Example 16 with CertificateCredentialVersion
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class CertificateService method findByCredentialUuid.
public CertificateCredentialVersion findByCredentialUuid(String uuid, List<EventAuditRecordParameters> auditRecordParameters) {
EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS);
auditRecordParameters.add(eventAuditRecordParameters);
CredentialVersion credentialVersion = this.certificateVersionDataService.findByCredentialUUID(uuid);
if (credentialVersion == null || !(credentialVersion instanceof CertificateCredentialVersion)) {
throw new EntryNotFoundException("error.credential.invalid_access");
}
eventAuditRecordParameters.setCredentialName(credentialVersion.getName());
CertificateCredentialVersion certificate = (CertificateCredentialVersion) credentialVersion;
if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), certificate.getName(), PermissionOperation.READ)) {
throw new EntryNotFoundException("error.credential.invalid_access");
}
return certificate;
}
Also used :
EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException)
EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 17 with CertificateCredentialVersion
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class EncryptionKeyRotatorTest method createCertificateWithOldKey.
private void createCertificateWithOldKey(Key oldKey) throws Exception {
final EncryptedValue encryption = encryptionService.encrypt(oldCanary.getUuid(), oldKey, "old-certificate-private-key");
CertificateCredentialVersionData certificateCredentialData1 = new CertificateCredentialVersionData("/old-key");
certificateCredentialData1.setEncryptedValueData(encryption);
credentialVersionWithOldKey = new CertificateCredentialVersion(certificateCredentialData1);
credentialVersionDataService.save(credentialVersionWithOldKey);
}
Also used :
CertificateCredentialVersionData(org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)
EncryptedValue(org.cloudfoundry.credhub.entity.EncryptedValue)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 18 with CertificateCredentialVersion
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class EncryptionKeyRotatorTest method createCredentialWithOriginalKey.
private void createCredentialWithOriginalKey() {
credentialWithCurrentKey = new CertificateCredentialVersion("/current-key");
credentialWithCurrentKey.setEncryptor(encryptor).setCa("my-ca").setCertificate("my-cert").setPrivateKey("cert-private-key");
credentialVersionDataService.save(credentialWithCurrentKey);
}
Also used :
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Example 19 with CertificateCredentialVersion
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError.
@Test(expected = ParameterizedValidationException.class)
public void updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError() {
UUID certificateUuid = UUID.randomUUID();
UUID transitionalVersionUuid = UUID.randomUUID();
String credentialName = "my-credential";
Credential certificate = mock(Credential.class);
when(certificate.getName()).thenReturn(credentialName);
when(certificate.getUuid()).thenReturn(certificateUuid);
Credential otherCertificate = mock(Credential.class);
when(otherCertificate.getUuid()).thenReturn(UUID.randomUUID());
CertificateCredentialVersion version = mock(CertificateCredentialVersion.class);
String user = "my-user";
UserContext userContext = mock(UserContext.class);
when(userContextHolder.getUserContext()).thenReturn(userContext);
when(userContext.getActor()).thenReturn(user);
when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.WRITE)).thenReturn(true);
when(certificateVersionDataService.findVersion(transitionalVersionUuid)).thenReturn(version);
when(version.getCredential()).thenReturn(otherCertificate);
subject.updateTransitionalVersion(certificateUuid, transitionalVersionUuid, newArrayList());
}
Also used :
Credential(org.cloudfoundry.credhub.entity.Credential)
UserContext(org.cloudfoundry.credhub.auth.UserContext)
UUID(java.util.UUID)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Test(org.junit.Test)
Example 20 with CertificateCredentialVersion
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError.
@Test(expected = EntryNotFoundException.class)
public void deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError() throws Exception {
UUID versionUuid = UUID.randomUUID();
UUID certificateUuid = UUID.randomUUID();
UserContext userContext = mock(UserContext.class);
when(userContextHolder.getUserContext()).thenReturn(userContext);
String user = "my-user";
String credentialName = "my-credential";
when(userContext.getActor()).thenReturn(user);
when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.DELETE)).thenReturn(true);
Credential certificate = mock(Credential.class);
when(certificate.getName()).thenReturn(credentialName);
when(certificate.getUuid()).thenReturn(certificateUuid);
when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
CertificateCredentialVersion versionToDelete = mock(CertificateCredentialVersion.class);
Credential someOtherCredential = mock(Credential.class);
when(certificate.getUuid()).thenReturn(UUID.randomUUID());
when(certificateVersionDataService.findVersion(versionUuid)).thenReturn(versionToDelete);
when(versionToDelete.getCredential()).thenReturn(someOtherCredential);
subject.deleteVersion(certificateUuid, versionUuid, newArrayList());
}
Also used :
Credential(org.cloudfoundry.credhub.entity.Credential)
UserContext(org.cloudfoundry.credhub.auth.UserContext)
UUID(java.util.UUID)
CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)
Test(org.junit.Test)
Aggregations
CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)33
Test (org.junit.Test)16
UUID (java.util.UUID)10
CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)10
Credential (org.cloudfoundry.credhub.entity.Credential)9
EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)8
CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)8
EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)7
ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)6
BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)6
UserContext (org.cloudfoundry.credhub.auth.UserContext)5
PasswordCredentialVersion (org.cloudfoundry.credhub.domain.PasswordCredentialVersion)5
CertificateView (org.cloudfoundry.credhub.view.CertificateView)5
ValueCredentialVersion (org.cloudfoundry.credhub.domain.ValueCredentialVersion)4
CertificateCredentialVersionData (org.cloudfoundry.credhub.entity.CertificateCredentialVersionData)4
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4
Encryptor (org.cloudfoundry.credhub.domain.Encryptor)3
SshCredentialVersion (org.cloudfoundry.credhub.domain.SshCredentialVersion)3
EncryptedValue (org.cloudfoundry.credhub.entity.EncryptedValue)3
CertificateRegenerateRequest (org.cloudfoundry.credhub.request.CertificateRegenerateRequest)3
