Commit 357ed83d authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Drop/Update CertificateAuthorityTool related constraint

parent acff4533
...@@ -23,8 +23,6 @@ ...@@ -23,8 +23,6 @@
from erp5.component.test.SlapOSTestCaseMixin import \ from erp5.component.test.SlapOSTestCaseMixin import \
SlapOSTestCaseMixin SlapOSTestCaseMixin
import os
class TestSlapOSConfigurator(SlapOSTestCaseMixin): class TestSlapOSConfigurator(SlapOSTestCaseMixin):
...@@ -63,17 +61,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin): ...@@ -63,17 +61,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin):
pref_tool.slapos_default_system_preference.SystemPreference_checkSystemPreferenceConsistency(), pref_tool.slapos_default_system_preference.SystemPreference_checkSystemPreferenceConsistency(),
[]) [])
def testConfiguredCertificateAuthoringConstraint(self):
"""Make sure Certificate Authoring was configured well,
invoking checkConsistency.
Make sure PAS is well configured."""
# The certificate_authority_path is modified by the setup, invoke
# fixConsistency here to restore it like the originally expected.
self.portal.portal_certificate_authority.fixConsistency()
self.assertEqual(self.portal.portal_certificate_authority.checkConsistency(), [])
def testConfiguredTemplateToolViaConstraint(self): def testConfiguredTemplateToolViaConstraint(self):
""" Make sure Template Tool Repositories was configured well, """ Make sure Template Tool Repositories was configured well,
invoking checkConsistency """ invoking checkConsistency """
...@@ -96,24 +83,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin): ...@@ -96,24 +83,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin):
conversion_url = ["https://cloudooo.erp5.net/"] conversion_url = ["https://cloudooo.erp5.net/"]
self.assertEqual(preference_tool.getPreferredDocumentConversionServerUrlList(), conversion_url) self.assertEqual(preference_tool.getPreferredDocumentConversionServerUrlList(), conversion_url)
def testConfiguredCertificateAuthoring(self):
""" Make sure Certificate Authoting is
well configured. """
if self.isLiveTest():
# This test is redundant with testConfiguredVolatileCacheViaPromise
# and it is only aims to verify if test environment is behaving as
# expected, nothing else, and if alamrs were invoked.
return
# The certificate_authority_path is modified by the setup, invoke
# fixConsistency here to restore it like the originally expected.
self.portal.portal_certificate_authority.fixConsistency()
self.assertTrue(self.portal.hasObject('portal_certificate_authority'))
self.assertEqual(os.environ['TEST_CA_PATH'],
self.portal.portal_certificate_authority.certificate_authority_path)
def testAlarmIsSubscribed(self): def testAlarmIsSubscribed(self):
""" Make sure portal_alarms is subscribed. """ """ Make sure portal_alarms is subscribed. """
self.assertTrue(self.portal.portal_alarms.isSubscribed()) self.assertTrue(self.portal.portal_alarms.isSubscribed())
......
...@@ -2,9 +2,6 @@ ...@@ -2,9 +2,6 @@
<portal_type id="Catalog Tool"> <portal_type id="Catalog Tool">
<item>CatalogToolNoneCreationDateConstraint</item> <item>CatalogToolNoneCreationDateConstraint</item>
</portal_type> </portal_type>
<portal_type id="Certificate Authority Tool">
<item>CertificateAuthorityToolConsistencyConstraint</item>
</portal_type>
<portal_type id="Contract Invitation Token"> <portal_type id="Contract Invitation Token">
<item>Reference</item> <item>Reference</item>
<item>SlapOSCloudContractAccounting</item> <item>SlapOSCloudContractAccounting</item>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_property_domain_dict</string> </key>
<value>
<dictionary>
<item>
<key> <string>short_title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>acquire_local_roles</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>content_icon</string> </key>
<value> <string>folder_icon.gif</string> </value>
</item>
<item>
<key> <string>content_meta_type</string> </key>
<value> <string>ERP5 Folder</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string>Certificate Authority Tool contains Certificate Authority.</string> </value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addFolder</string> </value>
</item>
<item>
<key> <string>filter_content_types</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Certificate Authority Tool</string> </value>
</item>
<item>
<key> <string>init_script</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>permission</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>searchable_text_property_id</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>CertificateAuthorityTool</string> </value>
</item>
<item>
<key> <string>type_interface</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>short_title</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>title</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Property Sheet" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_mt_index</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CertificateAuthorityToolConsistencyConstraint</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Property Sheet</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Script Constraint" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_identity_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_range_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>constraint_type/post_upgrade</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>certificate_authority_consistency_constraint_constraint</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Script Constraint</string> </value>
</item>
<item>
<key> <string>script_id</string> </key>
<value> <string>CertificateAuthorityTool_checkCertificateAuthorityConsistency</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
portal = context.getPortalObject()
error_list = []
portal_certificate_authority = getattr(portal, 'portal_certificate_authority', None)
promise_ca_path = portal.getPromiseParameter('portal_certificate_authority', 'certificate_authority_path')
def installCertificateAuthority():
portal_certificate_authority = getattr(portal, 'portal_certificate_authority', None)
if portal_certificate_authority is None:
portal.manage_addProduct['ERP5'].manage_addTool('ERP5 Certificate Authority Tool', None)
portal_certificate_authority = getattr(portal, 'portal_certificate_authority')
portal_certificate_authority.manage_editCertificateAuthorityTool(
certificate_authority_path=promise_ca_path)
if promise_ca_path is not None:
if portal_certificate_authority is None:
error_list.append("Certificate Authority Tool is not present")
elif portal_certificate_authority.certificate_authority_path != promise_ca_path:
error_list.append(
"Certificate Authority Tool (OpenSSL)is not configured as Expected: %s" %
"Expect %s\nGot %s" % (portal_certificate_authority.certificate_authority_path, promise_ca_path))
if len(error_list) > 0 and fixit:
installCertificateAuthority()
return error_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>fixit=False, **kw</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CertificateAuthorityTool_checkCertificateAuthorityConsistency</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -296,7 +296,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template): ...@@ -296,7 +296,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
'slapos_base/Login_notifyPasswordExpire', 'slapos_base/Login_notifyPasswordExpire',
'slapos_base/Person_applyContractInvitation', 'slapos_base/Person_applyContractInvitation',
'slapos_base/ERP5Site_getAvailableOAuthLoginList', 'slapos_base/ERP5Site_getAvailableOAuthLoginList',
'slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency',
'slapos_erp5/CatalogTool_checkNoneCreationDateConsistency'] 'slapos_erp5/CatalogTool_checkNoneCreationDateConsistency']
SlapOSTestCaseMixin.afterSetUp(self) SlapOSTestCaseMixin.afterSetUp(self)
......
