Commit fab3f5b8 authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Drop/Update CertificateAuthorityTool related constraint

parent 4f3279fb
...@@ -23,8 +23,6 @@ ...@@ -23,8 +23,6 @@
from erp5.component.test.SlapOSTestCaseMixin import \ from erp5.component.test.SlapOSTestCaseMixin import \
SlapOSTestCaseMixin SlapOSTestCaseMixin
import os
class TestSlapOSConfigurator(SlapOSTestCaseMixin): class TestSlapOSConfigurator(SlapOSTestCaseMixin):
...@@ -66,17 +64,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin): ...@@ -66,17 +64,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin):
self.assertEqual(len(consistency_list), 1) self.assertEqual(len(consistency_list), 1)
self.assertEqual(str(consistency_list[0]), 'The System Preference subscription assignment should have a destination_project') self.assertEqual(str(consistency_list[0]), 'The System Preference subscription assignment should have a destination_project')
def testConfiguredCertificateAuthoringConstraint(self):
"""Make sure Certificate Authoring was configured well,
invoking checkConsistency.
Make sure PAS is well configured."""
# The certificate_authority_path is modified by the setup, invoke
# fixConsistency here to restore it like the originally expected.
self.portal.portal_certificate_authority.fixConsistency()
self.assertEqual(self.portal.portal_certificate_authority.checkConsistency(), [])
def testConfiguredTemplateToolViaConstraint(self): def testConfiguredTemplateToolViaConstraint(self):
""" Make sure Template Tool Repositories was configured well, """ Make sure Template Tool Repositories was configured well,
invoking checkConsistency """ invoking checkConsistency """
...@@ -100,24 +87,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin): ...@@ -100,24 +87,6 @@ class TestSlapOSConfigurator(SlapOSTestCaseMixin):
"https://cloudooo1.erp5.net/"] "https://cloudooo1.erp5.net/"]
self.assertSameSet(preference_tool.getPreferredDocumentConversionServerUrlList(), conversion_url) self.assertSameSet(preference_tool.getPreferredDocumentConversionServerUrlList(), conversion_url)
def testConfiguredCertificateAuthoring(self):
""" Make sure Certificate Authoting is
well configured. """
if self.isLiveTest():
# This test is redundant with testConfiguredVolatileCacheViaPromise
# and it is only aims to verify if test environment is behaving as
# expected, nothing else, and if alamrs were invoked.
return
# The certificate_authority_path is modified by the setup, invoke
# fixConsistency here to restore it like the originally expected.
self.portal.portal_certificate_authority.fixConsistency()
self.assertTrue(self.portal.hasObject('portal_certificate_authority'))
self.assertEqual(os.environ['TEST_CA_PATH'],
self.portal.portal_certificate_authority.certificate_authority_path)
def testAlarmIsSubscribed(self): def testAlarmIsSubscribed(self):
""" Make sure portal_alarms is subscribed. """ """ Make sure portal_alarms is subscribed. """
self.assertTrue(self.portal.portal_alarms.isSubscribed()) self.assertTrue(self.portal.portal_alarms.isSubscribed())
......
