diff options
| author | Jenkins <jenkins@review.openstack.org> | 2015-03-15 19:21:51 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2015-03-15 19:21:51 +0000 |
| commit | 44b045bfbdafb59609279ce26e98ee49022f7c42 (patch) | |
| tree | f4e5fc1d149549ca46340dccdb81123545214e9b | |
| parent | bdad147707f62b229c7d78b70b9cf20e618a41dd (diff) | |
| parent | 791aff5a396e2fe3c6a370ed5dd1a1f42b734d4e (diff) | |
| download | python-barbicanclient-44b045bfbdafb59609279ce26e98ee49022f7c42.tar.gz | |
Merge "Enable usage of 'payload' path to fetch decrypted secrets"
| -rw-r--r-- | barbicanclient/secrets.py | 8 | ||||
| -rw-r--r-- | barbicanclient/tests/test_client.py | 1 | ||||
| -rw-r--r-- | barbicanclient/tests/test_secrets.py | 54 |
3 files changed, 38 insertions, 25 deletions
diff --git a/barbicanclient/secrets.py b/barbicanclient/secrets.py index 99fb2e0..fca7dd0 100644 --- a/barbicanclient/secrets.py +++ b/barbicanclient/secrets.py @@ -235,7 +235,13 @@ class Secret(SecretFormatter): "secret does not specify a 'default' " "content-type.") headers = {'Accept': self.payload_content_type} - self._payload = self._api._get_raw(self._secret_ref, headers) + + if self._secret_ref[-1] != "/": + payload_url = self._secret_ref + '/payload' + else: + payload_url = self._secret_ref + 'payload' + + self._payload = self._api._get_raw(payload_url, headers) @immutable_after_save def store(self): diff --git a/barbicanclient/tests/test_client.py b/barbicanclient/tests/test_client.py index e0f6b17..570b9ab 100644 --- a/barbicanclient/tests/test_client.py +++ b/barbicanclient/tests/test_client.py @@ -292,6 +292,7 @@ class BaseEntityResource(testtools.TestCase): self.entity_id = entity_id self.entity_base = self.endpoint + "/v1/" + self.entity self.entity_href = self.entity_base + "/" + self.entity_id + self.entity_payload_href = self.entity_href + "/payload" self.client = client.Client(endpoint=self.endpoint, project_id=self.project_id) diff --git a/barbicanclient/tests/test_secrets.py b/barbicanclient/tests/test_secrets.py index c7d4681..7f614a9 100644 --- a/barbicanclient/tests/test_secrets.py +++ b/barbicanclient/tests/test_secrets.py @@ -245,7 +245,7 @@ class WhenTestingSecrets(test_client.BaseEntityResource): m = self.responses.get(self.entity_href, request_headers={'Accept': 'application/json'}, json=self.secret.get_dict(self.entity_href)) - n = self.responses.get(self.entity_href, + n = self.responses.get(self.entity_payload_href, request_headers={'Accept': 'text/plain'}, text=self.secret.payload) @@ -272,44 +272,47 @@ class WhenTestingSecrets(test_client.BaseEntityResource): self.assertTrue(n.called) # Verify the correct URL was used to make the `get_raw` call - self.assertEqual(self.entity_href, n.last_request.url) + self.assertEqual(self.entity_payload_href, n.last_request.url) def test_should_fetch_metadata_to_get_payload(self): content_types_dict = {'default': 'application/octet-stream'} data = self.secret.get_dict(self.entity_href, content_types_dict=content_types_dict) - m = self.responses.get(self.entity_href, - request_headers={'Accept': 'application/json'}, - json=data) + metadata_response = self.responses.get( + self.entity_href, + request_headers={'Accept': 'application/json'}, + json=data) request_headers = {'Accept': 'application/octet-stream'} - n = self.responses.get(self.entity_href, - request_headers=request_headers, - text=self.secret.payload) + decryption_response = self.responses.get( + self.entity_payload_href, + request_headers=request_headers, + text=self.secret.payload) secret = self.manager.get(secret_ref=self.entity_href) self.assertIsInstance(secret, secrets.Secret) self.assertEqual(self.entity_href, secret.secret_ref) # Verify `get` wasn't called yet (metadata) - self.assertFalse(m.called) + self.assertFalse(metadata_response.called) # Verify `get_raw` wasn't called yet (payload) - self.assertFalse(n.called) + self.assertFalse(decryption_response.called) # GET payload (with no payload_content_type) trigger lazy-load self.assertEqual(self.secret.payload, secret.payload) # Verify `get` was called (metadata) - self.assertTrue(m.called) + self.assertTrue(metadata_response.called) # Verify `get_raw` was called (payload) - self.assertTrue(n.called) + self.assertTrue(decryption_response.called) # Verify the correct URL was used to make the `get` calls - self.assertEqual(self.entity_href, m.last_request.url) - self.assertEqual(self.entity_href, n.last_request.url) + self.assertEqual(self.entity_href, metadata_response.last_request.url) + self.assertEqual(self.entity_payload_href, + decryption_response.last_request.url) def test_should_decrypt_when_content_type_is_set(self): """ @@ -321,7 +324,7 @@ class WhenTestingSecrets(test_client.BaseEntityResource): request_headers = {'Accept': 'application/octet-stream'} - m = self.responses.get(self.entity_href, + m = self.responses.get(self.entity_payload_href, request_headers=request_headers, text=decrypted) @@ -333,30 +336,33 @@ class WhenTestingSecrets(test_client.BaseEntityResource): self.assertEqual(decrypted, secret_payload) # Verify the correct URL was used to make the call. - self.assertEqual(self.entity_href, m.last_request.url) + self.assertEqual(self.entity_payload_href, m.last_request.url) def test_should_decrypt(self): content_types_dict = {'default': 'application/octet-stream'} json = self.secret.get_dict(self.entity_href, content_types_dict) - m = self.responses.get(self.entity_href, - request_headers={'Accept': 'application/json'}, - json=json) + metadata_response = self.responses.get( + self.entity_href, + request_headers={'Accept': 'application/json'}, + json=json) decrypted = 'decrypted text here' request_headers = {'Accept': 'application/octet-stream'} - n = self.responses.get(self.entity_href, - request_headers=request_headers, - text=decrypted) + decryption_response = self.responses.get( + self.entity_payload_href, + request_headers=request_headers, + text=decrypted) secret = self.manager.get(secret_ref=self.entity_href) secret_payload = secret.payload self.assertEqual(decrypted, secret_payload) # Verify the correct URL was used to make the call. - self.assertEqual(self.entity_href, m.last_request.url) + self.assertEqual(self.entity_href, metadata_response.last_request.url) # Verify the correct URL was used to make the call. - self.assertEqual(self.entity_href, n.last_request.url) + self.assertEqual(self.entity_payload_href, + decryption_response.last_request.url) def test_should_delete(self): self.responses.delete(self.entity_href, status_code=204) |