Certificate Authority Tool
Contract Invitation Token Contract Invitation Token
Document Module Document Module
File File
......
Catalog Tool | CatalogToolNoneCreationDateConstraint Catalog Tool | CatalogToolNoneCreationDateConstraint
Certificate Authority Tool | CertificateAuthorityToolConsistencyConstraint
Contract Invitation Token | Reference Contract Invitation Token | Reference
Contract Invitation Token | SlapOSCloudContractAccounting Contract Invitation Token | SlapOSCloudContractAccounting
Contract Invitation Token | Url Contract Invitation Token | Url
......
CatalogToolNoneCreationDateConstraint CatalogToolNoneCreationDateConstraint
CertificateAuthorityToolConsistencyConstraint
GeographicOrganisation GeographicOrganisation
PreferenceSlapOSConstraintPreference PreferenceSlapOSConstraintPreference
ShacacheSystemPreference ShacacheSystemPreference
......
...@@ -64,67 +64,6 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -64,67 +64,6 @@ class testSlapOSMixin(ERP5TypeTestCase):
setattr(self, 'stepCall' + convertToUpperCase(alarm.getId()) \ setattr(self, 'stepCall' + convertToUpperCase(alarm.getId()) \
+ 'Alarm', makeCallAlarm(alarm)) + 'Alarm', makeCallAlarm(alarm))
def createCertificateAuthorityFile(self):
"""Sets up portal_certificate_authority"""
if 'TEST_CA_PATH' not in os.environ:
return
ca_path = os.path.join(os.environ['TEST_CA_PATH'],
self.__class__.__name__)
if os.path.exists(ca_path):
shutil.rmtree(ca_path)
os.mkdir(ca_path)
os.mkdir(os.path.join(ca_path, 'private'))
os.mkdir(os.path.join(ca_path, 'crl'))
os.mkdir(os.path.join(ca_path, 'certs'))
os.mkdir(os.path.join(ca_path, 'requests'))
os.mkdir(os.path.join(ca_path, 'newcerts'))
original_openssl_cnf = open(
os.path.join(os.environ['TEST_CA_PATH'], 'openssl.cnf'), "r").read()
openssl_cnf_with_updated_path = original_openssl_cnf.replace(
os.environ['TEST_CA_PATH'], ca_path)
# SlapOS Master requires unique subjects
openssl_cnf = openssl_cnf_with_updated_path.replace(
"unique_subject = no", "unique_subject = yes")
with open(os.path.join(ca_path, 'openssl.cnf'), "w") as f:
f.write(openssl_cnf)
shutil.copy(os.path.join(os.environ['TEST_CA_PATH'], 'cacert.pem'),
os.path.join(ca_path, 'cacert.pem'))
shutil.copy(os.path.join(os.environ['TEST_CA_PATH'], 'private', 'cakey.pem'),
os.path.join(ca_path, 'private', 'cakey.pem'))
# reset test CA to have it always count from 0
open(os.path.join(ca_path, 'serial'), 'w').write('01')
open(os.path.join(ca_path, 'crlnumber'), 'w').write('01')
open(os.path.join(ca_path, 'index.txt'), 'w').write('')
private_list = glob.glob('%s/*.key' % os.path.join(ca_path, 'private'))
for private in private_list:
os.remove(private)
crl_list = glob.glob('%s/*' % os.path.join(ca_path, 'crl'))
for crl in crl_list:
os.remove(crl)
certs_list = glob.glob('%s/*' % os.path.join(ca_path, 'certs'))
for cert in certs_list:
os.remove(cert)
newcerts_list = glob.glob('%s/*' % os.path.join(ca_path, 'newcerts'))
for newcert in newcerts_list:
os.remove(newcert)
self.portal.portal_certificate_authority.manage_editCertificateAuthorityTool(
certificate_authority_path=ca_path)
def isLiveTest(self): def isLiveTest(self):
#return 'ERP5TypeLiveTestCase' in [q.__name__ for q in self.__class__.mro()] #return 'ERP5TypeLiveTestCase' in [q.__name__ for q in self.__class__.mro()]
# XXX - What is the better way to know if we are in live test mode ? # XXX - What is the better way to know if we are in live test mode ?
...@@ -156,7 +95,6 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -156,7 +95,6 @@ class testSlapOSMixin(ERP5TypeTestCase):
if self.isLiveTest(): if self.isLiveTest():
return return
self.createCertificateAuthorityFile()
self.commit() self.commit()
self.portal.portal_caches.updateCache() self.portal.portal_caches.updateCache()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment