class SecretTestCase(CmdLineTestCase): def setUp(self): super(SecretTestCase, self).setUp() self.secret_behaviors = SecretBehaviors() self.expected_payload = "Top secret payload for secret smoke tests" self.payload_content_type = "text/plain" def tearDown(self): super(SecretTestCase, self).tearDown() self.secret_behaviors.delete_all_created_secrets() @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', '128', ('\x00\x01\x02\x03\x04\x05\x06\x07' '\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', '2048', keys.get_private_key_pem()], 'public': ['public', 'rsa', '2048', keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', '2048', keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) @testcase.attr('positive') def test_secret_store_with_secret_type(self, secret_type, algorithm, bit_length, secret): payload = secret secret_argv = ['--secret-type', secret_type] if algorithm: secret_argv.extend(['--algorithm', algorithm]) if bit_length: secret_argv.extend(['--bit-length', bit_length]) secret_href = self.secret_behaviors.store_secret(payload, secret_argv) self.assertIsNotNone(secret_href) secret = self.secret_behaviors.get_secret(secret_href) self.assertEqual(secret_href, secret['Secret href']) @testcase.attr('positive') def test_secret_store(self): secret_href = self.secret_behaviors.store_secret() self.assertIsNotNone(secret_href) secret = self.secret_behaviors.get_secret(secret_href) self.assertEqual(secret_href, secret['Secret href']) @testcase.attr('positive') def test_secret_update(self): secret_href = self.secret_behaviors.store_secret(payload=None) payload = 'time for an ice cold!!!' self.assertIsNotNone(secret_href) self.secret_behaviors.update_secret(secret_href, payload) payload_update = self.secret_behaviors.get_secret_payload(secret_href) self.assertEqual(payload, payload_update) @testcase.attr('positive') def test_secret_list(self): secrets_to_create = 10 for _ in range(secrets_to_create): self.secret_behaviors.store_secret() secret_list = self.secret_behaviors.list_secrets() self.assertGreaterEqual(len(secret_list), secrets_to_create) @testcase.attr('positive') def test_secret_delete(self): secret_href = self.secret_behaviors.store_secret() self.secret_behaviors.delete_secret(secret_href) secret = self.secret_behaviors.get_secret(secret_href) self.assertEqual(0, len(secret)) @testcase.attr('positive') def test_secret_get(self): secret_href = self.secret_behaviors.store_secret() secret = self.secret_behaviors.get_secret(secret_href) self.assertIsNotNone(secret) @testcase.attr('positive') def test_secret_get_payload(self): secret_href = self.secret_behaviors.store_secret( payload=self.expected_payload) payload = self.secret_behaviors.get_secret_payload(secret_href) self.assertEqual(payload, self.expected_payload) @testcase.attr('positive') def test_secret_get_raw_payload(self): secret_href = self.secret_behaviors.store_secret( payload=self.expected_payload) payload = self.secret_behaviors.get_secret_payload(secret_href, raw=True) self.assertEqual(payload, self.expected_payload) @testcase.attr('positive') def test_secret_file_parameter_read(self): secret_href = self.secret_behaviors.store_secret( payload=self.expected_payload) self.secret_behaviors.get_secret_file(secret_href=secret_href) payload = self.secret_behaviors.read_secret_test_file() self.assertEqual(payload, self.expected_payload) @testcase.attr('positive') def test_secret_file_parameter_write(self): self.secret_behaviors.write_secret_test_file( payload=self.expected_payload) secret_href = self.secret_behaviors.store_secret_file() payload = self.secret_behaviors.get_secret_payload(secret_href) self.assertEqual(payload, self.expected_payload)
class SecretsTestCase(base.TestCase): def setUp(self): super(SecretsTestCase, self).setUp() self.behaviors = secret_behaviors.SecretBehaviors(self.barbicanclient) def tearDown(self): self.behaviors.delete_all_created_secrets() super(SecretsTestCase, self).tearDown() @testcase.attr('positive') def test_create_secret_defaults(self): """Creates a secret with default values""" test_model = self.behaviors.create_secret(secret_create_defaults_data) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) @testcase.attr('positive') @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', 128, ('\x00\x01\x02\x03\x04\x05\x06\x07' '\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', 2048, keys.get_private_key_pem()], 'public': ['public', 'rsa', 2048, keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', 2048, keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) def test_create_secret_with_type(self, secret_type, algorithm, bit_length, secret): """Creates a secret with default values""" secret_data = secret_create_defaults_data secret_data['secret_type'] = secret_type secret_data['algorithm'] = algorithm secret_data['bit_length'] = bit_length secret_data['payload'] = base64.b64encode(secret) test_model = self.behaviors.create_secret(secret_create_defaults_data) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) @testcase.attr('positive') def test_secret_create_defaults_no_expiration(self): """Covers creating a secret without an expiration.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.expiration = None secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) @testcase.attr('positive') def test_secret_delete_defaults(self): """Covers deleting a secret.