def test_system_transform(self):
rule = self.models['rules']['rule_action_default_value_render_fail.yaml']
runner_type_db = mock.Mock()
runner_type_db.runner_parameters = {}
action_db = mock.Mock()
action_db.parameters = {}
k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
k8 = KeyValuePair.add_or_update(KeyValuePairDB(name='k8', value='v8',
scope=FULL_SYSTEM_SCOPE))
params = {'ip5': '{{trigger.k2}}-static',
'ip6': '{{st2kv.system.k6}}-static',
'ip7': '{{st2kv.system.k7}}-static'}
expected_params = {'ip5': 'v2-static',
'ip6': 'v6-static',
'ip7': 'v7-static'}
try:
self.assertResolvedParamsMatchExpected(rule=rule,
trigger_instance=MOCK_TRIGGER_INSTANCE_4,
params=params,
expected_params=expected_params)
finally:
KeyValuePair.delete(k5)
KeyValuePair.delete(k6)
KeyValuePair.delete(k7)
KeyValuePair.delete(k8)
def test_get_config_dynamic_config_item_nested_dict(self):
pack_name = "dummy_pack_schema_with_nested_object_7"
loader = ContentPackConfigLoader(pack_name=pack_name)
KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0"))
KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1"))
KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2"))
####################
# values nested dictionaries
values = {
"level0_key": "{{st2kv.system.k0}}",
"level0_object": {
"level1_key": "{{st2kv.system.k1}}",
"level1_object": {"level2_key": "{{st2kv.system.k2}}"},
},
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEqual(
config_rendered,
{
"level0_key": "v0",
"level0_object": {
"level1_key": "v1",
"level1_object": {"level2_key": "v2"},
},
},
)
config_db.delete()
def test_system_transform(self):
k5 = KeyValuePair.add_or_update(KeyValuePairDB(name='k5', value='v5'))
k6 = KeyValuePair.add_or_update(KeyValuePairDB(name='k6', value='v6'))
k7 = KeyValuePair.add_or_update(KeyValuePairDB(name='k7', value='v7'))
k8 = KeyValuePair.add_or_update(
KeyValuePairDB(name='k8', value='v8', scope=FULL_SYSTEM_SCOPE))
try:
transformer = datatransform.get_transformer(PAYLOAD)
mapping = {
'ip5': '{{trigger.k2}}-static',
'ip6': '{{st2kv.system.k6}}-static',
'ip7': '{{st2kv.system.k7}}-static'
}
result = transformer(mapping)
expected = {
'ip5': 'v2-static',
'ip6': 'v6-static',
'ip7': 'v7-static'
}
self.assertEqual(result, expected)
finally:
KeyValuePair.delete(k5)
KeyValuePair.delete(k6)
KeyValuePair.delete(k7)
KeyValuePair.delete(k8)
def test_get_config_dynamic_config_item_list(self):
pack_name = 'dummy_pack_schema_with_nested_object_7'
loader = ContentPackConfigLoader(pack_name=pack_name)
KeyValuePair.add_or_update(KeyValuePairDB(name='k0', value='v0'))
KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1'))
####################
# values in list
values = {
'level0_key': [
'a',
'{{st2kv.system.k0}}',
'b',
'{{st2kv.system.k1}}',
]
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEqual(config_rendered,
{'level0_key': ['a', 'v0', 'b', 'v1']})
config_db.delete()
def test_get_config_dynamic_config_item_list(self):
pack_name = "dummy_pack_schema_with_nested_object_7"
loader = ContentPackConfigLoader(pack_name=pack_name)
KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0"))
KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1"))
####################
# values in list
values = {
"level0_key": [
"a",
"{{st2kv.system.k0}}",
"b",
"{{st2kv.system.k1}}",
]
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEqual(config_rendered,
{"level0_key": ["a", "v0", "b", "v1"]})
config_db.delete()
def test_get_finalized_params_system_values(self):
KeyValuePair.add_or_update(KeyValuePairDB(name='actionstr', value='foo'))
KeyValuePair.add_or_update(KeyValuePairDB(name='actionnumber', value='1.0'))
params = {
'runnerint': 555
}
liveaction_db = self._get_liveaction_model(params)
runner_params, action_params = param_utils.get_finalized_params(
ParamsUtilsTest.runnertype_db.runner_parameters,
ParamsUtilsTest.action_system_default_db.parameters,
liveaction_db.parameters,
liveaction_db.context)
