def setUp(self):
# application
self.application = "apm"
# apm privileges
self.privilege_agent_config = "config_agent:read"
self.privilege_event = "event:write"
self.privilege_sourcemap = "sourcemap:write"
self.privileges = {
"agentConfig": self.privilege_agent_config,
"event": self.privilege_event,
"sourcemap": self.privilege_sourcemap
}
self.privileges_all = list(self.privileges.values())
self.privilege_any = "*"
# resources
self.resource_any = ["*"]
self.resource_backend = ["-"]
user = os.getenv("ES_USER", "apm_server_user")
password = os.getenv("ES_PASS", "changeme")
self.apikey_name = "apm-systemtest"
self.apikey = APIKeyHelper(self.get_elasticsearch_url(user, password))
# delete all existing api_keys with defined name of current user
self.apikey.invalidate(self.apikey_name)
# delete all existing application privileges to ensure they can be created for current user
for p in self.privileges.keys():
url = "{}/{}/{}".format(self.apikey.privileges_url,
self.application, p)
requests.delete(url)
wait_until(lambda: requests.get(url).status_code == 404)
super(APIKeyBaseTest, self).setUp()
class APIKeyBaseTest(ElasticTest):
def setUp(self):
# application
self.application = "apm"
# apm privileges
self.privilege_agent_config = "config_agent:read"
self.privilege_event = "event:write"
self.privilege_sourcemap = "sourcemap:write"
self.privileges = {
"agentConfig": self.privilege_agent_config,
"event": self.privilege_event,
"sourcemap": self.privilege_sourcemap
}
self.privileges_all = list(self.privileges.values())
self.privilege_any = "*"
# resources
self.resource_any = ["*"]
self.resource_backend = ["-"]
user = os.getenv("ES_USER", "apm_server_user")
password = os.getenv("ES_PASS", "changeme")
self.apikey_name = "apm-systemtest"
self.apikey = APIKeyHelper(self.get_elasticsearch_url(user, password))
# delete all existing api_keys with defined name of current user
self.apikey.invalidate(self.apikey_name)
# delete all existing application privileges to ensure they can be created for current user
for p in self.privileges.keys():
url = "{}/{}/{}".format(self.apikey.privileges_url, self.application, p)
requests.delete(url)
wait_until(lambda: requests.get(url).status_code == 404)
super(APIKeyBaseTest, self).setUp()
def create_api_key_header(self, privileges, resources, application="apm"):
return "ApiKey {}".format(self.create_apm_api_key(privileges, resources, application=application))
def create_apm_api_key(self, privileges, resources, application="apm"):
payload = json.dumps({
"name": self.apikey_name,
"role_descriptors": {
self.apikey_name + "role_desc": {
"applications": [
{"application": application, "privileges": privileges, "resources": resources}]}}})
resp = self.apikey.create(payload)
enc = "utf-8"
return str(base64.b64encode("{}:{}".format(resp["id"], resp["api_key"]).encode(enc)), enc)