← Back to branch summary

~juju-qa/ubuntu/xenial/juju/xenial-2.0-beta3

« back to all changes in this revision

Viewing changes to src/github.com/juju/juju/cloud/credentials_test.go

  • Committer: Martin Packman
  • Date: 2016-03-30 19:31:08 UTC
  • mfrom: (1.1.41)
  • Revision ID: martin.packman@canonical.com-20160330193108-h9iz3ak334uk0z5r
Merge new upstream source 2.0~beta3

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/github.com/juju/juju/cloud/credentials_test.go
4
4
package cloud_test
5
5
 
6
6
import (
 
7
        "io/ioutil"
 
8
        "path/filepath"
 
9
        "regexp"
 
10
 
7
11
        "github.com/juju/errors"
8
12
        jc "github.com/juju/testing/checkers"
9
13
        gc "gopkg.in/check.v1"
315
319
                },
316
320
        )
317
321
        schema := cloud.CredentialSchema{
318
 
                "key": {
319
 
                        Description: "key credential",
320
 
                        Hidden:      true,
 
322
                {
 
323
                        "key",
 
324
                        cloud.CredentialAttr{
 
325
                                Description: "key credential",
 
326
                                Hidden:      true,
 
327
                        },
321
328
                },
322
329
        }
323
330
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
335
342
                },
336
343
        )
337
344
        schema := cloud.CredentialSchema{
338
 
                "key": {
339
 
                        Description: "key credential",
340
 
                        Hidden:      true,
341
 
                        FileAttr:    "key-file",
342
 
                },
343
 
                "quay": {
344
 
                        FileAttr: "quay-file",
 
345
                {
 
346
                        "key",
 
347
                        cloud.CredentialAttr{
 
348
                                Description: "key credential",
 
349
                                Hidden:      true,
 
350
                                FileAttr:    "key-file",
 
351
                        },
 
352
                }, {
 
353
                        "quay", cloud.CredentialAttr{FileAttr: "quay-file"},
345
354
                },
346
355
        }
347
356
        readFile := func(s string) ([]byte, error) {
366
375
                },
367
376
        )
368
377
        schema := cloud.CredentialSchema{
369
 
                "key": {
370
 
                        Description: "key credential",
371
 
                        Hidden:      true,
372
 
                        FileAttr:    "key-file",
 
378
                {
 
379
                        "key",
 
380
                        cloud.CredentialAttr{
 
381
                                Description: "key credential",
 
382
                                Hidden:      true,
 
383
                                FileAttr:    "key-file",
 
384
                        },
373
385
                },
374
386
        }
375
387
        readFile := func(string) ([]byte, error) {
387
399
                map[string]string{},
388
400
        )
389
401
        schema := cloud.CredentialSchema{
390
 
                "key": {
391
 
                        Description: "key credential",
392
 
                        Hidden:      true,
393
 
                        FileAttr:    "key-file",
 
402
                {
 
403
                        "key",
 
404
                        cloud.CredentialAttr{
 
405
                                Description: "key credential",
 
406
                                Hidden:      true,
 
407
                                FileAttr:    "key-file",
 
408
                        },
394
409
                },
395
410
        }
396
411
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
408
423
                },
409
424
        )
410
425
        schema := cloud.CredentialSchema{
411
 
                "key": {
412
 
                        Description: "key credential",
413
 
                        Hidden:      true,
414
 
                        FileAttr:    "key-file",
 
426
                {
 
427
                        "key",
 
428
                        cloud.CredentialAttr{
 
429
                                Description: "key credential",
 
430
                                Hidden:      true,
 
431
                                FileAttr:    "key-file",
 
432
                        },
415
433
                },
416
434
        }
417
435
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
426
444
                map[string]string{},
427
445
        )
428
446
        schema := cloud.CredentialSchema{
429
 
