x
/
poppy
Code Issues Proposed changes

feat: Allow disabling/enabling san cert 

Change-Id: Ia48622ce4d45f47949f67a0305039e16059978ef
This commit is contained in:
Tony Tan 2016-03-16 14:26:49 -05:00
parent 7a02b99bb9
commit a01d0923b9
11 changed files with 76 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
poppy/manager/default/ssl_certificate.py
View File

@ -267,7 +267,8 @@ class DefaultSSLCertificateController(base.SSLCertificateController):
return res
def update_san_cert_configuration(self, san_cert_name, new_spsId):
def update_san_cert_configuration(self, san_cert_name,
new_cert_config):
if 'akamai' in self._driver.providers:
akamai_driver = self._driver.providers['akamai'].obj
if san_cert_name not in akamai_driver.san_cert_cnames:
@ -276,7 +277,7 @@ class DefaultSSLCertificateController(base.SSLCertificateController):
(san_cert_name, akamai_driver.san_cert_cnames))
akamai_driver = self._driver.providers['akamai'].obj
res = akamai_driver.san_info_storage.update_cert_config(
san_cert_name, new_spsId)
san_cert_name, new_cert_config)
else:
# if not using akamai driver just return an empty list
res = {}

43
poppy/provider/akamai/san_info_storage/cassandra_storage.py
View File

@ -247,6 +247,7 @@ class CassandraSanInfoStorage(base.BaseAkamaiSanInfoStorage):
issuer = the_san_cert_info.get("issuer")
ipVersion = the_san_cert_info.get("ipVersion")
slot_deployment_klass = the_san_cert_info.get("slot_deployment_klass")
enabled = the_san_cert_info.get("enabled", True)
res = {
# This will always be the san cert name
@ -256,6 +257,7 @@ class CassandraSanInfoStorage(base.BaseAkamaiSanInfoStorage):
'createType': 'modSan',
'ipVersion': ipVersion,
'slot-deployment.class': slot_deployment_klass,
'enabled': enabled,
'product': 'ion_premier'
}
@ -270,10 +272,36 @@ class CassandraSanInfoStorage(base.BaseAkamaiSanInfoStorage):
res['spsId'] = str(self.get_cert_last_spsid(san_cert_name))
return res
def update_cert_config(self, san_cert_name, new_spsId):
self.save_cert_last_spsid(san_cert_name, new_spsId)
def update_cert_config(self, san_cert_name, new_cert_config):
self.save_cert_config(san_cert_name, new_cert_config)
return self.get_cert_config(san_cert_name)
def save_cert_config(self, san_cert_name, new_cert_config):
san_info = self._get_akamai_san_certs_info()
the_san_cert_info = san_info.get(
san_cert_name
)
if the_san_cert_info is None:
raise ValueError('No san cert info found for %s.' % san_cert_name)
the_san_cert_info.update(new_cert_config)
san_info[san_cert_name] = the_san_cert_info
# Change the previous san info in the overall provider_info dictionary
provider_info = dict(self._get_akamai_provider_info()['info'])
provider_info['san_info'] = json.dumps(san_info)
stmt = query.SimpleStatement(
UPDATE_PROVIDER_INFO,
consistency_level=self.consistency_level)
args = {
'provider_name': 'akamai',
'info': provider_info
}
self.session.execute(stmt, args)
def save_cert_last_spsid(self, san_cert_name, sps_id_value):
san_info = self._get_akamai_san_certs_info()
the_san_cert_info = san_info.get(
@ -311,6 +339,17 @@ class CassandraSanInfoStorage(base.BaseAkamaiSanInfoStorage):
spsId = the_san_cert_info.get('spsId')
return spsId
def get_enabled_status(self, san_cert_name):
the_san_cert_info = self._get_akamai_san_certs_info().get(
san_cert_name
)
if the_san_cert_info is None:
raise ValueError('No san cert info found for %s.' % san_cert_name)
enabled = the_san_cert_info.get('enabled', True)
return enabled
def update_san_info(self, san_info_dict):
provider_info = {}
provider_info['san_info'] = json.dumps(san_info_dict)

7
poppy/provider/akamai/services.py
View File

@ -583,6 +583,13 @@ class ServiceController(base.ServiceBase):
})
for san_cert_name in self.san_cert_cnames:
enabled = (
self.san_info_storage.get_enabled_status(
san_cert_name
)
)
if not enabled:
continue
lastSpsId = (
self.san_info_storage.get_cert_last_spsid(
san_cert_name

