def test_create_credential_with_invalid_url_xfail(post, organization, admin, url, status, msg): credential_type = CredentialType(kind='test', name='MyTestCredentialType', inputs={ 'fields': [{ 'id': 'server_url', 'label': 'Server Url', 'type': 'string', 'format': 'url' }] }) credential_type.save() params = { 'name': 'Second Best Credential Ever', 'organization': organization.pk, 'credential_type': credential_type.pk, 'inputs': { 'server_url': url } } endpoint = reverse('api:credential_list') response = post(endpoint, params, admin) assert response.status_code == status if status != 201: assert response.data['inputs']['server_url'] == [msg]
def test_custom_credential_type_create(get, post, organization, admin): credential_type = CredentialType(kind='cloud', name='MyCloud', inputs={ 'fields': [{ 'id': 'api_token', 'label': 'API Token', 'type': 'string', 'secret': True }] }) credential_type.save() params = { 'name': 'Best credential ever', 'organization': organization.pk, 'credential_type': credential_type.pk, 'inputs': { 'api_token': 'secret' } } response = post(reverse('api:credential_list'), params, admin) assert response.status_code == 201 response = get(reverse('api:credential_list'), admin) assert response.status_code == 200 assert response.data['count'] == 1 cred = response.data['results'][0] assert cred['inputs']['api_token'] == '$encrypted$' cred = Credential.objects.all()[:1].get() assert cred.inputs['api_token'].startswith('$encrypted$UTF8$AES') assert decrypt_field(cred, 'api_token') == 'secret'
def test_credential_creation_validation_failure(organization_factory, inputs): org = organization_factory('test').organization type_ = CredentialType(kind='cloud', name='SomeCloud', managed_by_tower=True, inputs={ 'fields': [{ 'id': 'username', 'label': 'Username for SomeCloud', 'type': 'string' }, { 'id': 'flag', 'label': 'Some Boolean Flag', 'type': 'boolean' }] }) type_.save() with pytest.raises(Exception) as e: cred = Credential(credential_type=type_, name="Bob's Credential", inputs=inputs, organization=org) cred.save() cred.full_clean() assert e.type in (ValidationError, serializers.ValidationError)
def _populate_deprecated_cred_types(cred, kind): if kind not in cred: return None if cred[kind] is None: new_obj = CredentialType(**DEPRECATED_CRED_KIND[kind]) new_obj.save() cred[kind] = new_obj return cred[kind]
def test_credential_get_input(organization_factory): organization = organization_factory('test').organization type_ = CredentialType( kind='vault', name='somevault', managed_by_tower=True, inputs={ 'fields': [ { 'id': 'vault_password', 'type': 'string', 'secret': True, }, { 'id': 'vault_id', 'type': 'string', 'secret': False }, { 'id': 'secret', 'type': 'string', 'secret': True, }, ] }, ) type_.save() cred = Credential(organization=organization, credential_type=type_, name="Bob's Credential", inputs={'vault_password': '******'}) cred.save() cred.full_clean() assert isinstance(cred, Credential) # verify expected exception is raised when attempting to access an unset # input without providing a default with pytest.raises(AttributeError): cred.get_input('vault_id') # verify that the provided default is used for unset inputs assert cred.get_input('vault_id', default='foo') == 'foo' # verify expected exception is raised when attempting to access an undefined # input without providing a default with pytest.raises(AttributeError): cred.get_input('field_not_on_credential_type') # verify that the provided default is used for undefined inputs assert cred.get_input('field_not_on_credential_type', default='bar') == 'bar' # verify expected exception is raised when attempting to access an unset secret # input without providing a default with pytest.raises(AttributeError): cred.get_input('secret') # verify that the provided default is used for undefined inputs assert cred.get_input('secret', default='fiz') == 'fiz' # verify return values for encrypted secret fields are decrypted assert cred.inputs['vault_password'].startswith('$encrypted$') assert cred.get_input('vault_password') == 'testing321'
def test_credential_creation(organization_factory): org = organization_factory('test').organization type_ = CredentialType( kind='cloud', name='SomeCloud', managed_by_tower=True, inputs={'fields': [{'id': 'username', 'label': 'Username for SomeCloud', 'type': 'string'}]} ) type_.save() cred = Credential(credential_type=type_, name="Bob's Credential", inputs={'username': '******'}, organization=org) cred.save() cred.full_clean() assert isinstance(cred, Credential) assert cred.name == "Bob's Credential" assert cred.inputs['username'] == 'bob'