openstack/barbican
Code Issues Proposed changes

Remove unused NewCAValidator

Browse Source 
The validator has been unused since CA API was removed by [1].

This allows us to drop dependency on ldap3, which has had no release
for the past 3 years.

[1] 8561bc339f

Change-Id: I181c8929f77ba6b06cad6c646ae40c7cbb4956dc
This commit is contained in:
Takashi Kajinami
2024-12-15 01:50:21 +09:00
parent 62a1d6956f
commit 20ea14db5a
3 changed files with 1 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
barbican/common/validators.py
View File

@@ -18,8 +18,6 @@ import base64
import re import re
import jsonschema as schema import jsonschema as schema
from ldap3.core import exceptions as ldap_exceptions
from ldap3.utils.dn import parse_dn
from oslo_utils import timeutils from oslo_utils import timeutils
from barbican.api import controllers from barbican.api import controllers
@@ -417,22 +415,9 @@ class NewSecretMetadatumValidator(ValidatorBase):
raise exception.InvalidMetadataKey() raise exception.InvalidMetadataKey()
class CACommonHelpersMixin(object):
def _validate_subject_dn_data(self, subject_dn):
"""Confirm that the subject_dn contains valid data
Validate that the subject_dn string parses without error
If not, raise InvalidSubjectDN
"""
try:
parse_dn(subject_dn)
except ldap_exceptions.LDAPInvalidDnError:
raise exception.InvalidSubjectDN(subject_dn=subject_dn)
# TODO(atiwari) - Split this validator module and unit tests # TODO(atiwari) - Split this validator module and unit tests
# into smaller modules # into smaller modules
class TypeOrderValidator(ValidatorBase, CACommonHelpersMixin): class TypeOrderValidator(ValidatorBase):
"""Validate a new typed order.""" """Validate a new typed order."""
def __init__(self): def __init__(self):
@@ -855,34 +840,6 @@ class ProjectQuotaValidator(ValidatorBase):
return json_data return json_data
class NewCAValidator(ValidatorBase, CACommonHelpersMixin):
"""Validate new CA(s)."""
def __init__(self):
self.name = 'CA'
self.schema = {
'type': 'object',
'properties': {
'name': {'type': 'string', "minLength": 1},
'subject_dn': {'type': 'string', "minLength": 1},
'parent_ca_ref': {'type': 'string', "minLength": 1},
'description': {'type': 'string'},
},
'required': ['name', 'subject_dn', 'parent_ca_ref'],
'additionalProperties': False
}
def validate(self, json_data, parent_schema=None):
schema_name = self._full_name(parent_schema)
self._assert_schema_is_valid(json_data, schema_name)
subject_dn = json_data['subject_dn']
self._validate_subject_dn_data(subject_dn)
return json_data
class SecretConsumerValidator(ValidatorBase): class SecretConsumerValidator(ValidatorBase):
"""Validate a new Secret Consumer.""" """Validate a new Secret Consumer."""

64
barbican/tests/common/test_validators.py
View File

@@ -1455,70 +1455,6 @@ class WhenTestingProjectQuotasValidator(utils.BaseTestCase):
self.good_project_quotas) self.good_project_quotas)
@utils.parameterized_test_case
class WhenTestingNewCAValidator(utils.BaseTestCase):
def setUp(self):
super(WhenTestingNewCAValidator, self).setUp()
self.new_ca_req = {'name': 'New CA',
'subject_dn': 'cn=barbican-server,o=example.com',
'parent_ca_ref':
'https://localhost/v1/cas/parent_ca_id',
'description': 'This is a subCA'}
self.validator = validators.NewCAValidator()
def test_should_raise_with_empty_data(self):
self.assertRaises(
excep.InvalidObject,
self.validator.validate,
{}
)
@utils.parameterized_dataset({
'name': ['name'],
'subject_dn': ['subject_dn'],
'parent_ca_ref': ['parent_ca_ref'],
})
def should_raise_if_any_required_parameter_is_missing(self, parameter):
del self.new_ca_req[parameter]
exception = self.assertRaises(
excep.InvalidObject,
self.validator.validate,
self.new_ca_req
)
self.assertEqual(parameter, exception.invalid_property)
@utils.parameterized_dataset({
'name': ['name'],
'subject_dn': ['subject_dn'],
'parent_ca_ref': ['parent_ca_ref'],
})
def should_raise_if_any_required_parameter_is_empty(self, parameter):
self.new_ca_req[parameter] = ''
exception = self.assertRaises(
excep.InvalidObject,
self.validator.validate,
self.new_ca_req
)
self.assertEqual(parameter, exception.invalid_property)
def test_should_pass_with_valid_data(self):
self.validator.validate(self.new_ca_req)
def test_should_raise_with_invalid_subject_dn(self):
self.new_ca_req['subject_dn'] = 'I am an invalid subject_dn!'
self.assertRaises(
excep.InvalidSubjectDN,
self.validator.validate,
self.new_ca_req
)
@utils.parameterized_test_case @utils.parameterized_test_case
class WhenTestingSecretMetadataValidator(utils.BaseTestCase): class WhenTestingSecretMetadataValidator(utils.BaseTestCase):

1
requirements.txt
View File

@@ -24,7 +24,6 @@ Paste>=2.0.2 # MIT
PasteDeploy>=1.5.0 # MIT PasteDeploy>=1.5.0 # MIT
pbr!=2.1.0,>=2.0.0 # Apache-2.0 pbr!=2.1.0,>=2.0.0 # Apache-2.0
pecan!=1.0.2,!=1.0.3,!=1.0.4,!=1.2,>=1.0.0 # BSD pecan!=1.0.2,!=1.0.3,!=1.0.4,!=1.2,>=1.0.0 # BSD
ldap3>=1.0.2 # LGPLv3
keystonemiddleware>=9.5.0 # Apache-2.0 keystonemiddleware>=9.5.0 # Apache-2.0
SQLAlchemy>=1.4.0 # MIT SQLAlchemy>=1.4.0 # MIT
stevedore>=1.20.0 # Apache-2.0 stevedore>=1.20.0 # Apache-2.0