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) secret_ref = self.behaviors.store_secret(test_model) del_response = self.behaviors.delete_secret(secret_ref) self.assertIsNone(del_response) @testcase.attr('positive') def test_secret_delete_minimal_secret_w_no_metadata(self): """Covers deleting a secret with nones data.""" test_model = self.behaviors.create_secret(secret_create_nones_data) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) del_resp = self.behaviors.delete_secret(secret_ref) self.assertIsNone(del_resp) @testcase.attr('positive') def test_secret_get_defaults_payload(self): """Covers getting a secret's payload data.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) secret_ref = self.behaviors.store_secret(test_model) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(test_model.payload, get_resp.payload) @testcase.attr('positive') def test_secrets_get_defaults_multiple_secrets(self): """Covers getting a list of secrets. Creates 11 secrets then returns a list of 5 secrets """ limit = 5 offset = 5 total = 10 for i in range(0, total + 1): test_model = self.behaviors.create_secret( secret_create_defaults_data) self.behaviors.store_secret(test_model) secret_list = self.behaviors.get_secrets(limit=limit, offset=offset) self.assertEqual(len(secret_list), limit)
class SecretsTestCase(base.TestCase): def setUp(self): super(SecretsTestCase, self).setUp() self.cleanup = cleanup.CleanUp(self.barbicanclient) def tearDown(self): self.cleanup.delete_all_entities() super(SecretsTestCase, self).tearDown() @testcase.attr('positive') def test_secret_create_defaults_check_content_types(self): """Check that set content-type attribute is retained in metadata.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) content_types = resp.content_types self.assertIsNotNone(content_types) self.assertIn('default', content_types) self.assertEqual('application/octet-stream', content_types['default']) @testcase.attr('positive') def test_secret_create_defaults_non_standard_algorithm(self): """Create a secret with a non standard algorithm. Currently the client will accept any string for the algorithm. """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.algorithm = "not-an-algorithm" secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.algorithm, resp.algorithm) @testcase.attr('positive') def test_secret_read_with_acls(self): """Access default ACL settings data on recently created secret. By default, 'read' ACL settings are there for a secret. """ test_model = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret_ref = self.cleanup.add_entity(test_model) self.assertIsNotNone(secret_ref) secret_entity = self.barbicanclient.secrets.get(secret_ref) self.assertIsNotNone(secret_entity.acls) self.assertIsNotNone(secret_entity.acls.read) self.assertEqual([], secret_entity.acls.read.users) @testcase.attr('positive') def test_secret_create_defaults_non_standard_mode(self): """Create a secret with a non standard mode. Currently the client will accept any string for the mode. """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.mode = 'not-a-mode' secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.mode, resp.mode) @testcase.attr('negative') def test_secret_delete_doesnt_exist(self): """Deletes a non-existent secret. This delete uses a reference with an invalid UUID format """ url = self.barbicanclient.secrets._api.endpoint_override + \ '/secrets/notauuid' e = self.assertRaises(ValueError, self.barbicanclient.secrets.delete, url) self.assertEqual('Secret incorrectly specified.', str(e)) @testcase.attr('negative') def test_secret_delete_doesnt_exist_valid_uuid_format(self): """Deletes a non-existent secret. This delete has a valid UUID format but there is no secret associated with this UUID """ uuid = 'de20ad54-85b4-421b-adb2-eb7b9e546013' url = self.barbicanclient.secrets._api.endpoint_override + \ '/secrets/' + uuid e = self.assertRaises(exceptions.HTTPClientError, self.barbicanclient.secrets.delete, url) self.assertEqual(404, e.status_code) @testcase.attr('negative') def test_secret_get_secret_doesnt_exist(self): """GET an invalid secret ref. Will get value error secret incorrectly specified since "notauuid" is not a properly formatted uuid. """ url = self.barbicanclient.secrets._api.endpoint_override + \ '/secrets/notauuid' e = self.assertRaises(ValueError, self.barbicanclient.secrets.get, url, 'text/plain') self.assertIn("Secret incorrectly specified", str(e)) @testcase.attr('negative') def test_secret_create_defaults_expiration_passed(self): """Create a secret with an expiration that has already passed. Returns a 400. """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.expiration = '2000-01-10T14:58:52.546795' e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @testcase.attr('negative') def test_secret_create_emptystrings(self): """Secret create with empty Strings for all attributes. Fails with a value error, Payload incorrectly specified. """ secret = self.barbicanclient.secrets.create( **secret_create_emptystrings_data) self.assertRaises(exceptions.PayloadException, secret.store) @testcase.attr('negative') def test_secret_create_defaults_oversized_payload(self): """Create a secret with a payload that is larger than the allowed size. Should return a 413 if the secret size is greater than the maximum allowed size. """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload = str(self.oversized_payload) e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(413, e.status_code) @utils.parameterized_dataset({ 'alphanumeric': ['1f34ds'], 'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'], 'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'], 'len_255': [base.TestCase.max_sized_field], 'empty': [''], 'null': [None] }) @testcase.attr('positive') def test_secret_create_defaults_valid_name(self, name): """Covers cases of creating secrets with valid names.