                "key": {
430
 
                        Description: "key credential",
431
 
                        Hidden:      true,
 
447
                {
 
448
                        "key",
 
449
                        cloud.CredentialAttr{
 
450
                                Description: "key credential",
 
451
                                Hidden:      true,
 
452
                        },
432
453
                },
433
454
        }
434
455
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
453
474
        return nil, errors.NotSupportedf("reading file %q", f)
454
475
}
455
476
 
 
477
func (s *credentialsSuite) TestFinalizeCredentialMandatoryFieldMissing(c *gc.C) {
 
478
        cred := cloud.NewCredential(
 
479
                cloud.UserPassAuthType,
 
480
                map[string]string{
 
481
                        "password": "secret",
 
482
                        "domain":   "domain",
 
483
                },
 
484
        )
 
485
        schema := cloud.CredentialSchema{
 
486
                {
 
487
                        "username", cloud.CredentialAttr{Optional: false},
 
488
                }, {
 
489
                        "password", cloud.CredentialAttr{Hidden: true},
 
490
                }, {
 
491
                        "domain", cloud.CredentialAttr{},
 
492
                },
 
493
        }
 
494
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
495
                cloud.UserPassAuthType: schema,
 
496
        }, nil)
 
497
        c.Assert(err, gc.ErrorMatches, "username: expected string, got nothing")
 
498
}
 
499
 
 
500
func (s *credentialsSuite) TestFinalizeCredentialMandatoryFieldFromFile(c *gc.C) {
 
501
        cred := cloud.NewCredential(
 
502
                cloud.UserPassAuthType,
 
503
                map[string]string{
 
504
                        "key-file": "path",
 
505
                },
 
506
        )
 
507
        schema := cloud.CredentialSchema{
 
508
                {
 
509
                        "key",
 
510
                        cloud.CredentialAttr{
 
511
                                Description: "key credential",
 
512
                                Optional:    false,
 
513
                                FileAttr:    "key-file",
 
514
                        },
 
515
                },
 
516
        }
 
517
        readFile := func(s string) ([]byte, error) {
 
518
                c.Assert(s, gc.Equals, "path")
 
519
                return []byte("file-value"), nil
 
520
        }
 
521
        newCred, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
522
                cloud.UserPassAuthType: schema,
 
523
        }, readFile)
 
524
        c.Assert(err, jc.ErrorIsNil)
 
525
        c.Assert(newCred.Attributes(), jc.DeepEquals, map[string]string{
 
526
                "key": "file-value",
 
527
        })
 
528
}
 
529
 
 
530
func (s *credentialsSuite) TestFinalizeCredentialExtraField(c *gc.C) {
 
531
        cred := cloud.NewCredential(
 
532
                cloud.UserPassAuthType,
 
533
                map[string]string{
 
534
                        "username":   "user",
 
535
                        "password":   "secret",
 
536
                        "domain":     "domain",
 
537
                        "access-key": "access-key",
 
538
                },
 
539
        )
 
540
        schema := cloud.CredentialSchema{
 
541
                {
 
542
                        "username", cloud.CredentialAttr{Optional: false},
 
543
                }, {
 
544
                        "password", cloud.CredentialAttr{Hidden: true},
 
545
                }, {
 
546
                        "domain", cloud.CredentialAttr{},
 
547
                },
 
548
        }
 
549
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
550
                cloud.UserPassAuthType: schema,
 
551
        }, nil)
 
552
        c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(`unknown key "access-key" (value "access-key")`))
 
553
}
 
554
 
 
555
func (s *credentialsSuite) TestFinalizeCredentialInvalidChoice(c *gc.C) {
 
556
        cred := cloud.NewCredential(
 
557
                cloud.UserPassAuthType,
 
558
                map[string]string{
 
559
                        "username":  "user",
 
560
                        "password":  "secret",
 
561
                        "algorithm": "foo",
 
562
                },
 
563
        )
 
