Search in sources :

Example 21 with DomainVO

use of com.cloud.domain.DomainVO in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertNotX509.

@Test
public void runUploadSslCertNotX509() throws IOException, IllegalAccessException, NoSuchFieldException {
    // Reading appropritate files
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/non_x509_pem.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Given a Certificate which is not X509, upload should fail");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Expected X509 certificate"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 22 with DomainVO

use of com.cloud.domain.DomainVO in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertBadFormat.

@Test
public void runUploadSslCertBadFormat() throws IOException, IllegalAccessException, NoSuchFieldException {
    // Reading appropritate files
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/bad_format_cert.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.key").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Given a Certificate in bad format (Not PEM), upload should fail");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Invalid certificate format"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 23 with DomainVO

use of com.cloud.domain.DomainVO in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertWithCAChain.

@Test
public /**
 * Given a certificate signed by a CA and a valid CA chain, upload should succeed
 */
void runUploadSslCertWithCAChain() throws Exception {
    Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
    final TransactionLegacy txn = TransactionLegacy.open("runUploadSslCertWithCAChain");
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(), Charset.defaultCharset().name());
    final String chainFile = URLDecoder.decode(getClass().getResource("/certs/root_chain.crt").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final String chain = readFileToString(new File(chainFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    certService._accountDao = Mockito.mock(AccountDao.class);
    when(certService._accountDao.findByIdIncludingRemoved(anyLong())).thenReturn((AccountVO) account);
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    final Field chainField = _class.getDeclaredField("chain");
    chainField.setAccessible(true);
    chainField.set(uploadCmd, chain);
    certService.uploadSslCert(uploadCmd);
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) AccountDao(com.cloud.user.dao.AccountDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) TransactionLegacy(com.cloud.utils.db.TransactionLegacy) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 24 with DomainVO

use of com.cloud.domain.DomainVO in project cosmic by MissionCriticalCloud.

the class CertServiceTest method runUploadSslCertNoRootCert.

@Test
public void runUploadSslCertNoRootCert() throws IOException, IllegalAccessException, NoSuchFieldException {
    Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
    final String certFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(), Charset.defaultCharset().name());
    final String keyFile = URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(), Charset.defaultCharset().name());
    final String chainFile = URLDecoder.decode(getClass().getResource("/certs/non_root.crt").getFile(), Charset.defaultCharset().name());
    final String cert = readFileToString(new File(certFile));
    final String key = readFileToString(new File(keyFile));
    final String chain = readFileToString(new File(chainFile));
    final CertServiceImpl certService = new CertServiceImpl();
    // setting mock objects
    certService._accountMgr = Mockito.mock(AccountManager.class);
    final Account account = new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString());
    when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
    certService._domainDao = Mockito.mock(DomainDao.class);
    final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, "networkdomain");
    when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
    certService._sslCertDao = Mockito.mock(SslCertDao.class);
    when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new SslCertVO());
    // creating the command
    final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
    final Class<?> _class = uploadCmd.getClass().getSuperclass();
    final Field certField = _class.getDeclaredField("cert");
    certField.setAccessible(true);
    certField.set(uploadCmd, cert);
    final Field keyField = _class.getDeclaredField("key");
    keyField.setAccessible(true);
    keyField.set(uploadCmd, key);
    final Field chainField = _class.getDeclaredField("chain");
    chainField.setAccessible(true);
    chainField.set(uploadCmd, chain);
    try {
        certService.uploadSslCert(uploadCmd);
        fail("Chain is given but does not link to the certificate");
    } catch (final Exception e) {
        assertTrue(e.getMessage().contains("Invalid certificate chain"));
    }
}
Also used : Account(com.cloud.user.Account) SslCertDao(com.cloud.network.dao.SslCertDao) FileUtils.readFileToString(org.apache.commons.io.FileUtils.readFileToString) AccountVO(com.cloud.user.AccountVO) IOException(java.io.IOException) DomainVO(com.cloud.domain.DomainVO) Field(java.lang.reflect.Field) SslCertVO(com.cloud.network.dao.SslCertVO) DomainDao(com.cloud.domain.dao.DomainDao) AccountManager(com.cloud.user.AccountManager) UploadSslCertCmd(com.cloud.api.command.user.loadbalancer.UploadSslCertCmd) File(java.io.File) Test(org.junit.Test)

Example 25 with DomainVO

use of com.cloud.domain.DomainVO in project cosmic by MissionCriticalCloud.

the class AccountManagerImplTest method deleteUserAccount.

@Test
public void deleteUserAccount() {
    final AccountVO account = new AccountVO();
    account.setId(42l);
    final DomainVO domain = new DomainVO();
    Mockito.when(_accountDao.findById(42l)).thenReturn(account);
    Mockito.when(securityChecker.checkAccess(Mockito.any(Account.class), Mockito.any(ControlledEntity.class), Mockito.any(AccessType.class), Mockito.anyString())).thenReturn(true);
    Mockito.when(_accountDao.remove(42l)).thenReturn(true);
    Mockito.when(_configMgr.releaseAccountSpecificVirtualRanges(42l)).thenReturn(true);
    Mockito.when(_domainMgr.getDomain(Mockito.anyLong())).thenReturn(domain);
    Mockito.when(securityChecker.checkAccess(Mockito.any(Account.class), Mockito.any(Domain.class))).thenReturn(true);
    Mockito.when(_vmSnapshotDao.listByAccountId(Mockito.anyLong())).thenReturn(new ArrayList<>());
    Assert.assertTrue(accountManager.deleteUserAccount(42));
    // assert that this was a clean delete
    Mockito.verify(_accountDao, Mockito.never()).markForCleanup(Mockito.eq(42l));
}
Also used : DomainVO(com.cloud.domain.DomainVO) ControlledEntity(com.cloud.acl.ControlledEntity) Domain(com.cloud.domain.Domain) AccessType(com.cloud.acl.SecurityChecker.AccessType) Test(org.junit.Test)

Aggregations

DomainVO (com.cloud.domain.DomainVO)196 Account (com.cloud.user.Account)85 AccountVO (com.cloud.user.AccountVO)64 Test (org.junit.Test)56 ArrayList (java.util.ArrayList)53 DomainDao (com.cloud.domain.dao.DomainDao)30 Field (java.lang.reflect.Field)30 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)29 SslCertDao (com.cloud.network.dao.SslCertDao)29 AccountManager (com.cloud.user.AccountManager)29 SslCertVO (com.cloud.network.dao.SslCertVO)27 List (java.util.List)26 PermissionDeniedException (com.cloud.exception.PermissionDeniedException)24 Pair (com.cloud.utils.Pair)24 Domain (com.cloud.domain.Domain)23 Filter (com.cloud.utils.db.Filter)23 File (java.io.File)23 IOException (java.io.IOException)23 FileUtils.readFileToString (org.apache.commons.io.FileUtils.readFileToString)23 InvalidParameterValueException (com.cloud.utils.exception.InvalidParameterValueException)22