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.name = name secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.name, resp.name) @utils.parameterized_dataset({'int': [400]}) @testcase.attr('negative') def test_secret_create_defaults_invalid_name(self, name): """Create secrets with various invalid names. Should return 400. """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.name = name e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({'aes': ['aes']}) @testcase.attr('positive') def test_secret_create_defaults_valid_algorithms(self, algorithm): """Creates secrets with various valid algorithms.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.algorithm = algorithm secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.algorithm, resp.algorithm) @utils.parameterized_dataset({'int': [400]}) @testcase.attr('negative') def test_secret_create_defaults_invalid_algorithms(self, algorithm): """Creates secrets with various invalid algorithms.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.algorithm = algorithm # We are currently testing for exception with http_code # launchpad bug 1431514 will address the change to this functionality e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', 128, (b'\x00\x01\x02\x03\x04\x05\x06\x07' b'\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', 2048, keys.get_private_key_pem()], 'public': ['public', 'rsa', 2048, keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', 2048, keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) @testcase.attr('positive') def test_secret_create_defaults_valid_secret_type(self, secret_type, algorithm, bit_length, payload): """Covers cases of creating secrets with valid secret types.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.secret_type = secret_type secret.algorithm = algorithm secret.bit_length = bit_length # payload should not be encoded. secret.payload = payload secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret_type, resp.secret_type) @testcase.attr('negative') def test_secret_create_defaults_invalid_secret_type(self): """Covers cases of creating secrets with invalid secret types.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.secret_type = 'not a valid secret type' e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({ '512': [512], 'sixteen': [16], 'fifteen': [15], 'eight': [8], 'seven': [7], 'one': [1], 'none': [None] }) @testcase.attr('positive') def test_secret_create_defaults_valid_bit_length(self, bit_length): """Covers cases of creating secrets with valid bit lengths.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.bit_length = bit_length secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.bit_length, resp.bit_length) @utils.parameterized_dataset({ 'str_type': ['not-an-int'], 'empty': [''], 'blank': [' '], 'negative_maxsize': [-sys.maxsize], 'negative_one': [-1], 'zero': [0] }) @testcase.attr('negative') def test_secret_create_defaults_invalid_bit_length(self, bit_length): """Covers cases of creating secrets with invalid bit lengths.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.bit_length = bit_length e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({'cbc': ['cbc']}) @testcase.attr('positive') def test_secret_create_defaults_valid_mode(self, mode): """Covers cases of creating secrets with valid modes.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.mode = mode secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.mode, resp.mode) @utils.parameterized_dataset({ 'zero': [0], 'oversized_string': [base.TestCase.oversized_field], 'int': [400] }) @testcase.attr('negative') def test_secret_create_defaults_invalid_mode(self, mode): """Covers cases of creating secrets with invalid modes.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.mode = mode e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({ 'text_content_type_none_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': None }, 'utf8_text_content_type_none_encoding': { 'payload_content_type': 'text/plain; charset=utf-8', 'payload_content_encoding': None }, 'no_space_utf8_text_content_type_none_encoding': { 'payload_content_type': 'text/plain;charset=utf-8', 'payload_content_encoding': None }, 'octet_content_type_base64_encoding': { 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64' } }) @testcase.attr('positive') def test_secret_create_deprecated_types_and_encoding( self, payload_content_type, payload_content_encoding): """Creates secrets with various content types and encodings.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload_content_type = payload_content_type secret.payload_content_encoding = payload_content_encoding secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) if secret.payload_content_encoding == 'base64': self.assertEqual(base64.b64decode(secret.payload), resp.payload) else: self.assertEqual(secret.payload, resp.payload.encode('utf-8')) @utils.parameterized_dataset({ 'large_string_content_type_and_encoding': { 'payload_content_type': base.TestCase.oversized_field, 'payload_content_encoding': base.TestCase.oversized_field }, 'int_content_type_and_encoding': { 'payload_content_type': 123, 'payload_content_encoding': 123 }, 'text_content_type_none_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': '' }, 'text_no_subtype_content_type_none_content_encoding': { 'payload_content_type': 'text', 'payload_content_encoding': None }, 'text_slash_no_subtype_content_type_none_content_encoding': { 'payload_content_type': 