Search in sources :

Example 16 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class CertificateService method findByCredentialUuid.

public CertificateCredentialVersion findByCredentialUuid(String uuid, List<EventAuditRecordParameters> auditRecordParameters) {
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS);
    auditRecordParameters.add(eventAuditRecordParameters);
    CredentialVersion credentialVersion = this.certificateVersionDataService.findByCredentialUUID(uuid);
    if (credentialVersion == null || !(credentialVersion instanceof CertificateCredentialVersion)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    eventAuditRecordParameters.setCredentialName(credentialVersion.getName());
    CertificateCredentialVersion certificate = (CertificateCredentialVersion) credentialVersion;
    if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), certificate.getName(), PermissionOperation.READ)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    return certificate;
}
Also used : EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 17 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method createCertificateWithOldKey.

private void createCertificateWithOldKey(Key oldKey) throws Exception {
    final EncryptedValue encryption = encryptionService.encrypt(oldCanary.getUuid(), oldKey, "old-certificate-private-key");
    CertificateCredentialVersionData certificateCredentialData1 = new CertificateCredentialVersionData("/old-key");
    certificateCredentialData1.setEncryptedValueData(encryption);
    credentialVersionWithOldKey = new CertificateCredentialVersion(certificateCredentialData1);
    credentialVersionDataService.save(credentialVersionWithOldKey);
}
Also used : CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData) EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 18 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class EncryptionKeyRotatorTest method createCredentialWithOriginalKey.

private void createCredentialWithOriginalKey() {
    credentialWithCurrentKey = new CertificateCredentialVersion("/current-key");
    credentialWithCurrentKey.setEncryptor(encryptor).setCa("my-ca").setCertificate("my-cert").setPrivateKey("cert-private-key");
    credentialVersionDataService.save(credentialWithCurrentKey);
}
Also used : CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 19 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateServiceTest method updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError.

@Test(expected = ParameterizedValidationException.class)
public void updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError() {
    UUID certificateUuid = UUID.randomUUID();
    UUID transitionalVersionUuid = UUID.randomUUID();
    String credentialName = "my-credential";
    Credential certificate = mock(Credential.class);
    when(certificate.getName()).thenReturn(credentialName);
    when(certificate.getUuid()).thenReturn(certificateUuid);
    Credential otherCertificate = mock(Credential.class);
    when(otherCertificate.getUuid()).thenReturn(UUID.randomUUID());
    CertificateCredentialVersion version = mock(CertificateCredentialVersion.class);
    String user = "my-user";
    UserContext userContext = mock(UserContext.class);
    when(userContextHolder.getUserContext()).thenReturn(userContext);
    when(userContext.getActor()).thenReturn(user);
    when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
    when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.WRITE)).thenReturn(true);
    when(certificateVersionDataService.findVersion(transitionalVersionUuid)).thenReturn(version);
    when(version.getCredential()).thenReturn(otherCertificate);
    subject.updateTransitionalVersion(certificateUuid, transitionalVersionUuid, newArrayList());
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) UserContext(org.cloudfoundry.credhub.auth.UserContext) UUID(java.util.UUID) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) Test(org.junit.Test)

Example 20 with CertificateCredentialVersion

use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateServiceTest method deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError.

@Test(expected = EntryNotFoundException.class)
public void deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError() throws Exception {
    UUID versionUuid = UUID.randomUUID();
    UUID certificateUuid = UUID.randomUUID();
    UserContext userContext = mock(UserContext.class);
    when(userContextHolder.getUserContext()).thenReturn(userContext);
    String user = "my-user";
    String credentialName = "my-credential";
    when(userContext.getActor()).thenReturn(user);
    when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.DELETE)).thenReturn(true);
    Credential certificate = mock(Credential.class);
    when(certificate.getName()).thenReturn(credentialName);
    when(certificate.getUuid()).thenReturn(certificateUuid);
    when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
    CertificateCredentialVersion versionToDelete = mock(CertificateCredentialVersion.class);
    Credential someOtherCredential = mock(Credential.class);
    when(certificate.getUuid()).thenReturn(UUID.randomUUID());
    when(certificateVersionDataService.findVersion(versionUuid)).thenReturn(versionToDelete);
    when(versionToDelete.getCredential()).thenReturn(someOtherCredential);
    subject.deleteVersion(certificateUuid, versionUuid, newArrayList());
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) UserContext(org.cloudfoundry.credhub.auth.UserContext) UUID(java.util.UUID) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) Test(org.junit.Test)

Aggregations

CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)33 Test (org.junit.Test)16 UUID (java.util.UUID)10 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)10 Credential (org.cloudfoundry.credhub.entity.Credential)9 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)8 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)8 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)7 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)6 BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)6 UserContext (org.cloudfoundry.credhub.auth.UserContext)5 PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)5 CertificateView (org.cloudfoundry.credhub.view.CertificateView)5 ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4 CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 Encryptor (org.cloudfoundry.credhub.domain.Encryptor)3 SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)3 EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)3 CertificateRegenerateRequest (org.cloudfoundry.credhub.request.CertificateRegenerateRequest)3