def _setup_crypto_app(self, disable_encryption=False): # Set up a pipeline of crypto middleware ending in the proxy app so # that tests can make requests to either the proxy server directly or # via the crypto middleware. Make a fresh instance for each test to # avoid any state coupling. conf = {'disable_encryption': disable_encryption} self.encryption = crypto.filter_factory(conf)(self.proxy_app) self.km = keymaster.KeyMaster(self.encryption, TEST_KEYMASTER_CONF) self.crypto_app = self.km # for clarity
def test_filter_factory(self): factory = crypto.filter_factory({}) self.assertTrue(callable(factory)) self.assertIsInstance(factory({}), crypto.decrypter.Decrypter) self.assertIsInstance(factory({}).app, crypto.encrypter.Encrypter) self.assertIn('encryption', utils._swift_admin_info) self.assertDictEqual( {'enabled': True}, utils._swift_admin_info['encryption']) self.assertNotIn('encryption', utils._swift_info) factory = crypto.filter_factory({'disable_encryption': True}) self.assertTrue(callable(factory)) self.assertIsInstance(factory({}), crypto.decrypter.Decrypter) self.assertIsInstance(factory({}).app, crypto.encrypter.Encrypter) self.assertIn('encryption', utils._swift_admin_info) self.assertDictEqual( {'enabled': False}, utils._swift_admin_info['encryption']) self.assertNotIn('encryption', utils._swift_info)
def _setup_crypto_app(self, disable_encryption=False, root_secret_id=None): # Set up a pipeline of crypto middleware ending in the proxy app so # that tests can make requests to either the proxy server directly or # via the crypto middleware. Make a fresh instance for each test to # avoid any state coupling. conf = {'disable_encryption': disable_encryption} self.encryption = crypto.filter_factory(conf)(self.proxy_app) self.encryption.logger = self.proxy_app.logger km_conf = dict(TEST_KEYMASTER_CONF) if root_secret_id is not None: km_conf['active_root_secret_id'] = root_secret_id self.km = keymaster.KeyMaster(self.encryption, km_conf) self.crypto_app = self.km # for clarity self.crypto_app.logger = self.encryption.logger
def do_test(conf, expect_enabled): fake_app = object() with mock.patch.dict('swift.common.utils._swift_admin_info', clear=True): # we're not expecting utils._swift_info to be modified but mock # it anyway just in case it is with mock.patch.dict('swift.common.utils._swift_info', clear=True): # Sanity checks... self.assertNotIn('encryption', utils._swift_admin_info) self.assertNotIn('encryption', utils.get_swift_info(admin=True)) self.assertNotIn('encryption', utils.get_swift_info(admin=True)['admin']) factory = crypto.filter_factory(conf) self.assertTrue(callable(factory)) filtered_app = factory(fake_app) self.assertNotIn('encryption', utils._swift_info) self.assertNotIn('encryption', utils.get_swift_info()) self.assertNotIn('encryption', utils.get_swift_info(admin=True)) self.assertIn('encryption', utils._swift_admin_info) self.assertDictEqual({'enabled': expect_enabled}, utils._swift_admin_info['encryption']) self.assertIn('encryption', utils.get_swift_info(admin=True)['admin']) self.assertDictEqual( {'enabled': expect_enabled}, utils.get_swift_info( admin=True)['admin']['encryption']) self.assertIsInstance(filtered_app, crypto.decrypter.Decrypter) self.assertIsInstance(filtered_app.app, crypto.encrypter.Encrypter) self.assertIs(filtered_app.app.app, fake_app)