Custom SSL certificates config panel

Adds a new panel to the superuser config tool, for managing custom SSL certificates in the config bundle [Delivers #135586525]
2017-01-11 18:45:46 -05:00 · 2017-01-11 18:45:46 -05:00 · 7e0fbeb625
commit 7e0fbeb625
parent 773f271daa
14 changed files with 434 additions and 41 deletions
--- a/test/test_api_security.py
+++ b/test/test_api_security.py
@ -51,7 +51,9 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana
                                     SuperUserOrganizationManagement, SuperUserOrganizationList,
                                     SuperUserAggregateLogs, SuperUserServiceKeyManagement,
                                     SuperUserServiceKey, SuperUserServiceKeyApproval,
-                                     SuperUserTakeOwnership, SuperUserLicense)
+                                     SuperUserTakeOwnership, SuperUserLicense,
+                                     SuperUserCustomCertificates,
+                                     SuperUserCustomCertificate)
 from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages
 from endpoints.api.secscan import RepositoryImageSecurity
 from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel
@ -4170,6 +4172,54 @@ class TestSuperUserList(ApiTestCase):
    self._run_test('GET', 200, 'devtable', None)


+class TestSuperUserCustomCertificates(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(SuperUserCustomCertificates)
+
+  def test_get_anonymous(self):
+    self._run_test('GET', 401, None, None)
+
+  def test_get_freshuser(self):
+    self._run_test('GET', 403, 'freshuser', None)
+
+  def test_get_reader(self):
+    self._run_test('GET', 403, 'reader', None)
+
+  def test_get_devtable(self):
+    self._run_test('GET', 200, 'devtable', None)
+
+
+class TestSuperUserCustomCertificate(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(SuperUserCustomCertificate, certpath='somecert.crt')
+
+  def test_post_anonymous(self):
+    self._run_test('POST', 401, None, None)
+
+  def test_post_freshuser(self):
+    self._run_test('POST', 403, 'freshuser', None)
+
+  def test_post_reader(self):
+    self._run_test('POST', 403, 'reader', None)
+
+  def test_post_devtable(self):
+    self._run_test('POST', 400, 'devtable', None)
+
+  def test_delete_anonymous(self):
+    self._run_test('DELETE', 401, None, None)
+
+  def test_delete_freshuser(self):
+    self._run_test('DELETE', 403, 'freshuser', None)
+
+  def test_delete_reader(self):
+    self._run_test('DELETE', 403, 'reader', None)
+
+  def test_delete_devtable(self):
+    self._run_test('DELETE', 204, 'devtable', None)
+
+
 class TestSuperUserLicense(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)