from django.contrib.auth.models import User
from django.core.cache import cache
from rest_framework.authtoken.models import Token
from api.models import App, Certificate, Domain
from api.tests import TEST_ROOT, DeisTestCase
class CertificateUseCase2Test(DeisTestCase):
"""
Tests creation of 2 domains and SSL certificate.
Attach the certificate to only one domain and then detach.
"""
fixtures = ['tests.json']
def setUp(self):
self.user = User.objects.get(username='autotest')
self.token = Token.objects.get(user=self.user).key
self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
self.url = '/v2/certs'
self.app = App.objects.create(owner=self.user, id='test-app-use-case-2')
self.domains = {
'foo.com': Domain.objects.create(owner=self.user, app=self.app, domain='foo.com'),
'bar.com': Domain.objects.create(owner=self.user, app=self.app, domain='bar.com'),
}
# only foo.com has a cert
self.domain = 'foo.com'
self.certificates = {self.domain: {'name': self.domain.replace('.', '-')}}
with open('{}/certs/{}.key'.format(TEST_ROOT, self.domain)) as f:
self.certificates[self.domain]['key'] = f.read()
with open('{}/certs/{}.cert'.format(TEST_ROOT, self.domain)) as f:
self.certificates[self.domain]['cert'] = f.read()
# add expires and fingerprints
self.certificates['foo.com']['expires'] = '2017-01-14T23:55:59Z'
self.certificates['foo.com']['fingerprint'] = 'AC:82:58:80:EA:C4:B9:75:C1:1C:52:48:40:28:15:1D:47:AC:ED:88:4B:D4:72:95:B2:C0:A0:DF:4A:A7:60:B6' # noqa
def tearDown(self):
# make sure every test has a clean slate for k8s mocking
cache.clear()
def test_create_certificate_with_domain(self):
"""Tests creating a certificate."""
for domain, certificate in self.certificates.items():
response = self.client.post(
self.url,
{
'name': certificate['name'],
'certificate': certificate['cert'],
'key': certificate['key']
}
)
self.assertEqual(response.status_code, 201, response.data)
def test_get_certificate_screens_data(self):
"""
When a user retrieves a certificate, only the common name and expiry date should be
displayed.
"""
for domain, certificate in self.certificates.items():
# Create certificate
response = self.client.post(
self.url,
{
'name': certificate['name'],
'certificate': certificate['cert'],
'key': certificate['key']
}
)
self.assertEqual(response.status_code, 201, response.data)
# Attach domain to certificate
response = self.client.post(
'{}/{}/domain/'.format(self.url, certificate['name']),
{'domain': domain}
)
self.assertEqual(response.status_code, 201, response.data)
# Assert data
response = self.client.get(
'{}/{}'.format(self.url, certificate['name'])
)
self.assertEqual(response.status_code, 200, response.data)
expected = {
'name': certificate['name'],
'common_name': str(domain),
'expires': certificate['expires'],
'fingerprint': certificate['fingerprint'],
'san': [],
'domains': [domain]
}
for key, value in list(expected.items()):
self.assertEqual(
response.data[key],
value,
'{} - {}'.format(certificate['name'], key)
)
# detach domain to certificate
response = self.client.delete(
'{}/{}/domain/{}'.format(self.url, certificate['name'], domain)
)
self.assertEqual(response.status_code, 204, response.data)
# Assert data
response = self.client.get('{}/{}'.format(self.url, certificate['name']))
self.assertEqual(response.status_code, 200, response.data)
self.assertEqual(response.data['domains'], [])
def test_certficate_denied_requests(self):
"""Disallow put/patch requests"""
response = self.client.put(self.url)
self.assertEqual(response.status_code, 405, response.content)
response = self.client.patch(self.url)
self.assertEqual(response.status_code, 405, response.content)
def test_delete_certificate(self):
"""Destroying a certificate should generate a 204 response"""
for domain, certificate in self.certificates.items():
Certificate.objects.create(
name=certificate['name'],
owner=self.user,
common_name=domain,
certificate=certificate['cert'],
key=certificate['key']
)
url = '/v2/certs/{}'.format(certificate['name'])
response = self.client.delete(url)
self.assertEqual(response.status_code, 204, response.data)
