From cee6db281349789ba5ff6dc8d3dc6ca10400aebe Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 7 Jan 2013 21:21:16 +0100
Subject: Revert "Merge pull request #12 from leapcode/feature/use-leap_ca-lib"
This reverts commit d2acd205b3c3f0931ce4c453e67b1ba572ec77e9, reversing
changes made to e6496b0f45cc0b487da7cb35a34b8e79037034c0.
Conflicts:
certs/lib/leap_web_certs/engine.rb
---
certs/app/assets/images/leap_web_certs/.gitkeep | 0
.../app/assets/javascripts/leap_web_certs/.gitkeep | 0
.../app/assets/stylesheets/leap_web_certs/.gitkeep | 0
certs/app/helpers/.gitkeep | 0
certs/app/helpers/certs_helper.rb | 2 +
certs/app/mailers/.gitkeep | 0
certs/app/models/.gitkeep | 0
certs/app/models/leap_ca/cert.rb | 56 ++++++++++++++++++++++
certs/app/views/.gitkeep | 0
certs/leap_web_certs.gemspec | 1 -
certs/lib/leap_web_certs/engine.rb | 10 ----
certs/test/unit/cert_pool_test.rb | 52 ++++++++++++++++++++
certs/test/unit/cert_test.rb | 39 +++++++++++++++
13 files changed, 149 insertions(+), 11 deletions(-)
create mode 100644 certs/app/assets/images/leap_web_certs/.gitkeep
create mode 100644 certs/app/assets/javascripts/leap_web_certs/.gitkeep
create mode 100644 certs/app/assets/stylesheets/leap_web_certs/.gitkeep
create mode 100644 certs/app/helpers/.gitkeep
create mode 100644 certs/app/helpers/certs_helper.rb
create mode 100644 certs/app/mailers/.gitkeep
create mode 100644 certs/app/models/.gitkeep
create mode 100644 certs/app/models/leap_ca/cert.rb
create mode 100644 certs/app/views/.gitkeep
create mode 100644 certs/test/unit/cert_pool_test.rb
create mode 100644 certs/test/unit/cert_test.rb
diff --git a/certs/app/assets/images/leap_web_certs/.gitkeep b/certs/app/assets/images/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/assets/javascripts/leap_web_certs/.gitkeep b/certs/app/assets/javascripts/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/assets/stylesheets/leap_web_certs/.gitkeep b/certs/app/assets/stylesheets/leap_web_certs/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/helpers/.gitkeep b/certs/app/helpers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/helpers/certs_helper.rb b/certs/app/helpers/certs_helper.rb
new file mode 100644
index 0000000..94e76b8
--- /dev/null
+++ b/certs/app/helpers/certs_helper.rb
@@ -0,0 +1,2 @@
+module CertsHelper
+end
diff --git a/certs/app/mailers/.gitkeep b/certs/app/mailers/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/models/.gitkeep b/certs/app/models/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/app/models/leap_ca/cert.rb b/certs/app/models/leap_ca/cert.rb
new file mode 100644
index 0000000..9d4f15e
--- /dev/null
+++ b/certs/app/models/leap_ca/cert.rb
@@ -0,0 +1,56 @@
+#
+# Model for certificates stored in CouchDB.
+#
+# This file must be loaded after Config has been loaded.
+#
+
+module LeapCA
+ class Cert < CouchRest::Model::Base
+
+# No config yet. use_database LeapCA::Config.db_name
+ use_database 'client_certificates'
+
+ timestamps!
