← Back to branch summary

~ubuntu-branches/ubuntu/utopic/maas/utopic-security

« back to all changes in this revision

Viewing changes to src/maasserver/tests/test_api_ssl_key.py

  • Committer: Package Import Robot
  • Author(s): Julian Edwards, Julian Edwards, Andres Rodriguez
  • Date: 2014-08-21 18:38:27 UTC
  • mfrom: (1.2.34)
  • Revision ID: package-import@ubuntu.com-20140821183827-9xyb5u2o4l8g3zxj
Tags: 1.6.1+bzr2550-0ubuntu1
https://launchpad.net/bugs/1341619
* New upstream bugfix release:
  - Auto-link node MACs to Networks (LP: #1341619)

[ Julian Edwards ]
* debian/maas-region-controller.postinst: Don't restart RabbitMQ on
  upgrades, just ensure it's running.  Should prevent a race with the
  cluster celery restarting.
* debian/rules: Pull upstream branch from the right place.

[ Andres Rodriguez ]
* debian/maas-region-controller.postinst: Ensure cluster celery is
  started if it also runs on the region.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/maasserver/tests/test_api_ssl_key.py
 
1
# Copyright 2014 Canonical Ltd.  This software is licensed under the
 
2
# GNU Affero General Public License version 3 (see the file LICENSE).
 
3
 
 
4
"""Tests for the ssl key API."""
 
5
 
 
6
from __future__ import (
 
7
    absolute_import,
 
8
    print_function,
 
9
    unicode_literals,
 
10
    )
 
11
 
 
12
str = None
 
13
 
 
14
__metaclass__ = type
 
15
__all__ = []
 
16
 
 
17
import httplib
 
18
import json
 
19
 
 
20
from django.core.urlresolvers import reverse
 
21
from maasserver.models import SSLKey
 
22
from maasserver.testing import get_data
 
23
from maasserver.testing.api import APITestCase
 
24
from maasserver.testing.factory import factory
 
25
from maasserver.utils.orm import get_one
 
26
 
 
27
 
 
28
class TestSSLKeyHandlers(APITestCase):
 
29
 
 
30
    def test_sslkeys_handler_path(self):
 
31
        self.assertEqual(
 
32
            '/api/1.0/account/prefs/sslkeys/', reverse('sslkeys_handler'))
 
33
 
 
34
    def test_sslkey_handler_path(self):
 
35
        self.assertEqual(
 
36
            '/api/1.0/account/prefs/sslkeys/key/',
 
37
            reverse('sslkey_handler', args=['key']))
 
38
 
 
39
    def test_list_works(self):
 
40
        _, keys = factory.make_user_with_ssl_keys(
 
41
            n_keys=2, user=self.logged_in_user)
 
42
        params = dict(op="list")
 
43
        response = self.client.get(
 
44
            reverse('sslkeys_handler'), params)
 
45
        self.assertEqual(httplib.OK, response.status_code, response)
 
46
        parsed_result = json.loads(response.content)
 
47
        parsed_result = [result['resource_uri'] for result in parsed_result]
 
48
        expected_result = [
 
49
            reverse('sslkey_handler', args=[keys[0].id]),
 
50
            reverse('sslkey_handler', args=[keys[1].id]),
 
51
            ]
 
52
        self.assertItemsEqual(expected_result, parsed_result)
 
53
 
 
54
    def test_list_sorts_output(self):
 
55
        _, keys = factory.make_user_with_ssl_keys(
 
56
            n_keys=2, user=self.logged_in_user)
 
57
        params = dict(op="list")
 
58
        response = self.client.get(
 
59
            reverse('sslkeys_handler'), params)
 
60
        self.assertEqual(httplib.OK, response.status_code, response)
 
61
        parsed_result = json.loads(response.content)
 
62
        parsed_result = [result['resource_uri'] for result in parsed_result]
 
63
        expected_result = [
 
64
            reverse('sslkey_handler', args=[keys[0].id]),
 
65
            reverse('sslkey_handler', args=[keys[1].id]),
 
66
            ]
 
67
        self.assertEqual(expected_result, parsed_result)
 
68
 
 
69
    def test_list_only_shows_user_keys(self):
 
70
        # other user
 
71
        factory.make_user_with_ssl_keys(n_keys=2)
 
72
        _, keys = factory.make_user_with_ssl_keys(
 
73
            n_keys=2, user=self.logged_in_user)
 
74
        params = dict(op="list")
 
75
        response = self.client.get(
 
76
            reverse('sslkeys_handler'), params)
 
77
        self.assertEqual(httplib.OK, response.status_code, response)
 
78
        parsed_result = json.loads(response.content)
 
79
        parsed_result = [result['resource_uri'] for result in parsed_result]
 
80
        expected_result = [
 
81
            reverse('sslkey_handler', args=[keys[0].id]),
 
82
            reverse('sslkey_handler', args=[keys[1].id]),
 
83
            ]
 
84
        self.assertItemsEqual(expected_result, parsed_result)
 
85
 
 
86
    def test_list_only_shows_user_keys_for_admin(self):
 
