def setUp(self):
super(WhenTestingProjectQuotasRepo, self).setUp()
self.project_quotas_repo = repositories.ProjectQuotasRepo()
self.session = self.project_quotas_repo.get_session()
self.project_1 = models.Project()
self.project_1.id = '11111'
self.project_1.external_id = '44444'
self.project_1.save(session=self.session)
self.project_2 = models.Project()
self.project_2.id = '22222'
self.project_2.external_id = '55555'
self.project_2.save(session=self.session)
self.project_3 = models.Project()
self.project_3.id = '33333'
self.project_3.external_id = '66666'
self.project_3.save(session=self.session)
self.parsed_project_quotas_1 = {
'secrets': 101,
'orders': 102,
'containers': 103,
'consumers': 105,
'cas': 106}
self.parsed_project_quotas_2 = {
'secrets': 201,
'orders': 202,
'containers': 203,
'consumers': 205,
'cas': 206}
self.parsed_project_quotas_3 = {
'secrets': 301,
'containers': 303,
'consumers': 305}
def _load_sample_data(self):
sess = self.Session()
proj = models.Project()
proj.external_id = self.external_id
sess.add(proj)
sess.commit() # commit to add proj.id
self._add_secret(sess, proj, 'A', '2016-01-01T00:00:00',
'2016-01-01T00:00:00')
self._add_secret(sess, proj, 'B', '2016-02-01T00:00:00',
'2016-02-01T00:00:00')
self._add_secret(sess, proj, 'C', '2016-03-01T00:00:00',
'2016-03-01T00:00:00')
self._add_secret(sess, proj, 'D', '2016-04-01T00:00:00',
'2016-04-01T00:00:00')
self._add_secret(sess, proj, 'E', '2016-05-01T00:00:00',
'2016-05-01T00:00:00')
self._add_secret(sess, proj, 'F', '2016-06-01T00:00:00',
'2016-06-01T00:00:00')
sess.commit() # commit all secrets
def test_should_raise_constraint_create_same_composite_key_no_id(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
container = models.Container()
container.project_id = project.id
container.save(session=session)
# Create a consumer.
consumer = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name', 'URL': 'www.foo.com'})
consumer.save(session=session)
# Commit things so far, because the 'create_from' call below will
# handle consumer metadata with same composite key items already
# existing, and then rollback this session's transaction, which would
# remove the items added above and result in a not-found error below.
session.commit()
# Create a new entity with the same composite key as the first one.
consumer2 = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name', 'URL': 'www.foo.com'})
exception_result = self.assertRaises(
exception.ConstraintCheck,
self.repo.create_from,
consumer2,
session=session)
self.assertIn(
"SQL constraint check failed",
six.text_type(exception_result))
def test_get_by_create_date_with_filter(self, secret_1_dict, secret_2_dict,
query_dict):
session = self.repo.get_session()
secret1 = self.repo.create_from(
models.Secret(secret_1_dict),
session=session,
)
secret2 = self.repo.create_from(
models.Secret(secret_2_dict),
session=session,
)
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
project_secret1 = models.ProjectSecret()
project_secret1.secret_id = secret1.id
project_secret1.project_id = project.id
project_secret1.save(session=session)
project_secret2 = models.ProjectSecret()
project_secret2.secret_id = secret2.id
project_secret2.project_id = project.id
project_secret2.save(session=session)
session.commit()
secrets, offset, limit, total = self.repo.get_by_create_date(
"my keystone id", session=session, **query_dict)
self.assertEqual([s.id for s in secrets], [secret1.id])
self.assertEqual(offset, 0)
self.assertEqual(limit, 10)
self.assertEqual(total, 1)
def test_should_get_count_one_after_delete(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
container = models.Container()
container.project_id = project.id
container.save(session=session)
consumer = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name1', 'URL': 'www.foo.com'})
consumer.save(session=session)
consumer = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name2', 'URL': 'www.foo.com'})
consumer.save(session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(2, count)
self.repo.delete_entity_by_id(consumer.id, "my keystone id",
session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(1, count)
def test_get_count_should_return_one_after_delete(self):
session = self.ca_repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
ca_model = models.CertificateAuthority(self.parsed_ca)
ca_model.project_id = project.id
self.ca_repo.create_from(ca_model, session=session)
ca_model = models.CertificateAuthority(self.parsed_ca)
ca_model.project_id = project.id
self.ca_repo.create_from(ca_model, session=session)
session.commit()
count = self.ca_repo.get_count(project.id, session=session)
self.assertEqual(2, count)
self.ca_repo.delete_entity_by_id(ca_model.id,
"my keystone id",
session=session)
session.commit()
count = self.ca_repo.get_count(project.id, session=session)
self.assertEqual(1, count)
def test_should_update_with_duplicate_consumer(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
container = models.Container()
container.project_id = project.id
container.save(session=session)