# Asserts for runner params.
# Assert that default values for runner params are resolved.
self.assertEqual(runner_params.get('runnerstr'), 'defaultfoo')
# Assert that a runner param from action exec is picked up.
self.assertEqual(runner_params.get('runnerint'), 555)
# Assert that an immutable param cannot be overridden by action param or execution param.
self.assertEqual(runner_params.get('runnerimmutable'), 'runnerimmutable')
# Asserts for action params.
self.assertEqual(action_params.get('actionstr'), 'foo')
self.assertEqual(action_params.get('actionnumber'), 1.0)
def test_non_hierarchical_lookup(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1'))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2'))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='k3', value='v3'))
lookup = KeyValueLookup()
self.assertEquals(str(lookup.k1), k1.value)
self.assertEquals(str(lookup.k2), k2.value)
self.assertEquals(str(lookup.k3), k3.value)
def test_get_config_dynamic_config_item_nested_list(self):
pack_name = "dummy_pack_schema_with_nested_object_8"
loader = ContentPackConfigLoader(pack_name=pack_name)
KeyValuePair.add_or_update(KeyValuePairDB(name="k0", value="v0"))
KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1"))
KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2"))
####################
# values in objects embedded in lists and nested lists
values = {
"level0_key": [
{
"level1_key0": "{{st2kv.system.k0}}"
},
"{{st2kv.system.k1}}",
[
"{{st2kv.system.k0}}",
"{{st2kv.system.k1}}",
"{{st2kv.system.k2}}",
],
{
"level1_key2": [
"{{st2kv.system.k2}}",
]
},
]
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEqual(
config_rendered,
{
"level0_key": [
{
"level1_key0": "v0"
},
"v1",
[
"v0",
"v1",
"v2",
],
{
"level1_key2": [
"v2",
]
},
]
},
)
config_db.delete()
def test_lookups_older_scope_names_backward_compatibility(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1',
scope=FULL_SYSTEM_SCOPE))
lookup = KeyValueLookup(scope=SYSTEM_SCOPE)
self.assertEquals(str(lookup['a']['b']), k1.value)
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r.i.p', value='v4',
scope=FULL_USER_SCOPE))
user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user='******')
self.assertEquals(str(user_lookup['r']['i']['p']), k2.value)
def test_hierarchical_lookup_dict(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1'))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='v2'))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3'))
lookup = KeyValueLookup()
self.assertEquals(str(lookup['a']['b']), k1.value)
self.assertEquals(str(lookup['a']['b']['c']), k2.value)
self.assertEquals(str(lookup['b']['c']), k3.value)
self.assertEquals(str(lookup['a']), '')
def test_admin_permissions_for_user_scoped_kvps(self):
resolver = KeyValuePermissionsResolver()
admin_user_db = self.users["admin"]
# Setup users. No explicit grant, role, and assignment records should be
# required for user to access their KVPs
user_1_db = UserDB(name="user105")
user_1_db = User.add_or_update(user_1_db)
self.users[user_1_db.name] = user_1_db
# Insert user scoped key value pairs for user1.
key_1_name = "mykey5"
key_1_ref = get_key_reference(FULL_USER_SCOPE, key_1_name,
user_1_db.name)
kvp_1_db = KeyValuePairDB(
uid="%s:%s:%s" %
(ResourceType.KEY_VALUE_PAIR, FULL_USER_SCOPE, key_1_ref),
scope=FULL_USER_SCOPE,
name=key_1_ref,
value="myval5",
)
kvp_1_db = KeyValuePair.add_or_update(kvp_1_db)
self.resources[kvp_1_db.uid] = kvp_1_db
# Admin user should have general list permissions on user1's kvps.
self.assertUserHasResourceDbPermission(
resolver=resolver,
user_db=admin_user_db,
resource_db=KeyValuePairDB(scope="%s:%s" %
(FULL_USER_SCOPE, user_1_db.name)),
permission_type=PermissionType.KEY_VALUE_PAIR_LIST,
)
# Admin user should have all permissions to another user1's kvp.
self.assertUserHasResourceDbPermission(
resolver=resolver,
user_db=admin_user_db,
resource_db=kvp_1_db,
permission_type=PermissionType.KEY_VALUE_PAIR_ALL,
)
self.assertUserHasResourceDbPermissions(
resolver=resolver,
user_db=admin_user_db,
resource_db=kvp_1_db,
permission_types=self.read_permission_types,
)
self.assertUserHasResourceDbPermissions(
resolver=resolver,
user_db=admin_user_db,
resource_db=kvp_1_db,
permission_types=self.write_permission_types,
)
def test_user_default_permissions_for_system_scope_kvps(self):
resolver = KeyValuePermissionsResolver()
user1_db = self.users["no_roles"]
user2_db = self.users["1_custom_role_no_permissions"]
# Users by default should not have general list permissions on system kvps.
self.assertUserDoesntHaveResourceDbPermission(
resolver=resolver,
user_db=user1_db,
resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE),
permission_type=PermissionType.KEY_VALUE_PAIR_LIST,
)
self.assertUserDoesntHaveResourceDbPermission(
resolver=resolver,
user_db=user2_db,
resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE),
permission_type=PermissionType.KEY_VALUE_PAIR_LIST,
)
for k in ["key1", "key2"]:
kvp_uid = "%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR,
FULL_SYSTEM_SCOPE, k)
kvp_db = self.resources[kvp_uid]
# User with no roles should not have any permission on the system kvp
self.assertUserDoesntHaveResourceDbPermissions(
resolver=resolver,
user_db=user1_db,
resource_db=kvp_db,
permission_types=self.all_permission_types,
)
self.assertUserDoesntHaveResourceDbPermission(
resolver=resolver,
user_db=user1_db,
resource_db=kvp_db,
permission_type=PermissionType.KEY_VALUE_PAIR_ALL,
)
# User with some unrelated custom roles should not have any permission on the system kvp
self.assertUserDoesntHaveResourceDbPermissions(
resolver=resolver,
user_db=user2_db,
resource_db=kvp_db,
permission_types=self.all_permission_types,
)
self.assertUserDoesntHaveResourceDbPermission(
resolver=resolver,
user_db=user2_db,
resource_db=kvp_db,
permission_type=PermissionType.KEY_VALUE_PAIR_ALL,
)
def test_get_config_dynamic_config_item_nested_list(self):
pack_name = 'dummy_pack_schema_with_nested_object_8'
loader = ContentPackConfigLoader(pack_name=pack_name)
KeyValuePair.add_or_update(KeyValuePairDB(name='k0', value='v0'))
KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1'))
KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2'))
####################
# values in objects embedded in lists and nested lists
values = {
'level0_key': [
{
'level1_key0': '{{st2kv.system.k0}}'
},
'{{st2kv.system.k1}}',
[
'{{st2kv.system.k0}}',
'{{st2kv.system.k1}}',
'{{st2kv.system.k2}}',
],
{
'level1_key2': [
'{{st2kv.system.k2}}',
]
}
]
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEquals(config_rendered,
{
'level0_key': [
{
'level1_key0': 'v0'
},
'v1',
[
'v0',
'v1',
'v2',
],
{
'level1_key2': [
'v2',
]
}
]
})
config_db.delete()
def test_lookups_older_scope_names_backward_compatibility(self):
k1 = KeyValuePair.add_or_update(
KeyValuePairDB(name="a.b", value="v1", scope=FULL_SYSTEM_SCOPE))
lookup = KeyValueLookup(scope=SYSTEM_SCOPE)
self.assertEqual(str(lookup["a"]["b"]), k1.value)
k2 = KeyValuePair.add_or_update(
KeyValuePairDB(name="stanley:r.i.p",
value="v4",
scope=FULL_USER_SCOPE))
user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user="******")
self.assertEqual(str(user_lookup["r"]["i"]["p"]), k2.value)
def setUp(self):
super(TemplatingUtilsTestCase, self).setUp()
# Insert mock DB objects
kvp_1_db = KeyValuePairDB(name='key1', value='valuea')
kvp_1_db = KeyValuePair.add_or_update(kvp_1_db)
kvp_2_db = KeyValuePairDB(name='key2', value='valueb')
kvp_2_db = KeyValuePair.add_or_update(kvp_2_db)
kvp_3_db = KeyValuePairDB(name='stanley:key1', value='valuestanley1', scope=FULL_USER_SCOPE)
kvp_3_db = KeyValuePair.add_or_update(kvp_3_db)
kvp_4_db = KeyValuePairDB(name='joe:key1', value='valuejoe1', scope=FULL_USER_SCOPE)
kvp_4_db = KeyValuePair.add_or_update(kvp_4_db)
def test_lookup_cast(self):
KeyValuePair.add_or_update(KeyValuePairDB(name='count', value='5.5'))
lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE)
self.assertEqual(str(lookup.count), '5.5')
self.assertEqual(float(lookup.count), 5.5)
self.assertEqual(int(lookup.count), 5)
def test_user_scope_lookups_user_sep_in_name(self):
KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r:i:p', value='v4',
scope=FULL_USER_SCOPE))
lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******')
