Search in sources :

Example 6 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class CertificateServiceTest method findByUuid_ReturnsCertificateWithMatchingUuidAndPersistsAuditEntry.

@Test
public void findByUuid_ReturnsCertificateWithMatchingUuidAndPersistsAuditEntry() {
    when(permissionCheckingService.hasPermission(actor, credentialName, PermissionOperation.READ)).thenReturn(true);
    CertificateCredentialVersion certificate = subject.findByCredentialUuid(credentialUuid, auditRecordParameters);
    assertThat(certificate, not(nullValue()));
    assertThat(auditRecordParameters.size(), equalTo(1));
    EventAuditRecordParameters auditRecord = this.auditRecordParameters.get(0);
    assertThat(auditRecord.getAuditingOperationCode(), equalTo(AuditingOperationCode.CREDENTIAL_ACCESS));
    assertThat(auditRecord.getCredentialName(), equalTo(credentialName));
}
Also used : EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) Test(org.junit.Test)

Example 7 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method updateTransitionalVersion.

public List<CredentialVersion> updateTransitionalVersion(UUID certificateUuid, UUID newTransitionalVersionUuid, List<EventAuditRecordParameters> auditRecordParameters) {
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_UPDATE, null);
    auditRecordParameters.add(eventAuditRecordParameters);
    Credential credential = findCertificateCredential(certificateUuid);
    String name = credential.getName();
    eventAuditRecordParameters.setCredentialName(name);
    if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), name, PermissionOperation.WRITE)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    certificateVersionDataService.unsetTransitionalVerison(certificateUuid);
    if (newTransitionalVersionUuid != null) {
        CertificateCredentialVersion version = certificateVersionDataService.findVersion(newTransitionalVersionUuid);
        if (versionDoesNotBelongToCertificate(credential, version)) {
            throw new ParameterizedValidationException("error.credential.mismatched_credential_and_version");
        }
        certificateVersionDataService.setTransitionalVersion(newTransitionalVersionUuid);
    }
    return certificateVersionDataService.findActiveWithTransitional(name);
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 8 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class CertificateCredentialRegeneratable method createGenerateRequest.

@Override
public BaseCredentialGenerateRequest createGenerateRequest(CredentialVersion credentialVersion, List<EventAuditRecordParameters> auditRecordParameters) {
    CertificateCredentialVersion certificateCredential = (CertificateCredentialVersion) credentialVersion;
    CertificateReader reader = certificateCredential.getParsedCertificate();
    if (!reader.isValid() || (isEmpty(certificateCredential.getCaName()) && !reader.isSelfSigned())) {
        auditRecordParameters.add(new EventAuditRecordParameters(CREDENTIAL_UPDATE, credentialVersion.getName()));
        throw new ParameterizedValidationException("error.cannot_regenerate_non_generated_certificate");
    }
    CertificateGenerationParameters certificateGenerationParameters = new CertificateGenerationParameters(reader, certificateCredential.getCaName());
    CertificateGenerateRequest generateRequest = new CertificateGenerateRequest();
    generateRequest.setName(certificateCredential.getName());
    generateRequest.setType(certificateCredential.getCredentialType());
    generateRequest.setCertificateGenerationParameters(certificateGenerationParameters);
    generateRequest.setOverwrite(true);
    return generateRequest;
}
Also used : CertificateGenerateRequest(org.cloudfoundry.credhub.request.CertificateGenerateRequest) CertificateGenerationParameters(org.cloudfoundry.credhub.domain.CertificateGenerationParameters) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CertificateReader(org.cloudfoundry.credhub.util.CertificateReader)

Example 9 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class CertificatesHandler method handleRegenerate.

public CredentialView handleRegenerate(String credentialUuid, List<EventAuditRecordParameters> auditRecordParameters, CertificateRegenerateRequest request) {
    CertificateCredentialVersion existingCredentialVersion = certificateService.findByCredentialUuid(credentialUuid, auditRecordParameters);
    BaseCredentialGenerateRequest generateRequest = generationRequestGenerator.createGenerateRequest(existingCredentialVersion, existingCredentialVersion.getName(), auditRecordParameters);
    CertificateCredentialValue credentialValue = (CertificateCredentialValue) credentialGenerator.generate(generateRequest);
    credentialValue.setTransitional(request.isTransitional());
    final CertificateCredentialVersion credentialVersion = (CertificateCredentialVersion) permissionedCertificateService.save(existingCredentialVersion, credentialValue, generateRequest, auditRecordParameters);
    return new CertificateView(credentialVersion);
}
Also used : BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateView(org.cloudfoundry.credhub.view.CertificateView) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 10 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class CertificatesHandler method handleCreateVersionsRequest.

public CertificateView handleCreateVersionsRequest(String certificateId, CreateVersionRequest requestBody, List<EventAuditRecordParameters> auditRecordParameters) {
    CertificateCredentialValue certificateCredentialValue = requestBody.getValue();
    certificateCredentialValue.setTransitional(requestBody.isTransitional());
    final CertificateCredentialVersion credentialVersion = permissionedCertificateService.set(UUID.fromString(certificateId), certificateCredentialValue, auditRecordParameters);
    return new CertificateView(credentialVersion);
}
Also used : CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) CertificateView(org.cloudfoundry.credhub.view.CertificateView) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Aggregations

CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)33 Test (org.junit.Test)16 UUID (java.util.UUID)10 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)10 Credential (org.cloudfoundry.credhub.entity.Credential)9 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)8 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)8 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)7 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)6 BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)6 UserContext (org.cloudfoundry.credhub.auth.UserContext)5 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)5 CertificateView (org.cloudfoundry.credhub.view.CertificateView)5 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 Encryptor (org.cloudfoundry.credhub.domain.Encryptor)3 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)3 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)3 CertificateRegenerateRequest (org.cloudfoundry.credhub.request.CertificateRegenerateRequest)3