Merge "Add ID to managed objects"
This commit is contained in:
commit
35c2a9912e
|
@ -28,11 +28,12 @@ import six
|
|||
class ManagedObject(object):
|
||||
"""Base class to represent all managed objects."""
|
||||
|
||||
def __init__(self, name=None, created=None):
|
||||
def __init__(self, name=None, created=None, id=None):
|
||||
"""Managed Object
|
||||
|
||||
:param name: the name of the managed object.
|
||||
:param created: the time a managed object was created.
|
||||
:param id: the ID of the object, generated after storing the object.
|
||||
"""
|
||||
self._name = name
|
||||
|
||||
|
@ -43,6 +44,17 @@ class ManagedObject(object):
|
|||
raise ValueError('created must be of long type, actual type %s' %
|
||||
type(created))
|
||||
|
||||
self._id = id
|
||||
|
||||
@property
|
||||
def id(self):
|
||||
"""Returns the ID of the managed object.
|
||||
|
||||
Returns the ID of the managed object or None if this object does not
|
||||
have one. If the ID is None, the object has not been persisted yet.
|
||||
"""
|
||||
return self._id
|
||||
|
||||
@property
|
||||
def name(self):
|
||||
"""Returns the name.
|
||||
|
|
|
@ -25,13 +25,13 @@ from castellan.common.objects import managed_object
|
|||
class OpaqueData(managed_object.ManagedObject):
|
||||
"""This class represents opaque data."""
|
||||
|
||||
def __init__(self, data, name=None, created=None):
|
||||
def __init__(self, data, name=None, created=None, id=None):
|
||||
"""Create a new OpaqueData object.
|
||||
|
||||
Expected type for data is a bytestring.
|
||||
"""
|
||||
self._data = data
|
||||
super(OpaqueData, self).__init__(name=name, created=created)
|
||||
super(OpaqueData, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def format(self):
|
||||
|
|
|
@ -25,13 +25,13 @@ from castellan.common.objects import managed_object
|
|||
class Passphrase(managed_object.ManagedObject):
|
||||
"""This class represents a passphrase."""
|
||||
|
||||
def __init__(self, passphrase, name=None, created=None):
|
||||
def __init__(self, passphrase, name=None, created=None, id=None):
|
||||
"""Create a new Passphrase object.
|
||||
|
||||
The expected type for the passphrase is a bytestring.
|
||||
"""
|
||||
self._passphrase = passphrase
|
||||
super(Passphrase, self).__init__(name=name, created=created)
|
||||
super(Passphrase, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def format(self):
|
||||
|
|
|
@ -26,7 +26,7 @@ class PrivateKey(key.Key):
|
|||
"""This class represents private keys."""
|
||||
|
||||
def __init__(self, algorithm, bit_length, key,
|
||||
name=None, created=None):
|
||||
name=None, created=None, id=None):
|
||||
"""Create a new PrivateKey object.
|
||||
|
||||
The arguments specify the algorithm and bit length for the asymmetric
|
||||
|
@ -35,7 +35,7 @@ class PrivateKey(key.Key):
|
|||
self._alg = algorithm
|
||||
self._bit_length = bit_length
|
||||
self._key = key
|
||||
super(PrivateKey, self).__init__(name=name, created=created)
|
||||
super(PrivateKey, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def algorithm(self):
|
||||
|
|
|
@ -26,7 +26,7 @@ class PublicKey(key.Key):
|
|||
"""This class represents public keys."""
|
||||
|
||||
def __init__(self, algorithm, bit_length, key,
|
||||
name=None, created=None):
|
||||
name=None, created=None, id=None):
|
||||
"""Create a new PublicKey object.
|
||||
|
||||
The arguments specify the algorithm and bit length for the asymmetric
|
||||
|
@ -36,7 +36,7 @@ class PublicKey(key.Key):
|
|||
self._alg = algorithm
|
||||
self._bit_length = bit_length
|
||||
self._key = key
|
||||
super(PublicKey, self).__init__(name=name, created=created)
|
||||
super(PublicKey, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def algorithm(self):
|
||||
|
|
|
@ -26,7 +26,7 @@ class SymmetricKey(key.Key):
|
|||
"""This class represents symmetric keys."""