# Create a consumer.
consumer = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name', 'URL': 'www.foo.com'})
consumer.save(session=session)
# Commit things so far, because the 'create_or_update_from' call below
# will handle consumer metadata with same composite key items already
# existing, and then rollback this session's transaction, which would
# remove the items added above and result in a not-found error below.
session.commit()
# Try to create a consumer on the container...should re-use the
# one added above.
consumer2 = models.ContainerConsumerMetadatum(
container.id, project.id, {'name': 'name', 'URL': 'www.foo.com'})
self.repo.create_or_update_from(consumer2, container, session=session)
container2 = self.repo_container.get(
container.id, project.external_id, session=session)
self.assertEqual(1, len(container2.consumers))
def get_or_create_project(project_id):
"""Returns project with matching project_id.
Creates it if it does not exist.
:param project_id: The external-to-Barbican ID for this project.
:param project_repo: Project repository.
:return: Project model instance
"""
project_repo = repositories.get_project_repository()
project = project_repo.find_by_external_project_id(project_id,
suppress_exception=True)
if not project:
LOG.debug('Creating project for %s', project_id)
project = models.Project()
project.external_id = project_id
project.status = models.States.ACTIVE
try:
project_repo.create_from(project)
except exception.ConstraintCheck:
# catch race condition for when another thread just created one
project = project_repo.find_by_external_project_id(
project_id,
suppress_exception=False)
return project
def test_should_get_count_one_after_delete(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
secret_model = models.Secret()
secret_model.project_id = project.id
self.repo.create_from(secret_model, session=session)
secret_model = models.Secret()
secret_model.project_id = project.id
self.repo.create_from(secret_model, session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(2, count)
self.repo.delete_entity_by_id(secret_model.id,
"my keystone id",
session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(1, count)
def test_should_get_count_one_after_expiration(self):
current_time = datetime.datetime.utcnow()
tomorrow = current_time + datetime.timedelta(days=1)
yesterday = current_time - datetime.timedelta(days=1)
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
secret_model = models.Secret()
secret_model.project_id = project.id
secret_model.expiration = tomorrow
self.repo.create_from(secret_model, session=session)
secret_model = models.Secret()
secret_model.project_id = project.id
secret_model.expiration = yesterday
self.repo.create_from(secret_model, session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(1, count)
def test_get_secret_list_with_filter(self, secret_1_dict, secret_2_dict,
query_dict):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
secret_1_dict['project_id'] = project.id
secret1 = self.repo.create_from(
models.Secret(secret_1_dict),
session=session,
)
secret_2_dict['project_id'] = project.id
secret2 = self.repo.create_from(
models.Secret(secret_2_dict),
session=session,
)
session.commit()
secrets, offset, limit, total = self.repo.get_secret_list(
"my keystone id", session=session, **query_dict)
resulting_secret_ids = [s.id for s in secrets]
self.assertIn(secret1.id, resulting_secret_ids)
self.assertNotIn(secret2.id, resulting_secret_ids)
self.assertEqual(0, offset)
self.assertEqual(10, limit)
self.assertEqual(1, total)
def _create_project(self):
session = repositories.get_project_repository().get_session()
project = models.Project()
project.external_id = "keystone_project_id" + uuid.uuid4().hex
project.save(session=session)
return project
def setUp(self):
super(BaseOrderTestCase, self).setUp()
self.requestor = 'requestor1234'
self.order = models.Order()
self.order.id = "id1"
self.order.requestor = self.requestor
self.order.type = "key"
self.meta = {
'name': 'name',
'payload_content_type': 'application/octet-stream',
'algorithm': 'AES',
'bit_length': 256,
'expiration': timeutils.utcnow(),
'mode': 'CBC'
}
self.order.meta = self.meta
self.external_project_id = 'keystone1234'
self.project_id = 'projectid1234'
self.project = models.Project()
self.project.id = self.project_id
