From bf46209cefa5d09041865e52f9f78721b10e7dd0 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 14 Dec 2012 12:53:39 +0100 Subject: adopt certs to changes in the leap ca --- certs/app/controllers/certs_controller.rb | 7 ++-- certs/app/models/cert.rb | 57 ------------------------------- certs/app/models/leap_ca/cert.rb | 46 +++++++++++++++++++++++++ certs/config/locales/en.yml | 2 ++ 4 files changed, 53 insertions(+), 59 deletions(-) delete mode 100644 certs/app/models/cert.rb create mode 100644 certs/app/models/leap_ca/cert.rb create mode 100644 certs/config/locales/en.yml (limited to 'certs') diff --git a/certs/app/controllers/certs_controller.rb b/certs/app/controllers/certs_controller.rb index 402bef3..d81aea0 100644 --- a/certs/app/controllers/certs_controller.rb +++ b/certs/app/controllers/certs_controller.rb @@ -4,8 +4,11 @@ class CertsController < ApplicationController # GET /cert def show - @cert = Cert.pick_from_pool - render :text => @cert.zipped, :content_type => 'text/plain' + @cert = LeapCA::Cert.pick_from_pool + render :text => @cert.key + @cert.cert, :content_type => 'text/plain' + rescue RECORD_NOT_FOUND + flash[:error] = t(:cert_pool_empty) + redirect_to root_path end end diff --git a/certs/app/models/cert.rb b/certs/app/models/cert.rb deleted file mode 100644 index 9a6c98d..0000000 --- a/certs/app/models/cert.rb +++ /dev/null @@ -1,57 +0,0 @@ -class Cert < CouchRest::Model::Base - - use_database 'client_certificates' - - timestamps! - - property :random, Float, :accessible => false - - before_validation :set_random, :attach_zip, :on => :create - - validates :random, :presence => true, - :numericality => {:greater_than => 0, :less_than => 1} - - validates :zip_attachment, :presence => true - - design do - view :by_random - end - - class << self - def sample - self.by_random.startkey(rand).first || self.by_random.first - end - - def pick_from_pool - cert = self.sample || self.create! - cert.destroy - return cert - rescue RESOURCE_NOT_FOUND - retry if Cert.by_random.count > 0 - raise RECORD_NOT_FOUND - end - - end - - def set_random - self.random = rand - end - - def attach_zip - file = File.open(Rails.root.join("config", "cert")) - self.create_attachment :file => file, :name => zipname - end - - def zipname - 'cert.txt' - end - - def zip_attachment - attachments[zipname] - end - - def zipped - read_attachment(zipname) - end - -end diff --git a/certs/app/models/leap_ca/cert.rb b/certs/app/models/leap_ca/cert.rb new file mode 100644 index 0000000..0c32721 --- /dev/null +++ b/certs/app/models/leap_ca/cert.rb @@ -0,0 +1,46 @@ +# +# Model for certificates stored in CouchDB. +# +# This file must be loaded after Config has been loaded. +# + +module LeapCA + class Cert < CouchRest::Model::Base + +# No config yet. use_database LeapCA::Config.db_name + use_database 'client_certificates' + + timestamps! + + property :key, String # the client private RSA key + property :cert, String # the client x509 certificate, signed by the CA + property :valid_until, Time # expiration time of the client certificate + property :random, Float, :accessible => false # used to help pick a random cert by the webapp + + validates :key, :presence => true + validates :cert, :presence => true + validates :random, :presence => true, :numericality => {:greater_than_or_equal_to => 0, :less_than => 1} + + design do + view :by_random + end + + class << self + def sample + self.by_random.startkey(rand).first || self.by_random.first + end + + def pick_from_pool + cert = self.sample + raise RECORD_NOT_FOUND unless cert + cert.destroy + return cert + rescue RESOURCE_NOT_FOUND + retry if self.by_random.count > 0 + raise RECORD_NOT_FOUND + end + + end + + end +end diff --git a/certs/config/locales/en.yml b/certs/config/locales/en.yml new file mode 100644 index 0000000..18e4f47 --- /dev/null +++ b/certs/config/locales/en.yml @@ -0,0 +1,2 @@ +en: + cert_pool_empty: "Sorry the Cert pool is empty, please check back later." -- cgit v1.2.3 From 1eeec0808886e305d5113a20bf6ea5c1921e633b Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 14 Dec 2012 14:33:04 +0100 Subject: fixed most of the unit tests no idea why the numericality validatoin with greater_than_or_equal 0 does not catch negative numbers --- certs/app/models/leap_ca/cert.rb | 9 +++++++++ certs/test/unit/cert_pool_test.rb | 35 +++++++++++++++++----------------- certs/test/unit/cert_test.rb | 40 ++++++++++----------------------------- 3 files changed, 37 insertions(+), 47 deletions(-) (limited to 'certs') diff --git a/certs/app/models/leap_ca/cert.rb b/certs/app/models/leap_ca/cert.rb index 0c32721..7e4b49a 100644 --- a/certs/app/models/leap_ca/cert.rb +++ b/certs/app/models/leap_ca/cert.rb @@ -17,6 +17,8 @@ module LeapCA property :valid_until, Time # expiration time of the client certificate property :random, Float, :accessible => false # used to help pick a random cert by the webapp + before_validation :set_random, :on => :create + validates :key, :presence => true validates :cert, :presence => true validates :random, :presence => true, :numericality => {:greater_than_or_equal_to => 0, :less_than => 1} @@ -25,6 +27,10 @@ module LeapCA view :by_random end + def set_random + self.random = rand + end + class << self def sample self.by_random.startkey(rand).first || self.by_random.first @@ -40,6 +46,9 @@ module LeapCA raise RECORD_NOT_FOUND end + def valid_attributes_hash + {:key => "ABCD", :cert => "A123"} + end end end diff --git a/certs/test/unit/cert_pool_test.rb b/certs/test/unit/cert_pool_test.rb index 24ace57..06f7ce0 100644 --- a/certs/test/unit/cert_pool_test.rb +++ b/certs/test/unit/cert_pool_test.rb @@ -3,49 +3,50 @@ require 'test_helper' class CertPoolTest < ActiveSupport::TestCase setup do - 2.times { Cert.create! } + 2.times { LeapCA::Cert.create(LeapCA::Cert.valid_attributes_hash) } end teardown do - Cert.all.each {|c| c.destroy} + LeapCA::Cert.all.each {|c| c.destroy} end test "picks random sample" do - Cert.create! # with 3 certs chances are pretty low we pick the same one 40 times. + # with 3 certs chances are pretty low we pick the same one 40 times. + LeapCA::Cert.create! LeapCA::Cert.valid_attributes_hash picked = [] - first = Cert.sample.id - current = Cert.sample.id + first = LeapCA::Cert.sample.id + current = LeapCA::Cert.sample.id 40.times do break if current != first - current = Cert.sample.id + current = LeapCA::Cert.sample.id end assert_not_equal current, first end test "picks cert from the pool" do - assert_difference "Cert.count", -1 do - cert = Cert.pick_from_pool + assert_difference "LeapCA::Cert.count", -1 do + cert = LeapCA::Cert.pick_from_pool end end test "err's out if all certs have been destroyed" do - sample = Cert.first.tap{|c| c.destroy} - Cert.all.each {|c| c.destroy} + sample = LeapCA::Cert.first.tap{|c| c.destroy} + LeapCA::Cert.all.each {|c| c.destroy} assert_raises RECORD_NOT_FOUND do - Cert.expects(:sample).returns(sample) - cert = Cert.pick_from_pool + LeapCA::Cert.expects(:sample).returns(sample) + cert = LeapCA::Cert.pick_from_pool end end test "picks other cert if first pick has been destroyed" do - first = Cert.first.tap{|c| c.destroy} - second = Cert.first - Cert.expects(:sample).at_least_once. + first = LeapCA::Cert.first.tap{|c| c.destroy} + second = LeapCA::Cert.first + LeapCA::Cert.expects(:sample).at_least_once. returns(first). then.returns(second) - cert = Cert.pick_from_pool + cert = LeapCA::Cert.pick_from_pool assert_equal second, cert - assert_nil Cert.first + assert_nil LeapCA::Cert.first end end diff --git a/certs/test/unit/cert_test.rb b/certs/test/unit/cert_test.rb index 9362da2..e41edd7 100644 --- a/certs/test/unit/cert_test.rb +++ b/certs/test/unit/cert_test.rb @@ -3,47 +3,27 @@ require 'test_helper' class CertTest < ActiveSupport::TestCase setup do - @sample = Cert.new - @sample.set_random - @sample.attach_zip + @sample = LeapCA::Cert.new LeapCA::Cert.valid_attributes_hash end - test "certs come with attachments" do - assert @sample.has_attachment? "cert.txt" - end - - test "cert.zip_attachment returns couchDB attachment" do - assert_equal "text/plain", @sample.zip_attachment["content_type"] - end - - test "cert.zipped returns the actual data" do - @sample.save # This is required ! - assert lines = @sample.zipped.split("\n") - assert_equal 56, lines.count - assert_equal "-----BEGIN RSA PRIVATE KEY-----", lines.first.chomp - assert_equal "-----END CERTIFICATE-----", lines.last.chomp - end - - test "cert.zipname returns name for the zip file" do - assert_equal "cert.txt", @sample.zipname - end - - test "test data is valid" do + test "stub cert for testing is valid" do assert @sample.valid? end test "validates random" do - @sample.stubs(:set_random) - [0, 1, nil, "asdf"].each do |invalid| + [-1, 1, nil, "asdf"].each do |invalid| @sample.random = invalid assert !@sample.valid?, "#{invalid} should not be a valid value for random" end end - test "validates attachment" do - @sample.stubs(:attach_zip) - @sample.delete_attachment(@sample.zipname) - assert !@sample.valid?, "Cert should require zipped attachment" + test "validates key" do + @sample.key = nil + assert !@sample.valid?, "Cert should require key" end + test "validates cert" do + @sample.cert = nil + assert !@sample.valid?, "Cert should require cert" + end end -- cgit v1.2.3 From 836f85fc362d4080ac9e0fc17455ec5a5c03cfee Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 14 Dec 2012 14:38:24 +0100 Subject: fixed the functional test that was failing due to cert changes --- certs/test/functional/certs_controller_test.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'certs') diff --git a/certs/test/functional/certs_controller_test.rb b/certs/test/functional/certs_controller_test.rb index 9bba8c0..3d6946e 100644 --- a/certs/test/functional/certs_controller_test.rb +++ b/certs/test/functional/certs_controller_test.rb @@ -12,10 +12,10 @@ class CertsControllerTest < ActionController::TestCase test "should send cert" do login - cert = stub :zipped => "adsf", :zipname => "cert_stub.zip" - Cert.expects(:pick_from_pool).returns(cert) + cert = stub :cert => "adsf", :key => "key" + LeapCA::Cert.expects(:pick_from_pool).returns(cert) get :show assert_response :success - assert_equal cert.zipped, @response.body + assert_equal cert.key + cert.cert, @response.body end end -- cgit v1.2.3 From a8f5a1ec486d5ee378f7b820c9f2c046e5c03672 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 17 Dec 2012 11:07:42 +0100 Subject: adopted test to before_validation callback The before validation hook will overwrite whatever is in random on create. This is what we want - just need to test it properly --- certs/app/models/leap_ca/cert.rb | 3 ++- certs/test/unit/cert_test.rb | 12 +++++++++++- 2 files changed, 13 insertions(+), 2 deletions(-) (limited to 'certs') diff --git a/certs/app/models/leap_ca/cert.rb b/certs/app/models/leap_ca/cert.rb index 7e4b49a..9d4f15e 100644 --- a/certs/app/models/leap_ca/cert.rb +++ b/certs/app/models/leap_ca/cert.rb @@ -21,7 +21,8 @@ module LeapCA validates :key, :presence => true validates :cert, :presence => true - validates :random, :presence => true, :numericality => {:greater_than_or_equal_to => 0, :less_than => 1} + validates :random, :presence => true + validates :random, :numericality => {:greater_than => 0, :less_than => 1} design do view :by_random diff --git a/certs/test/unit/cert_test.rb b/certs/test/unit/cert_test.rb index e41edd7..0b21d0b 100644 --- a/certs/test/unit/cert_test.rb +++ b/certs/test/unit/cert_test.rb @@ -10,8 +10,18 @@ class CertTest < ActiveSupport::TestCase assert @sample.valid? end + test "setting random on create validation" do + @sample.random = "asdf" + assert @sample.valid? + assert @sample.random.is_a? Float + assert @sample.random >= 0 + assert @sample.random < 1 + end + test "validates random" do - [-1, 1, nil, "asdf"].each do |invalid| + @sample.save # make sure we are past the on_create + assert @sample.valid? + ["asdf", 1, 2, -0.1, nil, "asdf"].each do |invalid| @sample.random = invalid assert !@sample.valid?, "#{invalid} should not be a valid value for random" end -- cgit v1.2.3