Ejemplo n.º 1
0
    def delete(self, name):
        """
            Delete the key value pair.

            Handles requests:
                DELETE /keys/1
        """
        lock_name = self._get_lock_name_for_key(name=name)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            kvp_db = self.__get_by_name(name=name)

            if not kvp_db:
                abort(http_client.NOT_FOUND)
                return

            LOG.debug('DELETE /keys/ lookup with name=%s found object: %s', name, kvp_db)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception('Database delete encountered exception during '
                              'delete of name="%s". ', name)
                abort(http_client.INTERNAL_SERVER_ERROR, str(e))
                return

        extra = {'kvp_db': kvp_db}
        LOG.audit('KeyValuePair deleted. KeyValuePair.id=%s' % (kvp_db.id), extra=extra)
Ejemplo n.º 2
0
    def delete(self, name):
        """
            Delete the key value pair.

            Handles requests:
                DELETE /keys/1
        """
        lock_name = self._get_lock_name_for_key(name=name)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            kvp_db = self._get_by_name(resource_name=name)

            if not kvp_db:
                abort(http_client.NOT_FOUND)
                return

            LOG.debug('DELETE /keys/ lookup with name=%s found object: %s', name, kvp_db)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception('Database delete encountered exception during '
                              'delete of name="%s". ', name)
                abort(http_client.INTERNAL_SERVER_ERROR, str(e))
                return

        extra = {'kvp_db': kvp_db}
        LOG.audit('KeyValuePair deleted. KeyValuePair.id=%s' % (kvp_db.id), extra=extra)
Ejemplo n.º 3
0
    def delete(self, name, requester_user, scope=FULL_SYSTEM_SCOPE, user=None):
        """
        Delete the key value pair.

        Handles requests:
            DELETE /keys/1
        """
        if not scope:
            scope = FULL_SYSTEM_SCOPE

        if not requester_user:
            requester_user = UserDB(cfg.CONF.system_user.user)

        scope = get_datastore_full_scope(scope)
        self._validate_scope(scope=scope)

        user = user or requester_user.name

        # Validate that the authenticated user is admin if user query param is provided
        rbac_utils = get_rbac_backend().get_utils_class()
        rbac_utils.assert_user_is_admin_if_user_query_param_is_provided(
            user_db=requester_user, user=user, require_rbac=True)

        key_ref = get_key_reference(scope=scope, name=name, user=user)
        lock_name = self._get_lock_name_for_key(name=key_ref, scope=scope)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            from_model_kwargs = {"mask_secrets": True}
            kvp_api = self._get_one_by_scope_and_name(
                name=key_ref, scope=scope, from_model_kwargs=from_model_kwargs)

            kvp_db = KeyValuePairAPI.to_model(kvp_api)

            LOG.debug(
                "DELETE /keys/ lookup with scope=%s name=%s found object: %s",
                scope,
                name,
                kvp_db,
            )

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception(
                    "Database delete encountered exception during "
                    'delete of name="%s". ',
                    name,
                )
                abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e))
                return

        extra = {"kvp_db": kvp_db}
        LOG.audit("KeyValuePair deleted. KeyValuePair.id=%s" % (kvp_db.id),
                  extra=extra)

        return Response(status=http_client.NO_CONTENT)
Ejemplo n.º 4
0
    def delete(self, name, requester_user, scope=FULL_SYSTEM_SCOPE, user=None):
        """
            Delete the key value pair.

