Add Symmetric Keys Panel

Change-Id: Id423dbfd30990b8c4240b8008b6c659da38f91fd
This commit is contained in:
Kaitlin Farr 2017-08-22 16:31:54 -04:00 committed by Brianna Poulos
parent 32c35f6f20
commit 299eb23fa4
19 changed files with 639 additions and 1 deletions

View File

@ -57,6 +57,7 @@ And enable it in Horizon::
ln -s ../castellan-ui/castellan_ui/enabled/_91_project_key_manager_x509_certificates_panel.py openstack_dashboard/local/enabled
ln -s ../castellan-ui/castellan_ui/enabled/_92_project_key_manager_private_key_panel.py openstack_dashboard/local/enabled
ln -s ../castellan-ui/castellan_ui/enabled/_93_project_key_manager_public_key_panel.py openstack_dashboard/local/enabled
ln -s ../castellan-ui/castellan_ui/enabled/_93_project_key_manager_symmetric_key_panel.py openstack_dashboard/local/enabled
To run horizon with the newly enabled Castellan UI plugin run::

View File

@ -0,0 +1,96 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import base64
import binascii
from django.utils.translation import ugettext_lazy as _
from castellan.common.objects import symmetric_key
from horizon import exceptions
from horizon import forms
from horizon import messages
from castellan_ui.api import client
from castellan_ui.content import shared_forms
ALGORITHMS = ('AES', 'DES', 'DESEDE')
ALG_HELP_TEXT = _(
"Check which algorithms your key manager supports. "
"Some common algorithms are: %s") % ', '.join(ALGORITHMS)
LENGTH_HELP_TEXT = _(
"Only certain bit lengths are valid for each algorithm. "
"Some common bit lengths are: 128, 256")
class ImportSymmetricKey(shared_forms.ImportKey):
def __init__(self, request, *args, **kwargs):
super(ImportSymmetricKey, self).__init__(
request, *args, algorithms=ALGORITHMS, **kwargs)
self.fields['direct_input'].help_text = _(
"Key bytes represented as hex characters. Acceptable values are "
"0-9, a-f, A-F")
self.fields['key_file'].help_text = _(
"The file should contain the raw bytes of the key.")
def clean_key_data(self, key_data):
if self.files.get('key_file'):
key_bytes = key_data
else:
key_bytes = binascii.unhexlify(key_data)
b64_key_data = base64.b64encode(key_bytes)
return b64_key_data
def handle(self, request, data):
return super(ImportSymmetricKey, self).handle(
request, data, symmetric_key.SymmetricKey)
class GenerateSymmetricKey(forms.SelfHandlingForm):
algorithm = forms.CharField(label=_("Algorithm"),
widget=shared_forms.ListTextWidget(
data_list=ALGORITHMS,
name='algorithm-list'),
help_text=ALG_HELP_TEXT)
length = forms.IntegerField(label=_("Bit Length"), min_value=0,
help_text=LENGTH_HELP_TEXT)
name = forms.RegexField(required=False,
max_length=255,
label=_("Key Name"),
regex=shared_forms.NAME_REGEX,
error_messages=shared_forms.ERROR_MESSAGES)
def handle(self, request, data):
try:
key_uuid = client.generate_symmetric_key(
request,
algorithm=data['algorithm'],
length=data['length'],
name=data['name'])
if data['name']:
key_identifier = data['name']
else:
key_identifier = key_uuid
messages.success(request,
_('Successfully generated symmetric key: %s')
% key_identifier)
return key_uuid
except Exception as e:
msg = _('Unable to generate symmetric key: %s')
messages.error(request, msg % e)
exceptions.handle(request, ignore=True)
self.api_error(_('Unable to generate symmetric key.'))
return False

View File

@ -0,0 +1,23 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.utils.translation import ugettext_lazy as _
import horizon
# This panel will be loaded from horizon, because specified in enabled file.
# To register REST api, import below here.
from castellan_ui.api import client # noqa: F401
class SymmetricKeys(horizon.Panel):
name = _("Symmetric Keys")
slug = "symmetric_keys"