self.project.external_id = self.external_project_id
self.project_repo = mock.MagicMock()
self.project_repo.get.return_value = self.project
self.setup_project_repository_mock(self.project_repo)
self.order.status = models.States.PENDING
self.order.id = 'orderid1234'
self.order.project_id = self.project_id
self.order_repo = mock.MagicMock()
self.order_repo.get.return_value = self.order
self.setup_order_repository_mock(self.order_repo)
self.setup_order_plugin_meta_repository_mock()
self.setup_order_barbican_meta_repository_mock()
self.secret = models.Secret()
self.secret_repo = mock.MagicMock()
self.secret_repo.create_from.return_value = None
self.setup_secret_repository_mock(self.secret_repo)
self.datum_repo = mock.MagicMock()
self.datum_repo.create_from.return_value = None
self.setup_encrypted_datum_repository_mock(self.datum_repo)
self.setup_kek_datum_repository_mock()
self.setup_secret_meta_repository_mock()
self.container_repo = mock.MagicMock()
self.container_repo.create_from.return_value = None
self.setup_container_repository_mock(self.container_repo)
self.container_secret_repo = mock.MagicMock()
self.container_secret_repo.create_from.return_value = None
self.setup_container_secret_repository_mock(self.container_secret_repo)
self.container = models.Container()
def _init(self):
self.name = 'test container name'
self.type = 'generic'
self.secret_refs = [{
'name': 'test secret 1',
'secret_ref': '1231'
}, {
'name': 'test secret 2',
'secret_ref': '1232'
}, {
'name': 'test secret 3',
'secret_ref': '1233'
}]
self.consumer_ref = {
'name': 'test_consumer1',
'URL': 'http://consumer/1'
}
self.project_internal_id = 'projectid1234'
self.external_project_id = 'keystoneid1234'
# Set up mocked project
self.project = models.Project()
self.project.id = self.project_internal_id
self.project.external_id = self.external_project_id
# Set up mocked project repo
self.project_repo = mock.MagicMock()
self.project_repo.get.return_value = self.project
self.setup_project_repository_mock(self.project_repo)
# Set up mocked container
self.container = create_container(
id_ref='id1',
project_id=self.project_internal_id,
external_project_id=self.external_project_id)
# Set up mocked container repo
self.container_repo = mock.MagicMock()
self.container_repo.get.return_value = self.container
self.container_repo.get_container_by_id.return_value = self.container
self.setup_container_repository_mock(self.container_repo)
# Set up secret repo
self.secret_repo = mock.MagicMock()
self.secret_repo.create_from.return_value = None
self.setup_secret_repository_mock(self.secret_repo)
# Set up container consumer repo
self.consumer_repo = mock.MagicMock()
self.consumer_repo.create_from.return_value = None
self.setup_container_consumer_repository_mock(self.consumer_repo)
self.container_req = {
'name': self.name,
'type': self.type,
'secret_refs': self.secret_refs
}
def _create_project(self):
session = repos.get_project_repository().get_session()
project = models.Project()
project.external_id = ("keystone_project_id" +
uuidutils.generate_uuid(dashed=False))
project.save(session=session)
return project
def test_create_new_preferred_ca(self):
ca = models.CertificateAuthority(self.parsed_ca)
ca.id = '67890'
project = models.Project()
project.id = '12345'
preferred_ca = models.PreferredCertificateAuthority(project.id, ca.id)
self.assertEqual(ca.id, preferred_ca.ca_id)
self.assertEqual(project.id, preferred_ca.project_id)
def test_should_get_count_zero(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(0, count)
def setUp(self):
super(WhenTestingCertificatePluginManager, self).setUp()
self.cert_spec = {}
self.plugin_returned = mock.MagicMock()
self.plugin_name = common_utils.generate_fullname_for(
self.plugin_returned)
types_list = [
cm.CertificateRequestType.SIMPLE_CMC_REQUEST,
cm.CertificateRequestType.CUSTOM_REQUEST
]
self.plugin_returned.supported_request_types.return_value = types_list
self.plugin_returned.supports.return_value = True
self.plugin_loaded = mock.MagicMock(obj=self.plugin_returned)
expiration = (
datetime.datetime.utcnow() +
datetime.timedelta(days=cm.CA_INFO_DEFAULT_EXPIRATION_DAYS))
ca_info = {
cm.INFO_NAME: "my_ca",
cm.INFO_DESCRIPTION: "Certificate Authority my_ca",
cm.INFO_CA_SIGNING_CERT: "Undefined",
cm.INFO_INTERMEDIATES: "Undefined",
cm.INFO_EXPIRATION: expiration.isoformat()
}
self.plugin_returned.get_ca_info.return_value = {
'plugin_ca_id1': ca_info
}
parsed_ca = {
'plugin_name': self.plugin_name,
'plugin_ca_id': 'plugin_ca_id1',
'name': self.plugin_name,
'description': 'Master CA for default plugin',
'ca_signing_certificate': 'ZZZZZ',
'intermediates': 'YYYYY'
}
self.ca = models.CertificateAuthority(parsed_ca)
self.ca.id = 'ca_id'
self.ca_repo = mock.MagicMock()
self.ca_repo.get_by_create_date.return_value = (self.ca, 0, 1, 1)
self.ca_repo.create_from.return_value = None
self.ca_repo.get.return_value = self.ca
self.project = models.Project()
self.project.id = '12345'
self.setup_ca_repository_mock(self.ca_repo)
self.plugin_loaded = mock.MagicMock(obj=self.plugin_returned)
self.manager = cm.CertificatePluginManager()
self.manager.extensions = [self.plugin_loaded]
def test_create_new_project_quotas_with_all_default_quotas(self):
project = models.Project()
project.id = '12345'
project.external_id = '67890'
project_quotas = models.ProjectQuotas(project.id, None)
self.assertEqual('12345', project_quotas.project_id)
self.assertIsNone(project_quotas.secrets)
self.assertIsNone(project_quotas.orders)
self.assertIsNone(project_quotas.containers)
self.assertIsNone(project_quotas.consumers)
self.assertIsNone(project_quotas.cas)
def test_get_secret_by_id(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
secret_model = models.Secret()
secret_model.project_id = project.id
secret = self.repo.create_from(secret_model, session=session)
session.commit()
db_secret = self.repo.get_secret_by_id(secret.id)
self.assertIsNotNone(db_secret)
def test_should_create_retrieve_deleted_project(self):
session = self.repo.get_session()
project = models.Project()
project.keystone_id = 'my keystone id'
project.status = models.States.ACTIVE
self.repo.create_from(project, session=session)
self.assertIsNotNone(project.id)
self.assertFalse(project.deleted)
project_get = self.repo.get(project.id)
self.assertEqual(project.id, project_get.id)
self.repo.delete_entity_by_id(project.id, 'my keystone id')
self.assertTrue(project.deleted)
def test_get_container_by_id(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
container = models.Container()
container.project_id = project.id
container.save(session=session)
session.commit()
db_container = self.repo.get_container_by_id(container.id)
self.assertIsNotNone(db_container)
def test_should_get_count_one(self):
session = self.repo.get_session()
project = models.Project()
project.external_id = "my keystone id"
project.save(session=session)
order_model = models.Order()
order_model.project_id = project.id
self.repo.create_from(order_model, session=session)
session.commit()
count = self.repo.get_count(project.id, session=session)
self.assertEqual(1, count)
def _init(self):
self.external_project_id = 'keystoneid1234'
self.project_internal_id = 'projectid1234'
# Set up mocked project
self.project = models.Project()
self.project.id = self.project_internal_id
self.project.external_id = self.external_project_id
# Set up mocked project repo
self.project_repo = mock.MagicMock()
self.project_repo.get.return_value = self.project
self.setup_project_repository_mock(self.project_repo)
# Set up mocked container
self.container = create_container(
id_ref=utils.generate_test_valid_uuid(),
project_id=self.project_internal_id,
external_project_id=self.external_project_id)
# Set up mocked consumers
self.consumer = create_consumer(
self.container.id,
self.project_internal_id,
id_ref=utils.generate_test_valid_uuid())
self.consumer2 = create_consumer(
self.container.id,
self.project_internal_id,
id_ref=utils.generate_test_valid_uuid())
self.consumer_ref = {
'name': self.consumer.name,
'URL': self.consumer.URL
}
# Set up mocked container repo
self.container_repo = mock.MagicMock()
self.container_repo.get_container_by_id.return_value = self.container
self.setup_container_repository_mock(self.container_repo)
# Set up mocked container consumer repo
self.consumer_repo = mock.MagicMock()
self.consumer_repo.get_by_values.return_value = self.consumer
self.consumer_repo.delete_entity_by_id.return_value = None
self.setup_container_consumer_repository_mock(self.consumer_repo)
# Set up mocked secret repo
self.setup_secret_repository_mock()
def create_container(id_ref, project_id=None, external_project_id=None):
"""Generate a Container entity instance."""
