def test_should_get_global_preferred_ca(self): self.create_cas() resp = self.app.get('/cas/global-preferred') self.assertEqual( hrefs.convert_certificate_authority_to_href(self.global_ca_id), resp.namespace['cas'][0])
def test_should_get_preferred_ca(self): self.create_cas() resp = self.app.get('/cas/preferred') self.assertEqual( hrefs.convert_certificate_authority_to_href( self.preferred_ca.id), resp.namespace['ca_ref'])
def on_post(self, external_project_id, **kwargs): LOG.debug(u._('Start on_post for project-ID %s:...'), external_project_id) data = api.load_body(pecan.request, validator=self.validator) project = res.get_or_create_project(external_project_id) ctxt = controllers._get_barbican_context(pecan.request) if ctxt: # in authenticated pipeline case, always use auth token user creator_id = ctxt.user self.quota_enforcer.enforce(project) new_ca = cert_resources.create_subordinate_ca( project_model=project, name=data.get('name'), description=data.get('description'), subject_dn=data.get('subject_dn'), parent_ca_ref=data.get('parent_ca_ref'), creator_id=creator_id) url = hrefs.convert_certificate_authority_to_href(new_ca.id) LOG.debug(u._('URI to sub-CA is %s'), url) pecan.response.status = 201 pecan.response.headers['Location'] = url LOG.info(u._LI('Created a sub CA for project: %s'), external_project_id) return {'ca_ref': url}
def on_get(self, external_project_id, **kw): LOG.debug('Start certificate_authorities on_get') plugin_name = kw.get('plugin_name') if plugin_name is not None: plugin_name = urllib.unquote_plus(plugin_name) plugin_ca_id = kw.get('plugin_ca_id', None) if plugin_ca_id is not None: plugin_ca_id = urllib.unquote_plus(plugin_ca_id) result = self.ca_repo.get_by_create_date( offset_arg=kw.get('offset', 0), limit_arg=kw.get('limit', None), plugin_name=plugin_name, plugin_ca_id=plugin_ca_id, suppress_exception=True) cas, offset, limit, total = result if not cas: cas_resp_overall = {'cas': [], 'total': total} else: cas_resp = [ hrefs.convert_certificate_authority_to_href(s.id) for s in cas ] cas_resp_overall = hrefs.add_nav_hrefs('cas', offset, limit, total, {'cas': cas_resp}) cas_resp_overall.update({'total': total}) return cas_resp_overall
def on_post(self, external_project_id, **kwargs): LOG.debug('Start on_post for project-ID %s:...', external_project_id) data = api.load_body(pecan.request, validator=self.validator) project = res.get_or_create_project(external_project_id) ctxt = controllers._get_barbican_context(pecan.request) if ctxt: # in authenticated pipeline case, always use auth token user creator_id = ctxt.user self.quota_enforcer.enforce(project) new_ca = cert_resources.create_subordinate_ca( project_model=project, name=data.get('name'), description=data.get('description'), subject_dn=data.get('subject_dn'), parent_ca_ref=data.get('parent_ca_ref'), creator_id=creator_id ) url = hrefs.convert_certificate_authority_to_href(new_ca.id) LOG.debug('URI to sub-CA is %s', url) pecan.response.status = 201 pecan.response.headers['Location'] = url LOG.info(u._LI('Created a sub CA for project: %s'), external_project_id) return {'ca_ref': url}
def get_global_preferred(self, external_project_id, **kw): LOG.debug('Start certificate_authorities get_global_preferred CA') pref_ca = self.preferred_ca_repo.get_global_preferred_ca() if not pref_ca: pecan.abort(404, "No global preferred CA defined") return { 'cas': [hrefs.convert_certificate_authority_to_href(pref_ca.ca_id)] }
def get_global_preferred(self, external_project_id, **kw): LOG.debug('Start certificate_authorities get_global_preferred CA') pref_ca = cert_resources.get_global_preferred_ca() if not pref_ca: pecan.abort(404, u._("No global preferred CA defined")) return { 'ca_ref': hrefs.convert_certificate_authority_to_href(pref_ca.ca_id) }