...@@ -2,9 +2,6 @@ ...@@ -2,9 +2,6 @@
<portal_type id="Category Tool"> <portal_type id="Category Tool">
<item>CategoryToolUpgraderRegionConstraint</item> <item>CategoryToolUpgraderRegionConstraint</item>
</portal_type> </portal_type>
<portal_type id="Certificate Authority Tool">
<item>CertificateAuthorityToolConsistencyConstraint</item>
</portal_type>
<portal_type id="Contract Invitation Token"> <portal_type id="Contract Invitation Token">
<item>Reference</item> <item>Reference</item>
<item>SlapOSCloudContractAccounting</item> <item>SlapOSCloudContractAccounting</item>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Base Type" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_property_domain_dict</string> </key>
<value>
<dictionary>
<item>
<key> <string>short_title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
</dictionary>
</value>
</item>
<item>
<key> <string>acquire_local_roles</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>content_icon</string> </key>
<value> <string>folder_icon.gif</string> </value>
</item>
<item>
<key> <string>content_meta_type</string> </key>
<value> <string>ERP5 Folder</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value> <string>Certificate Authority Tool contains Certificate Authority.</string> </value>
</item>
<item>
<key> <string>factory</string> </key>
<value> <string>addFolder</string> </value>
</item>
<item>
<key> <string>filter_content_types</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>group_list</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Certificate Authority Tool</string> </value>
</item>
<item>
<key> <string>init_script</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>permission</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>searchable_text_property_id</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
<item>
<key> <string>type_class</string> </key>
<value> <string>CertificateAuthorityTool</string> </value>
</item>
<item>
<key> <string>type_interface</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>short_title</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="TranslationInformation" module="Products.ERP5Type.TranslationProviderBase"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>domain_name</string> </key>
<value> <string>erp5_ui</string> </value>
</item>
<item>
<key> <string>property_name</string> </key>
<value> <string>title</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Property Sheet" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_mt_index</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CertificateAuthorityToolConsistencyConstraint</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Property Sheet</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Script Constraint" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_identity_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_range_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>constraint_type/post_upgrade</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>certificate_authority_consistency_constraint_constraint</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Script Constraint</string> </value>
</item>
<item>
<key> <string>script_id</string> </key>
<value> <string>CertificateAuthorityTool_checkCertificateAuthorityConsistency</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
portal = context.getPortalObject()
error_list = []
portal_certificate_authority = getattr(portal, 'portal_certificate_authority', None)
promise_ca_path = portal.getPromiseParameter('portal_certificate_authority', 'certificate_authority_path')
def installCertificateAuthority():
portal_certificate_authority = getattr(portal, 'portal_certificate_authority', None)
if portal_certificate_authority is None:
portal.manage_addProduct['ERP5'].manage_addTool('ERP5 Certificate Authority Tool', None)
portal_certificate_authority = getattr(portal, 'portal_certificate_authority')
portal_certificate_authority.manage_editCertificateAuthorityTool(
certificate_authority_path=promise_ca_path)
if promise_ca_path is not None:
if portal_certificate_authority is None:
error_list.append("Certificate Authority Tool is not present")
elif portal_certificate_authority.certificate_authority_path != promise_ca_path:
error_list.append(
"Certificate Authority Tool (OpenSSL)is not configured as Expected: %s" %
"Expect %s\nGot %s" % (portal_certificate_authority.certificate_authority_path, promise_ca_path))
if len(error_list) > 0 and fixit:
installCertificateAuthority()
return error_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>fixit=False, **kw</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>CertificateAuthorityTool_checkCertificateAuthorityConsistency</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -213,7 +213,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template): ...@@ -213,7 +213,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
'slapos_base/Login_isPasswordExpired', 'slapos_base/Login_isPasswordExpired',
'slapos_base/Login_notifyPasswordExpire', 'slapos_base/Login_notifyPasswordExpire',
'slapos_base/Person_applyContractInvitation', 'slapos_base/Person_applyContractInvitation',
'slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency',
'slapos_panel_compatibility/Base_getComputerToken', 'slapos_panel_compatibility/Base_getComputerToken',
'slapos_panel_compatibility/Person_requestComputer', 'slapos_panel_compatibility/Person_requestComputer',
'slapos_panel/AllocationSupply_invalidateComputeNodeList', 'slapos_panel/AllocationSupply_invalidateComputeNodeList',
...@@ -353,7 +352,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template): ...@@ -353,7 +352,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
'slapos_configurator/BusinessConfiguration_runPostUpgradeConsistency', 'slapos_configurator/BusinessConfiguration_runPostUpgradeConsistency',
'slapos_configurator/BusinessConfiguration_setupSlapOSMasterStandardBT5' 'slapos_configurator/BusinessConfiguration_setupSlapOSMasterStandardBT5'
] ]
SlapOSTestCaseMixin.afterSetUp(self) SlapOSTestCaseMixin.afterSetUp(self)
def getBusinessTemplateList(self): def getBusinessTemplateList(self):
......
Certificate Authority Tool
Contract Invitation Token Contract Invitation Token
Document Module Document Module
File File
......
