Pass secret_type to repository query
In the secrets controller, the list functionality had a "secret_type" argument, but wasn't being used in the actual query to the secrets repo. This fixes the issue and adds functional tests to ensure the filter queries are working correctly. Change-Id: Ifa42f5e817908973dd8b927e4744cdc754a4b027
This commit is contained in:
parent
a444b8b07e
commit
fba4607f6e
@ -379,6 +379,7 @@ class SecretsController(controllers.ACLMixin):
|
|||||||
alg=kw.get('alg'),
|
alg=kw.get('alg'),
|
||||||
mode=kw.get('mode'),
|
mode=kw.get('mode'),
|
||||||
bits=bits,
|
bits=bits,
|
||||||
|
secret_type=kw.get('secret_type'),
|
||||||
suppress_exception=True,
|
suppress_exception=True,
|
||||||
acl_only=kw.get('acl_only'),
|
acl_only=kw.get('acl_only'),
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
|
@ -131,24 +131,35 @@ class SecretBehaviors(base_behaviors.BaseBehaviors):
|
|||||||
response_model_type=secret_models.SecretModel,
|
response_model_type=secret_models.SecretModel,
|
||||||
use_auth=use_auth, user_name=user_name)
|
use_auth=use_auth, user_name=user_name)
|
||||||
|
|
||||||
def get_secrets(self, limit=10, offset=0, filter=None,
|
def get_secrets(self, limit=10, offset=0, extra_headers=None,
|
||||||
extra_headers=None, omit_headers=None, use_auth=True,
|
omit_headers=None, use_auth=True, user_name=None,
|
||||||
user_name=None):
|
name=None, alg=None, mode=None, bits=None,
|
||||||
|
secret_type=None):
|
||||||
"""Handles getting a list of secrets.
|
"""Handles getting a list of secrets.
|
||||||
|
|
||||||
:param limit: limits number of returned secrets
|
:param limit: limits number of returned secrets
|
||||||
:param offset: represents how many records to skip before retrieving
|
:param offset: represents how many records to skip before retrieving
|
||||||
the list
|
the list
|
||||||
:param filter: optional filter to limit the returned secrets to
|
|
||||||
those whose name matches the filter.
|
|
||||||
:param extra_headers: Optional HTTP headers to add to the request
|
:param extra_headers: Optional HTTP headers to add to the request
|
||||||
:param omit_headers: headers to delete before making the request
|
:param omit_headers: headers to delete before making the request
|
||||||
:param use_auth: Boolean for whether to send authentication headers
|
:param use_auth: Boolean for whether to send authentication headers
|
||||||
:param user_name: The user name used to list the secrets
|
:param user_name: The user name used to list the secrets
|
||||||
|
:param alg: Optional algorithm for filtering secrets
|
||||||
|
:param mode: Optional mode for filtering secrets
|
||||||
|
:param bits: Optional bit length for filtering secrets
|
||||||
|
:param secret_type: Optional secret type for filtering secrets
|
||||||
"""
|
"""
|
||||||
params = {'limit': limit, 'offset': offset}
|
params = {'limit': limit, 'offset': offset}
|
||||||
if filter:
|
if name:
|
||||||
params['name'] = filter
|
params['name'] = name
|
||||||
|
if alg:
|
||||||
|
params['alg'] = alg
|
||||||
|
if mode:
|
||||||
|
params['mode'] = mode
|
||||||
|
if bits:
|
||||||
|
params['bits'] = bits
|
||||||
|
if secret_type:
|
||||||
|
params['secret_type'] = secret_type
|
||||||
resp = self.client.get('secrets', params=params,
|
resp = self.client.get('secrets', params=params,
|
||||||
extra_headers=extra_headers,
|
extra_headers=extra_headers,
|
||||||
omit_headers=omit_headers,
|
omit_headers=omit_headers,
|
||||||
|
@ -22,6 +22,7 @@ import time
|
|||||||
|
|
||||||
from testtools import testcase
|
from testtools import testcase
|
||||||
|
|
||||||
|
from barbican.plugin.interface import secret_store as ss
|
||||||
from barbican.plugin.util import translations
|
from barbican.plugin.util import translations
|
||||||
from barbican.tests import keys