'text/', 'payload_content_encoding': None }, 'text_content_type_empty_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': ' ' }, 'text_content_type_spaces_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': ' ' }, 'text_content_type_base64_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': 'base64' }, 'text_and_utf88_content_type_none_content_encoding': { 'payload_content_type': 'text/plain; charset=utf-88', 'payload_content_encoding': None }, 'invalid_content_type_base64_content_encoding': { 'payload_content_type': 'invalid', 'payload_content_encoding': 'base64' }, 'invalid_content_type_none_content_encoding': { 'payload_content_type': 'invalid', 'payload_content_encoding': None }, 'octet_content_type_invalid_content_encoding': { 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'invalid' }, 'text_content_type_invalid_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': 'invalid' }, 'none_content_type_invalid_content_encoding': { 'payload_content_type': None, 'payload_content_encoding': 'invalid' }, 'none_content_type_base64_content_encoding': { 'payload_content_type': None, 'payload_content_encoding': 'base64' } }) @testcase.attr('negative') def test_secret_create_defaults_invalid_types_and_encoding(self, **kwargs): """Creating secrets with invalid payload types and encodings.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload_content_encoding = kwargs['payload_content_encoding'] secret.payload_content_type = kwargs['payload_content_type'] e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset( {'max_payload_string': [base.TestCase.max_sized_payload]}) @testcase.attr('positive') def test_secret_create_defaults_valid_payload(self, payload): """Create secrets with a various valid payloads.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload = payload secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(secret.payload, resp.payload) @utils.parameterized_dataset({'list': [['boom']], 'int': [123]}) @testcase.attr('negative') def test_secret_create_with_invalid_payload_(self, payload): """Covers attempting to create secret with invalid payload types Tests the negative cases of invalid types (list and int). """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload = payload self.assertRaises(exceptions.PayloadException, secret.store) @utils.parameterized_dataset({'empty': [''], 'zero': [0]}) @testcase.attr('negative') def test_secret_with_no_payload_exception(self, payload): """Covers creating secrets with various invalid payloads. These requests will fail with a value error before the request to the server is made """ secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.payload = payload self.assertRaises(exceptions.PayloadException, secret.store) @utils.parameterized_dataset({ 'negative_five_long_expire': { 'timezone': '-05:00', 'days': 5 }, 'positive_five_long_expire': { 'timezone': '+05:00', 'days': 5 }, 'negative_one_short_expire': { 'timezone': '-01', 'days': 1 }, 'positive_one_short_expire': { 'timezone': '+01', 'days': 1 } }) @testcase.attr('positive') def test_secret_create_defaults_valid_expiration(self, **kwargs): """Create secrets with a various valid expiration data.""" timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs) secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.expiration = timestamp secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertIsNotNone(resp) self.assertEqual(secret.name, resp.name) @utils.parameterized_dataset( {'malformed_timezone': { 'timezone': '-5:00', 'days': 0 }}) @testcase.attr('negative') def test_secret_create_defaults_invalid_expiration(self, **kwargs): """Create secrets with various invalid expiration data.""" timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs) secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.expiration = timestamp e = self.assertRaises(exceptions.HTTPClientError, secret.store) self.assertEqual(400, e.status_code) @utils.parameterized_dataset({ 'text/plain': ['meowwwwwwwmeowwwwwww', 'text/plain'], 'application/octet-stream': [ base64.b64encode(b'F\x130\x89f\x8e\xd9\xa1\x0e\x1f\r\xf67uu\x8b'), 'application/octet-stream' ] }) @testcase.attr('positive') def test_secret_update_nones(self, payload, payload_content_type): """Cover case of updating with all nones in the Secret object.""" secret = self.barbicanclient.secrets.create(**secret_create_nones_data) secret.payload = None secret.payload_content_type = None secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) secret.payload = payload secret.update() resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual(payload, resp.payload) self.assertEqual(payload_content_type, resp.payload_content_type) @utils.parameterized_dataset({ 'alphanumeric': ['1f34ds'], 'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'], 'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'], 'len_255': ['a' * 255], 'empty': [''], 'null': [None] }) @testcase.attr('positive') def test_secret_get_defaults_metadata_w_valid_name(self, name): """Covers getting and checking a secret's metadata.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.name = name secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual("ACTIVE", resp.status) self.assertEqual(name, resp.name) self.assertEqual(secret.mode, resp.mode) self.assertEqual(secret.algorithm, resp.algorithm) self.assertEqual(secret.bit_length, resp.bit_length) @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', 128, ('\x00\x01\x02\x03\x04\x05\x06\x07' '\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', 2048, keys.get_private_key_pem()], 'public': ['public', 'rsa', 2048, keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', 2048, keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) @testcase.attr('positive') def test_secret_get_defaults_secret_type(self, secret_type, algorithm, bit_length, payload): """Covers getting and checking a secret's metadata.""" secret = self.barbicanclient.secrets.create( **secret_create_defaults_data) secret.secret_type = secret_type secret.algorithm = algorithm secret.bit_length = bit_length # payload should not be encoded. secret.payload = payload secret_ref = self.cleanup.add_entity(secret) self.assertIsNotNone(secret_ref) resp = self.barbicanclient.secrets.get(secret_ref) self.assertEqual("ACTIVE", resp.status) self.assertEqual(secret_type, resp.secret_type) @utils.parameterized_dataset({ 'query_by_name': { 'secret_1_dict': dict(name="name1"), 'secret_2_dict': dict(name="name2"), 'query_dict': dict(name="name1") }, 'query_by_algorithm': { 'secret_1_dict': dict(algorithm="algorithm1"), 'secret_2_dict': dict(algorithm="algorithm2"), 'query_dict': dict(algorithm="algorithm1") }, 'query_by_mode': { 'secret_1_dict': dict(mode="mode1"), 'secret_2_dict': dict(mode="mode2"), 'query_dict': dict(mode="mode1") }, 'query_by_bit_length': { 'secret_1_dict': dict(bit_length=1024), 'secret_2_dict': dict(bit_length=2048), 'query_dict': dict(bits=1024) }, 'query_by_secret_type': { 'secret_1_dict': dict(secret_type='opaque'), 'secret_2_dict': dict(secret_type='symmetric'), 'query_dict': dict(secret_type='opaque') }, }) @testcase.attr('positive') def test_secret_list_with_filter(self, secret_1_dict, secret_2_dict, query_dict): secret_1 = self.barbicanclient.secrets.create(**secret_1_dict) secret_1_ref = self.cleanup.add_entity(secret_1) self.assertIsNotNone(secret_1_ref) secret_2 = self.barbicanclient.secrets.create(**secret_2_dict) secret_2_ref = self.cleanup.add_entity(secret_2) self.assertIsNotNone(secret_2_ref) secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(1, len(secret_list)) @utils.parameterized_dataset({ 'query_by_name': { 'secret_1_dict': dict(name="name1"), 'secret_2_dict': dict(name="name2"), 'sort': 'name' }, 'query_by_algorithm': { 'secret_1_dict': dict(algorithm="algorithm1"), 'secret_2_dict': dict(algorithm="algorithm2"), 'sort': 'algorithm' }, 'query_by_mode': { 'secret_1_dict': dict(mode="mode1"), 'secret_2_dict': dict(mode="mode2"), 'sort': 'mode' }, 'query_by_bit_length': { 'secret_1_dict': dict(bit_length=1024), 'secret_2_dict': dict(bit_length=2048), 'sort': 'bit_length' }, 'query_by_secret_type': { 'secret_1_dict': dict(secret_type='opaque'), 'secret_2_dict': dict(secret_type='symmetric'), 'sort': 'secret_type' }, }) @testcase.attr('positive') def test_secret_list_with_sort(self, secret_1_dict, secret_2_dict, sort): secret_1 = self.barbicanclient.secrets.create(**secret_1_dict) secret_1_ref = self.cleanup.add_entity(secret_1) self.assertIsNotNone(secret_1_ref) secret_2 = self.barbicanclient.secrets.create(**secret_2_dict) secret_2_ref = self.cleanup.add_entity(secret_2) self.assertIsNotNone(secret_2_ref) query_dict = {'sort': sort + ":asc"} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) self.assertEqual(secret_1_ref, secret_list[0].secret_ref) query_dict = {'sort': sort + ":desc"} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) self.assertEqual(secret_2_ref, secret_list[0].secret_ref) @utils.parameterized_dataset({ 'created': { 'date_type': 'created', }, 'updated': { 'date_type': 'updated', }, 'expiration': { 'date_type': 'expiration', }, }) @testcase.attr('positive') def test_secret_list_with_date_filter(self, date_type): now = datetime.datetime.utcnow() expiration_1 = (now + datetime.timedelta(days=3)).isoformat() expiration_2 = (now + datetime.timedelta(days=5)).isoformat() secret_1 = self.barbicanclient.secrets.create(expiration=expiration_1) secret_1_ref = self.cleanup.add_entity(secret_1) self.assertIsNotNone(secret_1_ref) payload = "gF6+lLoF3ohA9aPRpt+6bQ==" self.barbicanclient.secrets.update(secret_1_ref, payload) time.sleep(1) secret_2 = self.barbicanclient.secrets.create(expiration=expiration_2) secret_2_ref = self.cleanup.add_entity(secret_2) self.assertIsNotNone(secret_2_ref) time_to_search_1 = getattr(secret_1, date_type).isoformat() time_to_search_2 = getattr(secret_2, date_type).isoformat() # Search for secrets with secret 1's time query_dict = {date_type: time_to_search_1} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(1, len(secret_list)) self.assertEqual(secret_1_ref, secret_list[0].secret_ref) # Search for secrets with time < secret 2, i.e. secret 1 query_dict = {date_type: 'lt:' + time_to_search_2} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(1, len(secret_list)) self.assertEqual(secret_1_ref, secret_list[0].secret_ref) # Search for secrets with time < secret 1, i.e. none query_dict = {date_type: 'lt:' + time_to_search_1} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(0, len(secret_list)) # Search for secrets with time <= secret 2, i.e. both secrets query_dict = {date_type: 'lte:' + time_to_search_2} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) # Search for secrets with time > secret 1, i.e. secret 2 query_dict = {date_type: 'gt:' + time_to_search_1} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(1, len(secret_list)) self.assertEqual(secret_2_ref, secret_list[0].secret_ref) # Search for secrets with time > secret 2, i.e. none query_dict = {date_type: 'gt:' + time_to_search_2} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(0, len(secret_list)) # Search for secrets with time >= secret 1, i.e. both secrets query_dict = {date_type: 'gte:' + time_to_search_1} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) # Sort secrets by date query_dict = {'sort': date_type + ":asc"} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) self.assertEqual(secret_1_ref, secret_list[0].secret_ref) # Sort secrets by date query_dict = {'sort': date_type + ":desc"} secret_list = self.barbicanclient.secrets.list(**query_dict) self.assertEqual(2, len(secret_list)) self.assertEqual(secret_2_ref, secret_list[0].secret_ref)
class SecretsTestCase(base.TestCase): def setUp(self): super(SecretsTestCase, self).setUp() self.behaviors = secret_behaviors.SecretBehaviors(self.barbicanclient) def tearDown(self): self.behaviors.delete_all_created_secrets() super(SecretsTestCase, self).tearDown() @testcase.attr('positive') def test_secret_create_defaults_check_content_types(self): """Check that set content-type attribute is retained in metadata.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) resp = self.behaviors.get_secret(secret_ref) content_types = resp.content_types self.assertIsNotNone(content_types) self.assertIn('default', content_types) self.assertEqual('application/octet-stream', content_types['default']) @testcase.attr('positive') def test_secret_create_defaults_non_standard_algorithm(self): """Create a secret with a non standard algorithm. Currently the client will accept any string for the algorithm. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.algorithm = "not-an-algorithm" secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.algorithm, test_model.algorithm) @testcase.attr('positive') def test_secret_create_defaults_non_standard_mode(self): """Create a secret with a non standard mode. Currently the client will accept any string for the mode. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.mode = 'not-a-mode' secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.mode, test_model.mode) @testcase.attr('negative') def test_secret_delete_doesnt_exist(self): """Deletes a non-existent secret. This delete uses a reference with an invalid UUID format """ url = self.behaviors.base_url + '/secrets/notauuid' e = self.assertRaises(ValueError, self.behaviors.delete_secret, url) self.assertEqual(e.message, 'Secret incorrectly specified.') @testcase.attr('negative') def test_secret_delete_doesnt_exist_valid_uuid_format(self): """Deletes a non-existent secret. This delete has a valid UUID format but there is no secret associated with this UUID """ uuid = 'de20ad54-85b4-421b-adb2-eb7b9e546013' url = self.behaviors.base_url + '/secrets/' + uuid e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.delete_secret, url) self.assertEqual(e.status_code, 404) @testcase.attr('negative') def test_secret_create_nones_content_type(self): """Create secret with valid content type but no payload. Secret will not create due to None in the payload even if content type is valid. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload = None self.assertRaises(exceptions.PayloadException, self.behaviors.store_secret, test_model) @testcase.attr('negative') def test_secret_create_nones(self): """Cover case of posting with all nones in the Secret object.""" test_model = self.behaviors.create_secret(secret_create_nones_data) test_model.payload = None test_model.payload_content_encoding = None test_model.payload_content_type = None self.assertRaises(exceptions.PayloadException, self.behaviors.store_secret, test_model) @testcase.attr('negative') def test_secret_get_secret_doesnt_exist(self): """GET an invalid secret ref. Will get value error secret incorrectly specified since "notauuid" is not a properly formatted uuid. """ url = self.behaviors.base_url + '/secrets/notauuid' e = self.assertRaises(ValueError, self.behaviors.get_secret, url) self.assertIn("Secret incorrectly specified", e.message) @testcase.attr('negative') def test_secret_create_defaults_expiration_passed(self): """Create a secret with an expiration that has already passed. Returns a 400. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.expiration = '2000-01-10T14:58:52.546795' e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @testcase.attr('negative') def test_secret_create_emptystrings(self): """Secret create with empty Strings for all attributes. Fails with a value error, Payload incorrectly specified. """ test_model = self.behaviors.create_secret( secret_create_emptystrings_data) self.assertRaises(exceptions.PayloadException, self.behaviors.store_secret, test_model) @testcase.attr('negative') def test_secret_create_defaults_oversized_payload(self): """Create a secret with a payload that is larger than the allowed size. Should return a 413 if the secret size is greater than the maximum allowed size. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload = str(self.oversized_payload) e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 413) @utils.parameterized_dataset({ 'alphanumeric': ['1f34ds'], 'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'], 'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'], 'len_255': [base.TestCase.max_sized_field], 'empty': [''], 'null': [None] }) @testcase.attr('positive') def test_secret_create_defaults_valid_name(self, name): """Covers cases of creating secrets with valid names.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.name = name secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.name, test_model.name) @utils.parameterized_dataset({'int': [400]}) @testcase.attr('negative') def test_secret_create_defaults_invalid_name(self, name): """Create secrets with various invalid names. Should return 400. """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.name = name e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({'aes': ['aes']}) @testcase.attr('positive') def test_secret_create_defaults_valid_algorithms(self, algorithm): """Creates secrets with various valid algorithms.