87
        # other user
 
88
        factory.make_user_with_ssl_keys(n_keys=2)
 
89
        _, keys = factory.make_user_with_ssl_keys(
 
90
            n_keys=2, user=self.logged_in_user)
 
91
        self.become_admin()
 
92
        params = dict(op="list")
 
93
        response = self.client.get(
 
94
            reverse('sslkeys_handler'), params)
 
95
        self.assertEqual(httplib.OK, response.status_code, response)
 
96
        parsed_result = json.loads(response.content)
 
97
        parsed_result = [result['resource_uri'] for result in parsed_result]
 
98
        expected_result = [
 
99
            reverse('sslkey_handler', args=[keys[0].id]),
 
100
            reverse('sslkey_handler', args=[keys[1].id]),
 
101
            ]
 
102
        self.assertItemsEqual(expected_result, parsed_result)
 
103
 
 
104
    def test_get_by_id_works(self):
 
105
        _, keys = factory.make_user_with_ssl_keys(
 
106
            n_keys=1, user=self.logged_in_user)
 
107
        key = keys[0]
 
108
        response = self.client.get(
 
109
            reverse('sslkey_handler', args=[key.id]))
 
110
        self.assertEqual(httplib.OK, response.status_code, response)
 
111
        parsed_result = json.loads(response.content)
 
112
        expected = dict(
 
113
            id=key.id,
 
114
            key=key.key,
 
115
            resource_uri=reverse('sslkey_handler', args=[key.id]),
 
116
            )
 
117
        self.assertEqual(expected, parsed_result)
 
118
 
 
119
    def test_get_by_id_fails_for_non_owner(self):
 
120
        _, keys = factory.make_user_with_ssl_keys(n_keys=1)
 
121
        factory.make_user_with_ssl_keys(
 
122
            n_keys=1, user=self.logged_in_user)
 
123
        key = keys[0]
 
124
        response = self.client.get(
 
125
            reverse('sslkey_handler', args=[key.id]))
 
126
        self.assertEqual(httplib.FORBIDDEN, response.status_code, response)
 
127
 
 
128
    def test_get_by_id_fails_for_non_owner_as_admin(self):
 
129
        _, keys = factory.make_user_with_ssl_keys(n_keys=1)
 
130
        factory.make_user_with_ssl_keys(
 
131
            n_keys=1, user=self.logged_in_user)
 
132
        self.become_admin()
 
133
        key = keys[0]
 
134
        response = self.client.get(
 
135
            reverse('sslkey_handler', args=[key.id]))
 
136
        self.assertEqual(httplib.FORBIDDEN, response.status_code, response)
 
137
 
 
138
    def test_delete_by_id_works(self):
 
139
        _, keys = factory.make_user_with_ssl_keys(
 
140
            n_keys=2, user=self.logged_in_user)
 
141
        response = self.client.delete(
 
142
            reverse('sslkey_handler', args=[keys[0].id]))
 
143
        self.assertEqual(httplib.NO_CONTENT, response.status_code, response)
 
144
        keys_after = SSLKey.objects.filter(user=self.logged_in_user)
 
145
        self.assertEqual(1, len(keys_after))
 
146
        self.assertEqual(keys[1].id, keys_after[0].id)
 
147
 
 
148
    def test_delete_fails_if_not_your_key(self):
 
149
        user, keys = factory.make_user_with_ssl_keys(n_keys=1)
 
150
        response = self.client.delete(
 
151
            reverse('sslkey_handler', args=[keys[0].id]))
 
152
        self.assertEqual(httplib.FORBIDDEN, response.status_code, response)
 
153
        self.assertEqual(1, len(SSLKey.objects.filter(user=user)))
 
154
 
 
155
    def test_adding_works(self):
 
156
        key_string = get_data('data/test_x509_0.pem')
 
157
        response = self.client.post(
 
158
            reverse('sslkeys_handler'),
 
159
            data=dict(op="new", key=key_string))
 
160
        self.assertEqual(httplib.CREATED, response.status_code)
 
161
        parsed_response = json.loads(response.content)
 
162
        self.assertEqual(key_string, parsed_response["key"])
 
163
        added_key = get_one(SSLKey.objects.filter(user=self.logged_in_user))
 
164
        self.assertEqual(key_string, added_key.key)
 
165
 
 
166
    def test_adding_catches_key_validation_errors(self):
 
167
        key_string = factory.getRandomString()
 
168
        response = self.client.post(
 
169
            reverse('sslkeys_handler'),
 
170
            data=dict(op='new', key=key_string))
 
171
        self.assertEqual(httplib.BAD_REQUEST, response.status_code, response)
 
172
        self.assertIn("Invalid", response.content)
 
173
 
 
174
    def test_adding_returns_badrequest_when_key_not_in_form(self):
 
175
        response = self.client.post(
 
176
            reverse('sslkeys_handler'),
 
177
            data=dict(op='new'))
 
178
        self.assertEqual(httplib.BAD_REQUEST, response.status_code, response)
 
179
        self.assertEqual(
 
180
            dict(key=["This field is required."]),
 
181
            json.loads(response.content))