Remove unused NewCAValidator
The validator has been unused since CA API was removed by [1].
This allows us to drop dependency on ldap3, which has had no release
for the past 3 years.
[1] 8561bc339f
Change-Id: I181c8929f77ba6b06cad6c646ae40c7cbb4956dc
This commit is contained in:
Takashi Kajinami
@@ -18,8 +18,6 @@ import base64
|
||||
import re
|
||||
|
||||
import jsonschema as schema
|
||||
from ldap3.core import exceptions as ldap_exceptions
|
||||
from ldap3.utils.dn import parse_dn
|
||||
from oslo_utils import timeutils
|
||||
|
||||
from barbican.api import controllers
|
||||
@@ -417,22 +415,9 @@ class NewSecretMetadatumValidator(ValidatorBase):
|
||||
raise exception.InvalidMetadataKey()
|
||||
|
||||
|
||||
class CACommonHelpersMixin(object):
|
||||
def _validate_subject_dn_data(self, subject_dn):
|
||||
"""Confirm that the subject_dn contains valid data
|
||||
|
||||
Validate that the subject_dn string parses without error
|
||||
If not, raise InvalidSubjectDN
|
||||
"""
|
||||
try:
|
||||
parse_dn(subject_dn)
|
||||
except ldap_exceptions.LDAPInvalidDnError:
|
||||
raise exception.InvalidSubjectDN(subject_dn=subject_dn)
|
||||
|
||||
|
||||
# TODO(atiwari) - Split this validator module and unit tests
|
||||
# into smaller modules
|
||||
class TypeOrderValidator(ValidatorBase, CACommonHelpersMixin):
|
||||
class TypeOrderValidator(ValidatorBase):
|
||||
"""Validate a new typed order."""
|
||||
|
||||
def __init__(self):
|
||||
@@ -855,34 +840,6 @@ class ProjectQuotaValidator(ValidatorBase):
|
||||
return json_data
|
||||
|
||||
|
||||
class NewCAValidator(ValidatorBase, CACommonHelpersMixin):
|
||||
"""Validate new CA(s)."""
|
||||
|
||||
def __init__(self):
|
||||
self.name = 'CA'
|
||||
|
||||
self.schema = {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
'name': {'type': 'string', "minLength": 1},
|
||||
'subject_dn': {'type': 'string', "minLength": 1},
|
||||
'parent_ca_ref': {'type': 'string', "minLength": 1},
|
||||
'description': {'type': 'string'},
|
||||
},
|
||||
'required': ['name', 'subject_dn', 'parent_ca_ref'],
|
||||
'additionalProperties': False
|
||||
}
|
||||
|
||||
def validate(self, json_data, parent_schema=None):
|
||||
schema_name = self._full_name(parent_schema)
|
||||
|
||||
self._assert_schema_is_valid(json_data, schema_name)
|
||||
|
||||
subject_dn = json_data['subject_dn']
|
||||
self._validate_subject_dn_data(subject_dn)
|
||||
return json_data
|
||||
|
||||
|
||||
class SecretConsumerValidator(ValidatorBase):
|
||||
"""Validate a new Secret Consumer."""
|
||||
|
||||
|
||||
@@ -1455,70 +1455,6 @@ class WhenTestingProjectQuotasValidator(utils.BaseTestCase):
|
||||
self.good_project_quotas)
|
||||
|
||||
|
||||
@utils.parameterized_test_case
|
||||
class WhenTestingNewCAValidator(utils.BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(WhenTestingNewCAValidator, self).setUp()
|
||||
|
||||
self.new_ca_req = {'name': 'New CA',
|
||||
'subject_dn': 'cn=barbican-server,o=example.com',
|
||||
'parent_ca_ref':
|
||||
'https://localhost/v1/cas/parent_ca_id',
|
||||
'description': 'This is a subCA'}
|
||||
|
||||
self.validator = validators.NewCAValidator()
|
||||
|
||||
def test_should_raise_with_empty_data(self):
|
||||
self.assertRaises(
|
||||
excep.InvalidObject,
|
||||
self.validator.validate,
|
||||
{}
|
||||
)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'name': ['name'],
|
||||
'subject_dn': ['subject_dn'],
|
||||
'parent_ca_ref': ['parent_ca_ref'],
|
||||
})
|
||||
def should_raise_if_any_required_parameter_is_missing(self, parameter):
|
||||
del self.new_ca_req[parameter]
|
||||
exception = self.assertRaises(
|
||||
excep.InvalidObject,
|
||||
self.validator.validate,
|
||||
self.new_ca_req
|
||||
)
|
||||
|
||||
self.assertEqual(parameter, exception.invalid_property)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'name': ['name'],
|
||||
'subject_dn': ['subject_dn'],
|
||||
'parent_ca_ref': ['parent_ca_ref'],
|
||||
})
|
||||
def should_raise_if_any_required_parameter_is_empty(self, parameter):
|
||||
self.new_ca_req[parameter] = ''
|
||||
exception = self.assertRaises(
|
||||
excep.InvalidObject,
|
||||
self.validator.validate,
|
||||
self.new_ca_req
|
||||
)
|
||||
|
||||
self.assertEqual(parameter, exception.invalid_property)
|
||||
|
||||
def test_should_pass_with_valid_data(self):
|
||||
self.validator.validate(self.new_ca_req)
|
||||
|
||||
def test_should_raise_with_invalid_subject_dn(self):
|
||||
self.new_ca_req['subject_dn'] = 'I am an invalid subject_dn!'
|
||||
|
||||
self.assertRaises(
|
||||
excep.InvalidSubjectDN,
|
||||
self.validator.validate,
|
||||
self.new_ca_req
|
||||
)
|
||||
|
||||
|
||||
@utils.parameterized_test_case
|
||||
class WhenTestingSecretMetadataValidator(utils.BaseTestCase):
|
||||
|
||||
|
||||
@@ -24,7 +24,6 @@ Paste>=2.0.2 # MIT
|
||||
PasteDeploy>=1.5.0 # MIT
|
||||
pbr!=2.1.0,>=2.0.0 # Apache-2.0
|
||||
pecan!=1.0.2,!=1.0.3,!=1.0.4,!=1.2,>=1.0.0 # BSD
|
||||
ldap3>=1.0.2 # LGPLv3
|
||||
keystonemiddleware>=9.5.0 # Apache-2.0
|
||||
SQLAlchemy>=1.4.0 # MIT
|
||||
stevedore>=1.20.0 # Apache-2.0
|
||||
|
||||
Reference in New Issue
Block a user