def test_load_group_from_kdb(self): kdb_entry = self.kdb.groups[0] self.processor._load_group_from_kdb(kdb_entry, load_entries=False) self.assertTrue("" in self.processor.kdb_groups) group = self.processor.kdb_groups[""] self.assertIsInstance(group, BaseGroup) self.assertEqual(group, BaseGroup(title="Root", icon="48", path="")) self.assertEqual(0, len(self.processor.kdb_entries.keys())) self.processor._load_group_from_kdb(kdb_entry, load_entries=True) self.assertEqual(group, BaseGroup(title="Root", icon="48", path="")) self.assertEqual(1, len(self.processor.kdb_entries.keys()))
def test_read_secrets(self): base_path = "test/recursive/read/" group_entry = BaseGroup( title="root_group", icon="42", path=f"{base_path}root_group", ) secret_entry = BaseEntry( title="test_entry", password="******", icon="1", path=f"{base_path}root_group/test_entry", url="", meta={"foo": "bar"}, username="******", ) self.processor.write_group(group=group_entry) self.processor.write_secret(entry=secret_entry) self.processor.read_secrets(path=f"/{base_path}", recursive=True) self.assertEqual(self.processor.kdb_groups[group_entry.path], group_entry) self.assertEqual(self.processor.kdb_entries[group_entry.path][0], secret_entry)
def test_build_vault(self): base_path = "test/recursive/build/" group_entry = BaseGroup( title="root_group", icon="42", path=f"{base_path}root_group", ) secret_entry = BaseEntry( title="test_entry", password="******", icon="1", path=f"{base_path}root_group/test_entry", url="", meta={"foo": "bar"}, username="******", ) self.processor.kdb_entries[group_entry.path] = [ secret_entry, ] self.processor.kdb_groups[group_entry.path] = group_entry self.processor.build_vault() # TODO DRY resp = self.processor.vault.secrets.kv.v2.read_secret_version( path=f"{group_entry.path}/{self.processor.group_meta_label}") data = resp["data"]["data"] expected_data = group_entry.as_dict() expected_data.pop("path") expected_data.pop("title") self.assertEqual( data, expected_data, ) resp = self.processor.vault.secrets.kv.v2.read_secret_version( path=f"{group_entry.path}/{secret_entry.title}") data = resp["data"]["data"] expected_data = secret_entry.as_dict() expected_data.pop("path") expected_data.pop("title") self.assertEqual( data, expected_data, )
def write_group(self, group: BaseGroup, base_path="/"): data = group.as_dict() data.pop("title") path = base_path + data.pop("path") + "/" + self.__g_meta_label self.vault.secrets.kv.create_or_update_secret( path=path, secret=data, )
def test_write_group(self): entry = BaseGroup( title="root_group", icon="42", path="root_group", ) self._test_write_group(entry) self._test_write_group(entry, "/main_group/") self._test_write_group(entry, "/main_group/sub/") self._test_write_group(entry, "/main_group/sub/sub/")
def test_save_groups_to_kdb(self): self.processor.load_from_kdb(self.raw_kdb_full_path, self.password) self.processor.kdb_groups[ "sub/Foo][ \ 1 *8!@#$%^&*()/ [ subsub/created" ] = BaseGroup( path="sub/su/created", title="crea[ ']ted", icon="42", ) self.processor._save_groups_to_kdb() self.assertFalse("crea[ ']ted" in self.kdb.groups) self.assertFalse("created" in self.kdb.groups)
class TestBaseGroup(TestCase): def setUp(self): self.entry = BaseGroup(title="test", path="/", icon="1") self.kdb = create_kdb() def test_creation(self): group = self.entry self.assertEqual(group.path, "/") self.assertEqual(group.title, "test") self.assertEqual(group.icon, "1") def test_to_dict(self): dict_group = self.entry.as_dict() self.assertIsInstance(dict_group, dict) self.assertEqual(dict_group, { "path": "/", "title": "test", "icon": "1" }) def _test_entry(self, group_name, icon, expected_path, parent_group=None): kdb_group = create_kdb_group( self.kdb, group_name=group_name, icon=icon, parent_group=parent_group, ) group = BaseGroup.from_kdb_entry(kdb_group) dict_group = group.as_dict() self.assertEqual( dict_group, { "path": expected_path, "title": group_name, "icon": icon }, ) return kdb_group def test_from_kdb_entry(self): group = self._test_entry("test", "1", "test") group2 = self._test_entry("1", "2", "test/1", parent_group=group) self._test_entry("sub_sub", "3", "test/1/sub_sub", parent_group=group2)
def _test_entry(self, group_name, icon, expected_path, parent_group=None): kdb_group = create_kdb_group( self.kdb, group_name=group_name, icon=icon, parent_group=parent_group, ) group = BaseGroup.from_kdb_entry(kdb_group) dict_group = group.as_dict() self.assertEqual( dict_group, { "path": expected_path, "title": group_name, "icon": icon }, ) return kdb_group
def test_kdb_group_get_or_create(self): self.processor.load_from_kdb(self.raw_kdb_full_path, self.password) kdb_group = self.processor._kdb_group_get_or_create("sub/subsub") self.assertIsInstance(kdb_group, Group) self.assertEqual(kdb_group.path, ["sub", "subsub"]) self.assertEqual(kdb_group.name, "subsub") self.assertEqual(kdb_group.icon, "1") self.processor.kdb_groups["sub/subsub/created"] = BaseGroup( path="sub/subsub/created", title="created", icon="42", ) kdb_group = self.processor._kdb_group_get_or_create( "sub/subsub/created" ) self.assertIsInstance(kdb_group, Group) self.assertEqual(kdb_group.path, ["sub", "subsub", "created"]) self.assertEqual(kdb_group.name, "created") self.assertEqual(kdb_group.icon, "42")
def read_secret(self, path: str): try: resp_ = self.vault.secrets.kv.v2.read_secret_version(path=path) logger.debug(f"Processing read secret {path}") except vault_errors.Forbidden as err: logger.debug(f"Failed to read secret {path} - {err}") return data = resp_.get("data", {}).get("data") path_ = copy(path).lstrip("/") g_path, title = path_.rsplit("/", 1) if "/" in path_ else ["", path_] if title == self.__g_meta_label: _, title = g_path.rsplit("/", 1) if "/" in g_path else ["", g_path] group = BaseGroup(title=title, path=g_path, **data) self.kdb_groups[g_path] = group else: try: entry = BaseEntry(**data, path=path_, title=title) self.kdb_entries.setdefault(g_path, []).append( entry) # TODO make method move to mixin except TypeError as err: logger.info( f"Secret configured improperly {err} {data} {path_} {title}" )
def _load_group_from_kdb(self, group: Group, load_entries=True): group_ = BaseGroup.from_kdb_entry(group) self.kdb_groups[group_.path] = group_ if group.entries and load_entries: self._load_entries_from_kdb(group.entries)
def setUp(self): self.entry = BaseGroup(title="test", path="/", icon="1") self.kdb = create_kdb()