use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class CertificateService method findByCredentialUuid.
public CertificateCredentialVersion findByCredentialUuid(String uuid, List<EventAuditRecordParameters> auditRecordParameters) {
EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS);
auditRecordParameters.add(eventAuditRecordParameters);
CredentialVersion credentialVersion = this.certificateVersionDataService.findByCredentialUUID(uuid);
if (credentialVersion == null || !(credentialVersion instanceof CertificateCredentialVersion)) {
throw new EntryNotFoundException("error.credential.invalid_access");
}
eventAuditRecordParameters.setCredentialName(credentialVersion.getName());
CertificateCredentialVersion certificate = (CertificateCredentialVersion) credentialVersion;
if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), certificate.getName(), PermissionOperation.READ)) {
throw new EntryNotFoundException("error.credential.invalid_access");
}
return certificate;
}
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class EncryptionKeyRotatorTest method createCertificateWithOldKey.
private void createCertificateWithOldKey(Key oldKey) throws Exception {
final EncryptedValue encryption = encryptionService.encrypt(oldCanary.getUuid(), oldKey, "old-certificate-private-key");
CertificateCredentialVersionData certificateCredentialData1 = new CertificateCredentialVersionData("/old-key");
certificateCredentialData1.setEncryptedValueData(encryption);
credentialVersionWithOldKey = new CertificateCredentialVersion(certificateCredentialData1);
credentialVersionDataService.save(credentialVersionWithOldKey);
}
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class EncryptionKeyRotatorTest method createCredentialWithOriginalKey.
private void createCredentialWithOriginalKey() {
credentialWithCurrentKey = new CertificateCredentialVersion("/current-key");
credentialWithCurrentKey.setEncryptor(encryptor).setCa("my-ca").setCertificate("my-cert").setPrivateKey("cert-private-key");
credentialVersionDataService.save(credentialWithCurrentKey);
}
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError.
@Test(expected = ParameterizedValidationException.class)
public void updateTransitionalVersion_whenVersionDoesNotBelongToCertificate_returnsAnError() {
UUID certificateUuid = UUID.randomUUID();
UUID transitionalVersionUuid = UUID.randomUUID();
String credentialName = "my-credential";
Credential certificate = mock(Credential.class);
when(certificate.getName()).thenReturn(credentialName);
when(certificate.getUuid()).thenReturn(certificateUuid);
Credential otherCertificate = mock(Credential.class);
when(otherCertificate.getUuid()).thenReturn(UUID.randomUUID());
CertificateCredentialVersion version = mock(CertificateCredentialVersion.class);
String user = "my-user";
UserContext userContext = mock(UserContext.class);
when(userContextHolder.getUserContext()).thenReturn(userContext);
when(userContext.getActor()).thenReturn(user);
when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.WRITE)).thenReturn(true);
when(certificateVersionDataService.findVersion(transitionalVersionUuid)).thenReturn(version);
when(version.getCredential()).thenReturn(otherCertificate);
subject.updateTransitionalVersion(certificateUuid, transitionalVersionUuid, newArrayList());
}
use of org.cloudfoundry.credhub.domain.CertificateCredentialVersion in project credhub by cloudfoundry-incubator.
the class PermissionedCertificateServiceTest method deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError.
@Test(expected = EntryNotFoundException.class)
public void deleteVersion_whenTheProvidedVersionDoesNotExistForTheSpecifiedCredential_returnsAnError() throws Exception {
UUID versionUuid = UUID.randomUUID();
UUID certificateUuid = UUID.randomUUID();
UserContext userContext = mock(UserContext.class);
when(userContextHolder.getUserContext()).thenReturn(userContext);
String user = "my-user";
String credentialName = "my-credential";
when(userContext.getActor()).thenReturn(user);
when(permissionCheckingService.hasPermission(user, credentialName, PermissionOperation.DELETE)).thenReturn(true);
Credential certificate = mock(Credential.class);
when(certificate.getName()).thenReturn(credentialName);
when(certificate.getUuid()).thenReturn(certificateUuid);
when(certificateDataService.findByUuid(certificateUuid)).thenReturn(certificate);
CertificateCredentialVersion versionToDelete = mock(CertificateCredentialVersion.class);
Credential someOtherCredential = mock(Credential.class);
when(certificate.getUuid()).thenReturn(UUID.randomUUID());
when(certificateVersionDataService.findVersion(versionUuid)).thenReturn(versionToDelete);
when(versionToDelete.getCredential()).thenReturn(someOtherCredential);
subject.deleteVersion(certificateUuid, versionUuid, newArrayList());
}
Aggregations