs_client.receive_message(
QueueUrl=queue_url)["Messages"]
assert len(received_messages) == 1
expected_message = format_message(
certificate_notification_output_schema.dump(certificate).data,
"expiration", notification.options)
actual_message = json.loads(received_messages[0]["Body"])["Message"]
assert actual_message == expected_message
def create_cert_that_expires_in_days(days,
serial=None,
domains=None,
owner=None):
import random
from random import randrange
from string import ascii_lowercase
now = arrow.utcnow()
not_after = now + timedelta(
days=days,
hours=1) # a bit more than specified since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = not_after
certificate.notify = True
certificate.owner = ''.join(
random.choice(ascii_lowercase) for _ in range(10)) + '@example.com'
endpoints = []
for i in range(0, randrange(0, 5)):
endpoints.append(EndpointFactory())
certificate.endpoints = endpoints
if serial:
certificate.serial = serial
if owner:
certificate.owner = owner
if domains:
certificate.domains = domains
return certificate
def create_ca_cert_that_expires_in_days(days):
now = arrow.utcnow()
not_after = now + timedelta(days=days, hours=1) # a bit more than specified since we'll check in the future
authority = AuthorityFactory()
certificate = CertificateFactory()
certificate.not_after = not_after
certificate.notify = True
certificate.root_authority_id = authority.id
certificate.authority_id = None
return certificate
def prepare_test():
verify_sender_email() # emails are sent to owner and security; Slack only used for configured notification
notification = NotificationFactory(plugin_name="slack-notification")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
def create_cert_that_expires_in_days(days):
from random import randrange
now = arrow.utcnow()
not_after = now + timedelta(days=days, hours=1) # a bit more than specified since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = not_after
certificate.notify = True
endpoints = []
for i in range(0, randrange(0, 5)):
endpoints.append(EndpointFactory())
certificate.endpoints = endpoints
return certificate
def test_send_expiration_notification_disabled():
from lemur.notifications.messaging import send_expiration_notifications
from lemur.tests.factories import CertificateFactory
from lemur.tests.factories import NotificationFactory
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
notification = NotificationFactory(plugin_name="email-notification")
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
certificate.notifications[0].options = get_options()
verify_sender_email()
assert send_expiration_notifications([], ['email-notification']) == (0, 0)
def test_send_expiration_notification_no_security_team():
from lemur.notifications.messaging import send_expiration_notifications
from lemur.tests.factories import CertificateFactory
from lemur.tests.factories import NotificationFactory
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory(name="TEST1")
notification = NotificationFactory(plugin_name="email-notification")
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
certificate.notifications[0].options = get_options()
verify_sender_email()
assert send_expiration_notifications([], [], True) == (3, 0) # owner (1) and recipients (2)
def test_send_expiration_notification():
from lemur.notifications.messaging import send_expiration_notifications
notification = NotificationFactory(plugin_name="slack-notification")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(
days=10,
hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
assert send_expiration_notifications([]) == (2, 0)
def test_send_expiration_notification():
from lemur.notifications.messaging import send_expiration_notifications
verify_sender_email() # emails are sent to owner and security; Slack only used for configured notification
notification = NotificationFactory(plugin_name="slack-notification")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
assert send_expiration_notifications([]) == (3, 0) # owner, Slack, and security
def test_send_expiration_notification():
from lemur.notifications.messaging import send_expiration_notifications
from lemur.tests.factories import CertificateFactory
from lemur.tests.factories import NotificationFactory
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
notification = NotificationFactory(plugin_name="email-notification")
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
certificate.notifications[0].options = get_options()
verify_sender_email()
# exclude "TEST1" certs so we don't pick up certs from the last test tests
assert send_expiration_notifications(["TEST1"], []) == (4, 0) # owner (1), recipients (2), and security (1)
def prepare_test():
verify_sender_email() # emails are sent to owner and security; SNS only used for configured notification
# set all existing notifications to disabled so we don't have multiple conflicting in the tests
for prior_notification in service.get_all():
service.update(prior_notification.id, prior_notification.label, prior_notification.plugin_name,
prior_notification.options, prior_notification.description, False, [], [])
notification = NotificationFactory(plugin_name="aws-sns")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
return notification, certificate
