def on_get(self, req, resp, keystone_id):
LOG.debug('Start secrets on_get '
'for tenant-ID {0}:'.format(keystone_id))
params = req._params
result = self.secret_repo \
.get_by_create_date(keystone_id,
offset_arg=params.get('offset',
None),
limit_arg=params.get('limit',
None),
suppress_exception=True)
secrets, offset, limit = result
if not secrets:
secrets_resp_overall = {'secrets': []}
else:
secret_fields = lambda s: augment_fields_with_content_types(s)
secrets_resp = [convert_to_hrefs(keystone_id, secret_fields(s)) for
s in secrets]
secrets_resp_overall = add_nav_hrefs('secrets', keystone_id,
offset, limit, len(secrets),
{'secrets': secrets_resp})
resp.status = falcon.HTTP_200
resp.body = json.dumps(secrets_resp_overall,
default=json_handler)
def on_get(self, req, resp, keystone_id, secret_id):
secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found(req, resp)
resp.status = falcon.HTTP_200
if is_json_request_accept(req):
# Metadata-only response, no decryption necessary.
resp.set_header('Content-Type', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
resp.body = json.dumps(convert_to_hrefs(keystone_id,
secret_fields),
default=json_handler)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
resp.set_header('Content-Type', req.accept)
resp.body = self.crypto_manager \
.decrypt(req.accept,
secret,
tenant)
def on_get(self, req, resp, keystone_id, secret_id):
secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found(req, resp)
resp.status = falcon.HTTP_200
if not req.accept or req.accept == 'application/json' \
or req.accept == '*/*':
# Metadata-only response, no decryption necessary.
resp.set_header('Content-Type', 'application/json')
secret_fields = augment_fields_with_content_types(secret)
resp.body = json.dumps(convert_to_hrefs(keystone_id,
secret_fields),
default=json_handler)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
resp.set_header('Content-Type', req.accept)
try:
resp.body = self.crypto_manager.decrypt(req.accept, secret,
tenant)
except em.CryptoAcceptNotSupportedException as canse:
LOG.exception('Secret decryption failed - '
'accept not supported')
_get_accept_not_supported(canse.accept, req, resp)
except em.CryptoNoSecretOrDataException as cnsode:
LOG.exception('Secret information of type {0} not '
'found for decryption.'.format(cnsode.mime_type))
_get_secret_info_not_found(cnsode.mime_type, req, resp)
except Exception as e:
LOG.exception('Secret decryption failed - unknown')
_failed_to_decrypt_data(req, resp)
def on_get(self, req, resp, keystone_id, secret_id):
secret = self.repo.get(entity_id=secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found(req, resp)
resp.status = falcon.HTTP_200
if not req.accept or req.accept == 'application/json' \
or req.accept == '*/*':
# Metadata-only response, no decryption necessary.
resp.set_header('Content-Type', 'application/json')
secret_fields = augment_fields_with_content_types(secret)
resp.body = json.dumps(convert_to_hrefs(keystone_id,
secret_fields),
default=json_handler)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
resp.set_header('Content-Type', req.accept)
try:
resp.body = self.crypto_manager.decrypt(
req.accept, secret, tenant)
except em.CryptoAcceptNotSupportedException as canse:
LOG.exception('Secret decryption failed - '
'accept not supported')
_get_accept_not_supported(canse.accept, req, resp)
except em.CryptoNoSecretOrDataException as cnsode:
LOG.exception('Secret information of type {0} not '
'found for decryption.'.format(cnsode.mime_type))
_get_secret_info_not_found(cnsode.mime_type, req, resp)
except Exception as e:
LOG.exception('Secret decryption failed - unknown')
_failed_to_decrypt_data(req, resp)
def on_get(self, req, resp, keystone_id):
LOG.debug('Start secrets on_get '
'for tenant-ID {0}:'.format(keystone_id))
params = req._params
result = self.secret_repo \
.get_by_create_date(keystone_id,
offset_arg=params.get('offset',
None),
limit_arg=params.get('limit',
None),
suppress_exception=True)
secrets, offset, limit = result
if not secrets:
secrets_resp_overall = {'secrets': []}
else:
secret_fields = lambda s: augment_fields_with_content_types(s)
secrets_resp = [
convert_to_hrefs(keystone_id, secret_fields(s))
for s in secrets
]
secrets_resp_overall = add_nav_hrefs('secrets', keystone_id,
offset, limit, len(secrets),
{'secrets': secrets_resp})
resp.status = falcon.HTTP_200
resp.body = json.dumps(secrets_resp_overall, default=json_handler)
def on_get(self, req, resp, keystone_id, secret_id):
secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found(req, resp)
resp.status = falcon.HTTP_200
if is_json_request_accept(req):