View File

@ -0,0 +1,96 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from castellan_ui.content import filters
from django.core.urlresolvers import reverse
from django.utils.translation import ugettext_lazy as _
from django.utils.translation import ungettext_lazy
from castellan_ui.api import client
from horizon import tables
class GenerateSymmetricKey(tables.LinkAction):
name = "generate_symmetric_key"
verbose_name = _("Generate Symmetric Key")
url = "horizon:project:symmetric_keys:generate"
classes = ("ajax-modal",)
icon = "plus"
policy_rules = ()
class ImportSymmetricKey(tables.LinkAction):
name = "import_symmetric_key"
verbose_name = _("Import Symmetric Key")
url = "horizon:project:symmetric_keys:import"
classes = ("ajax-modal",)
icon = "upload"
policy_rules = ()
class DownloadKey(tables.LinkAction):
name = "download"
verbose_name = _("Download Key")
url = "horizon:project:symmetric_keys:download"
classes = ("btn-download",)
policy_rules = ()
def get_link_url(self, datum):
return reverse(self.url,
kwargs={'object_id': datum.id})
class DeleteSymmetricKey(tables.DeleteAction):
policy_rules = ()
help_text = _("You should not delete a symmetric key unless you are "
"certain it is not being used anywhere.")
@staticmethod
def action_present(count):
return ungettext_lazy(
u"Delete Symmetric Key",
u"Delete Symmetric Keys",
count
)
@staticmethod
def action_past(count):
return ungettext_lazy(
u"Deleted Symmetric Key",
u"Deleted Symmetric Keys",
count
)
def delete(self, request, obj_id):
client.delete(request, obj_id)
class SymmetricKeyTable(tables.DataTable):
detail_link = "horizon:project:symmetric_keys:detail"
uuid = tables.Column("id", verbose_name=_("Key ID"), link=detail_link)
name = tables.Column("name", verbose_name=_("Name"))
algorithm = tables.Column("algorithm", verbose_name=_("Algorithm"))
bit_length = tables.Column("bit_length", verbose_name=_("Bit Length"))
created_date = tables.Column("created",
verbose_name=_("Created Date"),
filters=(filters.timestamp_to_iso,))
def get_object_display(self, datum):
return datum.name if datum.name else datum.id
class Meta(object):
name = "symmetric_key"
table_actions = (GenerateSymmetricKey,
ImportSymmetricKey,
DeleteSymmetricKey,)
row_actions = (DownloadKey, DeleteSymmetricKey)

View File

@ -0,0 +1,27 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from castellan_ui.content.symmetric_keys import views
from django.conf.urls import url
urlpatterns = [
url(r'^$', views.IndexView.as_view(), name='index'),
url(r'^import/$', views.ImportView.as_view(), name='import'),
url(r'^generate/$', views.GenerateView.as_view(), name='generate'),
url(r'^(?P<object_id>[^/]+)/$',
views.DetailView.as_view(),
name='detail'),
url(r'^download/$', views.download_key, name='download'),
url(r'^(?P<object_id>[^/]+)/download$',
views.download_key,
name='download'),
]

