openstack/deb-barbican
Code Issues Proposed changes

Fixing remaining hacking violations

Browse Source 
The cleans up all remaining hacking violations and updates the test-
requirements to the latest approved version of hacking so we don't
regress on violations again.

Deleted several duplicated test cases (so I didn't have to fix the
hacking violations in them):

* test_secret_create_nones_blank_name_and_valid_content_type
* test_secret_get_defaults_none_as_bit_length
* test_secret_create_defaults_null_name

Change-Id: I21c7af4160c62222af0e54b947e301bc900250e6
This commit is contained in:
John Vrbanac
2014-11-08 06:14:31 -06:00
parent f80074fd0e
commit 4fd63b29a1
30 changed files with 184 additions and 246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
barbican/model/migration/alembic_migrations/env.py
View File

@@ -33,7 +33,7 @@ except Exception:
# for the rest of this applicaton, so please do not use it!
# Interpret the config file for Python logging.
# This line sets up loggers basically.
#fileConfig(config.config_file_name)
# fileConfig(config.config_file_name)
# add your model's MetaData object here
# for 'autogenerate' support
@@ -48,8 +48,8 @@ target_metadata = models.BASE.metadata
def get_sqlalchemy_url():
return config.barbican_sqlalchemy_url or config \
.get_main_option("sqlalchemy.url")
return (config.barbican_sqlalchemy_url or
config.get_main_option("sqlalchemy.url"))
def run_migrations_offline():

16
barbican/model/repositories.py
View File

@@ -562,8 +562,7 @@ class BaseRepo(object):
setattr(entity_ref, k, values[k])
def _build_get_project_entities_query(self, project_id, session):
"""Sub-class hook: build a query to retrieve entities for a given
project.
"""Sub-class hook: build a query to retrieve entities for a project.
:param project_id: id of barbican project entity
:param session: existing db session reference.
@@ -660,8 +659,7 @@ class ProjectRepo(BaseRepo):
return entity
def _build_get_project_entities_query(self, project_id, session):
"""Builds query for retrieving project for given id.
"""
"""Builds query for retrieving project for given id."""
return session.query(models.Tenant).filter_by(id=project_id).filter_by(
deleted=False)
@@ -757,8 +755,9 @@ class SecretRepo(BaseRepo):
pass
def _build_get_project_entities_query(self, project_id, session):
"""Builds query for retrieving Secrets associated with a given
project via TenantSecret association.
"""Builds query for retrieving Secrets associated with a given project
Discovery is done via a TenantSecret association.
:param project_id: id of barbican project entity
:param session: existing db session reference.
@@ -907,8 +906,9 @@ class KEKDatumRepo(BaseRepo):
pass
def _build_get_project_entities_query(self, project_id, session):
"""Builds query for retrieving KEK Datum instance(s) related to given
project.
"""Builds query for retrieving KEK Datum instance(s).
The returned KEK Datum instance(s) are related to a given project.
:param project_id: id of barbican project entity
:param session: existing db session reference.

1
barbican/plugin/crypto/crypto.py
View File

@@ -14,7 +14,6 @@
import abc
from oslo.config import cfg
import six
from barbican.common import exception

17
barbican/plugin/dogtag.py
View File

@@ -19,7 +19,6 @@ import uuid
from Crypto.PublicKey import RSA
from Crypto.Util import asn1
from oslo.config import cfg
import pki
import pki.cert
import pki.client
@@ -273,9 +272,9 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
pub_seq[:] = key_info.public_key
recovered_key = (
("%s\n%s%s" %
(DogtagKRAPlugin.DSA_PUBLIC_KEY_HEADER,
pub_seq.encode().encode("base64"),
DogtagKRAPlugin.DSA_PUBLIC_KEY_FOOTER)
(DogtagKRAPlugin.DSA_PUBLIC_KEY_HEADER,
pub_seq.encode().encode("base64"),
DogtagKRAPlugin.DSA_PUBLIC_KEY_FOOTER)
).encode('utf-8')
)
else:
@@ -296,9 +295,9 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
pub_seq[:] = key_data.data
recovered_key = (
("%s\n%s%s" %
(DogtagKRAPlugin.DSA_PRIVATE_KEY_HEADER,
pub_seq.encode().encode("base64"),
DogtagKRAPlugin.DSA_PRIVATE_KEY_FOOTER)
(DogtagKRAPlugin.DSA_PRIVATE_KEY_HEADER,
pub_seq.encode().encode("base64"),
DogtagKRAPlugin.DSA_PRIVATE_KEY_FOOTER)
).encode('utf-8')
)
else:
@@ -491,9 +490,7 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
meta_dict[DogtagKRAPlugin.SECRET_TYPE] = secret_dto.type
def _get_passphrase_for_a_private_key(self, secret_metadata, key_spec):
"""Retrieve the passphrase for the private key which is stored
in the KRA.
"""
"""Retrieve the passphrase for the private key stored in the KRA."""
secret_type = secret_metadata.get(DogtagKRAPlugin.SECRET_TYPE, None)
if secret_type is None:
return None

4
barbican/plugin/resources.py
View File

@@ -213,8 +213,8 @@ def generate_asymmetric_secret(spec, content_type,
# Create secret models to eventually save metadata to.
private_secret_model = models.Secret(spec)
public_secret_model = models.Secret(spec)
passphrase_secret_model = models.Secret(spec)\
if spec.get('passphrase') else None
passphrase_secret_model = (models.Secret(spec)
if spec.get('passphrase') else None)
# Generate the secret.
asymmetric_meta_dto = _generate_asymmetric_key(

4
barbican/plugin/store_crypto.py
View File

@@ -252,9 +252,7 @@ class StoreCryptoAdapterPlugin(object):
def _determine_generation_type(algorithm):
"""Determines the type (symmetric and asymmetric for now)
based on algorithm
"""
"""Determines the type based on algorithm."""
if not algorithm:
raise sstore.SecretAlgorithmNotSupportedException(algorithm)

4
barbican/plugin/util/mime_types.py
View File

@@ -97,9 +97,7 @@ def is_base64_processing_needed(content_type, content_encoding):
def use_binary_content_as_is(content_type, content_encoding):
"""Checks if content-type and content-encoding header (if present) is valid
to allow binary content as-is.
"""
"""Checks if headers are valid to allow binary content as-is."""
content_encodings = utils.get_accepted_encodings_direct(content_encoding)
if content_encodings:
if 'binary' not in content_encodings:

9
barbican/queue/__init__.py
View File

@@ -156,10 +156,11 @@ def get_notification_target():
fanout=True)
def get_notification_server(targets, endpoints,
serializer=None):
"""Notification server uses same transport configuration as used by other
barbican functionality like async order processing.
def get_notification_server(targets, endpoints, serializer=None):
"""Retrieve notification server
This Notification server uses same transport configuration as used by
other barbican functionality like async order processing.
Assumption is that messaging infrastructure is going to be shared (same)
among different barbican features.

15
barbican/queue/keystone_listener.py
View File

@@ -28,8 +28,7 @@ LOG = utils.getLogger(__name__)
class NotificationTask(object):
"""Notification task which exposes the API for consuming priority based
notifications.
"""Task which exposes the API for consuming priority based notifications.
The Oslo notification framework delivers notifications based on priority to
matching callback APIs as defined in its notification listener endpoint
@@ -97,8 +96,10 @@ class NotificationTask(object):
return None # in case event is not project delete
def _parse_event_type(self, event_type):
"""Parses event type provided as part of notification to identify what
operation is performed and on which Keystone resource.
"""Parses event type provided as part of notification.
Parses to identify what operation is performed and on which Keystone
resource.
A few event type sample values are provided below::
identity.project.deleted
@@ -128,8 +129,10 @@ class NotificationTask(object):
class MessageServer(NotificationTask, service.Service):
"""Server to retrieve messages from queue used by Keystone to send public
notifications for openstack service consumption.
"""Server to retrieve messages from queue used by Keystone.
This is used to send public notifications for openstack service
consumption.
This server is an Oslo notification server that exposes set of standard
APIs for events consumption based on event priority.

1
barbican/tasks/certificate_resources.py
View File

@@ -16,7 +16,6 @@
from barbican.common import hrefs
import barbican.common.utils as utils
from barbican.model import models
from barbican.plugin.interface import certificate_manager as cert
from barbican.plugin import resources as plugin

6
barbican/tasks/keystone_consumer.py
View File

@@ -27,8 +27,7 @@ LOG = utils.getLogger(__name__)
class KeystoneEventConsumer(resources.BaseTask):
"""Keystone event consumer listening for notifications sent by Keystone
deployment.
"""Event consumer listening for notifications sent by Keystone deployment.
Currently this processes only Keystone project delete event.
"""
@@ -90,8 +89,7 @@ class KeystoneEventConsumer(resources.BaseTask):
def handle_cleanup(self, project, project_id=None, resource_type=None,
operation_type=None):
"""Handle Barbican resources cleanup needed as part of Keystone project
delete.
"""Cleans up Barbican resources needed for Keystone project delete.
:param project: Barbican project entity which is retrieved by project
id available in Keystone notification.

19
barbican/tests/api/test_resources.py
View File

@@ -25,6 +25,7 @@ import urllib
import mock
import pecan
from six import moves
import webtest
from barbican import api
@@ -408,8 +409,9 @@ class BaseSecretsResource(FunctionalTest):
'4 evenly, due to base64 encoding.')
big_text = ''.join(['A' for x
in xrange(validators.DEFAULT_MAX_SECRET_BYTES -
8)])
in moves.range(
validators.DEFAULT_MAX_SECRET_BYTES - 8)
])
self.secret_req = {'name': self.name,
'algorithm': self.secret_algorithm,
@@ -425,8 +427,9 @@ class BaseSecretsResource(FunctionalTest):
def _test_should_raise_due_to_payload_too_large(self):
big_text = ''.join(['A' for x
in xrange(validators.DEFAULT_MAX_SECRET_BYTES +
10)])
in moves.range(
validators.DEFAULT_MAX_SECRET_BYTES + 10)
])
self.secret_req = {'name': self.name,
'algorithm': self.secret_algorithm,
@@ -742,7 +745,7 @@ class WhenGettingSecretsListUsingSecretsResource(FunctionalTest):
self.secrets = [create_secret(id_ref='id' + str(id),
**secret_params) for
id in xrange(self.num_secrets)]
id in moves.range(self.num_secrets)]
self.total = len(self.secrets)
self.secret_repo = mock.MagicMock()
@@ -1383,7 +1386,7 @@ class WhenGettingPuttingOrDeletingSecretUsingSecretResource(FunctionalTest):
self.assertEqual(resp.status_int, 400)
def test_should_raise_due_to_plain_text_too_large(self):
big_text = ''.join(['A' for x in xrange(
big_text = ''.join(['A' for x in moves.range(
2 * validators.DEFAULT_MAX_SECRET_BYTES)])
self.secret.encrypted_data = []
@@ -1584,7 +1587,7 @@ class WhenGettingOrdersListUsingOrdersResource(FunctionalTest):
self.orders = [create_order_with_meta(id_ref='id' + str(id),
order_type='key',
meta=order_meta) for
id in xrange(self.num_orders)]
id in moves.range(self.num_orders)]
self.total = len(self.orders)
self.order_repo = mock.MagicMock()
self.order_repo.get_by_create_date.return_value = (self.orders,
@@ -2419,7 +2422,7 @@ class WhenGettingContainersListUsingResource(FunctionalTest):
self.limit = 2
self.containers = [create_container(id_ref='id' + str(id_ref)) for
id_ref in xrange(self.num_containers)]
id_ref in moves.range(self.num_containers)]
self.total = len(self.containers)
self.container_repo = mock.MagicMock()
self.container_repo.get_by_create_date.return_value = (self.containers,

3
barbican/tests/api/test_transport_keys_resource.py
View File

@@ -20,6 +20,7 @@ transport key resource classes.
import mock
import pecan
from six import moves
import webtest
from barbican.api import app
@@ -130,7 +131,7 @@ class WhenGettingTransKeysListUsingTransportKeysResource(FunctionalTest):
self.tkeys = [create_transport_key(
id_ref='id' + str(tkid), **tk_params)
for tkid in xrange(self.num_keys)]
for tkid in moves.range(self.num_keys)]
self.total = len(self.tkeys)
self.repo = mock.MagicMock()
self.repo.get_by_create_date.return_value = (self.tkeys,

2
barbican/tests/plugin/test_kmip.py
View File

@@ -12,9 +12,9 @@
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import socket
import mock
import socket
import testtools
from barbican.plugin.interface import secret_store

47
barbican/tests/plugin/test_resource.py
View File

@@ -12,12 +12,12 @@
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import mock
import testtools
import barbican.model.repositories as repo
from barbican.plugin.interface import secret_store
from barbican.plugin import resources
import mock
import testtools
class WhenTestingPluginResource(testtools.TestCase):
@@ -34,8 +34,8 @@ class WhenTestingPluginResource(testtools.TestCase):
asymmetric_meta_dto = secret_store.AsymmetricKeyMetadataDTO()
# Mock plug-in
self.generate_plugin = mock.MagicMock()
self.generate_plugin.generate_asymmetric_key.return_value =\
asymmetric_meta_dto
self.generate_plugin.generate_asymmetric_key.return_value = (
asymmetric_meta_dto)
gen_plugin_config = {
'return_value.get_plugin_generate.return_value':
@@ -62,25 +62,26 @@ class WhenTestingPluginResource(testtools.TestCase):
secret_meta_repo = mock.MagicMock()
secret_meta_repo.create_from.return_value = None
self.repos = repo.Repositories(container_repo=container_repo,
container_secret_repo=
container_secret_repo,
project_repo=project_repo,
secret_repo=secret_repo,
project_secret_repo=project_secret_repo,
secret_meta_repo=secret_meta_repo)
self.repos = repo.Repositories(
container_repo=container_repo,
container_secret_repo=container_secret_repo,
project_repo=project_repo,
secret_repo=secret_repo,
project_secret_repo=project_secret_repo,
secret_meta_repo=secret_meta_repo
)
def tearDown(self):
super(WhenTestingPluginResource, self).tearDown()
def test_generate_asymmetric_with_passphrase(self):
"""test asymmetric secret generation with passphrase."""
secret_container = \
self.plugin_resource.\
generate_asymmetric_secret(self.spec,
self.content_type,
self.project_model,
self.repos)
secret_container = self.plugin_resource.generate_asymmetric_secret(
self.spec,
self.content_type,
self.project_model,
self.repos
)
self.assertEqual("rsa", secret_container.type)
self.assertEqual(self.generate_plugin.
@@ -94,12 +95,12 @@ class WhenTestingPluginResource(testtools.TestCase):
"""test asymmetric secret generation without passphrase."""
del self.spec['passphrase']
secret_container =\
self.plugin_resource.\
generate_asymmetric_secret(self.spec,
self.content_type,
self.project_model,
self.repos)
secret_container = self.plugin_resource.generate_asymmetric_secret(
self.spec,
self.content_type,
self.project_model,
self.repos
)
self.assertEqual("rsa", secret_container.type)
self.assertEqual(self.generate_plugin.generate_asymmetric_key.