3
poppy/transport/pecan/controllers/v1/admin.py
View File

@ -197,12 +197,11 @@ class AkamaiSanCertConfigController(base.Controller, hooks.HookController):
stoplight_helpers.pecan_getter))
def post(self, san_cert_name):
config_json = json.loads(pecan.request.body.decode('utf-8'))
new_spsId = config_json['spsId']
try:
res = (
self._driver.manager.ssl_certificate_controller.
update_san_cert_configuration(san_cert_name, new_spsId))
update_san_cert_configuration(san_cert_name, config_json))
except Exception as e:
pecan.abort(400, str(e))

6
poppy/transport/validators/schemas/ssl_certificate.py
View File

@ -96,8 +96,10 @@ class SSLCertificateSchema(schema_base.SchemaBase):
'spsId': {
'type': 'integer',
# we cannot have 0 or negative spsId
'minimum': 1,
'required': True
'minimum': 1
},
'enabled': {
'type': 'boolean'
}
}
}

10
tests/api/ssl_certificate/test_get_set_cert_info.py
View File

@ -24,7 +24,7 @@ class TestGetSetSanCertInfo(base.TestBase):
def setUp(self):
super(TestGetSetSanCertInfo, self).setUp()
self.san_cert_name_poisitve = (
self.san_cert_name_positive = (
self.akamai_config.san_certs_name_positive
)
@ -41,7 +41,7 @@ class TestGetSetSanCertInfo(base.TestBase):
def test_get_san_cert_positive(self):
resp = self.client.view_certificate_info(
self.san_cert_name_poisitve
self.san_cert_name_positive
)
self.assertTrue('spsId' in resp.json())
@ -53,9 +53,11 @@ class TestGetSetSanCertInfo(base.TestBase):
' be run when commanded')
resp = self.client.update_certificate_info(
self.san_cert_name_poisitve,
spsId=random.randint(1000, 2000)
self.san_cert_name_positive,
spsId=random.randint(1000, 2000),
enabled=True
)
self.assertTrue('spsId' in resp.json())
self.assertTrue('enabled' in resp.json())
self.assertEqual(resp.status_code, 200)

4
tests/api/utils/client.py
View File

@ -538,6 +538,7 @@ class PoppyClient(client.AutoMarshallingHTTPClient):
def update_certificate_info(self,
san_cert_name,
spsId=None,
enabled=True,
requestslib_kwargs=None):
"""Update SSL Certificate Info
@ -552,7 +553,8 @@ class PoppyClient(client.AutoMarshallingHTTPClient):
self.url, san_cert_name)
request_object = requests.PutSanCertConfigInfo(
spsId=spsId)
spsId=spsId,
enabled=enabled)
return self.request('POST', url,
request_entity=request_object,

6
tests/api/utils/models/requests.py
View File

@ -176,13 +176,15 @@ class CreateSSLCertificate(base.AutoMarshallingModel):
class PutSanCertConfigInfo(base.AutoMarshallingModel):
"""Marshalling for Create SSL Certificate requests."""
def __init__(self, spsId=None):
def __init__(self, spsId=None, enabled=True):
super(PutSanCertConfigInfo, self).__init__()
self.spsId = spsId
self.enabled = enabled
def _obj_to_json(self):
put_san_cert_info_request = {
"spsId": self.spsId
"spsId": self.spsId,
"enabled": self.enabled
}
return json.dumps(put_san_cert_info_request)

5
tests/functional/transport/pecan/controllers/data_update_san_cert_config_bad.json
View File

@ -1,5 +1,8 @@
{
"missing_spsId": {
"extra_parameter": {
"spsId": 1234,
"enabled": false,
"unsupported_config": "some value"
},
"invalid_spsId": {
"spsId": "1abc"

3
tests/functional/transport/pecan/controllers/test_san_cert_config.py
View File

@ -53,7 +53,8 @@ class TestSanCertConfigController(base.FunctionalTest):
def test_update_san_cert_config_positive(self):
config_data = {
'spsId': 1345
'spsId': 1345,
'enabled': False
}
response = self.app.post('/v1.0/admin/provider/akamai/'
'ssl_certificate/config/'

2
tests/unit/provider/akamai/san_info_storage/test_cassandra_san_info_storage.py
View File

@ -136,6 +136,6 @@ class TestCassandraSANInfoStorage(base.TestCase):
new_spsId = 3456
self.cassa_storage.update_cert_config(
cert_name, new_spsId
cert_name, {'spsId': new_spsId}
)
mock_execute.assert_called()