View File

@ -0,0 +1,133 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.core.urlresolvers import reverse
from django.core.urlresolvers import reverse_lazy
from django.http import HttpResponse
from django.utils.translation import ugettext_lazy as _
import binascii
from castellan.common.objects import symmetric_key
from castellan_ui.api import client
from castellan_ui.content.symmetric_keys import forms as symmetric_key_forms
from castellan_ui.content.symmetric_keys import tables
from datetime import datetime
from horizon import exceptions
from horizon import forms
from horizon.tables import views as tables_views
from horizon.utils import memoized
from horizon import views
def download_key(request, object_id):
try:
obj = client.get(request, object_id)
data = obj.get_encoded()
response = HttpResponse()
response.write(data)
response['Content-Disposition'] = ('attachment; '
'filename="%s.key"' % object_id)
response['Content-Length'] = str(len(response.content))
return response
except Exception:
redirect = reverse('horizon:project:symmetric_keys:index')
msg = _('Unable to download symmetric_key "%s".')\
% (object_id)
exceptions.handle(request, msg, redirect=redirect)
class IndexView(tables_views.MultiTableView):
table_classes = [
tables.SymmetricKeyTable
]
template_name = 'symmetric_keys.html'
def get_symmetric_key_data(self):
try:
return client.list(self.request,
object_type=symmetric_key.SymmetricKey)
except Exception as e:
msg = _('Unable to list symmetric keys: "%s".') % (e.message)
exceptions.handle(self.request, msg)
return []
class GenerateView(forms.ModalFormView):
form_class = symmetric_key_forms.GenerateSymmetricKey
template_name = 'symmetric_key_generate.html'
submit_url = reverse_lazy(
"horizon:project:symmetric_keys:generate")
success_url = reverse_lazy('horizon:project:symmetric_keys:index')
submit_label = page_title = _("Generate Symmetric Key")
class ImportView(forms.ModalFormView):
form_class = symmetric_key_forms.ImportSymmetricKey
template_name = 'symmetric_key_import.html'
submit_url = reverse_lazy(
"horizon:project:symmetric_keys:import")
success_url = reverse_lazy('horizon:project:symmetric_keys:index')
submit_label = page_title = _("Import Symmetric Key")
def get_object_id(self, key_uuid):
return key_uuid
class DetailView(views.HorizonTemplateView):
template_name = 'symmetric_key_detail.html'
page_title = _("Symmetric Key Details")
@memoized.memoized_method
def _get_data(self):
try:
obj = client.get(self.request, self.kwargs['object_id'])
except Exception:
redirect = reverse('horizon:project:symmetric_keys:index')
msg = _('Unable to retrieve details for symmetric_key "%s".')\
% (self.kwargs['object_id'])
exceptions.handle(self.request, msg,
redirect=redirect)
return obj
@memoized.memoized_method
def _get_data_created_date(self, obj):
try:
created_date = datetime.utcfromtimestamp(obj.created).isoformat()
except Exception:
redirect = reverse('horizon:project:symmetric_keys:index')
msg = _('Unable to retrieve details for symmetric_key "%s".')\
% (self.kwargs['object_id'])
exceptions.handle(self.request, msg,
redirect=redirect)
return created_date
@memoized.memoized_method
def _get_data_bytes(self, obj):
try:
data_bytes = binascii.hexlify(obj.get_encoded())
except Exception:
redirect = reverse('horizon:project:symmetric_keys:index')
msg = _('Unable to retrieve details for symmetric_key "%s".')\
% (self.kwargs['object_id'])
exceptions.handle(self.request, msg,
redirect=redirect)
return data_bytes
def get_context_data(self, **kwargs):
"""Gets the context data for key."""
context = super(DetailView, self).get_context_data(**kwargs)
obj = self._get_data()
context['object'] = obj
context['object_created_date'] = self._get_data_created_date(obj)
context['object_bytes'] = self._get_data_bytes(obj)
return context

View File

@ -0,0 +1,23 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# The slug of the panel to be added to HORIZON_CONFIG. Required.
PANEL = 'symmetric_keys'
# The slug of the panel group the PANEL is associated with.
PANEL_GROUP = 'key_manager'
# The slug of the dashboard the PANEL associated with. Required.
PANEL_DASHBOARD = 'project'
ADD_INSTALLED_APP = ['castellan_ui', ]
# Python panel class of the PANEL to be added.
ADD_PANEL = 'castellan_ui.content.symmetric_keys.panel.SymmetricKeys'

View File

@ -0,0 +1,7 @@
{% extends "horizon/common/_modal_form.html" %}
{% load i18n %}
{% block modal-body-right %}
<p>{% trans "Check your key manager to see which algorithms and bit lengths are supported." %}</p>
{% endblock %}

View File

@ -0,0 +1,9 @@
{% extends '_object_import.html' %}
{% load i18n %}
{% block modal-body-right %}
<p>{% trans "When importing your key as a file, the raw bytes of the file will be the raw bytes of the key. If you open the key file using a text editor, it will not be human-readable because the bytes may not map to ASCII characters." %}</p>
<p>{% trans "To import your key using direct input, use the hex dump of the value of the key. For example, a 128 bit key may look like this:" %}</p>
<p><pre>00112233445566778899aabbccddeeff</pre></p>
{% endblock %}

View File

@ -0,0 +1,7 @@
{% extends 'base.html' %}
{% load i18n %}
{% block title %}{{ page_title }}{% endblock %}
{% block main %}
{% include 'project/key_pairs/_import.html' %}
{% endblock %}

View File

@ -0,0 +1,27 @@
{% extends 'base.html' %}
{% load i18n parse_date %}
{% block title %}{{ page_title }}{% endblock %}
{% block page_header %}
{% include "horizon/common/_detail_header.html" %}
{% endblock %}
{% block main %}
<div class="detail">
<dl class="dl-horizontal">
<dt>{% trans "Name" %}</dt>
<dd>{{ object.name|default:_("None") }}</dd>
<dt>{% trans "Created" %}</dt>
<dd>{{ object_created_date|parse_date}}</dd>
<dt>{% trans "Algorithm" %}</dt>
<dd>{{ object.algorithm|default:_("None") }}</dd>
<dt>{% trans "Bit Length" %}</dt>
<dd>{{ object.bit_length|default:_("None") }}</dd>
<dt>{% trans "Key Value (in hex)" %}</dt>
<dd>
<div class="key-text word-wrap">{{ object_bytes|default:_("None") }}</div>
</dd>
</dl>
</div>
{% endblock %}

View File

@ -0,0 +1,7 @@
{% extends 'base.html' %}
{% load i18n %}
{% block title %}{{ page_title }}{% endblock %}
{% block main %}
{% include '_symmetric_key_generate.html' %}
{% endblock %}

View File

@ -0,0 +1,7 @@
{% extends 'base.html' %}
{% load i18n %}
{% block title %}{{ page_title }}{% endblock %}
{% block main %}
{% include '_symmetric_key_import.html' %}
{% endblock %}

View File

@ -0,0 +1,23 @@
{% extends 'base.html' %}
{% load i18n %}
{% block title %}{% trans "Symmetric Keys" %}{% endblock %}
{% block breadcrumb_nav %}
<ol class = "breadcrumb">
<li>{% trans "Project" %}</li>
<li>{% trans "Key Manager" %}</li>
<li class="active">{% trans "Symmetric Keys" %}</li>
</ol>
{% endblock %}
{% block page_header %}
<hz-page-header header="{% trans "Symmetric Keys" %}"></hz-page-header>
{% endblock page_header %}
{% block main %}
<div class="row">
<div class="col-sm-12">
{{ symmetric_key_table.render }}
</div>
</div>
{% endblock %}