container = models.Container()
container.id = id_ref
container.name = 'test name'
container.type = 'rsa'
container_secret = models.ContainerSecret()
container_secret.container_id = id_ref
container_secret.secret_id = '123'
container.container_secrets.append(container_secret)
if project_id:
project = models.Project()
project.id = project_id
project.external_id = external_project_id
container.project = project
return container
def get_or_create_project(project_id, project_repo):
"""Returns project with matching project_id.
Creates it if it does not exist.
:param project_id: The external-to-Barbican ID for this project.
:param project_repo: Project repository.
:return: Project model instance
"""
project = project_repo.find_by_external_project_id(project_id,
suppress_exception=True)
if not project:
LOG.debug('Creating project for %s', project_id)
project = models.Project()
project.external_id = project_id
project.status = models.States.ACTIVE
project_repo.create_from(project)
return project
def test_create_new_project_quotas_with_some_default_quotas(self):
project = models.Project()
project.id = '12345'
project.external_id = '67890'
parsed_project_quotas = {
'secrets': 101,
'containers': 103,
'consumers': 105
}
project_quotas = models.ProjectQuotas(project.id,
parsed_project_quotas)
self.assertEqual('12345', project_quotas.project_id)
self.assertEqual(101, project_quotas.secrets)
self.assertIsNone(project_quotas.orders)
self.assertEqual(103, project_quotas.containers)
self.assertEqual(105, project_quotas.consumers)
self.assertIsNone(project_quotas.cas)
def _create_base_secret(self, project_id=None):
# Setup the secret and needed base relationship
secret_repo = repositories.get_secret_repository()
session = secret_repo.get_session()
if project_id is None: # don't re-create project if it created earlier
project = models.Project()
project.external_id = "keystone_project_id"
project.save(session=session)
project_id = project.id
secret_model = models.Secret()
secret_model.project_id = project_id
secret = secret_repo.create_from(secret_model, session=session)
secret.save(session=session)
session.commit()
return secret
def _create_base_container(self, project_id=None):
# Setup the container and needed base relationship
container_repo = repositories.get_container_repository()
session = container_repo.get_session()
if project_id is None:
project = models.Project()
project.external_id = "keystone_project_id"
project.save(session=session)
project_id = project.id
container = models.Container()
container.project_id = project_id
container.save(session=session)
session.commit()
return container
def test_project_quotas_check_to_dict_fields(self):
project = models.Project()
project.id = '12345'
project.external_id = '67890'
parsed_project_quotas = {
'secrets': 101,
'orders': 102,
'containers': 103,
'consumers': 105,
'cas': 106
}
project_quotas = models.ProjectQuotas(project.id,
parsed_project_quotas)
self.assertEqual(project.id,
project_quotas.to_dict_fields()['project_id'])
self.assertEqual(101, project_quotas.to_dict_fields()['secrets'])
self.assertEqual(102, project_quotas.to_dict_fields()['orders'])
self.assertEqual(103, project_quotas.to_dict_fields()['containers'])
self.assertEqual(105, project_quotas.to_dict_fields()['consumers'])
self.assertEqual(106, project_quotas.to_dict_fields()['cas'])