# Metadata-only response, no decryption necessary.
resp.set_header('Content-Type', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
resp.body = json.dumps(convert_to_hrefs(keystone_id,
secret_fields),
default=json_handler)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
resp.set_header('Content-Type', req.accept)
resp.body = self.crypto_manager \
.decrypt(req.accept,
secret,
tenant)
def _test_secret_and_datum_for_content_type(self, content_type):
self.assertIn(content_type, mime_types.INTERNAL_CTYPES)
self.datum.content_type = mime_types.INTERNAL_CTYPES[content_type]
fields = mime_types.augment_fields_with_content_types(self.secret)
self.assertIn('content_types', fields)
content_types = fields['content_types']
self.assertIn('default', content_types)
self.assertEqual(self.datum.content_type, content_types['default'])
def _test_secret_and_datum_for_content_type(self, content_type):
self.assertIn(content_type, mime_types.INTERNAL_CTYPES)
self.datum.content_type = mime_types.INTERNAL_CTYPES[content_type]
fields = mime_types.augment_fields_with_content_types(self.secret)
self.assertIn('content_types', fields)
content_types = fields['content_types']
self.assertIn('default', content_types)
self.assertEqual(self.datum.content_type, content_types['default'])
def on_get(self, req, resp, tenant_id, secret_id):
secret = self.repo.get(entity_id=secret_id, suppress_exception=True)
if not secret:
_secret_not_found()
resp.status = falcon.HTTP_200
if not req.accept or req.accept == 'application/json':
# Metadata-only response, no decryption necessary.
resp.set_header('Content-Type', 'application/json')
resp.body = json.dumps(augment_fields_with_content_types(secret),
default=json_handler)
else:
tenant = get_or_create_tenant(tenant_id, self.tenant_repo)
resp.set_header('Content-Type', req.accept)
resp.body = self.crypto_manager.decrypt(req.accept, secret, tenant)
def index(self, keystone_id):
secret = self.repo.get(entity_id=self.secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found()
if controllers.is_json_request_accept(pecan.request):
# Metadata-only response, no decryption necessary.
pecan.override_template('json', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
return hrefs.convert_to_hrefs(keystone_id, secret_fields)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
pecan.override_template('', pecan.request.accept.header_value)
return self.crypto_manager.decrypt(
pecan.request.accept.header_value,
secret,
tenant
)
def index(self, keystone_id):
secret = self.repo.get(entity_id=self.secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found()
if controllers.is_json_request_accept(pecan.request):
# Metadata-only response, no decryption necessary.
pecan.override_template('json', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
return hrefs.convert_to_hrefs(keystone_id, secret_fields)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
pecan.override_template('', pecan.request.accept.header_value)
return self.crypto_manager.decrypt(
pecan.request.accept.header_value,
secret,
tenant
)
def test_secret_with_non_matching_datum(self):
self.datum.content_type = "bababooey"
fields = mime_types.augment_fields_with_content_types(self.secret)
self.assertNotIn("bababooey", fields)
def test_secret_with_non_matching_datum(self):
self.datum.content_type = "bababooey"
fields = mime_types.augment_fields_with_content_types(self.secret)
self.assertNotIn("bababooey", fields)