            Handles requests:
                DELETE /keys/1
        """
        if not scope:
            scope = FULL_SYSTEM_SCOPE

        if not requester_user:
            requester_user = UserDB(cfg.CONF.system_user.user)

        scope = get_datastore_full_scope(scope)
        self._validate_scope(scope=scope)

        user = user or requester_user.name

        # Validate that the authenticated user is admin if user query param is provided
        rbac_utils = get_rbac_backend().get_utils_class()
        rbac_utils.assert_user_is_admin_if_user_query_param_is_provided(user_db=requester_user,
                                                                        user=user,
                                                                        require_rbac=True)

        key_ref = get_key_reference(scope=scope, name=name, user=user)
        lock_name = self._get_lock_name_for_key(name=key_ref, scope=scope)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            from_model_kwargs = {'mask_secrets': True}
            kvp_api = self._get_one_by_scope_and_name(
                name=key_ref,
                scope=scope,
                from_model_kwargs=from_model_kwargs
            )

            kvp_db = KeyValuePairAPI.to_model(kvp_api)

            LOG.debug('DELETE /keys/ lookup with scope=%s name=%s found object: %s',
                      scope, name, kvp_db)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception('Database delete encountered exception during '
                              'delete of name="%s". ', name)
                abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e))
                return

        extra = {'kvp_db': kvp_db}
        LOG.audit('KeyValuePair deleted. KeyValuePair.id=%s' % (kvp_db.id), extra=extra)

        return Response(status=http_client.NO_CONTENT)
Ejemplo n.º 5
0
    def test_system_transform(self):
        k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
        k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
        k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
        k8 = KeyValuePair.add_or_update(
            KeyValuePairDB(name='k8', value='v8', scope=FULL_SYSTEM_SCOPE))

        try:
            transformer = datatransform.get_transformer(PAYLOAD)
            mapping = {
                'ip5': '{{trigger.k2}}-static',
                'ip6': '{{st2kv.system.k6}}-static',
                'ip7': '{{st2kv.system.k7}}-static'
            }
            result = transformer(mapping)
            expected = {
                'ip5': 'v2-static',
                'ip6': 'v6-static',
                'ip7': 'v7-static'
            }
            self.assertEqual(result, expected)
        finally:
            KeyValuePair.delete(k5)
            KeyValuePair.delete(k6)
            KeyValuePair.delete(k7)
            KeyValuePair.delete(k8)
Ejemplo n.º 6
0
    def test_system_transform(self):
        rule = self.models['rules']['rule_action_default_value_render_fail.yaml']

        runner_type_db = mock.Mock()
        runner_type_db.runner_parameters = {}
        action_db = mock.Mock()
        action_db.parameters = {}

        k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
        k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
        k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
        k8 = KeyValuePair.add_or_update(KeyValuePairDB(name='k8', value='v8',
                                                       scope=FULL_SYSTEM_SCOPE))

        params = {'ip5': '{{trigger.k2}}-static',
                  'ip6': '{{st2kv.system.k6}}-static',
                  'ip7': '{{st2kv.system.k7}}-static'}
        expected_params = {'ip5': 'v2-static',
                           'ip6': 'v6-static',
                           'ip7': 'v7-static'}

        try:
            self.assertResolvedParamsMatchExpected(rule=rule,
                                                   trigger_instance=MOCK_TRIGGER_INSTANCE_4,
                                                   params=params,
                                                   expected_params=expected_params)
        finally:
            KeyValuePair.delete(k5)
            KeyValuePair.delete(k6)
            KeyValuePair.delete(k7)
            KeyValuePair.delete(k8)
Ejemplo n.º 7
0
    def test_system_transform(self):
        rule = self.models['rules']['rule_action_default_value_render_fail.yaml']

        runner_type_db = mock.Mock()
        runner_type_db.runner_parameters = {}
        action_db = mock.Mock()
        action_db.parameters = {}

        k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
        k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
        k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
        k8 = KeyValuePair.add_or_update(KeyValuePairDB(name='k8', value='v8',
                                                       scope=FULL_SYSTEM_SCOPE))

        params = {'ip5': '{{trigger.k2}}-static',
                  'ip6': '{{st2kv.system.k6}}-static',
                  'ip7': '{{st2kv.system.k7}}-static'}
        expected_params = {'ip5': 'v2-static',
                           'ip6': 'v6-static',
                           'ip7': 'v7-static'}

