def test_system_transform(self): rule = self.models['rules']['rule_action_default_value_render_fail.yaml'] runner_type_db = mock.Mock() runner_type_db.runner_parameters = {} action_db = mock.Mock() action_db.parameters = {} k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5')) k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6')) k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7')) k8 = KeyValuePair.add_or_update(KeyValuePairDB(name='k8', value='v8', scope=FULL_SYSTEM_SCOPE)) params = {'ip5': '{{trigger.k2}}-static', 'ip6': '{{st2kv.system.k6}}-static', 'ip7': '{{st2kv.system.k7}}-static'} expected_params = {'ip5': 'v2-static', 'ip6': 'v6-static', 'ip7': 'v7-static'} try: self.assertResolvedParamsMatchExpected(rule=rule, trigger_instance=MOCK_TRIGGER_INSTANCE_4, params=params, expected_params=expected_params) finally: KeyValuePair.delete(k5) KeyValuePair.delete(k6) KeyValuePair.delete(k7) KeyValuePair.delete(k8)
def test_get_config_dynamic_config_item_nested_dict(self): pack_name = "dummy_pack_schema_with_nested_object_7" loader = ContentPackConfigLoader(pack_name=pack_name) KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0")) KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1")) KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2")) #################### # values nested dictionaries values = { "level0_key": "{{st2kv.system.k0}}", "level0_object": { "level1_key": "{{st2kv.system.k1}}", "level1_object": {"level2_key": "{{st2kv.system.k2}}"}, }, } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEqual( config_rendered, { "level0_key": "v0", "level0_object": { "level1_key": "v1", "level1_object": {"level2_key": "v2"}, }, }, ) config_db.delete()
def test_system_transform(self): k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5')) k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6')) k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7')) k8 = KeyValuePair.add_or_update( KeyValuePairDB(name='k8', value='v8', scope=FULL_SYSTEM_SCOPE)) try: transformer = datatransform.get_transformer(PAYLOAD) mapping = { 'ip5': '{{trigger.k2}}-static', 'ip6': '{{st2kv.system.k6}}-static', 'ip7': '{{st2kv.system.k7}}-static' } result = transformer(mapping) expected = { 'ip5': 'v2-static', 'ip6': 'v6-static', 'ip7': 'v7-static' } self.assertEqual(result, expected) finally: KeyValuePair.delete(k5) KeyValuePair.delete(k6) KeyValuePair.delete(k7) KeyValuePair.delete(k8)
def test_get_config_dynamic_config_item_list(self): pack_name = 'dummy_pack_schema_with_nested_object_7' loader = ContentPackConfigLoader(pack_name=pack_name) KeyValuePair.add_or_update(KeyValuePairDB(name='k0', value='v0')) KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1')) #################### # values in list values = { 'level0_key': [ 'a', '{{st2kv.system.k0}}', 'b', '{{st2kv.system.k1}}', ] } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEqual(config_rendered, {'level0_key': ['a', 'v0', 'b', 'v1']}) config_db.delete()
def test_get_config_dynamic_config_item_list(self): pack_name = "dummy_pack_schema_with_nested_object_7" loader = ContentPackConfigLoader(pack_name=pack_name) KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0")) KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1")) #################### # values in list values = { "level0_key": [ "a", "{{st2kv.system.k0}}", "b", "{{st2kv.system.k1}}", ] } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEqual(config_rendered, {"level0_key": ["a", "v0", "b", "v1"]}) config_db.delete()
def test_get_finalized_params_system_values(self): KeyValuePair.add_or_update(KeyValuePairDB(name='actionstr', value='foo')) KeyValuePair.add_or_update(KeyValuePairDB(name='actionnumber', value='1.0')) params = { 'runnerint': 555 } liveaction_db = self._get_liveaction_model(params) runner_params, action_params = param_utils.get_finalized_params( ParamsUtilsTest.runnertype_db.runner_parameters, ParamsUtilsTest.action_system_default_db.parameters, liveaction_db.parameters, liveaction_db.context) # Asserts for runner params. # Assert that default values for runner params are resolved. self.assertEqual(runner_params.get('runnerstr'), 'defaultfoo') # Assert that a runner param from action exec is picked up. self.assertEqual(runner_params.get('runnerint'), 555) # Assert that an immutable param cannot be overridden by action param or execution param. self.assertEqual(runner_params.get('runnerimmutable'), 'runnerimmutable') # Asserts for action params. self.assertEqual(action_params.get('actionstr'), 'foo') self.assertEqual(action_params.get('actionnumber'), 1.0)
