def test_credential_creation_validation_failure(organization_factory, inputs): org = organization_factory('test').organization type_ = CredentialType(kind='cloud', name='SomeCloud', managed_by_tower=True, inputs={ 'fields': [{ 'id': 'username', 'label': 'Username for SomeCloud', 'type': 'string' }, { 'id': 'flag', 'label': 'Some Boolean Flag', 'type': 'boolean' }] }) type_.save() with pytest.raises(Exception) as e: cred = Credential(credential_type=type_, name="Bob's Credential", inputs=inputs, organization=org) cred.save() cred.full_clean() assert e.type in (ValidationError, serializers.ValidationError)
def test_credential_get_input(organization_factory): organization = organization_factory('test').organization type_ = CredentialType( kind='vault', name='somevault', managed_by_tower=True, inputs={ 'fields': [ { 'id': 'vault_password', 'type': 'string', 'secret': True, }, { 'id': 'vault_id', 'type': 'string', 'secret': False }, { 'id': 'secret', 'type': 'string', 'secret': True, }, ] }, ) type_.save() cred = Credential(organization=organization, credential_type=type_, name="Bob's Credential", inputs={'vault_password': '******'}) cred.save() cred.full_clean() assert isinstance(cred, Credential) # verify expected exception is raised when attempting to access an unset # input without providing a default with pytest.raises(AttributeError): cred.get_input('vault_id') # verify that the provided default is used for unset inputs assert cred.get_input('vault_id', default='foo') == 'foo' # verify expected exception is raised when attempting to access an undefined # input without providing a default with pytest.raises(AttributeError): cred.get_input('field_not_on_credential_type') # verify that the provided default is used for undefined inputs assert cred.get_input('field_not_on_credential_type', default='bar') == 'bar' # verify expected exception is raised when attempting to access an unset secret # input without providing a default with pytest.raises(AttributeError): cred.get_input('secret') # verify that the provided default is used for undefined inputs assert cred.get_input('secret', default='fiz') == 'fiz' # verify return values for encrypted secret fields are decrypted assert cred.inputs['vault_password'].startswith('$encrypted$') assert cred.get_input('vault_password') == 'testing321'
def test_vault_validation(organization, inputs, valid): cred_type = CredentialType.defaults['vault']() cred_type.save() cred = Credential(credential_type=cred_type, name="Best credential ever", inputs=inputs, organization=organization) cred.save() if valid: cred.full_clean() else: with pytest.raises(Exception) as e: cred.full_clean() assert e.type in (ValidationError, serializers.ValidationError)
def test_choices_validity(become_method, valid, organization): inputs = {'become_method': become_method} cred_type = CredentialType.defaults['ssh']() cred_type.save() cred = Credential(credential_type=cred_type, name="Best credential ever", inputs=inputs, organization=organization) cred.save() if valid: cred.full_clean() else: with pytest.raises(serializers.ValidationError) as e: cred.full_clean() assert "'%s' is not one of" % become_method in str(e)
def test_credential_creation(organization_factory): org = organization_factory('test').organization type_ = CredentialType( kind='cloud', name='SomeCloud', managed_by_tower=True, inputs={'fields': [{'id': 'username', 'label': 'Username for SomeCloud', 'type': 'string'}]} ) type_.save() cred = Credential(credential_type=type_, name="Bob's Credential", inputs={'username': '******'}, organization=org) cred.save() cred.full_clean() assert isinstance(cred, Credential) assert cred.name == "Bob's Credential" assert cred.inputs['username'] == 'bob'
def test_ssh_key_data_validation(organization, kind, ssh_key_data, ssh_key_unlock, valid): inputs = {'username': '******'} if ssh_key_data: inputs['ssh_key_data'] = ssh_key_data if ssh_key_unlock: inputs['ssh_key_unlock'] = ssh_key_unlock cred_type = CredentialType.defaults[kind]() cred_type.save() cred = Credential(credential_type=cred_type, name="Best credential ever", inputs=inputs, organization=organization) cred.save() if valid: cred.full_clean() else: with pytest.raises(Exception) as e: cred.full_clean() assert e.type in (ValidationError, serializers.ValidationError)