# This is the only way to lookup because USER_SEPARATOR (':') cannot be a part of
# variable name in Python.
self.assertEquals(str(lookup['r:i:p']), 'v4')
def test_admin_permissions_for_system_scope_kvps(self):
resolver = KeyValuePermissionsResolver()
user_db = self.users["admin"]
# Admin user should have general list permissions on system kvps.
self.assertUserHasResourceDbPermission(
resolver=resolver,
user_db=user_db,
resource_db=KeyValuePairDB(scope=FULL_SYSTEM_SCOPE),
permission_type=PermissionType.KEY_VALUE_PAIR_LIST,
)
# Admin user should have all permission on the system kvps
for k in ["key1", "key2"]:
kvp_uid = "%s:%s:%s" % (ResourceType.KEY_VALUE_PAIR,
FULL_SYSTEM_SCOPE, k)
kvp_db = self.resources[kvp_uid]
self.assertUserHasResourceDbPermissions(
resolver=resolver,
user_db=user_db,
resource_db=kvp_db,
permission_types=self.all_permission_types,
)
self.assertUserHasResourceDbPermission(
resolver=resolver,
user_db=user_db,
resource_db=kvp_db,
permission_type=PermissionType.KEY_VALUE_PAIR_ALL,
)
def migrate_datastore():
key_value_items = KeyValuePair.get_all()
try:
for kvp in key_value_items:
kvp_id = getattr(kvp, 'id', None)
secret = getattr(kvp, 'secret', False)
scope = getattr(kvp, 'scope', SYSTEM_SCOPE)
if scope == USER_SCOPE:
scope = FULL_USER_SCOPE
if scope == SYSTEM_SCOPE:
scope = FULL_SYSTEM_SCOPE
new_kvp_db = KeyValuePairDB(id=kvp_id,
name=kvp.name,
expire_timestamp=kvp.expire_timestamp,
value=kvp.value,
secret=secret,
scope=scope)
KeyValuePair.add_or_update(new_kvp_db)
except:
print('ERROR: Failed migrating datastore item with name: %s' %
kvp.name)
tb.print_exc()
raise
def test_get_value_from_datastore_through_render_live_params(self):
# Register datastore value to be refered by this test-case
register_kwargs = [
{
'name': 'test_key',
'value': 'foo'
},
{
'name': 'user1:test_key',
'value': 'bar',
'scope': FULL_USER_SCOPE
},
{
'name': '%s:test_key' % cfg.CONF.system_user.user,
'value': 'baz',
'scope': FULL_USER_SCOPE
},
]
for kwargs in register_kwargs:
KeyValuePair.add_or_update(KeyValuePairDB(**kwargs))
# Assert that datastore value can be got via the Jinja expression from individual scopes.
context = {'user': '******'}
param = {
'system_value': {
'default': '{{ st2kv.system.test_key }}'
},
'user_value': {
'default': '{{ st2kv.user.test_key }}'
},
}
live_params = param_utils.render_live_params(runner_parameters={},
action_parameters=param,
params={},
action_context=context)
self.assertEqual(live_params['system_value'], 'foo')
self.assertEqual(live_params['user_value'], 'bar')