|
from barbican.tests import keys
|
||||||
from barbican.tests import utils
|
from barbican.tests import utils
|
||||||
@ -1088,6 +1089,52 @@ class SecretsTestCase(base.TestCase):
|
|||||||
self.assertEqual(400, resp.status_code)
|
self.assertEqual(400, resp.status_code)
|
||||||
|
|
||||||
|
|
||||||
|
@utils.parameterized_test_case
|
||||||
|
class ListingSecretsTestCase(SecretsTestCase):
|
||||||
|
|
||||||
|
@utils.parameterized_dataset({
|
||||||
|
'query_by_name': {
|
||||||
|
'secret_1_dict': dict(name="name1"),
|
||||||
|
'secret_2_dict': dict(name="name2"),
|
||||||
|
'query_dict': dict(name="name1")
|
||||||
|
},
|
||||||
|
'query_by_algorithm': {
|
||||||
|
'secret_1_dict': dict(algorithm="algorithm1"),
|
||||||
|
'secret_2_dict': dict(algorithm="algorithm2"),
|
||||||
|
'query_dict': dict(alg="algorithm1")
|
||||||
|
},
|
||||||
|
'query_by_mode': {
|
||||||
|
'secret_1_dict': dict(mode="mode1"),
|
||||||
|
'secret_2_dict': dict(mode="mode2"),
|
||||||
|
'query_dict': dict(mode="mode1")
|
||||||
|
},
|
||||||
|
'query_by_bit_length': {
|
||||||
|
'secret_1_dict': dict(bit_length=1024),
|
||||||
|
'secret_2_dict': dict(bit_length=2048),
|
||||||
|
'query_dict': dict(bits=1024)
|
||||||
|
},
|
||||||
|
'query_by_secret_type': {
|
||||||
|
'secret_1_dict': dict(secret_type=ss.SecretType.SYMMETRIC),
|
||||||
|
'secret_2_dict': dict(secret_type=ss.SecretType.OPAQUE),
|
||||||
|
'query_dict': dict(secret_type=ss.SecretType.SYMMETRIC)
|
||||||
|
},
|
||||||
|
})
|
||||||
|
@testcase.attr('positive')
|
||||||
|
def test_secret_list_with_filter(self, secret_1_dict, secret_2_dict,
|
||||||
|
query_dict):
|
||||||
|
secret_1 = secret_models.SecretModel(**secret_1_dict)
|
||||||
|
secret_2 = secret_models.SecretModel(**secret_2_dict)
|
||||||
|
|
||||||
|
self.behaviors.create_secret(secret_1)
|
||||||
|
self.behaviors.create_secret(secret_2)
|
||||||
|
|
||||||
|
resp, secrets_list, next_ref, prev_ref = self.behaviors.get_secrets(
|
||||||
|
**query_dict)
|
||||||
|
|
||||||
|
self.assertEqual(200, resp.status_code)
|
||||||
|
self.assertEqual(1, len(secrets_list))
|
||||||
|
|
||||||
|
|
||||||
class SecretsPagingTestCase(base.PagingTestCase):
|
class SecretsPagingTestCase(base.PagingTestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
@ -1111,7 +1158,7 @@ class SecretsPagingTestCase(base.PagingTestCase):
|
|||||||
|
|
||||||
def get_resources(self, limit=10, offset=0, filter=None):
|
def get_resources(self, limit=10, offset=0, filter=None):
|
||||||
return self.behaviors.get_secrets(limit=limit, offset=offset,
|
return self.behaviors.get_secrets(limit=limit, offset=offset,
|
||||||
filter=filter)
|
name=filter)
|
||||||
|
|
||||||
def set_filter_field(self, unique_str, model):
|
def set_filter_field(self, unique_str, model):
|
||||||
'''Set the name field which we use in the get_resources '''
|
'''Set the name field which we use in the get_resources '''
|
||||||
|
@ -32,7 +32,7 @@ coverage combine
|
|||||||
coverage report -m
|
coverage report -m
|
||||||
|
|
||||||
# run the tests in parallel
|
# run the tests in parallel
|
||||||
SKIP=^\(\?\!\.\*\(ProjectQuotasPagingTestCase\|QuotaEnforcementTestCase\|ListingCAsTestCase\|ProjectCATestCase\|GlobalPreferredCATestCase\|CertificateAuthoritiesTestCase\)\)
|
SKIP=^\(\?\!\.\*\(ProjectQuotasPagingTestCase\|QuotaEnforcementTestCase\|ListingCAsTestCase\|ProjectCATestCase\|GlobalPreferredCATestCase\|CertificateAuthoritiesTestCase\|ListingSecretsTestCase\)\)
|
||||||
testr init
|
testr init
|
||||||
testr run $SKIP --parallel --subunit | subunit-trace --no-failure-debug -f
|
testr run $SKIP --parallel --subunit | subunit-trace --no-failure-debug -f
|
||||||
retval=$(($retval || $?))
|
retval=$(($retval || $?))
|
||||||
|
Loading…
Reference in New Issue
Block a user