        try:
            self.assertResolvedParamsMatchExpected(rule=rule,
                                                   trigger_instance=MOCK_TRIGGER_INSTANCE_4,
                                                   params=params,
                                                   expected_params=expected_params)
        finally:
            KeyValuePair.delete(k5)
            KeyValuePair.delete(k6)
            KeyValuePair.delete(k7)
            KeyValuePair.delete(k8)
Ejemplo n.º 8
0
    def delete(self, name, scope=FULL_SYSTEM_SCOPE, user=None):
        """
            Delete the key value pair.

            Handles requests:
                DELETE /keys/1
        """
        if not scope:
            scope = FULL_SYSTEM_SCOPE

        scope = get_datastore_full_scope(scope)
        self._validate_scope(scope=scope)

        requester_user = get_requester()
        user = user or requester_user

        # Validate that the authenticated user is admin if user query param is provided
        assert_request_user_is_admin_if_user_query_param_is_provided(
            request=pecan.request, user=user)

        key_ref = get_key_reference(scope=scope, name=name, user=user)
        lock_name = self._get_lock_name_for_key(name=key_ref, scope=scope)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            from_model_kwargs = {'mask_secrets': True}
            kvp_api = self._get_one_by_scope_and_name(
                name=key_ref, scope=scope, from_model_kwargs=from_model_kwargs)

            kvp_db = KeyValuePairAPI.to_model(kvp_api)

            LOG.debug(
                'DELETE /keys/ lookup with scope=%s name=%s found object: %s',
                scope, name, kvp_db)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception(
                    'Database delete encountered exception during '
                    'delete of name="%s". ', name)
                abort(http_client.INTERNAL_SERVER_ERROR, str(e))
                return

        extra = {'kvp_db': kvp_db}
        LOG.audit('KeyValuePair deleted. KeyValuePair.id=%s' % (kvp_db.id),
                  extra=extra)
Ejemplo n.º 9
0
    def delete(self, name, scope=FULL_SYSTEM_SCOPE, user=None):
        """
            Delete the key value pair.

            Handles requests:
                DELETE /keys/1
        """
        if not scope:
            scope = FULL_SYSTEM_SCOPE

        scope = get_datastore_full_scope(scope)
        self._validate_scope(scope=scope)

        requester_user = get_requester()
        user = user or requester_user

        # Validate that the authenticated user is admin if user query param is provided
        assert_request_user_is_admin_if_user_query_param_is_provider(request=pecan.request,
                                                                     user=user)

        key_ref = get_key_reference(scope=scope, name=name, user=user)
        lock_name = self._get_lock_name_for_key(name=key_ref, scope=scope)

        # Note: We use lock to avoid a race
        with self._coordinator.get_lock(lock_name):
            from_model_kwargs = {'mask_secrets': True}
            kvp_api = self._get_one_by_scope_and_name(
                name=key_ref,
                scope=scope,
                from_model_kwargs=from_model_kwargs
            )

            kvp_db = KeyValuePairAPI.to_model(kvp_api)

            LOG.debug('DELETE /keys/ lookup with scope=%s name=%s found object: %s',
                      scope, name, kvp_db)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception('Database delete encountered exception during '
                              'delete of name="%s". ', name)
                abort(http_client.INTERNAL_SERVER_ERROR, str(e))
                return

        extra = {'kvp_db': kvp_db}
        LOG.audit('KeyValuePair deleted. KeyValuePair.id=%s' % (kvp_db.id), extra=extra)
Ejemplo n.º 10
0
    def tearDownClass(cls):
        headers = {'content-type': 'application/json', 'X-Auth-Token': str(SYS_TOKEN.token)}
        cls.app.delete('/v1/actions/%s' % cls.action['id'], headers=headers)
        cls.app.delete('/v1/actions/%s' % cls.action_encrypt['id'], headers=headers)