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.algorithm = algorithm secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.algorithm, test_model.algorithm) @utils.parameterized_dataset({'int': [400]}) @testcase.attr('negative') def test_secret_create_defaults_invalid_algorithms(self, algorithm): """Creates secrets with various invalid algorithms.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.algorithm = algorithm # We are currently testing for exception with http_code # launchpad bug 1431514 will address the change to this functionality e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', 128, ('\x00\x01\x02\x03\x04\x05\x06\x07' '\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', 2048, keys.get_private_key_pem()], 'public': ['public', 'rsa', 2048, keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', 2048, keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) @testcase.attr('positive') def test_secret_create_defaults_valid_secret_type(self, secret_type, algorithm, bit_length, secret): """Covers cases of creating secrets with valid secret types.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.secret_type = secret_type test_model.algorithm = algorithm test_model.bit_length = bit_length test_model.payload = base64.b64encode(secret) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.secret_type, secret_type) @testcase.attr('negative') def test_secret_create_defaults_invalid_secret_type(self): """Covers cases of creating secrets with invalid secret types.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.secret_type = 'not a valid secret type' e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({ '512': [512], 'sixteen': [16], 'fifteen': [15], 'eight': [8], 'seven': [7], 'one': [1], 'none': [None] }) @testcase.attr('positive') def test_secret_create_defaults_valid_bit_length(self, bit_length): """Covers cases of creating secrets with valid bit lengths.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.bit_length = bit_length secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.bit_length, test_model.bit_length) @utils.parameterized_dataset({ 'str_type': ['not-an-int'], 'empty': [''], 'blank': [' '], 'negative_maxint': [-sys.maxint], 'negative_one': [-1], 'zero': [0] }) @testcase.attr('negative') def test_secret_create_defaults_invalid_bit_length(self, bit_length): """Covers cases of creating secrets with invalid bit lengths.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.bit_length = bit_length e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({'cbc': ['cbc']}) @testcase.attr('positive') def test_secret_create_defaults_valid_mode(self, mode): """Covers cases of creating secrets with valid modes.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.mode = mode secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.mode, test_model.mode) @utils.parameterized_dataset({ 'zero': [0], 'oversized_string': [base.TestCase.oversized_field], 'int': [400] }) @testcase.attr('negative') def test_secret_create_defaults_invalid_mode(self, mode): """Covers cases of creating secrets with invalid modes.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.mode = mode e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({ 'text_content_type_none_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': None }, 'utf8_text_content_type_none_encoding': { 'payload_content_type': 'text/plain; charset=utf-8', 'payload_content_encoding': None }, 'no_space_utf8_text_content_type_none_encoding': { 'payload_content_type': 'text/plain;charset=utf-8', 'payload_content_encoding': None }, 'octet_content_type_base64_encoding': { 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64' } }) @testcase.attr('positive') def test_secret_create_deprecated_types_and_encoding( self, payload_content_type, payload_content_encoding): """Creates secrets with various content types and encodings.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload_content_encoding = payload_content_encoding test_model.payload_content_type = payload_content_type secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret( secret_ref, payload_content_type=test_model.payload_content_type) if test_model.payload_content_encoding == 'base64': self.assertEqual(base64.b64decode(test_model.payload), get_resp.payload) else: self.assertEqual(test_model.payload, str(get_resp.payload)) @utils.parameterized_dataset({ 'large_string_content_type_and_encoding': { 'payload_content_type': base.TestCase.oversized_field, 'payload_content_encoding': base.TestCase.oversized_field }, 'int_content_type_and_encoding': { 'payload_content_type': 123, 'payload_content_encoding': 123 }, 'text_content_type_none_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': '' }, 'text_no_subtype_content_type_none_content_encoding': { 'payload_content_type': 'text', 'payload_content_encoding': None }, 'text_slash_no_subtype_content_type_none_content_encoding': { 'payload_content_type': 'text/', 'payload_content_encoding': None }, 'text_content_type_empty_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': ' ' }, 'text_content_type_spaces_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': ' ' }, 'text_content_type_base64_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': 'base64' }, 