def on_get(self, req, resp, keystone_id): LOG.debug('Start secrets on_get ' 'for tenant-ID {0}:'.format(keystone_id)) params = req._params result = self.secret_repo \ .get_by_create_date(keystone_id, offset_arg=params.get('offset', None), limit_arg=params.get('limit', None), suppress_exception=True) secrets, offset, limit = result if not secrets: secrets_resp_overall = {'secrets': []} else: secret_fields = lambda s: augment_fields_with_content_types(s) secrets_resp = [convert_to_hrefs(keystone_id, secret_fields(s)) for s in secrets] secrets_resp_overall = add_nav_hrefs('secrets', keystone_id, offset, limit, len(secrets), {'secrets': secrets_resp}) resp.status = falcon.HTTP_200 resp.body = json.dumps(secrets_resp_overall, default=json_handler)
def on_get(self, req, resp, keystone_id, secret_id): secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found(req, resp) resp.status = falcon.HTTP_200 if is_json_request_accept(req): # Metadata-only response, no decryption necessary. resp.set_header('Content-Type', 'application/json') secret_fields = mime_types.augment_fields_with_content_types( secret) resp.body = json.dumps(convert_to_hrefs(keystone_id, secret_fields), default=json_handler) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) resp.set_header('Content-Type', req.accept) resp.body = self.crypto_manager \ .decrypt(req.accept, secret, tenant)
def on_get(self, req, resp, keystone_id, secret_id): secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found(req, resp) resp.status = falcon.HTTP_200 if not req.accept or req.accept == 'application/json' \ or req.accept == '*/*': # Metadata-only response, no decryption necessary. resp.set_header('Content-Type', 'application/json') secret_fields = augment_fields_with_content_types(secret) resp.body = json.dumps(convert_to_hrefs(keystone_id, secret_fields), default=json_handler) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) resp.set_header('Content-Type', req.accept) try: resp.body = self.crypto_manager.decrypt(req.accept, secret, tenant) except em.CryptoAcceptNotSupportedException as canse: LOG.exception('Secret decryption failed - ' 'accept not supported') _get_accept_not_supported(canse.accept, req, resp) except em.CryptoNoSecretOrDataException as cnsode: LOG.exception('Secret information of type {0} not ' 'found for decryption.'.format(cnsode.mime_type)) _get_secret_info_not_found(cnsode.mime_type, req, resp) except Exception as e: LOG.exception('Secret decryption failed - unknown') _failed_to_decrypt_data(req, resp)
def on_get(self, req, resp, keystone_id, secret_id): secret = self.repo.get(entity_id=secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found(req, resp) resp.status = falcon.HTTP_200 if not req.accept or req.accept == 'application/json' \ or req.accept == '*/*': # Metadata-only response, no decryption necessary. resp.set_header('Content-Type', 'application/json') secret_fields = augment_fields_with_content_types(secret) resp.body = json.dumps(convert_to_hrefs(keystone_id, secret_fields), default=json_handler) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) resp.set_header('Content-Type', req.accept) try: resp.body = self.crypto_manager.decrypt( req.accept, secret, tenant) except em.CryptoAcceptNotSupportedException as canse: LOG.exception('Secret decryption failed - ' 'accept not supported') _get_accept_not_supported(canse.accept, req, resp) except em.CryptoNoSecretOrDataException as cnsode: LOG.exception('Secret information of type {0} not ' 'found for decryption.'.format(cnsode.mime_type)) _get_secret_info_not_found(cnsode.mime_type, req, resp) except Exception as e: LOG.exception('Secret decryption failed - unknown') _failed_to_decrypt_data(req, resp)
def on_get(self, req, resp, keystone_id): LOG.debug('Start secrets on_get ' 'for tenant-ID {0}:'.format(keystone_id)) params = req._params result = self.secret_repo \ .get_by_create_date(keystone_id, offset_arg=params.get('offset', None), limit_arg=params.get('limit', None), suppress_exception=True) secrets, offset, limit = result if not secrets: secrets_resp_overall = {'secrets': []} else: secret_fields = lambda s: augment_fields_with_content_types(s) secrets_resp = [ convert_to_hrefs(keystone_id, secret_fields(s)) for s in secrets ] secrets_resp_overall = add_nav_hrefs('secrets', keystone_id, offset, limit, len(secrets), {'secrets': secrets_resp}) resp.status = falcon.HTTP_200 resp.body = json.dumps(secrets_resp_overall, default=json_handler)
def _test_secret_and_datum_for_content_type(self, content_type): self.assertIn(content_type, mime_types.INTERNAL_CTYPES) self.datum.content_type = mime_types.INTERNAL_CTYPES[content_type] fields = mime_types.augment_fields_with_content_types(self.secret) self.assertIn('content_types', fields) content_types = fields['content_types'] self.assertIn('default', content_types) self.assertEqual(self.datum.content_type, content_types['default'])
def on_get(self, req, resp, tenant_id, secret_id): secret = self.repo.get(entity_id=secret_id, suppress_exception=True) if not secret: _secret_not_found() resp.status = falcon.HTTP_200 if not req.accept or req.accept == 'application/json': # Metadata-only response, no decryption necessary. resp.set_header('Content-Type', 'application/json') resp.body = json.dumps(augment_fields_with_content_types(secret), default=json_handler) else: tenant = get_or_create_tenant(tenant_id, self.tenant_repo) resp.set_header('Content-Type', req.accept) resp.body = self.crypto_manager.decrypt(req.accept, secret, tenant)
def index(self, keystone_id): secret = self.repo.get(entity_id=self.secret_id, keystone_id=keystone_id, suppress_exception=True) if not secret: _secret_not_found() if controllers.is_json_request_accept(pecan.request): # Metadata-only response, no decryption necessary. pecan.override_template('json', 'application/json') secret_fields = mime_types.augment_fields_with_content_types( secret) return hrefs.convert_to_hrefs(keystone_id, secret_fields) else: tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo) pecan.override_template('', pecan.request.accept.header_value) return self.crypto_manager.decrypt( pecan.request.accept.header_value, secret, tenant )
def test_secret_with_non_matching_datum(self): self.datum.content_type = "bababooey" fields = mime_types.augment_fields_with_content_types(self.secret) self.assertNotIn("bababooey", fields)