+
+ property :key, String # the client private RSA key
+ property :cert, String # the client x509 certificate, signed by the CA
+ property :valid_until, Time # expiration time of the client certificate
+ property :random, Float, :accessible => false # used to help pick a random cert by the webapp
+
+ before_validation :set_random, :on => :create
+
+ validates :key, :presence => true
+ validates :cert, :presence => true
+ validates :random, :presence => true
+ validates :random, :numericality => {:greater_than => 0, :less_than => 1}
+
+ design do
+ view :by_random
+ end
+
+ def set_random
+ self.random = rand
+ end
+
+ class << self
+ def sample
+ self.by_random.startkey(rand).first || self.by_random.first
+ end
+
+ def pick_from_pool
+ cert = self.sample
+ raise RECORD_NOT_FOUND unless cert
+ cert.destroy
+ return cert
+ rescue RESOURCE_NOT_FOUND
+ retry if self.by_random.count > 0
+ raise RECORD_NOT_FOUND
+ end
+
+ def valid_attributes_hash
+ {:key => "ABCD", :cert => "A123"}
+ end
+ end
+
+ end
+end
diff --git a/certs/app/views/.gitkeep b/certs/app/views/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/certs/leap_web_certs.gemspec b/certs/leap_web_certs.gemspec
index 81bc042..15a45be 100644
--- a/certs/leap_web_certs.gemspec
+++ b/certs/leap_web_certs.gemspec
@@ -16,6 +16,5 @@ Gem::Specification.new do |s|
s.test_files = Dir["test/**/*"]
s.add_dependency "leap_web_core", LeapWeb::VERSION
- s.add_dependency "leap_ca", '~> 0.2.0'
end
diff --git a/certs/lib/leap_web_certs/engine.rb b/certs/lib/leap_web_certs/engine.rb
index bc0801d..3c8948a 100644
--- a/certs/lib/leap_web_certs/engine.rb
+++ b/certs/lib/leap_web_certs/engine.rb
@@ -1,14 +1,4 @@
require "leap_web_core"
-require "leap_ca/config"
-LeapCA::Config.db_name = "client_certificates"
-
-# couchrest model has an initializer for this - but apparently that does not work
-CouchRest::Model::Base.configure do |conf|
- conf.environment = Rails.env
- conf.connection_config_file = File.join(Rails.root, 'config', 'couchdb.yml')
-end
-
-require "leap_ca/cert"
module LeapWebCerts
class Engine < ::Rails::Engine
diff --git a/certs/test/unit/cert_pool_test.rb b/certs/test/unit/cert_pool_test.rb
new file mode 100644
index 0000000..06f7ce0
--- /dev/null
+++ b/certs/test/unit/cert_pool_test.rb
@@ -0,0 +1,52 @@
+require 'test_helper'
+
+class CertPoolTest < ActiveSupport::TestCase
+
+ setup do
+ 2.times { LeapCA::Cert.create(LeapCA::Cert.valid_attributes_hash) }
+ end
+
+ teardown do
+ LeapCA::Cert.all.each {|c| c.destroy}
+ end
+
+ test "picks random sample" do
+ # with 3 certs chances are pretty low we pick the same one 40 times.
+ LeapCA::Cert.create! LeapCA::Cert.valid_attributes_hash
+ picked = []
+ first = LeapCA::Cert.sample.id
+ current = LeapCA::Cert.sample.id
+ 40.times do
+ break if current != first
+ current = LeapCA::Cert.sample.id
+ end
+ assert_not_equal current, first
+ end
+
+ test "picks cert from the pool" do
+ assert_difference "LeapCA::Cert.count", -1 do
+ cert = LeapCA::Cert.pick_from_pool
+ end
+ end
+
+ test "err's out if all certs have been destroyed" do
+ sample = LeapCA::Cert.first.tap{|c| c.destroy}
+ LeapCA::Cert.all.each {|c| c.destroy}
+ assert_raises RECORD_NOT_FOUND do
+ LeapCA::Cert.expects(:sample).returns(sample)
+ cert = LeapCA::Cert.pick_from_pool
+ end
+ end
+
+ test "picks other cert if first pick has been destroyed" do
+ first = LeapCA::Cert.first.tap{|c| c.destroy}
+ second = LeapCA::Cert.first
+ LeapCA::Cert.expects(:sample).at_least_once.
+ returns(first).
+ then.returns(second)
+ cert = LeapCA::Cert.pick_from_pool
+ assert_equal second, cert
+ assert_nil LeapCA::Cert.first
+ end
+
+end
diff --git a/certs/test/unit/cert_test.rb b/certs/test/unit/cert_test.rb
new file mode 100644
index 0000000..0b21d0b
--- /dev/null
+++ b/certs/test/unit/cert_test.rb
@@ -0,0 +1,39 @@
+require 'test_helper'
+
+class CertTest < ActiveSupport::TestCase
+
+ setup do
+ @sample = LeapCA::Cert.new LeapCA::Cert.valid_attributes_hash
+ end
+
+ test "stub cert for testing is valid" do
+ assert @sample.valid?
+ end
+
+ test "setting random on create validation" do
+ @sample.random = "asdf"
+ assert @sample.valid?
+ assert @sample.random.is_a? Float
+ assert @sample.random >= 0
+ assert @sample.random < 1
+ end
+
+ test "validates random" do
+ @sample.save # make sure we are past the on_create
+ assert @sample.valid?
+ ["asdf", 1, 2, -0.1, nil, "asdf"].each do |invalid|
+ @sample.random = invalid
+ assert !@sample.valid?, "#{invalid} should not be a valid value for random"
+ end
+ end
+
+ test "validates key" do
+ @sample.key = nil
+ assert !@sample.valid?, "Cert should require key"
+ end
+
+ test "validates cert" do
+ @sample.cert = nil
+ assert !@sample.valid?, "Cert should require cert"
+ end
+end
--
cgit v1.2.3