1
barbican/tests/plugin/test_store_crypto.py
View File

@@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
import base64
import mock
import testtools

4
barbican/tests/queue/test_keystone_listener.py
View File

@@ -12,12 +12,12 @@
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import mock
import six
import uuid
import mock
from oslo.config import cfg
from oslo import messaging
import six
from barbican.openstack.common import service
from barbican import queue

4
barbican/tests/tasks/test_keystone_consumer.py
View File

@@ -12,11 +12,11 @@
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import mock
import sqlalchemy
import uuid
import mock
from oslo.config import cfg
import sqlalchemy
from barbican.common import exception
from barbican.common import resources as c_resources

4
doc/source/conf.py
View File

@@ -22,7 +22,7 @@ sys.path.insert(0, os.path.abspath('../..'))
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
extensions = [
'sphinx.ext.autodoc',
#'sphinx.ext.intersphinx',
# 'sphinx.ext.intersphinx',
'oslosphinx'
]
@@ -73,4 +73,4 @@ latex_documents = [
]
# Example configuration for intersphinx: refer to the Python standard library.
#intersphinx_mapping = {'http://docs.python.org/': None}
# intersphinx_mapping = {'http://docs.python.org/': None}

6
functionaltests/api/v1/behaviors/container_behaviors.py
View File

@@ -53,7 +53,8 @@ class ContainerBehaviors(base_behaviors.BaseBehaviors):
return resp
def get_containers(self, limit=10, offset=0, extra_headers=None):
"""Handles getting a list of containers
"""Handles getting a list of containers.
:param limit: limits number of returned containers
:param offset: represents how many records to skip before retrieving
the list
@@ -75,7 +76,8 @@ class ContainerBehaviors(base_behaviors.BaseBehaviors):
def delete_container(self, container_ref, extra_headers=None,
expected_fail=False):
"""Handles deleting a containers
"""Handles deleting a containers.
:param container_ref: Reference of the container to be deleted
:param extra_headers: Any additional headers needed.
:param expected_fail: If there is a negative test, this should be

9
functionaltests/api/v1/behaviors/secret_behaviors.py
View File

@@ -40,7 +40,8 @@ class SecretBehaviors(base_behaviors.BaseBehaviors):
def update_secret_payload(self, secret_ref, payload, payload_content_type,
payload_content_encoding):
"""Updates a secret's payload data
"""Updates a secret's payload data.
:param secret_ref: HATEOS ref of the secret to be deleted
:return: A request response object
"""
@@ -58,7 +59,8 @@ class SecretBehaviors(base_behaviors.BaseBehaviors):
return self.client.get(secret_ref, extra_headers=headers)
def get_secret_metadata(self, secret_ref):
"""Retrieves a secret's metadata
"""Retrieves a secret's metadata.
:param secret_ref: HATEOS ref of the secret to be retrieved
:return: A request response object
"""
@@ -66,7 +68,8 @@ class SecretBehaviors(base_behaviors.BaseBehaviors):
secret_ref, response_model_type=secret_models.SecretModel)
def get_secrets(self, limit=10, offset=0):
"""Handles getting a list of secrets
"""Handles getting a list of secrets.
:param limit: limits number of returned secrets
:param offset: represents how many records to skip before retrieving
the list

3
functionaltests/api/v1/functional/test_containers.py
View File

@@ -14,13 +14,14 @@
# limitations under the License.
import copy
from testtools import testcase
from barbican.tests import utils
from functionaltests.api import base
from functionaltests.api.v1.behaviors import container_behaviors
from functionaltests.api.v1.behaviors import secret_behaviors
from functionaltests.api.v1.models import container_models
from functionaltests.api.v1.models import secret_models
from testtools import testcase
create_container_data = {
"name": "containername",

