x/cloudbase-init
Code Issues Proposed changes
cloudbase-init/cloudbaseinit/tests/plugins/windows/test_winrmcertificateauth.py
Alessandro Pilotti d7dff62e0a Move to oslo.config
2014-02-10 04:47:28 +02:00

158 lines
6.7 KiB
Python
Raw Blame History

# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2013 Cloudbase Solutions Srl
#
# Licensed under the Apache License, Version 2.0 (the 'License'); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an 'AS IS' BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import importlib
import mock
import sys
import unittest
_ctypes_mock = mock.MagicMock()
_win32com_mock = mock.MagicMock()
_pywintypes_mock = mock.MagicMock()
mock_dict = {'ctypes': _ctypes_mock,
'win32com': _win32com_mock,
'pywintypes': _pywintypes_mock}
from oslo.config import cfg
from cloudbaseinit.plugins import constants
CONF = cfg.CONF
class ConfigWinRMCertificateAuthPluginTests(unittest.TestCase):
@mock.patch.dict(sys.modules, mock_dict)
def setUp(self):
winrmcert = importlib.import_module('cloudbaseinit.plugins.windows.'
'winrmcertificateauth')
self.x509 = importlib.import_module('cloudbaseinit.plugins.windows'
'.x509')
self._certif_auth = winrmcert.ConfigWinRMCertificateAuthPlugin()
def tearDown(self):
reload(sys)
def _test_get_client_auth_cert(self, chunk):
mock_service = mock.MagicMock()
mock_meta_data = mock.MagicMock()
mock_meta = mock.MagicMock()
mock_service.get_meta_data.return_value = mock_meta_data
mock_meta_data.get.return_value = mock_meta
mock_meta.get.side_effect = chunk
mock_service.get_user_data.return_value = self.x509.PEM_HEADER
response = self._certif_auth._get_client_auth_cert(mock_service)
mock_service.get_meta_data.assert_called_once_with('openstack')
mock_meta_data.get.assert_called_once_with('meta')
if chunk == [None]:
mock_service.get_user_data.assert_called_once_with('openstack')
mock_meta.get.assert_called_once_with('admin_cert0')
self.assertEqual(response, self.x509.PEM_HEADER)
else:
expected = [mock.call('admin_cert0'), mock.call('admin_cert1')]
self.assertEqual(mock_meta.get.call_args_list, expected)
self.assertEqual(response, 'fake data')
def test_get_client_auth_cert(self):
chunk = ['fake data', None]
self._test_get_client_auth_cert(chunk=chunk)
def test_get_client_auth_cert_no_cert_data(self):
self._test_get_client_auth_cert(chunk=[None])
def _test_get_credentials(self, fake_user, fake_password):
mock_shared_data = mock.MagicMock()
mock_shared_data.get.side_effect = [fake_user, fake_password]
if fake_user is None or fake_password is None:
self.assertRaises(Exception,
self._certif_auth._get_credentials,
mock_shared_data)
else:
response = self._certif_auth._get_credentials(mock_shared_data)
expected = [mock.call(constants.SHARED_DATA_USERNAME),
mock.call(constants.SHARED_DATA_PASSWORD)]
self.assertEqual(mock_shared_data.get.call_args_list, expected)
mock_shared_data.__setitem__.assert_called_once_with(
'admin_password', None)
self.assertEqual(response, (fake_user, fake_password))
def test_test_get_credentials(self):
self._test_get_credentials(fake_user='fake user',
fake_password='fake password')
def test_test_get_credentials_no_user(self):
self._test_get_credentials(fake_user=None,
fake_password='fake password')
def test_test_get_credentials_no_password(self):
self._test_get_credentials(fake_user='fake user',
fake_password=None)
@mock.patch('cloudbaseinit.plugins.windows.winrmcertificateauth'
'.ConfigWinRMCertificateAuthPlugin._get_credentials')
@mock.patch('cloudbaseinit.plugins.windows.winrmcertificateauth'
'.ConfigWinRMCertificateAuthPlugin._get_client_auth_cert')
@mock.patch('cloudbaseinit.plugins.windows.x509.CryptoAPICertManager'
'.import_cert')
@mock.patch('cloudbaseinit.plugins.windows.winrmconfig.WinRMConfig')
def _test_execute(self, mock_WinRMConfig, mock_import_cert,
mock_get_client_auth_cert, mock_get_credentials,
cert_data, cert_upn):
mock_service = mock.MagicMock()
mock_cert_thumprint = mock.MagicMock()
fake_credentials = ('fake user', 'fake password')
mock_shared_data = mock.MagicMock()
mock_get_client_auth_cert.return_value = cert_data
mock_get_credentials.return_value = fake_credentials
mock_import_cert.return_value = (mock_cert_thumprint, cert_upn)
mock_WinRMConfig.get_cert_mapping.return_value = True
response = self._certif_auth.execute(mock_service,
mock_shared_data)
if not cert_data or not cert_upn:
self.assertEqual(response, (1, False))
else:
mock_get_client_auth_cert.assert_called_once_with(mock_service)
mock_get_credentials.assert_called_once_with(mock_shared_data)
mock_import_cert.assert_called_once_with(
cert_data, store_name=self.x509.STORE_NAME_ROOT)
mock_WinRMConfig().set_auth_config.assert_called_once_with(
certificate=True)
mock_WinRMConfig().get_cert_mapping.assert_called_once_with(
mock_cert_thumprint, cert_upn)
mock_WinRMConfig().delete_cert_mapping.assert_called_once_with(
mock_cert_thumprint, cert_upn)
mock_WinRMConfig().create_cert_mapping.assert_called_once_with(
mock_cert_thumprint, cert_upn, 'fake user',
'fake password')
self.assertEqual(response, (1, False))
def test_execute(self):
cert_data = 'fake cert data'
cert_upn = mock.MagicMock()
self._test_execute(cert_data=cert_data, cert_upn=cert_upn)
def test_execute_no_cert_data(self):
cert_upn = mock.MagicMock()
self._test_execute(cert_data=None, cert_upn=cert_upn)
def test_execute_no_cert_upn(self):
cert_data = 'fake cert data'
self._test_execute(cert_data=cert_data, cert_upn=None)
View Git Blame Copy Permalink