View File

@ -0,0 +1,136 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import base64
import binascii
from django.core.handlers import wsgi
from django.core.urlresolvers import reverse
from horizon import messages as horizon_messages
import mock
from castellan.common.objects import symmetric_key
from castellan_ui.api import client as api_castellan
from castellan_ui.test import helpers as tests
from castellan_ui.test import test_data
INDEX_URL = reverse('horizon:project:symmetric_keys:index')
class SymmetricKeysViewTest(tests.APITestCase):
def setUp(self):
super(SymmetricKeysViewTest, self).setUp()
self.key = test_data.symmetric_key
self.key_b64_bytes = base64.b64encode(self.key.get_encoded())
self.mock_object(
api_castellan, "get", mock.Mock(return_value=self.key))
self.mock_object(api_castellan, "list", mock.Mock(return_value=[]))
self.mock_object(horizon_messages, "success")
FAKE_ENVIRON = {'REQUEST_METHOD': 'GET', 'wsgi.input': 'fake_input'}
self.request = wsgi.WSGIRequest(FAKE_ENVIRON)
def test_index(self):
key_list = [test_data.symmetric_key, test_data.nameless_symmetric_key]
self.mock_object(
api_castellan, "list", mock.Mock(return_value=key_list))
res = self.client.get(INDEX_URL)
self.assertEqual(res.status_code, 200)
self.assertTemplateUsed(res, 'symmetric_keys.html')
api_castellan.list.assert_called_with(
mock.ANY, object_type=symmetric_key.SymmetricKey)
def test_detail_view(self):
url = reverse('horizon:project:symmetric_keys:detail',
args=[self.key.id])
self.mock_object(
api_castellan, "list", mock.Mock(return_value=[self.key]))
self.mock_object(
api_castellan, "get", mock.Mock(return_value=self.key))
res = self.client.get(url)
self.assertContains(
res, "<dt>Name</dt>\n <dd>%s</dd>" % self.key.name, 1, 200)
api_castellan.get.assert_called_once_with(mock.ANY, self.key.id)
def test_import_key(self):
self.mock_object(
api_castellan, "list", mock.Mock(return_value=[self.key]))
url = reverse('horizon:project:symmetric_keys:import')
self.mock_object(
api_castellan, "import_object", mock.Mock(return_value=self.key))
key_input = (
binascii.hexlify(self.key.get_encoded()).decode('utf-8')
)
key_form_data = {
'source_type': 'raw',
'name': self.key.name,
'direct_input': key_input,
'bit_length': 128,
'algorithm': 'AES'
}
self.client.post(url, key_form_data)
api_castellan.import_object.assert_called_once_with(
mock.ANY,
object_type=symmetric_key.SymmetricKey,
key=self.key_b64_bytes,
name=self.key.name,
algorithm=u'AES',
bit_length=128
)
def test_generate_key(self):
self.mock_object(
api_castellan, "list", mock.Mock(return_value=[self.key]))
url = reverse('horizon:project:symmetric_keys:generate')
self.mock_object(
api_castellan, "generate_symmetric_key",
mock.Mock(return_value=self.key))
key_form_data = {
'name': self.key.name,
'length': 256,
'algorithm': 'AES'
}
self.client.post(url, key_form_data)
api_castellan.generate_symmetric_key.assert_called_once_with(
mock.ANY,
name=self.key.name,
algorithm=u'AES',
length=256
)
def test_delete_key(self):
self.mock_object(
api_castellan, "list", mock.Mock(return_value=[self.key]))
self.mock_object(api_castellan, "delete")
key_form_data = {
'action': 'symmetric_key__delete__%s' % self.key.id
}
res = self.client.post(INDEX_URL, key_form_data)
api_castellan.list.assert_called_with(
mock.ANY, object_type=symmetric_key.SymmetricKey)
api_castellan.delete.assert_called_once_with(
mock.ANY,
self.key.id,
)
self.assertRedirectsNoFollow(res, INDEX_URL)

View File

@ -56,3 +56,19 @@ nameless_public_key = objects.public_key.PublicKey(
name=None,
created=1448088699,
id=u'11111111-1111-1111-1111-111111111111')
symmetric_key = objects.symmetric_key.SymmetricKey(
key=castellan_utils.get_symmetric_key(),
algorithm="AES",
bit_length=128,
name=u'test symmetric key',
created=1448088699,
id=u'00000000-0000-0000-0000-000000000000')
nameless_symmetric_key = objects.symmetric_key.SymmetricKey(
key=castellan_utils.get_symmetric_key(),
algorithm="AES",
bit_length=128,
name=None,
created=1448088699,
id=u'11111111-1111-1111-1111-111111111111')

View File

@ -1,5 +1,5 @@
[tox]
envlist = py34,py27,py27dj18,pep8
envlist = py35,py27,py27dj18,pep8
minversion = 2.0
skipsdist = True