15
functionaltests/api/v1/functional/test_orders.py
View File

@@ -64,10 +64,7 @@ class OrdersTestCase(base.TestCase):
@testcase.attr('positive')
def test_create_order_defaults_wout_name(self):
"""When you attempt to create an order without the name attribute the
request appears to fail without a status code.
- Reported in Barbican GitHub Issue #93
"""
"""Create an order without the name attribute."""
# create order with no name
test_model = order_models.OrderModel(**order_create_defaults_data)
@@ -81,10 +78,7 @@ class OrdersTestCase(base.TestCase):
@testcase.attr('positive')
def test_create_order_defaults_w_empty_name(self):
"""When you attempt to create an order without the name attribute the
request appears to fail without a status code.
- Reported in Barbican GitHub Issue #93
"""
"""Create an order the name attribute an empty string."""
# create order with empty name
test_model = order_models.OrderModel(**order_create_defaults_data)
@@ -150,8 +144,9 @@ class OrdersTestCase(base.TestCase):
@testcase.attr('positive')
def test_create_order_defaults_check_empty_name(self):
"""Covers order creation with empty name and ensures that the
resulting secret is named correctly.
"""Create order with empty meta name.
The resulting secret name should be a UUID.
"""
# first create an order with defaults

208
functionaltests/api/v1/functional/test_secrets.py
View File

@@ -18,11 +18,12 @@ import binascii
import json
import sys
from testtools import testcase
from barbican.tests import utils
from functionaltests.api import base
from functionaltests.api.v1.behaviors import secret_behaviors
from functionaltests.api.v1.models import secret_models
from testtools import testcase
# TODO(tdink) Move to a config file
secret_create_defaults_data = {
@@ -84,8 +85,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_nones_content_type(self):
"""Checks that secret creation fails with content type but no payload
"""
"""Create secret with valid content type but no payload."""
test_model = secret_models.SecretModel(**secret_create_nones_data)
overrides = {"payload_content_type": "application/octet-stream"}
@@ -96,9 +96,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_check_content_types(self):
"""Covers checking that content types attribute is shown when secret
has encrypted data associated with it.
"""
"""Check that set content-type attribute is retained in metadata."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
resp, secret_ref = self.behaviors.create_secret(test_model)
@@ -119,31 +117,20 @@ class SecretsTestCase(base.TestCase):
resp, secret_ref = self.behaviors.create_secret(test_model)
self.assertEqual(resp.status_code, 201)
@testcase.attr('negative')
def test_secret_create_nones_blank_name_and_valid_content_type(self):
"""Fails since there is no payload
When a test is created with an empty name attribute, the
system should return the secret's UUID on a get
- Reported in Barbican GitHub Issue #89
"""
test_model = secret_models.SecretModel(**secret_create_nones_data)
overrides = {"name": "",
"payload_content_type": "application/json"}
test_model.override_values(**overrides)
resp, secret_ref = self.behaviors.create_secret(test_model)
self.assertEqual(resp.status_code, 400)
@testcase.attr('negative')
def test_secret_get_secret_doesnt_exist(self):
"""Covers getting a nonexistent secret."""
"""GET a non-existent secret.
Should return a 404.
"""
resp = self.behaviors.get_secret_metadata('not_a_uuid')
self.assertEqual(resp.status_code, 404)
@testcase.attr('negative')
def test_secret_delete_doesnt_exist(self):
"""Covers case of deleting a non-existent secret.
Should return 404.
"""DELETE a non-existent secret.
Should return a 404.
"""
resp = self.behaviors.delete_secret('not_a_uuid', expected_fail=True)
self.assertEqual(resp.status_code, 404)
@@ -160,7 +147,8 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_default_int_as_mode(self):
"""Covers case of creating a secret with an integer as the cypher type.
"""Create a secret with an integer as the cypher type.
Should return 400.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -172,7 +160,8 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_default_int_as_algorithm(self):
"""Covers case of creating a secret with an integer as the algorithm.
"""Create a secret with an integer as the algorithm.
Should return 400.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -184,9 +173,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_w_charset(self):
"""Covers creating a secret with text/plain; charset=utf-8 as content
type.
"""
"""Create a secret with text/plain; charset=utf-8 as content type."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"payload_content_type": 'text/plain; charset=utf-8',
"payload_content_encoding": None}
@@ -197,9 +184,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_defaults_bad_expiration_timezone(self):
"""Covers case of a malformed timezone being added to the expiration.
- Reported in Barbican GitHub Issue #134
"""
"""Create a expired secret with a malformed timezone."""
timestamp = utils.create_timestamp_w_tz_and_offset('-5:00', days=0)
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -211,10 +196,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_negative_hour_long_expiration(self):
"""Covers case of a malformed timezone being added to the expiration.
- Reported in Barbican GitHub Issue #134
:rtype : object
"""
"""Create a secret with a malformed timezone (-05:00 hours)."""
timestamp = utils.create_timestamp_w_tz_and_offset('-05:00', days=5)
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -226,10 +208,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_positive_hour_long_expiration(self):
"""Covers case of a malformed timezone being added to the expiration.
- Reported in Barbican GitHub Issue #134
:rtype : object
"""
"""Create a secret with a malformed timezone (+05:00 hours)."""
timestamp = utils.create_timestamp_w_tz_and_offset('+05:00', days=5)
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -241,10 +220,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_negative_hour_short_expiration(self):
"""Covers case of a malformed timezone being added to the expiration.
- Reported in Barbican GitHub Issue #134
:rtype : object
"""
"""Create a secret with a malformed timezone (-01 hours)."""
timestamp = utils.create_timestamp_w_tz_and_offset('-01', days=1)
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -256,10 +232,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_positive_hour_short_expiration(self):
"""Covers case of a malformed timezone being added to the expiration.
- Reported in Barbican GitHub Issue #134
:rtype : object
"""
"""Create a secret with a malformed timezone (+01 hours)."""
timestamp = utils.create_timestamp_w_tz_and_offset('+01', days=1)
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -271,7 +244,8 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_defaults_int_as_name(self):
"""Covers case of creating a secret with an integer as the name.
"""Create a secret with an integer as the name.
Should return 400.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -283,7 +257,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_invalid_algorithm(self):
"""Covers case of creating a secret with an invalid algorithm."""
"""Create a secret with an invalid algorithm."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"algorithm": 'invalid_algorithm'}
test_model.override_values(**overrides)
@@ -293,8 +267,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_defaults_invalid_expiration(self):
"""Covers creating secret with expiration that has already passed.
Should return 400.
"""Create a secret with an expiration that has already passed.
Should return a 400.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"expiration": '2000-01-10T14:58:52.546795'}
@@ -305,9 +280,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_max_secret_size(self):
"""Covers case of creating secret whose payload is the maximum size
allowed by Barbican.
"""
"""Create a secret with a maximum sized payload."""
large_string = str(bytearray().zfill(max_allowed_payload_in_bytes))
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -319,8 +292,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_nones_valid_content_type_and_encoding(self):
"""Covers creating secret with only content type and encoding, with
no payload. Should return 400.
"""Create a secret with only a type and encoding (without a payload).
Should return a 400.
"""
test_model = secret_models.SecretModel(**secret_create_nones_data)
overrides = {"payload_content_type": "application/octet-stream",
@@ -332,8 +306,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_creating_defaults_text_plain_mime_type_no_payload(self):
"""Covers case of attempting to create a secret with text/plain as
mime type, with no payload. Should result in 400
"""Create a secret with text/plain content type (without a payload).
Should return a 400.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"payload": None}
@@ -344,9 +319,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_text_plain_payload_content_type(self):
"""Covers case of attempting to create a secret with text/plain as
mime type
"""
"""Create a secret with text/plain content-type."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"payload_content_type": 'text/plain',
"payload_content_encoding": None}
@@ -357,8 +330,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_emptystrings(self):
"""Covers case of creating a secret with empty Strings for all
entries. Should return a 400.
"""Secret create with empty Strings for all attributes.
Should return a 400.
"""
test_model = secret_models.SecretModel(
**secret_create_emptystrings_data)
@@ -368,10 +342,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_empty_name(self):
"""When a test is created with an empty or null name attribute, the
system should return the secret's UUID on a get
- Reported in Barbican GitHub Issue #89
"""
"""Empty secret name should default to a UUID on GET."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"name": ''}
test_model.override_values(**overrides)
@@ -384,8 +355,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_create_defaults_invalid_content_type(self):
"""Covers case of creating secret with an invalid content type in
HTTP header. Should return 415.
"""Create secret with an invalid content type in HTTP header.
Should return a 415.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
headers = {"Content-Type": "crypto/boom"}
@@ -395,22 +367,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_create_defaults_none_as_bit_length(self):
"""When a test is created with None for the bit length attribute, the
system should successfully return the secret reference URI.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"bit_length": None}
test_model.override_values(**overrides)
resp, secret_ref = self.behaviors.create_secret(test_model)
self.assertEqual(resp.status_code, 201)
@testcase.attr('positive')
def test_secret_get_defaults_none_as_bit_length(self):
"""When a test is created with None for the bit length attribute, the
system should successfully return the secret reference URI.
A get on the secret should also return a None for bit length.
"""
"""Test that a Secret's bit_length is optional."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"bit_length": None}
test_model.override_values(**overrides)
@@ -422,27 +379,12 @@ class SecretsTestCase(base.TestCase):
self.assertEqual(get_resp.status_code, 200)
self.assertEqual(get_resp.model.bit_length, None)
@testcase.attr('positive')
def test_secret_create_defaults_null_name(self):
"""When a test is created with an empty or null name attribute, the
system should return the secret's UUID on a get
- Reported in Barbican GitHub Issue #89
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"name": None}
test_model.override_values(**overrides)
resp, secret_ref = self.behaviors.create_secret(test_model)
self.assertEqual(resp.status_code, 201)
get_resp = self.behaviors.get_secret_metadata(secret_ref)
self.assertIn(get_resp.model.name, secret_ref)
@testcase.attr('negative')
def test_secret_create_defaults_oversized_payload(self):
"""Covers creating a secret with a secret that is larger than
the max secret payload size. Should return a 413 if the secret
size is greater than the maximum allowed size.
"""Create a secret that is larger than the max payload size.
Should return a 413 if the secret size is greater than the
maximum allowed size.
"""
oversized_payload = max_allowed_payload_in_bytes + 1
data = str(bytearray().zfill(oversized_payload))
@@ -456,8 +398,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_doesnt_exist(self):
"""Covers case of putting secret information to a non-existent
secret. Should return 404.
"""PUT secret to a non-existent secret.
Should return 404.
"""
resp = self.behaviors.update_secret_payload(
secret_ref='not_a_uuid',
@@ -469,8 +412,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_defaults_data_already_exists(self):
"""Covers case of putting secret information to a secret that already
has encrypted data associated with it. Should return 409.
"""PUT against a secret that already has encrypted data.
Should return 409.
"""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
@@ -487,6 +431,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_two_phase_empty_payload(self):
"""Covers case of putting empty String to a secret.
Should return 400.
"""
test_model = secret_models.SecretModel(**secret_create_two_phase_data)
@@ -503,9 +448,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_two_phase_invalid_content_type(self):
"""Covers case of putting secret information with an
invalid content type. Should return 415.
- Reported in Barbican Launchpad Bug #1208601
"""PUT with an invalid content type. Should return 415.
Launchpad bug #1208601
- Updated in Barbican blueprint barbican-enforce-content-type
"""
test_model = secret_models.SecretModel(**secret_create_two_phase_data)
@@ -523,6 +468,7 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_two_phase_no_payload(self):
"""Covers case of putting null String to a secret.
Should return 400.
"""
test_model = secret_models.SecretModel(**secret_create_two_phase_data)
@@ -538,9 +484,10 @@ class SecretsTestCase(base.TestCase):
self.assertEqual(put_resp.status_code, 400)
@testcase.attr('negative')
def test_secret_put_two_phase_w_oversized_binary_data_no_utf8(self):
"""Covers case of putting an oversized string with binary data that
doesn't contain UTF-8 code points. This tests bug 1315498.
def test_secret_put_two_phase_w_oversized_binary_data_not_utf8(self):
"""PUT with an oversized binary string that isn't UTF-8.
Launchpad bug #1315498.
"""
data = bytearray().zfill(max_allowed_payload_in_bytes + 1)
@@ -562,7 +509,9 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('negative')
def test_secret_put_two_phase_oversized_payload(self):
"""Covers case of putting secret data that is larger than the maximum
"""PUT with oversized payload should return 413.
Covers the case of putting secret data that is larger than the maximum
secret size allowed by Barbican. Beyond that it should return 413.
"""
data = bytearray().zfill(max_allowed_payload_in_bytes + 1)
@@ -580,9 +529,10 @@ class SecretsTestCase(base.TestCase):
self.assertEqual(put_resp.status_code, 413)
@testcase.attr('positive')
def test_secret_put_two_phase_valid_binary_data_no_utf8(self):
"""Covers case of putting a string with binary data that doesn't
contain UTF-8 code points. This tests bug 1315498.
def test_secret_put_two_phase_valid_binary_data_not_utf8(self):
"""A string with binary data that doesn't contain UTF-8 code points.
Launchpad bug #1315498.
"""
# put a value in the data that does not have a UTF-8 code point.
data = b'\xb0'
@@ -601,8 +551,8 @@ class SecretsTestCase(base.TestCase):
@testcase.attr('positive')
def test_secret_put_two_phase_high_range_unicode_character(self):
"""Ensure a two step secret creation succeeds with Content-Type
application/octet-stream and a high range unicode character.
"""Tests a high-range unicode character on a two-step PUT.
Launchpad bug #1315498
"""
data = u'\U0001F37A'
@@ -638,11 +588,7 @@ class SecretsTestCase(base.TestCase):
binascii.b2a_base64(get_resp.content))
def test_secret_create_defaults_bad_content_type_check_message(self):
"""will create a secret with an "invalid" content type
(plain-text, rather than text/plain). This will result in
an error, and we need to ensure that the error msg is
reasonable.
"""
"""Verifying the returned error message matches the expected form."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
overrides = {"payload_content_type": 'plain-text'}
test_model.override_values(**overrides)
@@ -661,8 +607,6 @@ class SecretsTestCase(base.TestCase):
"'application/octet-stream'", resp_dict['description'])
self.assertIn("Bad Request", resp_dict['title'])
#Data Driven Tests
@utils.parameterized_dataset({
'str_type': ['not-an-int'],
'empty': [''],
@@ -766,9 +710,7 @@ class SecretsTestCase(base.TestCase):
})
@testcase.attr('negative')
def test_secret_create_defaults(self, **kwargs):
"""Covers cases of creating a secret with invalid payload
content type and payload encoding.
"""
"""Creating a secret with invalid payload types and encodings."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
test_model.override_values(**kwargs)
@@ -842,9 +784,7 @@ class SecretsTestCase(base.TestCase):
})
@testcase.attr('positive')
def test_secret_create_defaults_normalize(self, **kwargs):
"""Covers creating secret with various valid combinations of
content types and encodings.
"""
"""Creates a secret with various content types and encodings."""
test_model = secret_models.SecretModel(**secret_create_defaults_data)
test_model.override_values(**kwargs)
payload_content_encoding = test_model.payload_content_encoding

8
functionaltests/api/v1/smoke/test_containers.py
View File

@@ -141,9 +141,7 @@ class ContainersTestCase(base.TestCase):
@testcase.attr('positive')
def test_container_create_rsa(self):
"""Covers creating an rsa container with references to a public key,
a private key, and a passphrase.
"""
"""Create an RSA container with expected secret refs."""
test_model = container_models.ContainerModel(
**create_container_rsa_data)
@@ -166,7 +164,7 @@ class ContainersTestCase(base.TestCase):
get_resp = self.behaviors.get_container(container_ref)
# Verify the response data
# Verify the response data
self.assertEqual(get_resp.status_code, 200)
self.assertEqual(get_resp.model.name, "containername")
self.assertEqual(get_resp.model.container_ref, container_ref)
@@ -229,7 +227,7 @@ class ContainersTestCase(base.TestCase):
self.assertIsNotNone(next_ref)
def test_container_delete_defaults(self):
"""Covers deleting a container"""
"""Covers deleting a container."""
test_model = container_models.ContainerModel(
**create_container_defaults_data)

3
functionaltests/api/v1/smoke/test_orders.py
View File

@@ -62,8 +62,7 @@ class OrdersTestCase(base.TestCase):
@testcase.attr('positive')
def test_create_order_defaults(self):
"""Covers simple order creation.
"""
"""Covers simple order creation."""
# first create an order
test_model = order_models.OrderModel(**order_create_defaults_data)

1
functionaltests/api/v1/smoke/test_secrets.py
View File

@@ -13,6 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
import binascii
from testtools import testcase
from functionaltests.api import base

4
functionaltests/api/v1/smoke/test_versions.py
View File

@@ -18,7 +18,7 @@ from functionaltests.api import base
class VersionDiscoveryTestCase(base.TestCase):
def test_version_get_as_unauthenticated(self):
"""Covers retrieving version as unauthenticated user"""
"""Covers retrieving version as unauthenticated user."""
self._do_version_test(use_auth=False)
def test_version_get_as_authenticated(self):
@@ -26,7 +26,7 @@ class VersionDiscoveryTestCase(base.TestCase):
self._do_version_test(use_auth=True)
def _do_version_test(self, use_auth=False):
"""Get version string with or without authentication
"""Get version string with or without authentication.
:param use_auth: True to use authentication, False otherwise. Default
is False

2
test-requirements.txt
View File

@@ -3,7 +3,7 @@
# process, which may cause wedges in the gate later.
coverage>=3.6
discover
hacking>=0.8.0,<0.9
hacking>=0.9.2,<0.10
mock>=1.0
oslotest>=1.2.0 # Apache-2.0
testrepository>=0.0.18

4
tox.ini
View File

@@ -37,7 +37,7 @@ commands = {posargs}
basepython = python3
install_command = /bin/echo {packages}
commands =
pip install "hacking>=0.8.0,<0.9"
pip install "hacking>=0.9.2,<0.10"
flake8 barbican setup.py
[testenv:docs]
@@ -57,5 +57,5 @@ commands = nosetests {toxinidir}/functionaltests
[flake8]
# E711 ignored because of sqlalchemy override of == None
ignore = E711
exclude = .git,.idea,.tox,bin,dist,debian,rpmbuild,tools,*.egg-info,*openstack/common,contrib,
exclude = .git,.idea,.tox,bin,dist,debian,rpmbuild,tools,*.egg-info,*.eggs,*openstack/common,contrib,
functionaltests,*alembic_migrations/versions,*docs/target