def test_decrypt_sensitive_data_persister( self, get_is_persisted_method, get_is_secure_method, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, update_properties_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock): # Testing call under root is_root_method.return_value = True search_file_message.return_value = "filepath" read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p get_is_persisted_method.return_value = (True, "filepath") get_is_secure_method.return_value = True get_YN_input_method.side_effect = [True, False] read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) calls = [call(options, "decryption")] sensitive_data_encryption_metod.assert_has_calls(calls) self.assertTrue(get_YN_input_method.called) self.assertTrue(update_properties_method.called) self.assertTrue(read_passwd_for_alias_method.called) self.assertTrue(2, read_passwd_for_alias_method.call_count) self.assertTrue(2, save_passwd_for_alias_method.call_count) result_expected = { JDBC_PASSWORD_PROPERTY: "fakepassword", JDBC_RCA_PASSWORD_FILE_PROPERTY: "fakepassword", SSL_TRUSTSTORE_PASSWORD_PROPERTY: "fakepassword", SECURITY_IS_ENCRYPTION_ENABLED: 'false', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'false' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass
def test_setup_sensitive_data_encryption_no_ambari_prop_not_root( self, is_root_method, get_ambari_properties_method): is_root_method.return_value = False get_ambari_properties_method.return_value = -1 options = self._create_empty_options_mock() try: setup_sensitive_data_encryption(options) self.fail("Should throw exception") except FatalException as fe: self.assertTrue('Failed to read properties file.' == fe.reason) pass pass
def test_setup_sensitive_data_encryption_persist( self, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, update_properties_method, read_ambari_user_method, read_master_key_method, get_is_persisted_method, get_is_secure_method, exists_mock, save_passwd_for_alias_method): is_root_method.return_value = True p = Properties() FAKE_PWD_STRING = "fakepasswd" p.process_pair(JDBC_PASSWORD_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p search_file_message.return_value = "propertiesfile" master_key = "aaa" read_master_key_method.return_value = master_key get_YN_input_method.return_value = True read_ambari_user_method.return_value = None get_is_persisted_method.return_value = (True, "filepath") get_is_secure_method.return_value = False exists_mock.return_value = False save_passwd_for_alias_method.return_value = 0 options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) self.assertTrue(get_YN_input_method.called) self.assertTrue(read_master_key_method.called) self.assertTrue(read_ambari_user_method.called) self.assertTrue(update_properties_method.called) self.assertTrue(save_master_key_method.called) sensitive_data_encryption_metod.assert_called_with( options, "encryption") result_expected = { JDBC_PASSWORD_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), SECURITY_IS_ENCRYPTION_ENABLED: 'true', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'true' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass
def test_decrypt_missed_masterkey_not_persisted( self, get_original_master_key_mock, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock, get_is_secure_method, get_is_persisted_method): is_root_method.return_value = True search_file_message.return_value = False read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, get_alias_string(JDBC_RCA_PASSWORD_ALIAS)) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p get_YN_input_method.side_effect = [True, False] get_original_master_key_mock.return_value = None read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False get_is_secure_method.return_value = True get_is_persisted_method.return_value = (False, "filePath") options = self._create_empty_options_mock() self.assertTrue(setup_sensitive_data_encryption(options) == 1) self.assertFalse(save_master_key_method.called) self.assertTrue(get_YN_input_method.called) pass
def test_encrypt_part_not_persisted( self, get_original_master_key_mock, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, update_properties_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock, get_is_secure_method, get_is_persisted_method): is_root_method.return_value = True search_file_message.return_value = False read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, get_alias_string(JDBC_RCA_PASSWORD_ALIAS)) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p master_key = "aaa" get_YN_input_method.side_effect = [False, False, False] get_original_master_key_mock.return_value = master_key read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False get_is_secure_method.return_value = True get_is_persisted_method.return_value = (False, "filePath") options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) calls = [call(options, "encryption", master_key)] sensitive_data_encryption_metod.assert_has_calls(calls) self.assertFalse(save_master_key_method.called) self.assertTrue(get_YN_input_method.called) self.assertTrue(get_original_master_key_mock.called) self.assertTrue(update_properties_method.called) self.assertTrue(read_passwd_for_alias_method.called) self.assertTrue(2, read_passwd_for_alias_method.call_count) self.assertTrue(2, save_passwd_for_alias_method.call_count) self.assertFalse(save_master_key_method.called) result_expected = { JDBC_PASSWORD_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), JDBC_RCA_PASSWORD_FILE_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), SSL_TRUSTSTORE_PASSWORD_PROPERTY: get_alias_string(SSL_TRUSTSTORE_PASSWORD_ALIAS), SECURITY_IS_ENCRYPTION_ENABLED: 'true', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'true' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass