def _change_ap(self, user_as, attachment_point): """ Helper: update UserAS, changing only the attachment point. """ prev_ap = user_as.attachment_point prev_certificate_chain = user_as.certificate_chain hosts_pending_before = set(Host.objects.needs_config_deployment()) update_useras(self, user_as, attachment_point=attachment_point) # Check needs_config_deployment: hosts of UserAS and both APs self.assertSetEqual( hosts_pending_before | set(user_as.hosts.all() | prev_ap.AS.hosts.all() | attachment_point.AS.hosts.all()), set(Host.objects.needs_config_deployment())) # Check certificates reset if ISD changed if prev_ap.AS.isd != attachment_point.AS.isd: prev_version = prev_certificate_chain['0']['Version'] curr_version = user_as.certificate_chain['0']['Version'] self.assertEqual( curr_version, prev_version + 1, ("Certificate needs to be recreated on ISD change: " "ISD before: %s, ISD after:%s" % (prev_ap.AS.isd, attachment_point.AS.isd))) else: self.assertEqual(prev_certificate_chain, user_as.certificate_chain) utils.check_topology(self)
def test_delete_user(self): testuser = get_testuser() user_as_pks = [] user_as_hosts = [] attachment_point_hosts = set() as_ids_combs = get_random_as_ids_combinations() vpn_choice = VPNChoice.SOME for i in range(testuser.max_num_ases()): seed = 789 + i r = random.Random(seed) as_ids = r.choice(as_ids_combs) user_as, att_confs = create_and_check_random_useras( self, seed, as_ids, vpn_choice) user_as_pks.append(user_as.pk) user_as_hosts += list(user_as.hosts.all()) attachment_point_hosts |= set([ h for c in att_confs for h in c.attachment_point.AS.hosts.all() ]) testuser.delete() for user_as_pk in user_as_pks: self.assertFalse(UserAS.objects.filter(pk=user_as_pk).exists()) self.assertEqual( list(Host.objects.needs_config_deployment()), sorted(user_as_hosts + list(attachment_point_hosts), key=lambda host: host.pk)) utils.check_topology(self)
def update_useras(testcase, user_as, att_confs: List[AttachmentConf], deleted_links: List[Link] = [], **kwargs): """ Update a `UserAS` and the configuration of its attachments """ prev_aps_isd = user_as.isd prev_cert_chain = user_as.certificates.latest(Certificate.CHAIN) hosts_pending_before = set(Host.objects.needs_config_deployment()) with patch.object(AttachmentPoint, 'trigger_deployment', autospec=True) as mock_deploy: user_as.update( label=kwargs.get('label', user_as.label), installation_type=kwargs.get('installation_type', user_as.installation_type), ) user_as.update_attachments(att_confs, deleted_links) # Check that deployment was triggered strictly once for each attachment point testcase.assertEqual( len([args[0] for args, kwargs in mock_deploy.call_args_list]), len(set(args[0] for args, kwargs in mock_deploy.call_args_list))) # Check that deployment was triggered for all the attachment points testcase.assertEqual( set(args[0] for args, kwargs in mock_deploy.call_args_list), set(AttachmentConf.attachment_points(att_confs)) | set([ link.interfaceA.AS.attachment_point_info for link in deleted_links ])) # Check needs_config_deployment: hosts of UserAS and both APs aps_hosts = flatten(ap.AS.hosts.all() for ap in AttachmentConf.attachment_points(att_confs)) testcase.assertSetEqual( hosts_pending_before | set(user_as.hosts.all()) | set(aps_hosts), set(Host.objects.needs_config_deployment())) # Check certificates reset if ISD changed curr_aps_isd = user_as.isd cert_chain = user_as.certificates.latest(Certificate.CHAIN) if prev_aps_isd != curr_aps_isd: testcase.assertEqual( cert_chain.version, prev_cert_chain.version + 1, ("Certificate needs to be recreated on ISD change: " "ISD before: %s, ISD after:%s" % (prev_aps_isd, curr_aps_isd))) testcase.assertEqual( user_as.certificates.filter(type=Certificate.CHAIN).count(), 1) else: testcase.assertEqual(prev_cert_chain, cert_chain) utils.check_topology(testcase)
def test_delete_single(self): seed = 456 user_as = create_random_useras(self, seed=seed) user_as_hosts = list(user_as.hosts.all()) attachment_point = user_as.attachment_point user_as.delete() self.assertEqual( list(Host.objects.needs_config_deployment()), sorted(user_as_hosts + list(attachment_point.AS.hosts.all()), key=lambda host: host.pk)) utils.check_topology(self)
def update_useras(testcase, user_as, att_confs: List[AttachmentConf], deleted_links: List[Link] = [], wants_user_ap=False, public_ip="", wants_vpn=False, **kwargs): """ Update a `UserAS` and the configuration of its attachments """ prev_aps_isd = user_as.isd prev_cert_chain = Certificate.objects.latest(Key.CP_AS, user_as) hosts_pending_before = set(Host.objects.needs_config_deployment()) user_as.update( label=kwargs.get('label', user_as.label), installation_type=kwargs.get('installation_type', user_as.installation_type), public_ip=public_ip, wants_user_ap=wants_user_ap, wants_vpn=wants_vpn, ) user_as.update_attachments(att_confs, deleted_links) # Check needs_config_deployment: hosts of UserAS and both APs aps_hosts = flatten(ap.AS.hosts.all() for ap in AttachmentConf.attachment_points(att_confs)) testcase.assertSetEqual( hosts_pending_before | set(user_as.hosts.all()) | set(aps_hosts), set(Host.objects.needs_config_deployment())) # Check certificates reset if ISD changed curr_aps_isd = user_as.isd cert_chain = Certificate.objects.latest(Key.CP_AS, user_as) if prev_aps_isd != curr_aps_isd: testcase.assertEqual( cert_chain.version, prev_cert_chain.version + 1, ("Certificate needs to be recreated on ISD change: " "ISD before: %s, ISD after:%s" % (prev_aps_isd, curr_aps_isd))) testcase.assertEqual( user_as.certificates().filter(key__usage=Key.CP_AS).count(), 1) else: testcase.assertEqual(prev_cert_chain, cert_chain) utils.check_topology(testcase)
def test_delete_single(self): seed = 456 r = random.Random(seed) vpn_choice = VPNChoice.SOME as_ids = r.choice(get_random_as_ids_combinations()) user_as, att_confs = create_and_check_random_useras( self, seed, as_ids, vpn_choice) user_as_hosts = list(user_as.hosts.all()) user_as.delete() self.assertEqual( list(Host.objects.needs_config_deployment()), sorted(user_as_hosts + list( set(h for c in att_confs for h in c.attachment_point.AS.hosts.all())), key=lambda host: host.pk)) utils.check_topology(self)
def test_delete_user(self): testuser = get_testuser() user_as_pks = [] user_as_hosts = [] attachment_point_hosts = set() for i in range(testuser.max_num_ases()): seed = 789 + i user_as = create_random_useras(self, seed=seed) user_as_pks.append(user_as.pk) user_as_hosts += list(user_as.hosts.all()) attachment_point_hosts |= set( user_as.attachment_point.AS.hosts.all()) testuser.delete() for user_as_pk in user_as_pks: self.assertFalse(UserAS.objects.filter(pk=user_as_pk).exists()) self.assertEqual( list(Host.objects.needs_config_deployment()), sorted(user_as_hosts + list(attachment_point_hosts), key=lambda host: host.pk)) utils.check_topology(self)