Move config handling into a provider class to make testing much easier

endpoints/api/suconfig.py

@@ -3,17 +3,16 @@ import os
 import json
 
 from flask import abort
-from endpoints.api import (ApiResource, nickname, resource, internal_only, show_if, hide_if,
+from endpoints.api import (ApiResource, nickname, resource, internal_only, show_if,
                            require_fresh_login, request, validate_json_request, verify_not_prod)
 
 from endpoints.common import common_login
-from app import app, OVERRIDE_CONFIG_YAML_FILENAME, OVERRIDE_CONFIG_DIRECTORY
+from app import app, CONFIG_PROVIDER
 from data import model
 from auth.permissions import SuperUserPermission
 from auth.auth_context import get_authenticated_user
 from data.database import User
-from util.config.configutil import (import_yaml, export_yaml, add_enterprise_config_defaults,
-                                    set_config_value)
+from util.config.configutil import add_enterprise_config_defaults
 from util.config.validator import validate_service_for_config, SSL_FILENAMES
 
 import features
@@ -32,10 +31,6 @@ def database_has_users():
   """ Returns whether the database has any users defined. """
   return bool(list(User.select().limit(1)))
 
-def config_file_exists():
-  """ Returns whether a configuration file exists. """
-  return os.path.exists(OVERRIDE_CONFIG_YAML_FILENAME)
-
 
 @resource('/v1/superuser/registrystatus')
 @internal_only
@@ -48,12 +43,13 @@ class SuperUserRegistryStatus(ApiResource):
   @verify_not_prod
   def get(self):
     """ Returns whether a valid configuration, database and users exist. """
+    file_exists = CONFIG_PROVIDER.yaml_exists()
     return {
-      'dir_exists': os.path.exists(OVERRIDE_CONFIG_DIRECTORY),
-      'file_exists': os.path.exists(OVERRIDE_CONFIG_YAML_FILENAME),
+      'dir_exists': CONFIG_PROVIDER.volume_exists(),
+      'file_exists': file_exists,
       'is_testing': app.config['TESTING'],
       'valid_db': database_is_valid(),
-      'ready': not app.config['TESTING'] and config_file_exists() and bool(app.config['SUPER_USERS'])
+      'ready': not app.config['TESTING'] and file_exists and bool(app.config['SUPER_USERS'])
     }
 
 
@@ -88,12 +84,7 @@ class SuperUserConfig(ApiResource):
   def get(self):
     """ Returns the currently defined configuration, if any. """
     if SuperUserPermission().can():
-      config_object = {}
-      try:
-        import_yaml(config_object, OVERRIDE_CONFIG_YAML_FILENAME)
-      except Exception:
-        config_object = None
-
+      config_object = CONFIG_PROVIDER.get_yaml()
       return {
         'config': config_object
       }
@@ -107,7 +98,7 @@ class SuperUserConfig(ApiResource):
     """ Updates the config.yaml file. """
     # Note: This method is called to set the database configuration before super users exists,
     # so we also allow it to be called if there is no valid registry configuration setup.
-    if not config_file_exists() or SuperUserPermission().can():
+    if not CONFIG_PROVIDER.yaml_exists() or SuperUserPermission().can():
       config_object = request.get_json()['config']
       hostname = request.get_json()['hostname']
 
@@ -115,7 +106,7 @@ class SuperUserConfig(ApiResource):
       add_enterprise_config_defaults(config_object, app.config['SECRET_KEY'], hostname)
 
       # Write the configuration changes to the YAML file.
-      export_yaml(config_object, OVERRIDE_CONFIG_YAML_FILENAME)
+      CONFIG_PROVIDER.save_yaml(config_object)
 
       return {
         'exists': True,
@@ -139,7 +130,7 @@ class SuperUserConfigFile(ApiResource):
 
     if SuperUserPermission().can():
       return {
-       'exists': os.path.exists(os.path.join(OVERRIDE_CONFIG_DIRECTORY, filename))
+       'exists': CONFIG_PROVIDER.volume_file_exists(filename)
       }
 
     abort(403)
@@ -156,7 +147,7 @@ class SuperUserConfigFile(ApiResource):
       if not uploaded_file:
         abort(400)
 
-      uploaded_file.save(os.path.join(OVERRIDE_CONFIG_DIRECTORY, filename))
+      CONFIG_PROVIDER.save_volume_file(filename, uploaded_file)
       return {
         'status': True
       }
@@ -209,7 +200,7 @@ class SuperUserCreateInitialSuperUser(ApiResource):
     #
     # We do this special security check because at the point this method is called, the database
     # is clean but does not (yet) have any super users for our permissions code to check against.
-    if config_file_exists() and not database_has_users():
+    if CONFIG_PROVIDER.yaml_exists() and not database_has_users():
       data = request.get_json()
       username = data['username']
       password = data['password']
@@ -219,7 +210,11 @@ class SuperUserCreateInitialSuperUser(ApiResource):
       superuser = model.create_user(username, password, email, auto_verify=True)
 
       # Add the user to the config.
-      set_config_value(OVERRIDE_CONFIG_YAML_FILENAME, 'SUPER_USERS', [username])
+      config_object = CONFIG_PROVIDER.get_yaml()
+      config_object['SUPER_USERS'] = [username]
+      CONFIG_PROVIDER.save_yaml(config_object)
+
+      # Update the in-memory config for the new superuser.
       app.config['SUPER_USERS'] = [username]
 
       # Conduct login with that user.
@@ -262,7 +257,7 @@ class SuperUserConfigValidate(ApiResource):
     # Note: This method is called to validate the database configuration before super users exists,
     # so we also allow it to be called if there is no valid registry configuration setup. Note that
     # this is also safe since this method does not access any information not given in the request.
-    if not config_file_exists() or SuperUserPermission().can():
+    if not CONFIG_PROVIDER.yaml_exists() or SuperUserPermission().can():
       config = request.get_json()['config']
       return validate_service_for_config(service, config)