def test_non_hierarchical_lookup(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1')) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2')) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='k3', value='v3')) lookup = KeyValueLookup() self.assertEquals(str(lookup.k1), k1.value) self.assertEquals(str(lookup.k2), k2.value) self.assertEquals(str(lookup.k3), k3.value)
def test_get_config_dynamic_config_item_nested_list(self): pack_name = "dummy_pack_schema_with_nested_object_8" loader = ContentPackConfigLoader(pack_name=pack_name) KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0")) KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1")) KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2")) #################### # values in objects embedded in lists and nested lists values = { "level0_key": [ { "level1_key0": "{{st2kv.system.k0}}" }, "{{st2kv.system.k1}}", [ "{{st2kv.system.k0}}", "{{st2kv.system.k1}}", "{{st2kv.system.k2}}", ], { "level1_key2": [ "{{st2kv.system.k2}}", ] }, ] } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEqual( config_rendered, { "level0_key": [ { "level1_key0": "v0" }, "v1", [ "v0", "v1", "v2", ], { "level1_key2": [ "v2", ] }, ] }, ) config_db.delete()
def test_lookups_older_scope_names_backward_compatibility(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1', scope=FULL_SYSTEM_SCOPE)) lookup = KeyValueLookup(scope=SYSTEM_SCOPE) self.assertEquals(str(lookup['a']['b']), k1.value) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r.i.p', value='v4', scope=FULL_USER_SCOPE)) user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user='******') self.assertEquals(str(user_lookup['r']['i']['p']), k2.value)
def test_hierarchical_lookup_dict(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1')) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='v2')) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3')) lookup = KeyValueLookup() self.assertEquals(str(lookup['a']['b']), k1.value) self.assertEquals(str(lookup['a']['b']['c']), k2.value) self.assertEquals(str(lookup['b']['c']), k3.value) self.assertEquals(str(lookup['a']), '')
def test_admin_permissions_for_user_scoped_kvps(self): resolver = KeyValuePermissionsResolver() admin_user_db = self.users["admin"] # Setup users. No explicit grant, role, and assignment records should be # required for user to access their KVPs user_1_db = UserDB(name="user105") user_1_db = User.add_or_update(user_1_db) self.users[user_1_db.name] = user_1_db # Insert user scoped key value pairs for user1. key_1_name = "mykey5" key_1_ref = get_key_reference(FULL_USER_SCOPE, key_1_name, user_1_db.name) kvp_1_db = KeyValuePairDB( uid="%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR, FULL_USER_SCOPE, key_1_ref), scope=FULL_USER_SCOPE, name=key_1_ref, value="myval5", ) kvp_1_db = KeyValuePair.add_or_update(kvp_1_db) self.resources[kvp_1_db.uid] = kvp_1_db # Admin user should have general list permissions on user1's kvps. self.assertUserHasResourceDbPermission( resolver=resolver, user_db=admin_user_db, resource_db=KeyValuePairDB(scope="%s:%s" % (FULL_USER_SCOPE, user_1_db.name)), permission_type=PermissionType.KEY_VALUE_PAIR_LIST, ) # Admin user should have all permissions to another user1's kvp. self.assertUserHasResourceDbPermission( resolver=resolver, user_db=admin_user_db, resource_db=kvp_1_db, permission_type=PermissionType.KEY_VALUE_PAIR_ALL, ) self.assertUserHasResourceDbPermissions( resolver=resolver, user_db=admin_user_db, resource_db=kvp_1_db, permission_types=self.read_permission_types, ) self.assertUserHasResourceDbPermissions( resolver=resolver, user_db=admin_user_db, resource_db=kvp_1_db, permission_types=self.write_permission_types, )
def test_user_default_permissions_for_system_scope_kvps(self): resolver = KeyValuePermissionsResolver() user1_db = self.users["no_roles"] user2_db = self.users["1_custom_role_no_permissions"] # Users by default should not have general list permissions on system kvps. self.assertUserDoesntHaveResourceDbPermission( resolver=resolver, user_db=user1_db, resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE), permission_type=PermissionType.KEY_VALUE_PAIR_LIST, ) self.assertUserDoesntHaveResourceDbPermission( resolver=resolver, user_db=user2_db, resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE), permission_type=PermissionType.KEY_VALUE_PAIR_LIST, ) for k in ["key1", "key2"]: kvp_uid = "%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR, FULL_SYSTEM_SCOPE, k) kvp_db = self.resources[kvp_uid] # User with no roles should not have any permission on the system kvp self.assertUserDoesntHaveResourceDbPermissions( resolver=resolver, user_db=user1_db, resource_db=kvp_db, permission_types=self.all_permission_types, ) self.assertUserDoesntHaveResourceDbPermission( resolver=resolver, user_db=user1_db, resource_db=kvp_db, permission_type=PermissionType.KEY_VALUE_PAIR_ALL, ) # User with some unrelated custom roles should not have any permission on the system kvp self.assertUserDoesntHaveResourceDbPermissions( resolver=resolver, user_db=user2_db, resource_db=kvp_db, permission_types=self.all_permission_types, ) self.assertUserDoesntHaveResourceDbPermission( resolver=resolver, user_db=user2_db, resource_db=kvp_db, permission_type=PermissionType.KEY_VALUE_PAIR_ALL, )
def test_get_config_dynamic_config_item_nested_list(self): pack_name = 'dummy_pack_schema_with_nested_object_8' loader = ContentPackConfigLoader(pack_name=pack_name) KeyValuePair.add_or_update(KeyValuePairDB(name='k0', value='v0')) KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1')) KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2')) #################### # values in objects embedded in lists and nested lists values = { 'level0_key': [ { 'level1_key0': '{{st2kv.system.k0}}' }, '{{st2kv.system.k1}}', [ '{{st2kv.system.k0}}', '{{st2kv.system.k1}}', '{{st2kv.system.k2}}', ], { 'level1_key2': [ '{{st2kv.system.k2}}', ] } ] } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEquals(config_rendered, { 'level0_key': [ { 'level1_key0': 'v0' }, 'v1', [ 'v0', 'v1', 'v2', ], { 'level1_key2': [ 'v2', ] } ] }) config_db.delete()
def test_lookups_older_scope_names_backward_compatibility(self): k1 = KeyValuePair.add_or_update( KeyValuePairDB(name="a.b", value="v1", scope=FULL_SYSTEM_SCOPE)) lookup = KeyValueLookup(scope=SYSTEM_SCOPE) self.assertEqual(str(lookup["a"]["b"]), k1.value) k2 = KeyValuePair.add_or_update( KeyValuePairDB(name="stanley:r.i.p", value="v4", scope=FULL_USER_SCOPE)) user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user="******") self.assertEqual(str(user_lookup["r"]["i"]["p"]), k2.value)
def setUp(self): super(TemplatingUtilsTestCase, self).setUp() # Insert mock DB objects kvp_1_db = KeyValuePairDB(name='key1', value='valuea') kvp_1_db = KeyValuePair.add_or_update(kvp_1_db) kvp_2_db = KeyValuePairDB(name='key2', value='valueb') kvp_2_db = KeyValuePair.add_or_update(kvp_2_db) kvp_3_db = KeyValuePairDB(name='stanley:key1', value='valuestanley1', scope=FULL_USER_SCOPE) kvp_3_db = KeyValuePair.add_or_update(kvp_3_db) kvp_4_db = KeyValuePairDB(name='joe:key1', value='valuejoe1', scope=FULL_USER_SCOPE) kvp_4_db = KeyValuePair.add_or_update(kvp_4_db)
def test_lookup_cast(self): KeyValuePair.add_or_update(KeyValuePairDB(name='count', value='5.5')) lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE) self.assertEqual(str(lookup.count), '5.5') self.assertEqual(float(lookup.count), 5.5) self.assertEqual(int(lookup.count), 5)
def test_user_scope_lookups_user_sep_in_name(self): KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r:i:p', value='v4', scope=FULL_USER_SCOPE)) lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******') # This is the only way to lookup because USER_SEPARATOR (':') cannot be a part of # variable name in Python. self.assertEquals(str(lookup['r:i:p']), 'v4')
def test_admin_permissions_for_system_scope_kvps(self): resolver = KeyValuePermissionsResolver() user_db = self.users["admin"] # Admin user should have general list permissions on system kvps. self.assertUserHasResourceDbPermission( resolver=resolver, user_db=user_db, resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE), permission_type=PermissionType.KEY_VALUE_PAIR_LIST, ) # Admin user should have all permission on the system kvps for k in ["key1", "key2"]: kvp_uid = "%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR, FULL_SYSTEM_SCOPE, k) kvp_db = self.resources[kvp_uid] self.assertUserHasResourceDbPermissions( resolver=resolver, user_db=user_db, resource_db=kvp_db, permission_types=self.all_permission_types, ) self.assertUserHasResourceDbPermission( resolver=resolver, user_db=user_db, resource_db=kvp_db, permission_type=PermissionType.KEY_VALUE_PAIR_ALL, )