def preferred(self, external_project_id, **kw): LOG.debug('Start certificate_authorities get project preferred CA') project = res.get_or_create_project(external_project_id) pref_ca_id = cert_resources.get_project_preferred_ca_id(project.id) if not pref_ca_id: pecan.abort(404, u._("No preferred CA defined for this project")) return { 'ca_ref': hrefs.convert_certificate_authority_to_href(pref_ca_id) }
def _display_cas(self, cas, offset, limit, total): if not cas: cas_resp_overall = {'cas': [], 'total': total} else: cas_resp = [ hrefs.convert_certificate_authority_to_href(ca.id) for ca in cas ] cas_resp_overall = hrefs.add_nav_hrefs('cas', offset, limit, total, {'cas': cas_resp}) cas_resp_overall.update({'total': total}) return cas_resp_overall
def _display_cas(self, cas, offset, limit, total): if not cas: cas_resp_overall = {'cas': [], 'total': total} else: cas_resp = [ hrefs.convert_certificate_authority_to_href(ca.id) for ca in cas] cas_resp_overall = hrefs.add_nav_hrefs('cas', offset, limit, total, {'cas': cas_resp}) cas_resp_overall.update({'total': total}) return cas_resp_overall
def preferred(self, external_project_id, **kw): LOG.debug('Start certificate_authorities get project preferred CA') project = self.project_repo.find_by_external_project_id( external_project_id) pref_ca = self.preferred_ca_repo.get_project_entities(project.id) if not pref_ca: pecan.abort(404, "No preferred CA defined for this project") return { 'cas': [hrefs.convert_certificate_authority_to_href(pref_ca[0].ca_id)] }
def test_should_raise_unauthorized_parent_ca(self): subca = cert_res.create_subordinate_ca( project_model=self.project2, name=self.name, description=self.description, subject_dn=self.subject_name, parent_ca_ref=self.parent_ca_ref, creator_id=self.creator_id) subca_ref = hrefs.convert_certificate_authority_to_href(subca.id) self.assertRaises(excep.UnauthorizedSubCA, cert_res.create_subordinate_ca, project_model=self.project, name=self.name, description=self.description, subject_dn=self.subject_name, parent_ca_ref=subca_ref, creator_id=self.creator_id)
def test_should_raise_unauthorized_parent_ca(self): subca = cert_res.create_subordinate_ca( project_model=self.project2, name=self.name, description=self.description, subject_dn=self.subject_name, parent_ca_ref=self.parent_ca_ref, creator_id=self.creator_id ) subca_ref = hrefs.convert_certificate_authority_to_href(subca.id) self.assertRaises( excep.UnauthorizedSubCA, cert_res.create_subordinate_ca, project_model=self.project, name=self.name, description=self.description, subject_dn=self.subject_name, parent_ca_ref=subca_ref, creator_id=self.creator_id)
def on_get(self, external_project_id, **kw): LOG.debug('Start certificate_authorities on_get') plugin_name = kw.get('plugin_name') if plugin_name is not None: plugin_name = urllib.unquote_plus(plugin_name) plugin_ca_id = kw.get('plugin_ca_id', None) if plugin_ca_id is not None: plugin_ca_id = urllib.unquote_plus(plugin_ca_id) result = self.ca_repo.get_by_create_date( offset_arg=kw.get('offset', 0), limit_arg=kw.get('limit', None), plugin_name=plugin_name, plugin_ca_id=plugin_ca_id, suppress_exception=True ) cas, offset, limit, total = result if not cas: cas_resp_overall = {'cas': [], 'total': total} else: cas_resp = [ hrefs.convert_certificate_authority_to_href(s.id) for s in cas ] cas_resp_overall = hrefs.add_nav_hrefs( 'cas', offset, limit, total, {'cas': cas_resp} ) cas_resp_overall.update({'total': total}) return cas_resp_overall