def fetch_ca(project_id=None): if not CONF.use_project_ca: project_id = None ca_file_path = ca_path(project_id) if not os.path.exists(ca_file_path): raise exception.CryptoCAFileNotFound(project=project_id) with open(ca_file_path, 'r') as cafile: return cafile.read()
class CertificatesTestV21(test.NoDBTestCase): certificates = certificates_v21 url = '/v3/os-certificates' certificate_show_extension = 'os_compute_api:os-certificates:show' certificate_create_extension = \ 'os_compute_api:os-certificates:create' def setUp(self): super(CertificatesTestV21, self).setUp() self.context = context.RequestContext('fake', 'fake') self.controller = self.certificates.CertificatesController() self.req = fakes.HTTPRequest.blank('') def test_translate_certificate_view(self): pk, cert = 'fakepk', 'fakecert' view = self.certificates._translate_certificate_view(cert, pk) self.assertEqual(view['data'], cert) self.assertEqual(view['private_key'], pk) def test_certificates_show_root(self): self.mox.StubOutWithMock(self.controller.cert_rpcapi, 'fetch_ca') self.controller.cert_rpcapi.fetch_ca( mox.IgnoreArg(), project_id='fake').AndReturn('fakeroot') self.mox.ReplayAll() res_dict = self.controller.show(self.req, 'root') response = {'certificate': {'data': 'fakeroot', 'private_key': None}} self.assertEqual(res_dict, response) def test_certificates_show_policy_failed(self): rules = { self.certificate_show_extension: common_policy.parse_rule("!") } policy.set_rules(rules) exc = self.assertRaises(exception.PolicyNotAuthorized, self.controller.show, self.req, 'root') self.assertIn(self.certificate_show_extension, exc.format_message()) def test_certificates_create_certificate(self): self.mox.StubOutWithMock(self.controller.cert_rpcapi, 'generate_x509_cert') self.controller.cert_rpcapi.generate_x509_cert( mox.IgnoreArg(), user_id='fake_user', project_id='fake').AndReturn( ('fakepk', 'fakecert')) self.mox.ReplayAll() res_dict = self.controller.create(self.req) response = { 'certificate': { 'data': 'fakecert', 'private_key': 'fakepk' } } self.assertEqual(res_dict, response) def test_certificates_create_policy_failed(self): rules = { self.certificate_create_extension: common_policy.parse_rule("!") } policy.set_rules(rules) exc = self.assertRaises(exception.PolicyNotAuthorized, self.controller.create, self.req) self.assertIn(self.certificate_create_extension, exc.format_message()) @mock.patch.object( rpcapi.CertAPI, 'fetch_ca', side_effect=exception.CryptoCAFileNotFound(project='fake')) def test_non_exist_certificates_show(self, mock_fetch_ca): self.assertRaises(exc.HTTPNotFound, self.controller.show, self.req, 'root')
class CertificatesTestV21(test.NoDBTestCase): certificates = certificates_v21 url = '/v2/fake/os-certificates' certificate_show_extension = 'os_compute_api:os-certificates:show' certificate_create_extension = \ 'os_compute_api:os-certificates:create' def setUp(self): super(CertificatesTestV21, self).setUp() self.context = context.RequestContext('fake', 'fake') self.controller = self.certificates.CertificatesController() self.req = fakes.HTTPRequest.blank('') def test_translate_certificate_view(self): pk, cert = 'fakepk', 'fakecert' view = self.certificates._translate_certificate_view(cert, pk) self.assertEqual(view['data'], cert) self.assertEqual(view['private_key'], pk) @mock.patch.object(rpcapi.CertAPI, 'fetch_ca', return_value='fakeroot') def test_certificates_show_root(self, mock_fetch_ca): res_dict = self.controller.show(self.req, 'root') response = {'certificate': {'data': 'fakeroot', 'private_key': None}} self.assertEqual(res_dict, response) mock_fetch_ca.assert_called_once_with(mock.ANY, project_id='fake') def test_certificates_show_policy_failed(self): rules = {self.certificate_show_extension: "!"} policy.set_rules(oslo_policy.Rules.from_dict(rules)) exc = self.assertRaises(exception.PolicyNotAuthorized, self.controller.show, self.req, 'root') self.assertIn(self.certificate_show_extension, exc.format_message()) @mock.patch.object(rpcapi.CertAPI, 'generate_x509_cert', return_value=('fakepk', 'fakecert')) def test_certificates_create_certificate(self, mock_generate_x509_cert): res_dict = self.controller.create(self.req) response = { 'certificate': { 'data': 'fakecert', 'private_key': 'fakepk' } } self.assertEqual(res_dict, response) mock_generate_x509_cert.assert_called_once_with(mock.ANY, user_id='fake_user', project_id='fake') def test_certificates_create_policy_failed(self): rules = {self.certificate_create_extension: "!"} policy.set_rules(oslo_policy.Rules.from_dict(rules)) exc = self.assertRaises(exception.PolicyNotAuthorized, self.controller.create, self.req) self.assertIn(self.certificate_create_extension, exc.format_message()) @mock.patch.object( rpcapi.CertAPI, 'fetch_ca', side_effect=exception.CryptoCAFileNotFound(project='fake')) def test_non_exist_certificates_show(self, mock_fetch_ca): self.assertRaises(exc.HTTPNotFound, self.controller.show, self.req, 'root')
def fake_get_root_cert_not_found(context, *args, **kwargs): raise exception.CryptoCAFileNotFound(project='')