From 7b14d983e0dce6dcffe9781b05c52335b8203fc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Douglas=20Mendiz=C3=A1bal?= Date: Tue, 21 Jan 2020 07:42:37 -0600 Subject: [PATCH] Revert Secret Consumers API change This API change broke a TripleO gate because python-barbicanclient is not able to handle the new "consumers" property in the Secret json response. This patch reverts the API change only, which should be exposed using a new microversion. Change-Id: I2d83a4093ea5df86f57f34f4d5b58061641c9a85 Depends-On: I4423dfb2c30299903b52a2bb06d846dd487f5b8b Fixes-Bug: 1860354 --- barbican/model/models.py | 15 +- .../tests/api/controllers/test_consumers.py | 658 +++++++++--------- 2 files changed, 337 insertions(+), 336 deletions(-) diff --git a/barbican/model/models.py b/barbican/model/models.py index 5fe74b740..eda533045 100644 --- a/barbican/model/models.py +++ b/barbican/model/models.py @@ -374,13 +374,14 @@ class Secret(BASE, SoftDeleteMixIn, ModelBase): 'bit_length': self.bit_length, 'mode': self.mode, 'creator_id': self.creator_id, - "consumers": [ - { - "service": consumer.service, - "resource_type": consumer.resource_type, - "resource_id": consumer.resource_id, - } for consumer in self.consumers if not consumer.deleted - ], + # TODO(redrobot): Uncomment this after adding microversions + # "consumers": [ + # { + # "service": consumer.service, + # "resource_type": consumer.resource_type, + # "resource_id": consumer.resource_id, + # } for consumer in self.consumers if not consumer.deleted + # ], } diff --git a/barbican/tests/api/controllers/test_consumers.py b/barbican/tests/api/controllers/test_consumers.py index 821e46529..84d3325ac 100644 --- a/barbican/tests/api/controllers/test_consumers.py +++ b/barbican/tests/api/controllers/test_consumers.py @@ -329,335 +329,335 @@ class WhenTestingContainerConsumersResource(utils.BarbicanAPIBaseTestCase): ) self.assertEqual(400, consumer_resp.status_int) - -class WhenTestingSecretConsumersResource(utils.BarbicanAPIBaseTestCase): - - def setUp(self): - super(WhenTestingSecretConsumersResource, self).setUp() - - self.consumer_a = { - "service": "service_a", - "resource_type": "resource_type_a", - "resource_id": "resource_id_a", - } - - self.consumer_b = { - "service": "service_b", - "resource_type": "resource_type_b", - "resource_id": "resource_id_b", - } - - self.consumer_c = { - "service": "service_c", - "resource_type": "resource_type_c", - "resource_id": "resource_id_c", - } - - def test_can_create_new_consumer(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_a["service"], - resource_type=self.consumer_a["resource_type"], - resource_id=self.consumer_a["resource_id"], - ) - - self.assertEqual(200, consumer_resp.status_int) - self.assertEqual([self.consumer_a], consumer) - - def test_can_get_consumers(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_a["service"], - resource_type=self.consumer_a["resource_type"], - resource_id=self.consumer_a["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_b["service"], - resource_type=self.consumer_b["resource_type"], - resource_id=self.consumer_b["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_c["service"], - resource_type=self.consumer_c["resource_type"], - resource_id=self.consumer_c["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_get_resp = self.app.get( - '/secrets/{secret_id}/consumers/'.format( - secret_id=secret_id)) - - self.assertEqual(200, consumer_get_resp.status_int) - self.assertIn(consumers[0]["service"], - consumer_get_resp.json["consumers"][0]["service"]) - self.assertIn(consumers[0]["resource_type"], - consumer_get_resp.json["consumers"][0]["resource_type"]) - self.assertIn(consumers[0]["resource_id"], - consumer_get_resp.json["consumers"][0]["resource_id"]) - self.assertIn(consumers[1]["service"], - consumer_get_resp.json["consumers"][1]["service"]) - self.assertIn(consumers[1]["resource_type"], - consumer_get_resp.json["consumers"][1]["resource_type"]) - self.assertIn(consumers[1]["resource_id"], - consumer_get_resp.json["consumers"][1]["resource_id"]) - self.assertIn(consumers[2]["service"], - consumer_get_resp.json["consumers"][2]["service"]) - self.assertIn(consumers[2]["resource_type"], - consumer_get_resp.json["consumers"][2]["resource_type"]) - self.assertIn(consumers[2]["resource_id"], - consumer_get_resp.json["consumers"][2]["resource_id"]) - - def test_can_get_consumers_with_limit_and_offset(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_a["service"], - resource_type=self.consumer_a["resource_type"], - resource_id=self.consumer_a["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_b["service"], - resource_type=self.consumer_b["resource_type"], - resource_id=self.consumer_b["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_c["service"], - resource_type=self.consumer_c["resource_type"], - resource_id=self.consumer_c["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - consumer_get_resp = self.app.get( - '/secrets/{secret_id}/consumers/?limit=1&offset=1'.format( - secret_id=secret_id)) - self.assertEqual(200, consumer_get_resp.status_int) - - secret_url = resp.json["secret_ref"] - - prev_cons = u"{secret_url}/consumers?limit=1&offset=0".format( - secret_url=secret_url) - self.assertEqual(prev_cons, consumer_get_resp.json["previous"]) - - next_cons = u"{secret_url}/consumers?limit=1&offset=2".format( - secret_url=secret_url) - self.assertEqual(next_cons, consumer_get_resp.json["next"]) - - self.assertEqual( - self.consumer_b["service"], - consumer_get_resp.json["consumers"][0]["service"] - ) - self.assertEqual( - self.consumer_b["resource_type"], - consumer_get_resp.json["consumers"][0]["resource_type"] - ) - self.assertEqual( - self.consumer_b["resource_id"], - consumer_get_resp.json["consumers"][0]["resource_id"] - ) - - self.assertEqual(3, consumer_get_resp.json["total"]) - - def test_can_delete_consumer(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id=secret_id, - service=self.consumer_a["service"], - resource_type=self.consumer_a["resource_type"], - resource_id=self.consumer_a["resource_id"], - ) - self.assertEqual(200, consumer_resp.status_int) - - request = { - "service": self.consumer_a["service"], - "resource_type": self.consumer_a["resource_type"], - "resource_id": self.consumer_a["resource_id"], - } - cleaned_request = {key: val for key, val in request.items() - if val is not None} - - consumer_del_resp = self.app.delete_json( - '/secrets/{secret_id}/consumers/'.format( - secret_id=secret_id - ), cleaned_request, headers={'Content-Type': 'application/json'}) - - self.assertEqual(200, consumer_del_resp.status_int) - - def test_can_get_no_consumers(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_get_resp = self.app.get( - '/secrets/{secret_id}/consumers/'.format( - secret_id=secret_id)) - - self.assertEqual(200, consumer_get_resp.status_int) - self.assertEqual([], consumer_get_resp.json["consumers"]) - - def test_fail_create_secret_not_found(self): - consumer_resp, consumers = create_secret_consumer( - self.app, - secret_id="bad_secret_id", - service=self.consumer_a["service"], - resource_type=self.consumer_a["resource_type"], - resource_id=self.consumer_a["resource_id"], - expect_errors=True - ) - self.assertEqual(404, consumer_resp.status_int) - - def test_fail_get_secret_not_found(self): - consumer_get_resp = self.app.get( - '/secrets/{secret_id}/consumers/'.format( - secret_id="bad_secret_id"), expect_errors=True) - - self.assertEqual(404, consumer_get_resp.status_int) - - def test_fail_delete_secret_not_found(self): - request = { - "service": self.consumer_a["service"], - "resource_type": self.consumer_a["resource_type"], - "resource_id": self.consumer_a["resource_id"], - } - cleaned_request = {key: val for key, val in request.items() - if val is not None} - - consumer_del_resp = self.app.delete_json( - '/secrets/{secret_id}/consumers/'.format( - secret_id="bad_secret_id" - ), cleaned_request, headers={'Content-Type': 'application/json'}, - expect_errors=True) - - self.assertEqual(404, consumer_del_resp.status_int) - - def test_fail_delete_consumer_not_found(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - request = { - "service": self.consumer_a["service"], - "resource_type": self.consumer_a["resource_type"], - "resource_id": self.consumer_a["resource_id"], - } - cleaned_request = {key: val for key, val in request.items() - if val is not None} - - consumer_del_resp = self.app.delete_json( - '/secrets/{secret_id}/consumers/'.format( - secret_id=secret_id - ), cleaned_request, headers={'Content-Type': 'application/json'}, - expect_errors=True) - - self.assertEqual(404, consumer_del_resp.status_int) - - def test_fail_create_no_service(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - resource_type="resource_type", - resource_id="resource_id", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) - - def test_fail_create_no_resource_type(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service="service", - resource_id="resource_id", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) - - def test_fail_create_no_resource_id(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service="service", - resource_type="resource_type", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) - - def test_fail_create_empty_service(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service="", - resource_type="resource_type", - resource_id="resource_id", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) - - def test_fail_create_empty_resource_type(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service="service", - resource_type="", - resource_id="resource_id", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) - - def test_fail_create_empty_resource_id(self): - resp, secret_id = create_secret(self.app) - self.assertEqual(201, resp.status_int) - - consumer_resp, consumer = create_secret_consumer( - self.app, - secret_id=secret_id, - service="service", - resource_type="resource_type", - resource_id="", - expect_errors=True - ) - self.assertEqual(400, consumer_resp.status_int) +# TODO(redrobot): Uncomment this after adding microversion +# class WhenTestingSecretConsumersResource(utils.BarbicanAPIBaseTestCase): +# +# def setUp(self): +# super(WhenTestingSecretConsumersResource, self).setUp() +# +# self.consumer_a = { +# "service": "service_a", +# "resource_type": "resource_type_a", +# "resource_id": "resource_id_a", +# } +# +# self.consumer_b = { +# "service": "service_b", +# "resource_type": "resource_type_b", +# "resource_id": "resource_id_b", +# } +# +# self.consumer_c = { +# "service": "service_c", +# "resource_type": "resource_type_c", +# "resource_id": "resource_id_c", +# } +# +# def test_can_create_new_consumer(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_a["service"], +# resource_type=self.consumer_a["resource_type"], +# resource_id=self.consumer_a["resource_id"], +# ) +# +# self.assertEqual(200, consumer_resp.status_int) +# self.assertEqual([self.consumer_a], consumer) +# +# def test_can_get_consumers(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_a["service"], +# resource_type=self.consumer_a["resource_type"], +# resource_id=self.consumer_a["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_b["service"], +# resource_type=self.consumer_b["resource_type"], +# resource_id=self.consumer_b["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_c["service"], +# resource_type=self.consumer_c["resource_type"], +# resource_id=self.consumer_c["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_get_resp = self.app.get( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id=secret_id)) +# +# self.assertEqual(200, consumer_get_resp.status_int) +# self.assertIn(consumers[0]["service"], +# consumer_get_resp.json["consumers"][0]["service"]) +# self.assertIn(consumers[0]["resource_type"], +# consumer_get_resp.json["consumers"][0]["resource_type"]) +# self.assertIn(consumers[0]["resource_id"], +# consumer_get_resp.json["consumers"][0]["resource_id"]) +# self.assertIn(consumers[1]["service"], +# consumer_get_resp.json["consumers"][1]["service"]) +# self.assertIn(consumers[1]["resource_type"], +# consumer_get_resp.json["consumers"][1]["resource_type"]) +# self.assertIn(consumers[1]["resource_id"], +# consumer_get_resp.json["consumers"][1]["resource_id"]) +# self.assertIn(consumers[2]["service"], +# consumer_get_resp.json["consumers"][2]["service"]) +# self.assertIn(consumers[2]["resource_type"], +# consumer_get_resp.json["consumers"][2]["resource_type"]) +# self.assertIn(consumers[2]["resource_id"], +# consumer_get_resp.json["consumers"][2]["resource_id"]) +# +# def test_can_get_consumers_with_limit_and_offset(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_a["service"], +# resource_type=self.consumer_a["resource_type"], +# resource_id=self.consumer_a["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_b["service"], +# resource_type=self.consumer_b["resource_type"], +# resource_id=self.consumer_b["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_c["service"], +# resource_type=self.consumer_c["resource_type"], +# resource_id=self.consumer_c["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# consumer_get_resp = self.app.get( +# '/secrets/{secret_id}/consumers/?limit=1&offset=1'.format( +# secret_id=secret_id)) +# self.assertEqual(200, consumer_get_resp.status_int) +# +# secret_url = resp.json["secret_ref"] +# +# prev_cons = u"{secret_url}/consumers?limit=1&offset=0".format( +# secret_url=secret_url) +# self.assertEqual(prev_cons, consumer_get_resp.json["previous"]) +# +# next_cons = u"{secret_url}/consumers?limit=1&offset=2".format( +# secret_url=secret_url) +# self.assertEqual(next_cons, consumer_get_resp.json["next"]) +# +# self.assertEqual( +# self.consumer_b["service"], +# consumer_get_resp.json["consumers"][0]["service"] +# ) +# self.assertEqual( +# self.consumer_b["resource_type"], +# consumer_get_resp.json["consumers"][0]["resource_type"] +# ) +# self.assertEqual( +# self.consumer_b["resource_id"], +# consumer_get_resp.json["consumers"][0]["resource_id"] +# ) +# +# self.assertEqual(3, consumer_get_resp.json["total"]) +# +# def