|
||||
|
||||
def __init__(self, algorithm, bit_length, key,
|
||||
name=None, created=None):
|
||||
name=None, created=None, id=None):
|
||||
"""Create a new SymmetricKey object.
|
||||
|
||||
The arguments specify the algorithm and bit length for the symmetric
|
||||
|
@ -35,7 +35,7 @@ class SymmetricKey(key.Key):
|
|||
self._alg = algorithm
|
||||
self._bit_length = bit_length
|
||||
self._key = key
|
||||
super(SymmetricKey, self).__init__(name=name, created=created)
|
||||
super(SymmetricKey, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def algorithm(self):
|
||||
|
|
|
@ -25,13 +25,13 @@ from castellan.common.objects import certificate
|
|||
class X509(certificate.Certificate):
|
||||
"""This class represents X.509 certificates."""
|
||||
|
||||
def __init__(self, data, name=None, created=None):
|
||||
def __init__(self, data, name=None, created=None, id=None):
|
||||
"""Create a new X509 object.
|
||||
|
||||
The data should be in a bytestring.
|
||||
"""
|
||||
self._data = data
|
||||
super(X509, self).__init__(name=name, created=created)
|
||||
super(X509, self).__init__(name=name, created=created, id=id)
|
||||
|
||||
@property
|
||||
def format(self):
|
||||
|
|
|
@ -484,6 +484,11 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
|||
else:
|
||||
secret_data = self._get_secret_data(secret)
|
||||
|
||||
if secret.secret_ref:
|
||||
object_id = self._retrieve_secret_uuid(secret.secret_ref)
|
||||
else:
|
||||
object_id = None
|
||||
|
||||
# convert created ISO8601 in Barbican to POSIX
|
||||
if secret.created:
|
||||
time_stamp = timeutils.parse_isotime(
|
||||
|
@ -495,11 +500,13 @@ class BarbicanKeyManager(key_manager.KeyManager):
|
|||
secret.bit_length,
|
||||
secret_data,
|
||||
secret.name,
|
||||
created)
|
||||
created,
|
||||
object_id)
|
||||
else:
|
||||
return secret_type(secret_data,
|
||||
secret.name,
|
||||
created)
|
||||
created,
|
||||
object_id)
|
||||
|
||||
def _get_secret(self, context, object_id):
|
||||
"""Returns the metadata of the secret.
|
||||
|
|
|
@ -137,6 +137,8 @@ class KeyManagerTestCase(object):
|
|||
self.assertEqual(managed_object.get_encoded(),
|
||||
retrieved_object.get_encoded())
|
||||
self.assertFalse(managed_object.is_metadata_only())
|
||||
self.assertFalse(retrieved_object.is_metadata_only())
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'symmetric_key': [_get_test_symmetric_key()],
|
||||
|
@ -155,6 +157,7 @@ class KeyManagerTestCase(object):
|
|||
metadata_only=True)
|
||||
self.assertFalse(managed_object.is_metadata_only())
|
||||
self.assertTrue(retrieved_object.is_metadata_only())
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'symmetric_key': [_get_test_symmetric_key()],
|
||||
|
@ -171,6 +174,7 @@ class KeyManagerTestCase(object):
|
|||
retrieved_object = self.key_mgr.get(self.ctxt, uuid)
|
||||
self.assertEqual(managed_object.get_encoded(),
|
||||
retrieved_object.get_encoded())
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'symmetric_key': [_get_test_symmetric_key()],
|
||||
|
@ -189,8 +193,9 @@ class KeyManagerTestCase(object):
|
|||
# check if the object we created is in the list
|
||||
retrieved_objects = self.key_mgr.list(self.ctxt)
|
||||
self.assertTrue(managed_object in retrieved_objects)
|
||||
for obj in retrieved_objects:
|
||||
self.assertFalse(obj.is_metadata_only())