def migrate_datastore(): key_value_items = KeyValuePair.get_all() try: for kvp in key_value_items: kvp_id = getattr(kvp, 'id', None) secret = getattr(kvp, 'secret', False) scope = getattr(kvp, 'scope', SYSTEM_SCOPE) if scope == USER_SCOPE: scope = FULL_USER_SCOPE if scope == SYSTEM_SCOPE: scope = FULL_SYSTEM_SCOPE new_kvp_db = KeyValuePairDB(id=kvp_id, name=kvp.name, expire_timestamp=kvp.expire_timestamp, value=kvp.value, secret=secret, scope=scope) KeyValuePair.add_or_update(new_kvp_db) except: print('ERROR: Failed migrating datastore item with name: %s' % kvp.name) tb.print_exc() raise
def test_get_value_from_datastore_through_render_live_params(self): # Register datastore value to be refered by this test-case register_kwargs = [ { 'name': 'test_key', 'value': 'foo' }, { 'name': 'user1:test_key', 'value': 'bar', 'scope': FULL_USER_SCOPE }, { 'name': '%s:test_key' % cfg.CONF.system_user.user, 'value': 'baz', 'scope': FULL_USER_SCOPE }, ] for kwargs in register_kwargs: KeyValuePair.add_or_update(KeyValuePairDB(**kwargs)) # Assert that datastore value can be got via the Jinja expression from individual scopes. context = {'user': '******'} param = { 'system_value': { 'default': '{{ st2kv.system.test_key }}' }, 'user_value': { 'default': '{{ st2kv.user.test_key }}' }, } live_params = param_utils.render_live_params(runner_parameters={}, action_parameters=param, params={}, action_context=context) self.assertEqual(live_params['system_value'], 'foo') self.assertEqual(live_params['user_value'], 'bar') # Assert that datastore value in the user-scope that is registered by user1 # cannot be got by the operation of user2. context = {'user': '******'} param = {'user_value': {'default': '{{ st2kv.user.test_key }}'}} live_params = param_utils.render_live_params(runner_parameters={}, action_parameters=param, params={}, action_context=context) self.assertEqual(live_params['user_value'], '') # Assert that system-user's scope is selected when user and api_user parameter specified context = {} param = {'user_value': {'default': '{{ st2kv.user.test_key }}'}} live_params = param_utils.render_live_params(runner_parameters={}, action_parameters=param, params={}, action_context=context) self.assertEqual(live_params['user_value'], 'baz')
def test_user_scope_lookups_dot_in_user(self): KeyValuePair.add_or_update( KeyValuePairDB(name='first.last:r.i.p', value='v4', scope=FULL_USER_SCOPE)) lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******') self.assertEqual(str(lookup.r.i.p), 'v4') self.assertEqual(str(lookup['r']['i']['p']), 'v4')
def test_non_hierarchical_lookup(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1')) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2')) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='k3', value='v3')) k4 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:k4', value='v4', scope=FULL_USER_SCOPE)) lookup = KeyValueLookup() self.assertEquals(str(lookup.k1), k1.value) self.assertEquals(str(lookup.k2), k2.value) self.assertEquals(str(lookup.k3), k3.value) # Scoped lookup lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE) self.assertEquals(str(lookup.k4), '') user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******') self.assertEquals(str(user_lookup.k4), k4.value)
def test_user_scope_lookups_dot_in_user(self): KeyValuePair.add_or_update( KeyValuePairDB(name="first.last:r.i.p", value="v4", scope=FULL_USER_SCOPE)) lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user="******") self.assertEqual(str(lookup.r.i.p), "v4") self.assertEqual(str(lookup["r"]["i"]["p"]), "v4")
def test_hierarchical_lookup_dict(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1')) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='v2')) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3')) k4 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r.i.p', value='v4', scope=FULL_USER_SCOPE)) lookup = KeyValueLookup() self.assertEquals(str(lookup['a']['b']), k1.value) self.assertEquals(str(lookup['a']['b']['c']), k2.value) self.assertEquals(str(lookup['b']['c']), k3.value) self.assertEquals(str(lookup['a']), '') # Scoped lookup lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE) self.assertEquals(str(lookup['r']['i']['p']), '') user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******') self.assertEquals(str(user_lookup['r']['i']['p']), k4.value)