test_can_delete_consumer(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service=self.consumer_a["service"], +# resource_type=self.consumer_a["resource_type"], +# resource_id=self.consumer_a["resource_id"], +# ) +# self.assertEqual(200, consumer_resp.status_int) +# +# request = { +# "service": self.consumer_a["service"], +# "resource_type": self.consumer_a["resource_type"], +# "resource_id": self.consumer_a["resource_id"], +# } +# cleaned_request = {key: val for key, val in request.items() +# if val is not None} +# +# consumer_del_resp = self.app.delete_json( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id=secret_id +# ), cleaned_request, headers={'Content-Type': 'application/json'}) +# +# self.assertEqual(200, consumer_del_resp.status_int) +# +# def test_can_get_no_consumers(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_get_resp = self.app.get( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id=secret_id)) +# +# self.assertEqual(200, consumer_get_resp.status_int) +# self.assertEqual([], consumer_get_resp.json["consumers"]) +# +# def test_fail_create_secret_not_found(self): +# consumer_resp, consumers = create_secret_consumer( +# self.app, +# secret_id="bad_secret_id", +# service=self.consumer_a["service"], +# resource_type=self.consumer_a["resource_type"], +# resource_id=self.consumer_a["resource_id"], +# expect_errors=True +# ) +# self.assertEqual(404, consumer_resp.status_int) +# +# def test_fail_get_secret_not_found(self): +# consumer_get_resp = self.app.get( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id="bad_secret_id"), expect_errors=True) +# +# self.assertEqual(404, consumer_get_resp.status_int) +# +# def test_fail_delete_secret_not_found(self): +# request = { +# "service": self.consumer_a["service"], +# "resource_type": self.consumer_a["resource_type"], +# "resource_id": self.consumer_a["resource_id"], +# } +# cleaned_request = {key: val for key, val in request.items() +# if val is not None} +# +# consumer_del_resp = self.app.delete_json( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id="bad_secret_id" +# ), cleaned_request, headers={'Content-Type': 'application/json'}, +# expect_errors=True) +# +# self.assertEqual(404, consumer_del_resp.status_int) +# +# def test_fail_delete_consumer_not_found(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# request = { +# "service": self.consumer_a["service"], +# "resource_type": self.consumer_a["resource_type"], +# "resource_id": self.consumer_a["resource_id"], +# } +# cleaned_request = {key: val for key, val in request.items() +# if val is not None} +# +# consumer_del_resp = self.app.delete_json( +# '/secrets/{secret_id}/consumers/'.format( +# secret_id=secret_id +# ), cleaned_request, headers={'Content-Type': 'application/json'}, +# expect_errors=True) +# +# self.assertEqual(404, consumer_del_resp.status_int) +# +# def test_fail_create_no_service(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# resource_type="resource_type", +# resource_id="resource_id", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) +# +# def test_fail_create_no_resource_type(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service="service", +# resource_id="resource_id", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) +# +# def test_fail_create_no_resource_id(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service="service", +# resource_type="resource_type", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) +# +# def test_fail_create_empty_service(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service="", +# resource_type="resource_type", +# resource_id="resource_id", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) +# +# def test_fail_create_empty_resource_type(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service="service", +# resource_type="", +# resource_id="resource_id", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) +# +# def test_fail_create_empty_resource_id(self): +# resp, secret_id = create_secret(self.app) +# self.assertEqual(201, resp.status_int) +# +# consumer_resp, consumer = create_secret_consumer( +# self.app, +# secret_id=secret_id, +# service="service", +# resource_type="resource_type", +# resource_id="", +# expect_errors=True +# ) +# self.assertEqual(400, consumer_resp.status_int) # ----------------------- Helper Functions ---------------------------