|
||||
for retrieved_object in retrieved_objects:
|
||||
self.assertFalse(retrieved_object.is_metadata_only())
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'symmetric_key': [_get_test_symmetric_key()],
|
||||
|
@ -211,8 +216,9 @@ class KeyManagerTestCase(object):
|
|||
# check if the object we created is in the list
|
||||
retrieved_objects = self.key_mgr.list(self.ctxt, metadata_only=True)
|
||||
self.assertTrue(expected_obj in retrieved_objects)
|
||||
for obj in retrieved_objects:
|
||||
self.assertTrue(obj.is_metadata_only())
|
||||
for retrieved_object in retrieved_objects:
|
||||
self.assertTrue(retrieved_object.is_metadata_only())
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
|
||||
@utils.parameterized_dataset({
|
||||
'query_by_object_type': {
|
||||
|
@ -233,4 +239,5 @@ class KeyManagerTestCase(object):
|
|||
retrieved_objects = self.key_mgr.list(self.ctxt, **query_dict)
|
||||
for retrieved_object in retrieved_objects:
|
||||
self.assertEqual(type(object_1), type(retrieved_object))
|
||||
self.assertIsNotNone(retrieved_object.id)
|
||||
self.assertTrue(object_1 in retrieved_objects)
|
||||
|
|
|
@ -163,6 +163,7 @@ class MockKeyManager(key_manager.KeyManager):
|
|||
raise exception.Forbidden()
|
||||
|
||||
key_id = self._generate_key_id()
|
||||
managed_object._id = key_id
|
||||
self.keys[key_id] = managed_object
|
||||
|
||||
return key_id
|
||||
|
|
|
@ -207,6 +207,10 @@ class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase):
|
|||
original_secret_metadata.bit_length = mock.sentinel.bit
|
||||
original_secret_metadata.secret_type = 'symmetric'
|
||||
|
||||
key_id = "43ed09c3-e551-4c24-b612-e619abe9b534"
|
||||
key_ref = ("http://localhost:9311/v1/secrets/" + key_id)
|
||||
original_secret_metadata.secret_ref = key_ref
|
||||
|
||||
created = timeutils.parse_isotime('2015-10-20 18:51:17+00:00')
|
||||
original_secret_metadata.created = created
|
||||
created_formatted = timeutils.parse_isotime(str(created))
|
||||
|
@ -222,6 +226,7 @@ class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase):
|
|||
key = self.key_mgr.get(self.ctxt, self.key_id)
|
||||
|
||||
self.get.assert_called_once_with(self.secret_ref)
|
||||
self.assertEqual(key_id, key.id)
|
||||
self.assertEqual(key_name, key.name)
|
||||
self.assertEqual(original_secret_data, key.get_encoded())
|
||||
self.assertEqual(created_posix, key.created)
|
||||
|
@ -378,6 +383,10 @@ class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase):
|
|||
original_secret_metadata.bit_length = mock.sentinel.bit
|
||||
original_secret_metadata.secret_type = 'symmetric'
|
||||
|
||||
key_id = "43ed09c3-e551-4c24-b612-e619abe9b534"
|
||||
key_ref = ("http://localhost:9311/v1/secrets/" + key_id)
|
||||
original_secret_metadata.secret_ref = key_ref
|
||||
|
||||
created = timeutils.parse_isotime('2015-10-20 18:51:17+00:00')
|
||||
original_secret_metadata.created = created
|
||||
created_formatted = timeutils.parse_isotime(str(created))
|
||||
|
@ -398,6 +407,7 @@ class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase):
|
|||
key = key_list[0]
|
||||
|
||||
self.list.assert_called_once()
|
||||
self.assertEqual(key_id, key.id)
|
||||
self.assertEqual(key_name, key.name)
|
||||
self.assertEqual(original_secret_data, key.get_encoded())
|
||||