# Assert that datastore value in the user-scope that is registered by user1
# cannot be got by the operation of user2.
context = {'user': '******'}
param = {'user_value': {'default': '{{ st2kv.user.test_key }}'}}
live_params = param_utils.render_live_params(runner_parameters={},
action_parameters=param,
params={},
action_context=context)
self.assertEqual(live_params['user_value'], '')
# Assert that system-user's scope is selected when user and api_user parameter specified
context = {}
param = {'user_value': {'default': '{{ st2kv.user.test_key }}'}}
live_params = param_utils.render_live_params(runner_parameters={},
action_parameters=param,
params={},
action_context=context)
self.assertEqual(live_params['user_value'], 'baz')
def test_user_scope_lookups_dot_in_user(self):
KeyValuePair.add_or_update(
KeyValuePairDB(name='first.last:r.i.p',
value='v4',
scope=FULL_USER_SCOPE))
lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******')
self.assertEqual(str(lookup.r.i.p), 'v4')
self.assertEqual(str(lookup['r']['i']['p']), 'v4')
def test_non_hierarchical_lookup(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='k1', value='v1'))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2'))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='k3', value='v3'))
k4 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:k4', value='v4',
scope=FULL_USER_SCOPE))
lookup = KeyValueLookup()
self.assertEquals(str(lookup.k1), k1.value)
self.assertEquals(str(lookup.k2), k2.value)
self.assertEquals(str(lookup.k3), k3.value)
# Scoped lookup
lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE)
self.assertEquals(str(lookup.k4), '')
user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******')
self.assertEquals(str(user_lookup.k4), k4.value)
def test_user_scope_lookups_dot_in_user(self):
KeyValuePair.add_or_update(
KeyValuePairDB(name="first.last:r.i.p",
value="v4",
scope=FULL_USER_SCOPE))
lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user="******")
self.assertEqual(str(lookup.r.i.p), "v4")
self.assertEqual(str(lookup["r"]["i"]["p"]), "v4")
def test_hierarchical_lookup_dict(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1'))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='v2'))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3'))
k4 = KeyValuePair.add_or_update(KeyValuePairDB(name='stanley:r.i.p', value='v4',
scope=FULL_USER_SCOPE))
lookup = KeyValueLookup()
self.assertEquals(str(lookup['a']['b']), k1.value)
self.assertEquals(str(lookup['a']['b']['c']), k2.value)
self.assertEquals(str(lookup['b']['c']), k3.value)
self.assertEquals(str(lookup['a']), '')
# Scoped lookup
lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE)
self.assertEquals(str(lookup['r']['i']['p']), '')
user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******')
self.assertEquals(str(user_lookup['r']['i']['p']), k4.value)
def test_non_hierarchical_lookup(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name="k1", value="v1"))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name="k2", value="v2"))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name="k3", value="v3"))
k4 = KeyValuePair.add_or_update(
KeyValuePairDB(name="stanley:k4",
value="v4",
scope=FULL_USER_SCOPE))
lookup = KeyValueLookup()
self.assertEqual(str(lookup.k1), k1.value)
self.assertEqual(str(lookup.k2), k2.value)
self.assertEqual(str(lookup.k3), k3.value)
# Scoped lookup
lookup = KeyValueLookup(scope=FULL_SYSTEM_SCOPE)
self.assertEqual(str(lookup.k4), "")
user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user="******")
self.assertEqual(str(user_lookup.k4), k4.value)
def test_secret_lookup(self):
secret_value = '0055A2D9A09E1071931925933744965EEA7E23DCF59A8D1D7A3' + \
'64338294916D37E83C4796283C584751750E39844E2FD97A3727DB5D553F638'
k1 = KeyValuePair.add_or_update(
KeyValuePairDB(name='k1', value=secret_value, secret=True))