        # unregister key-value pairs for tests
        [KeyValuePair.delete(x) for x in cls.kvps]

        super(ActionExecutionControllerTestCaseAuthEnabled, cls).tearDownClass()
Ejemplo n.º 11
0
 def test_chain_runner_vars_system_params(self, request):
     kvps = []
     try:
         kvps.append(
             KeyValuePair.add_or_update(
                 KeyValuePairDB(name='a', value='two')))
         chain_runner = acr.get_runner()
         chain_runner.entry_point = CHAIN_WITH_SYSTEM_VARS
         chain_runner.action = ACTION_2
         chain_runner.container_service = RunnerContainerService()
         chain_runner.pre_run()
         chain_runner.run({})
         self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
         expected_value = {'inttype': 1, 'strtype': 'two', 'booltype': True}
         mock_args, _ = request.call_args
         self.assertEqual(mock_args[0].parameters, expected_value)
     finally:
         for kvp in kvps:
             KeyValuePair.delete(kvp)
Ejemplo n.º 12
0
 def test_chain_runner_vars_system_params(self, request):
     kvps = []
     try:
         kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a', value='two')))
         chain_runner = acr.get_runner()
         chain_runner.entry_point = CHAIN_WITH_SYSTEM_VARS
         chain_runner.action = ACTION_2
         chain_runner.container_service = RunnerContainerService()
         chain_runner.pre_run()
         chain_runner.run({})
         self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
         expected_value = {'inttype': 1,
                           'strtype': 'two',
                           'booltype': True}
         mock_args, _ = request.call_args
         self.assertEqual(mock_args[0].parameters, expected_value)
     finally:
         for kvp in kvps:
             KeyValuePair.delete(kvp)
Ejemplo n.º 13
0
 def test_chain_runner_vars_system_params(self, request):
     action_ref = ResourceReference.to_string_reference(name=ACTION_2.name, pack=ACTION_2.pack)
     kvps = []
     try:
         kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a', value='two')))
         chain_runner = acr.get_runner()
         chain_runner.entry_point = CHAIN_WITH_SYSTEM_VARS
         chain_runner.action = ACTION_2
         chain_runner.liveaction = LiveActionDB(action=action_ref)
         chain_runner.pre_run()
         chain_runner.run({})
         self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
         expected_value = {'inttype': 1,
                           'strtype': 'two',
                           'booltype': True}
         mock_args, _ = request.call_args
         self.assertEqual(mock_args[0].parameters, expected_value)
     finally:
         for kvp in kvps:
             KeyValuePair.delete(kvp)
Ejemplo n.º 14
0
 def test_chain_runner_vars_system_params(self, request):
     action_ref = ResourceReference.to_string_reference(name=ACTION_2.name, pack=ACTION_2.pack)
     kvps = []
     try:
         kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a', value='two')))
         chain_runner = acr.get_runner()
         chain_runner.entry_point = CHAIN_WITH_SYSTEM_VARS
         chain_runner.action = ACTION_2
         chain_runner.liveaction = LiveActionDB(action=action_ref)
         chain_runner.pre_run()
         chain_runner.run({})
         self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
         expected_value = {'inttype': 1,
                           'strtype': 'two',
                           'booltype': True}
         mock_args, _ = request.call_args
         self.assertEqual(mock_args[0].parameters, expected_value)
     finally:
         for kvp in kvps:
             KeyValuePair.delete(kvp)
Ejemplo n.º 15
0
    def tearDownClass(cls):
        headers = {
            "content-type": "application/json",
            "X-Auth-Token": str(SYS_TOKEN.token),
        }
        cls.app.delete("/v1/actions/%s" % cls.action["id"], headers=headers)
        cls.app.delete("/v1/actions/%s" % cls.action_encrypt["id"],
                       headers=headers)

        # unregister key-value pairs for tests
        [KeyValuePair.delete(x) for x in cls.kvps]

        super(ActionExecutionControllerTestCaseAuthEnabled,
              cls).tearDownClass()
Ejemplo n.º 16
0
 def test_chain_runner_typed_system_params(self, request):
     action_ref = ResourceReference.to_string_reference(
         name=ACTION_2.name, pack=ACTION_2.pack
     )
     kvps = []
     try:
         kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name="a", value="1")))
         kvps.append(
             KeyValuePair.add_or_update(KeyValuePairDB(name="a.b.c", value="two"))
         )
         chain_runner = acr.get_runner()
         chain_runner.entry_point = CHAIN_SYSTEM_PARAMS
         chain_runner.action = ACTION_2
         chain_runner.liveaction = LiveActionDB(action=action_ref)
         chain_runner.pre_run()
         chain_runner.run({})
         self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
         expected_value = {"inttype": 1, "strtype": "two"}
         mock_args, _ = request.call_args
         self.assertEqual(mock_args[0].parameters, expected_value)
     finally:
         for kvp in kvps:
             KeyValuePair.delete(kvp)
Ejemplo n.º 17
0
    def tearDownClass(cls):
        headers = {
            'content-type': 'application/json',
            'X-Auth-Token': str(SYS_TOKEN.token)
        }
        cls.app.delete('/v1/actions/%s' % cls.action['id'], headers=headers)
        cls.app.delete('/v1/actions/%s' % cls.action_encrypt['id'],
                       headers=headers)

        # unregister key-value pairs for tests
        [KeyValuePair.delete(x) for x in cls.kvps]

        super(ActionExecutionControllerTestCaseAuthEnabled,
              cls).tearDownClass()
Ejemplo n.º 18
0
 def test_system_transform(self):
     k5 = KeyValuePair.add_or_update(KeyValuePairDB(name="k5", value="v5"))
     k6 = KeyValuePair.add_or_update(KeyValuePairDB(name="k6", value="v6"))
     k7 = KeyValuePair.add_or_update(KeyValuePairDB(name="k7", value="v7"))
     try:
         transformer = datatransform.get_transformer(PAYLOAD)
         mapping = {"ip5": "{{trigger.k2}}-static", "ip6": "{{system.k6}}-static", "ip7": "{{system.k7}}-static"}
         result = transformer(mapping)
         expected = {"ip5": "v2-static", "ip6": "v6-static", "ip7": "v7-static"}
         self.assertEqual(result, expected)
     finally:
         KeyValuePair.delete(k5)
         KeyValuePair.delete(k6)
         KeyValuePair.delete(k7)
Ejemplo n.º 19
0
    def test_system_transform(self):
        rule = self.models["rules"][
            "rule_action_default_value_render_fail.yaml"]

        runner_type_db = mock.Mock()
        runner_type_db.runner_parameters = {}
        action_db = mock.Mock()
        action_db.parameters = {}

        k5 = KeyValuePair.add_or_update(KeyValuePairDB(name="k5", value="v5"))
        k6 = KeyValuePair.add_or_update(KeyValuePairDB(name="k6", value="v6"))
        k7 = KeyValuePair.add_or_update(KeyValuePairDB(name="k7", value="v7"))
        k8 = KeyValuePair.add_or_update(
            KeyValuePairDB(name="k8", value="v8", scope=FULL_SYSTEM_SCOPE))

        params = {
            "ip5": "{{trigger.k2}}-static",
            "ip6": "{{st2kv.system.k6}}-static",
            "ip7": "{{st2kv.system.k7}}-static",
        }
        expected_params = {
            "ip5": "v2-static",
            "ip6": "v6-static",
            "ip7": "v7-static"
        }

        try:
            self.assertResolvedParamsMatchExpected(
                rule=rule,
                trigger_instance=MOCK_TRIGGER_INSTANCE_4,
                params=params,
                expected_params=expected_params,
            )
        finally:
            KeyValuePair.delete(k5)
            KeyValuePair.delete(k6)
            KeyValuePair.delete(k7)
            KeyValuePair.delete(k8)
Ejemplo n.º 20
0
    def test_system_transform(self):
        k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
        k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
        k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
        k8 = KeyValuePair.add_or_update(KeyValuePairDB(name='k8', value='v8',
                                                       scope=FULL_SYSTEM_SCOPE))

        try:
            transformer = datatransform.get_transformer(PAYLOAD)
            mapping = {'ip5': '{{trigger.k2}}-static',
                       'ip6': '{{st2kv.system.k6}}-static',
                       'ip7': '{{st2kv.system.k7}}-static',
                       'ip8': '{{system.k8}}-static'}
            result = transformer(mapping)
            expected = {'ip5': 'v2-static',
                        'ip6': 'v6-static',
                        'ip7': 'v7-static',
                        'ip8': 'v8-static'}
            self.assertEqual(result, expected)
        finally:
            KeyValuePair.delete(k5)
            KeyValuePair.delete(k6)
            KeyValuePair.delete(k7)
            KeyValuePair.delete(k8)
Ejemplo n.º 21
0
    def delete(self, name, requester_user, scope=None, user=None):
        """
        Delete the key value pair.

        Handles requests:
            DELETE /keys/1
        """
        if not scope or scope == ALL_SCOPE:
            # Default to system scope
            scope = FULL_SYSTEM_SCOPE

        if not requester_user:
            requester_user = UserDB(name=cfg.CONF.system_user.user)

        scope = get_datastore_full_scope(scope)
        self._validate_scope(scope=scope)

        user = user or requester_user.name

        rbac_utils = get_rbac_backend().get_utils_class()

        # Validate that the authenticated user is admin if user query param is provided
        rbac_utils.assert_user_is_admin_if_user_query_param_is_provided(
            user_db=requester_user, user=user, require_rbac=True)

        # Set key reference for system or user scope
        key_ref = get_key_reference(scope=scope, name=name, user=user)
        extra = {
            "scope": scope,
            "name": name,
            "user": user,
            "key_ref": key_ref
        }
        LOG.debug("DELETE /v1/keys/%s", name, extra=extra)

        # Setup a kvp database object used for verifying permission
        kvp_db = KeyValuePairDB(
            uid="%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR, scope, key_ref),
            scope=scope,
            name=key_ref,
        )

        # Check that user has permission to the key value pair.
        # If RBAC is enabled, this check will verify if user has system role with all access.
        # If RBAC is enabled, this check guards against a user accessing another user's kvp.
        # If RBAC is enabled, user needs to be explicitly granted permission to delete a system kvp.
        # The check is sufficient to allow decryption of the system kvp.
        rbac_utils.assert_user_has_resource_db_permission(
            user_db=requester_user,
            resource_db=kvp_db,
            permission_type=PermissionType.KEY_VALUE_PAIR_DELETE,
        )

        # Acquire a lock to avoid race condition between concurrent API calls
        with self._coordinator.get_lock(
                self._get_lock_name_for_key(name=key_ref, scope=scope)):
            from_model_kwargs = {"mask_secrets": True}
            kvp_api = self._get_one_by_scope_and_name(
                name=key_ref, scope=scope, from_model_kwargs=from_model_kwargs)
            kvp_db = KeyValuePairAPI.to_model(kvp_api)

            extra["kvp_db"] = kvp_db
            LOG.debug("DELETE /v1/keys/%s", name, extra=extra)

            try:
                KeyValuePair.delete(kvp_db)
            except Exception as e:
                LOG.exception(
                    "Database delete encountered exception during "
                    'delete of name="%s". ',
                    name,
                )
                abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e))
                return

        LOG.audit("DELETE /v1/keys/%s succeeded id=%s",
                  name,
                  kvp_db.id,
                  extra=extra)

        return Response(status=http_client.NO_CONTENT)