'text_and_utf88_content_type_none_content_encoding': { 'payload_content_type': 'text/plain; charset=utf-88', 'payload_content_encoding': None }, 'invalid_content_type_base64_content_encoding': { 'payload_content_type': 'invalid', 'payload_content_encoding': 'base64' }, 'invalid_content_type_none_content_encoding': { 'payload_content_type': 'invalid', 'payload_content_encoding': None }, 'octet_content_type_invalid_content_encoding': { 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'invalid' }, 'text_content_type_invalid_content_encoding': { 'payload_content_type': 'text/plain', 'payload_content_encoding': 'invalid' }, 'none_content_type_invalid_content_encoding': { 'payload_content_type': None, 'payload_content_encoding': 'invalid' }, 'none_content_type_base64_content_encoding': { 'payload_content_type': None, 'payload_content_encoding': 'base64' } }) @testcase.attr('negative') def test_secret_create_defaults_invalid_types_and_encoding(self, **kwargs): """Creating secrets with invalid payload types and encodings.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload_content_encoding = kwargs[ 'payload_content_encoding'] test_model.payload_content_type = kwargs['payload_content_type'] e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset( {'max_payload_string': [base.TestCase.max_sized_payload]}) @testcase.attr('positive') def test_secret_create_defaults_valid_payload(self, payload): """Create secrets with a various valid payloads.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload = payload secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(test_model.payload, get_resp.payload) @utils.parameterized_dataset({'list': [['boom']], 'int': [123]}) @testcase.attr('negative') def test_secret_create_with_invalid_payload_(self, payload): """Covers attempting to create secret with invalid payload types Tests the negative cases of invalid types (list and int). """ test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload = payload self.assertRaises(exceptions.PayloadException, self.behaviors.store_secret, test_model) @utils.parameterized_dataset({'empty': [''], 'none': [None], 'zero': [0]}) @testcase.attr('negative') def test_secret_with_no_payload_exception(self, payload): """Covers creating secrets with various invalid payloads. These requests will fail with a value error before the request to the server is made""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.payload = payload self.assertRaises(exceptions.PayloadException, self.behaviors.store_secret, test_model) @utils.parameterized_dataset({ 'negative_five_long_expire': { 'timezone': '-05:00', 'days': 5 }, 'positive_five_long_expire': { 'timezone': '+05:00', 'days': 5 }, 'negative_one_short_expire': { 'timezone': '-01', 'days': 1 }, 'positive_one_short_expire': { 'timezone': '+01', 'days': 1 } }) @testcase.attr('positive') def test_secret_create_defaults_valid_expiration(self, **kwargs): """Create secrets with a various valid expiration data.""" timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs) test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.expiration = timestamp secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertIsNotNone(get_resp) self.assertEqual(get_resp.name, test_model.name) @utils.parameterized_dataset( {'malformed_timezone': { 'timezone': '-5:00', 'days': 0 }}) @testcase.attr('negative') def test_secret_create_defaults_invalid_expiration(self, **kwargs): """Create secrets with various invalid expiration data.""" timestamp = utils.create_timestamp_w_tz_and_offset(**kwargs) test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.expiration = timestamp e = self.assertRaises(exceptions.HTTPClientError, self.behaviors.store_secret, test_model) self.assertEqual(e.status_code, 400) @utils.parameterized_dataset({ 'alphanumeric': ['1f34ds'], 'punctuation': ['~!@#$%^&*()_+`-={}[]|:;<>,.?'], 'uuid': ['54262d9d-4bc7-4821-8df0-dc2ca8e112bb'], 'len_255': [str(bytearray().zfill(255))], 'empty': [''], 'null': [None] }) @testcase.attr('positive') def test_secret_get_defaults_metadata_w_valid_name(self, name): """Covers getting and checking a secret's metadata.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.name = name secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.status, "ACTIVE") self.assertEqual(get_resp.name, name) self.assertEqual(get_resp.mode, test_model.mode) self.assertEqual(get_resp.algorithm, test_model.algorithm) self.assertEqual(get_resp.bit_length, test_model.bit_length) @utils.parameterized_dataset({ 'symmetric': [ 'symmetric', 'aes', 128, ('\x00\x01\x02\x03\x04\x05\x06\x07' '\x00\x01\x02\x03\x04\x05\x06\x07') ], 'private': ['private', 'rsa', 2048, keys.get_private_key_pem()], 'public': ['public', 'rsa', 2048, keys.get_public_key_pem()], 'certificate': ['certificate', 'rsa', 2048, keys.get_certificate_pem()], 'opaque': ['opaque', None, None, (b'\x00\x01\x02\x03\x04\x05\x06\x07')], 'passphrase': ['passphrase', None, None, keys.get_passphrase_txt()], }) @testcase.attr('positive') def test_secret_get_defaults_secret_type(self, secret_type, algorithm, bit_length, secret): """Covers getting and checking a secret's metadata.""" test_model = self.behaviors.create_secret(secret_create_defaults_data) test_model.secret_type = secret_type test_model.algorithm = algorithm test_model.bit_length = bit_length test_model.payload = base64.b64encode(secret) secret_ref = self.behaviors.store_secret(test_model) self.assertIsNotNone(secret_ref) get_resp = self.behaviors.get_secret(secret_ref) self.assertEqual(get_resp.status, "ACTIVE") self.assertEqual(get_resp.secret_type, secret_type)