Certificate Authority Tool | CertificateAuthorityToolConsistencyConstraint
Category Tool | CategoryToolUpgraderRegionConstraint Category Tool | CategoryToolUpgraderRegionConstraint
Contract Invitation Token | Reference Contract Invitation Token | Reference
Contract Invitation Token | SlapOSCloudContractAccounting Contract Invitation Token | SlapOSCloudContractAccounting
......
CategoryToolUpgraderRegionConstraint CategoryToolUpgraderRegionConstraint
CertificateAuthorityToolConsistencyConstraint
GeographicOrganisation GeographicOrganisation
PreferenceSlapOSConstraintPreference PreferenceSlapOSConstraintPreference
ShacacheSystemPreference ShacacheSystemPreference
......
...@@ -74,67 +74,6 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -74,67 +74,6 @@ class testSlapOSMixin(ERP5TypeTestCase):
setattr(self, step_name, makeCallAlarm(alarm)) setattr(self, step_name, makeCallAlarm(alarm))
setattr(self, 'stepCallAlarmList', makeCallAlarmList(alarm_step_list)) setattr(self, 'stepCallAlarmList', makeCallAlarmList(alarm_step_list))
def createCertificateAuthorityFile(self):
"""Sets up portal_certificate_authority"""
if 'TEST_CA_PATH' not in os.environ:
return
ca_path = os.path.join(os.environ['TEST_CA_PATH'],
self.__class__.__name__)
if os.path.exists(ca_path):
shutil.rmtree(ca_path)
os.mkdir(ca_path)
os.mkdir(os.path.join(ca_path, 'private'))
os.mkdir(os.path.join(ca_path, 'crl'))
os.mkdir(os.path.join(ca_path, 'certs'))
os.mkdir(os.path.join(ca_path, 'requests'))
os.mkdir(os.path.join(ca_path, 'newcerts'))
original_openssl_cnf = open(
os.path.join(os.environ['TEST_CA_PATH'], 'openssl.cnf'), "r").read()
openssl_cnf_with_updated_path = original_openssl_cnf.replace(
os.environ['TEST_CA_PATH'], ca_path)
# SlapOS Master requires unique subjects
openssl_cnf = openssl_cnf_with_updated_path.replace(
"unique_subject = no", "unique_subject = yes")
with open(os.path.join(ca_path, 'openssl.cnf'), "w") as f:
f.write(openssl_cnf)
shutil.copy(os.path.join(os.environ['TEST_CA_PATH'], 'cacert.pem'),
os.path.join(ca_path, 'cacert.pem'))
shutil.copy(os.path.join(os.environ['TEST_CA_PATH'], 'private', 'cakey.pem'),
os.path.join(ca_path, 'private', 'cakey.pem'))
# reset test CA to have it always count from 0
open(os.path.join(ca_path, 'serial'), 'w').write('01')
open(os.path.join(ca_path, 'crlnumber'), 'w').write('01')
open(os.path.join(ca_path, 'index.txt'), 'w').write('')
private_list = glob.glob('%s/*.key' % os.path.join(ca_path, 'private'))
for private in private_list:
os.remove(private)
crl_list = glob.glob('%s/*' % os.path.join(ca_path, 'crl'))
for crl in crl_list:
os.remove(crl)
certs_list = glob.glob('%s/*' % os.path.join(ca_path, 'certs'))
for cert in certs_list:
os.remove(cert)
newcerts_list = glob.glob('%s/*' % os.path.join(ca_path, 'newcerts'))
for newcert in newcerts_list:
os.remove(newcert)
self.portal.portal_certificate_authority.manage_editCertificateAuthorityTool(
certificate_authority_path=ca_path)
def isLiveTest(self): def isLiveTest(self):
#return 'ERP5TypeLiveTestCase' in [q.__name__ for q in self.__class__.mro()] #return 'ERP5TypeLiveTestCase' in [q.__name__ for q in self.__class__.mro()]
# XXX - What is the better way to know if we are in live test mode ? # XXX - What is the better way to know if we are in live test mode ?
...@@ -166,7 +105,6 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -166,7 +105,6 @@ class testSlapOSMixin(ERP5TypeTestCase):
if self.isLiveTest(): if self.isLiveTest():
return return
self.createCertificateAuthorityFile()
self.commit() self.commit()
self.portal.portal_caches.updateCache() self.portal.portal_caches.updateCache()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment