Change exception when store plugin is misconfigured

If we try to get a plugin that supports the "retrieve" and "delete" operations and the plugin is not there, is is probably due to a server misconfiguration, since the plugin name is gotten from the metadata from the database; And if it was there in the first place, it means that it once was actually able to store that secret using a valid plugin. Thus, a new exception is raised if this is the case. Change-Id: I2be8b9dd17a7bd12f10e55945b09257fce616f3d Closes-Bug: #1416075
2015-02-01 19:46:32 +02:00
parent 87c339ac4c
commit b1effb65a6
2 changed files with 32 additions and 1 deletions
--- a/barbican/plugin/interface/secret_store.py
+++ b/barbican/plugin/interface/secret_store.py
@@ -152,6 +152,12 @@ class SecretStorePluginsNotConfigured(exception.BarbicanException):
        )


+class StorePluginNotAvailableOrMisconfigured(exception.BarbicanException):
+    message = u._("The requested Store Plugin %(plugin_name) is not "
+                  "currently available. This is probably a server "
+                  "misconfiguration.")
+
+
 class SecretType(object):

    """Constant to define the symmetric key type.
@@ -470,13 +476,22 @@ class SecretStorePluginManager(named.NamedExtensionManager):
    def get_plugin_retrieve_delete(self, plugin_name):
        """Gets a secret retrieve/delete plugin.

+        If this function is being called, it is because we are trying to
+        retrieve or delete an already stored secret. Thus, the plugin name is
+        actually gotten from the plugin metadata that has already been stored
+        in the database. So, in this case, if this plugin is not available,
+        this might be due to a server misconfiguration.
+
        :returns: SecretStoreBase plugin implementation
+        :raises: StorePluginNotAvailableOrMisconfigured: If the plugin wasn't
+                 found it's because the plugin parameters were not properly
+                 configured on the database side.
        """

        for ext in self.extensions:
            if utils.generate_fullname_for(ext.obj) == plugin_name:
                return ext.obj
-        raise SecretStorePluginNotFound(plugin_name)
+        raise StorePluginNotAvailableOrMisconfigured(plugin_name)

    @_enforce_extensions_configured
    def get_plugin_generate(self, key_spec):
--- a/barbican/tests/plugin/interface/test_secret_store.py
+++ b/barbican/tests/plugin/interface/test_secret_store.py
@@ -205,6 +205,22 @@ class WhenTestingSecretStorePluginManager(utils.BaseTestCase):
            transport_key_needed=True,
        )

+    @mock.patch('barbican.common.utils.generate_fullname_for')
+    def test_get_retrieve_plugin_raises_when_not_available(
+            self, generate_full_name_for):
+        plugin = TestSecretStore([str.KeyAlgorithm.AES])
+        plugin_mock = mock.MagicMock(obj=plugin)
+        self.manager.extensions = [plugin_mock]
+
+        generate_full_name_for.return_value = "another plugin name"
+        plugin_name = 'plugin name searched for'
+
+        self.assertRaises(
+            str.StorePluginNotAvailableOrMisconfigured,
+            self.manager.get_plugin_retrieve_delete,
+            plugin_name=plugin_name,
+        )
+
    def test_get_store_plugin_with_tkey_and_supports_storage(self):
        plugin1 = TestSecretStore([str.KeyAlgorithm.AES])
        plugin1_mock = mock.MagicMock(obj=plugin1)