k2 = KeyValuePair.add_or_update(KeyValuePairDB(name='k2', value='v2'))
k3 = KeyValuePair.add_or_update(
KeyValuePairDB(name='stanley:k3',
value=secret_value,
scope=FULL_USER_SCOPE,
secret=True))
lookup = KeyValueLookup()
self.assertEqual(str(lookup.k1), k1.value)
self.assertEqual(str(lookup.k2), k2.value)
self.assertEqual(str(lookup.k3), '')
user_lookup = UserKeyValueLookup(scope=FULL_USER_SCOPE, user='******')
self.assertEqual(str(user_lookup.k3), k3.value)
def test_hierarchical_lookup_dotted(self):
k1 = KeyValuePair.add_or_update(KeyValuePairDB(name='a.b', value='v1'))
k2 = KeyValuePair.add_or_update(
KeyValuePairDB(name='a.b.c', value='v2'))
k3 = KeyValuePair.add_or_update(KeyValuePairDB(name='b.c', value='v3'))
k4 = KeyValuePair.add_or_update(
KeyValuePairDB(name='stanley:r.i.p', value='v4', scope=USER_SCOPE))
lookup = KeyValueLookup()
self.assertEquals(str(lookup.a.b), k1.value)
self.assertEquals(str(lookup.a.b.c), k2.value)
self.assertEquals(str(lookup.b.c), k3.value)
self.assertEquals(str(lookup.a), '')
# Scoped lookup
lookup = KeyValueLookup(scope=SYSTEM_SCOPE)
self.assertEquals(str(lookup.r.i.p), '')
user_lookup = UserKeyValueLookup(scope=USER_SCOPE, user='******')
self.assertEquals(str(user_lookup.r.i.p), k4.value)
def test_get_config_dynamic_config_item_under_additional_properties(self):
pack_name = "dummy_pack_schema_with_additional_properties_1"
loader = ContentPackConfigLoader(pack_name=pack_name)
encrypted_value = crypto.symmetric_encrypt(KeyValuePairAPI.crypto_key,
"v1_encrypted")
KeyValuePair.add_or_update(
KeyValuePairDB(name="k1_encrypted",
value=encrypted_value,
secret=True))
####################
# values in objects under an object with additionalProperties
values = {
"profiles": {
"dev": {
# no host or port to test default value
"token": "hard-coded-secret",
},
"prod": {
"host": "127.1.2.7",
"port": 8282,
# encrypted in datastore
"token": "{{st2kv.system.k1_encrypted}}",
# schema declares `secret: true` which triggers auto-decryption.
# If this were not encrypted, it would try to decrypt it and fail.
},
}
}
config_db = ConfigDB(pack=pack_name, values=values)
config_db = Config.add_or_update(config_db)
config_rendered = loader.get_config()
self.assertEqual(
config_rendered,
{
"region": "us-east-1",
"profiles": {
"dev": {
"host": "127.0.0.3",
"port": 8080,
"token": "hard-coded-secret",
},
"prod": {
"host": "127.1.2.7",
"port": 8282,
"token": "v1_encrypted",
},
},
},
)
config_db.delete()
def test_lookup_with_key_prefix(self):
KeyValuePair.add_or_update(KeyValuePairDB(name='some:prefix:stanley:k5', value='v5',
scope=FULL_USER_SCOPE))
# No prefix provided, should return None
lookup = UserKeyValueLookup(user='******', scope=FULL_USER_SCOPE)
self.assertEqual(str(lookup.k5), '')
# Prefix provided
lookup = UserKeyValueLookup(prefix='some:prefix', user='******', scope=FULL_USER_SCOPE)
self.assertEqual(str(lookup.k5), 'v5')
def test_chain_runner_typed_system_params(self, request):
action_ref = ResourceReference.to_string_reference(name=ACTION_2.name, pack=ACTION_2.pack)
kvps = []
try:
kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a', value='1')))
kvps.append(KeyValuePair.add_or_update(KeyValuePairDB(name='a.b.c', value='two')))
chain_runner = acr.get_runner()
chain_runner.entry_point = CHAIN_SYSTEM_PARAMS
chain_runner.action = ACTION_2
chain_runner.liveaction = LiveActionDB(action=action_ref)
chain_runner.pre_run()
chain_runner.run({})
self.assertNotEqual(chain_runner.chain_holder.actionchain, None)
expected_value = {'inttype': 1,
'strtype': 'two'}
mock_args, _ = request.call_args
self.assertEqual(mock_args[0].parameters, expected_value)
finally:
for kvp in kvps:
KeyValuePair.delete(kvp)
def _create_save_kvp():
created = KeyValuePairDB()
created.name = 'token'
created.value = '0123456789ABCDEF'
return KeyValuePair.add_or_update(created)