def test_non_hierarchical_lookup(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1")) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2")) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name="k3", value="v3")) k4 = KeyValuePair.add_or_update( KeyValuePairDB(name="stanley:k4", value="v4", scope=FULL_USER_SCOPE)) lookup = KeyValueLookup() self.assertEqual(str(lookup.k1), k1.value) self.assertEqual(str(lookup.k2), k2.value) self.assertEqual(str(lookup.k3), k3.value) # Scoped lookup lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE) self.assertEqual(str(lookup.k4), "") user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user="******") self.assertEqual(str(user_lookup.k4), k4.value)
def test_secret_lookup(self): secret_value = '0055A2D9A09E1071931925933744965EEA7E23DCF59A8D1D7A3' + \ '64338294916D37E83C4796283C584751750E39844E2FD97A3727DB5D553F638' k1 = KeyValuePair.add_or_update( KeyValuePairDB(name='k1', value=secret_value, secret=True)) k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2')) k3 = KeyValuePair.add_or_update( KeyValuePairDB(name='stanley:k3', value=secret_value, scope=FULL_USER_SCOPE, secret=True)) lookup = KeyValueLookup() self.assertEqual(str(lookup.k1), k1.value) self.assertEqual(str(lookup.k2), k2.value) self.assertEqual(str(lookup.k3), '') user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******') self.assertEqual(str(user_lookup.k3), k3.value)
def test_hierarchical_lookup_dotted(self): k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1')) k2 = KeyValuePair.add_or_update( KeyValuePairDB(name='a.b.c', value='v2')) k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3')) k4 = KeyValuePair.add_or_update( KeyValuePairDB(name='stanley:r.i.p', value='v4', scope=USER_SCOPE)) lookup = KeyValueLookup() self.assertEquals(str(lookup.a.b), k1.value) self.assertEquals(str(lookup.a.b.c), k2.value) self.assertEquals(str(lookup.b.c), k3.value) self.assertEquals(str(lookup.a), '') # Scoped lookup lookup = KeyValueLookup(scope=SYSTEM_SCOPE) self.assertEquals(str(lookup.r.i.p), '') user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user='******') self.assertEquals(str(user_lookup.r.i.p), k4.value)
def test_get_config_dynamic_config_item_under_additional_properties(self): pack_name = "dummy_pack_schema_with_additional_properties_1" loader = ContentPackConfigLoader(pack_name=pack_name) encrypted_value = crypto.symmetric_encrypt(KeyValuePairAPI.crypto_key, "v1_encrypted") KeyValuePair.add_or_update( KeyValuePairDB(name="k1_encrypted", value=encrypted_value, secret=True)) #################### # values in objects under an object with additionalProperties values = { "profiles": { "dev": { # no host or port to test default value "token": "hard-coded-secret", }, "prod": { "host": "127.1.2.7", "port": 8282, # encrypted in datastore "token": "{{st2kv.system.k1_encrypted}}", # schema declares `secret: true` which triggers auto-decryption. # If this were not encrypted, it would try to decrypt it and fail. }, } } config_db = ConfigDB(pack=pack_name, values=values) config_db = Config.add_or_update(config_db) config_rendered = loader.get_config() self.assertEqual( config_rendered, { "region": "us-east-1", "profiles": { "dev": { "host": "127.0.0.3", "port": 8080, "token": "hard-coded-secret", }, "prod": { "host": "127.1.2.7", "port": 8282, "token": "v1_encrypted", }, }, }, ) config_db.delete()
def test_lookup_with_key_prefix(self): KeyValuePair.add_or_update(KeyValuePairDB(name='some:prefix:stanley:k5', value='v5', scope=FULL_USER_SCOPE)) # No prefix provided, should return None lookup = UserKeyValueLookup(user='******', scope=FULL_USER_SCOPE) self.assertEqual(str(lookup.k5), '') # Prefix provided lookup = UserKeyValueLookup(prefix='some:prefix', user='******', scope=FULL_USER_SCOPE) self.assertEqual(str(lookup.k5), 'v5')
def test_chain_runner_typed_system_params(self, request): action_ref = ResourceReference.to_string_reference(name=ACTION_2.name, pack=ACTION_2.pack) kvps = [] try: kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a', value='1'))) kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='two'))) chain_runner = acr.get_runner() chain_runner.entry_point = CHAIN_SYSTEM_PARAMS chain_runner.action = ACTION_2 chain_runner.liveaction = LiveActionDB(action=action_ref) chain_runner.pre_run() chain_runner.run({}) self.assertNotEqual(chain_runner.chain_holder.actionchain, None) expected_value = {'inttype': 1, 'strtype': 'two'} mock_args, _ = request.call_args self.assertEqual(mock_args[0].parameters, expected_value) finally: for kvp in kvps: KeyValuePair.delete(kvp)
def _create_save_kvp(): created = KeyValuePairDB() created.name = 'token' created.value = '0123456789ABCDEF' return KeyValuePair.add_or_update(created)