self.assertEqual(created_posix, key.created)
|
||||
|
|
|
@ -70,18 +70,21 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
key_id = self.key_mgr.create_key(self.context, length=length)
|
||||
key = self.key_mgr.get(self.context, key_id)
|
||||
self.assertEqual(length / 8, len(key.get_encoded()))
|
||||
self.assertIsNotNone(key.id)
|
||||
|
||||
def test_create_key_with_name(self):
|
||||
name = 'my key'
|
||||
key_id = self.key_mgr.create_key(self.context, name=name)
|
||||
key = self.key_mgr.get(self.context, key_id)
|
||||
self.assertEqual(name, key.name)
|
||||
self.assertIsNotNone(key.id)
|
||||
|
||||
def test_create_key_with_algorithm(self):
|
||||
algorithm = 'DES'
|
||||
key_id = self.key_mgr.create_key(self.context, algorithm=algorithm)
|
||||
key = self.key_mgr.get(self.context, key_id)
|
||||
self.assertEqual(algorithm, key.algorithm)
|
||||
self.assertIsNotNone(key.id)
|
||||
|
||||
def test_create_key_null_context(self):
|
||||
self.assertRaises(exception.Forbidden,
|
||||
|
@ -94,7 +97,9 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
self.context, 'RSA', length, name=name)
|
||||
|
||||
private_key = self.key_mgr.get(self.context, private_key_uuid)
|
||||
self.assertIsNotNone(private_key.id)
|
||||
public_key = self.key_mgr.get(self.context, public_key_uuid)
|
||||
self.assertIsNotNone(public_key.id)
|
||||
|
||||
crypto_private_key = get_cryptography_private_key(private_key)
|
||||
crypto_public_key = get_cryptography_public_key(public_key)
|
||||
|
@ -153,6 +158,8 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
actual_key = self.key_mgr.get(self.context, key_id)
|
||||
self.assertEqual(_key, actual_key)
|
||||
|
||||
self.assertIsNotNone(actual_key.id)
|
||||
|
||||
def test_store_key_and_get_metadata(self):
|
||||
secret_key = bytes(b'0' * 64)
|
||||
_key = sym_key.SymmetricKey('AES', 64 * 8, secret_key)
|
||||
|
@ -164,6 +171,8 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
self.assertIsNone(actual_key.get_encoded())
|
||||
self.assertTrue(actual_key.is_metadata_only())
|
||||
|
||||
self.assertIsNotNone(actual_key.id)
|
||||
|
||||
def test_store_key_and_get_metadata_and_get_key(self):
|
||||
secret_key = bytes(b'0' * 64)
|
||||
_key = sym_key.SymmetricKey('AES', 64 * 8, secret_key)
|
||||
|
@ -181,6 +190,8 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
self.assertIsNotNone(actual_key.get_encoded())
|
||||
self.assertFalse(actual_key.is_metadata_only())
|
||||
|
||||
self.assertIsNotNone(actual_key.id)
|
||||
|
||||
def test_store_null_context(self):
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.key_mgr.store, None, None)
|
||||
|
@ -221,6 +232,9 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
self.assertTrue(key1 in keys)
|
||||
self.assertTrue(key2 in keys)
|
||||
|
||||
for key in keys:
|
||||
self.assertIsNotNone(key.id)
|
||||
|
||||
def test_list_keys_metadata_only(self):
|
||||
key1 = sym_key.SymmetricKey('AES', 64 * 8, bytes(b'0' * 64))
|
||||
self.key_mgr.store(self.context, key1)
|
||||
|
@ -233,3 +247,6 @@ class MockKeyManagerTestCase(test_key_mgr.KeyManagerTestCase):
|
|||
for key in keys:
|
||||
self.assertTrue(key.is_metadata_only())
|
||||
self.assertTrue(key.bit_length in bit_length_list)
|
||||
|
||||
for key in keys:
|
||||
self.assertIsNotNone(key.id)
|
||||
|
|
Loading…
Reference in New Issue