564
        schema := cloud.CredentialSchema{
 
565
                {
 
566
                        "username", cloud.CredentialAttr{Optional: false},
 
567
                }, {
 
568
                        "password", cloud.CredentialAttr{Hidden: true},
 
569
                }, {
 
570
                        "algorithm", cloud.CredentialAttr{Options: []interface{}{"bar", "foobar"}},
 
571
                },
 
572
        }
 
573
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
574
                cloud.UserPassAuthType: schema,
 
575
        }, nil)
 
576
        c.Assert(err, gc.ErrorMatches, regexp.QuoteMeta(`algorithm: expected one of [bar foobar], got "foo"`))
 
577
}
 
578
 
 
579
func (s *credentialsSuite) TestFinalizeCredentialFilePath(c *gc.C) {
 
580
        dir := c.MkDir()
 
581
        filename := filepath.Join(dir, "filename")
 
582
        err := ioutil.WriteFile(filename, []byte{}, 0600)
 
583
        c.Assert(err, jc.ErrorIsNil)
 
584
 
 
585
        cred := cloud.NewCredential(
 
586
                cloud.JSONFileAuthType,
 
587
                map[string]string{
 
588
                        "file": filename,
 
589
                },
 
590
        )
 
591
        schema := cloud.CredentialSchema{
 
592
                {
 
593
                        "file", cloud.CredentialAttr{FilePath: true},
 
594
                },
 
595
        }
 
596
        newCred, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
597
                cloud.JSONFileAuthType: schema,
 
598
        }, nil)
 
599
        c.Assert(err, jc.ErrorIsNil)
 
600
        c.Assert(newCred.Attributes(), jc.DeepEquals, map[string]string{
 
601
                "file": filename,
 
602
        })
 
603
}
 
604
 
 
605
func (s *credentialsSuite) TestFinalizeCredentialInvalidFilePath(c *gc.C) {
 
606
        cred := cloud.NewCredential(
 
607
                cloud.JSONFileAuthType,
 
608
                map[string]string{
 
609
                        "file": filepath.Join(c.MkDir(), "somefile"),
 
610
                },
 
611
        )
 
612
        schema := cloud.CredentialSchema{
 
613
                {
 
614
                        "file", cloud.CredentialAttr{FilePath: true},
 
615
                },
 
616
        }
 
617
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
618
                cloud.JSONFileAuthType: schema,
 
619
        }, nil)
 
620
        c.Assert(err, gc.ErrorMatches, "invalid file path: .*")
 
621
}
 
622
 
 
623
func (s *credentialsSuite) TestFinalizeCredentialRelativeFilePath(c *gc.C) {
 
624
        cred := cloud.NewCredential(
 
625
                cloud.JSONFileAuthType,
 
626
                map[string]string{
 
627
                        "file": "file",
 
628
                },
 
629
        )
 
630
        schema := cloud.CredentialSchema{
 
631
                {
 
632
                        "file", cloud.CredentialAttr{FilePath: true},
 
633
                },
 
634
        }
 
635
        _, err := cloud.FinalizeCredential(cred, map[cloud.AuthType]cloud.CredentialSchema{
 
636
                cloud.JSONFileAuthType: schema,
 
637
        }, nil)
 
638
        c.Assert(err, gc.ErrorMatches, "file path must be an absolute path: file")
 
639
}
 
640
 
456
641
func (s *credentialsSuite) TestRemoveSecrets(c *gc.C) {
457
642
        cred := cloud.NewCredential(
458
643
                cloud.UserPassAuthType,
462
647
                },
463
648
        )
464
649
        schema := cloud.CredentialSchema{
465
 
                "username": {},
466
 
                "password": {
467
 
                        Hidden: true,
 
650
                {
 
651
                        "username", cloud.CredentialAttr{},
 
652
                }, {
 
653
                        "password", cloud.CredentialAttr{Hidden: true},
468
654
                },
469
655
        }
470
656
        sanitisedCred, err := cloud.RemoveSecrets(cred, map[cloud.AuthType]cloud.CredentialSchema{