Commit dcb154ea authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_cloud: Generate/Revoke only invalidate/create the Certificate Login

   This issues SSL Certificates and use Certificate Login, rather them require to revoke it.
parent 6dd413bf
......@@ -52,10 +52,15 @@ class TestSlapOSCoreComputeNodeSlapInterfaceWorkflow(SlapOSTestCaseMixin):
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, self.compute_node.getDestinationReference())
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
def test_generateCertificate_twice(self):
self.login(self.compute_node.getUserId())
......@@ -64,10 +69,17 @@ class TestSlapOSCoreComputeNodeSlapInterfaceWorkflow(SlapOSTestCaseMixin):
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, self.compute_node.getDestinationReference())
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
self.assertEqual(None, self.compute_node.getDestinationReference())
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertRaises(ValueError, self.compute_node.generateCertificate)
self.assertEqual(None, self.portal.REQUEST.get('compute_node_key'))
......@@ -252,16 +264,23 @@ class TestSlapOSCoreComputeNodeSlapInterfaceWorkflow(SlapOSTestCaseMixin):
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, self.compute_node.getDestinationReference())
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
self.compute_node.revokeCertificate()
self.assertEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertEqual(None, self.compute_node.getDestinationReference())
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
def test_revokeCertificateNoCertificate(self):
self.login(self.compute_node.getUserId())
......@@ -269,6 +288,8 @@ class TestSlapOSCoreComputeNodeSlapInterfaceWorkflow(SlapOSTestCaseMixin):
self.assertEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertEqual(None, self.compute_node.getDestinationReference())
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 0)
def test_revokeCertificate_twice(self):
self.login(self.compute_node.getUserId())
......@@ -277,84 +298,188 @@ class TestSlapOSCoreComputeNodeSlapInterfaceWorkflow(SlapOSTestCaseMixin):
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, self.compute_node.getDestinationReference())
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
self.compute_node.revokeCertificate()
self.assertEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertEqual(None, self.compute_node.getDestinationReference())
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
self.assertRaises(ValueError, self.compute_node.revokeCertificate)
self.assertEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertEqual(None, self.compute_node.getDestinationReference())
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
def test_renewCertificate(self):
self.login(self.compute_node.getUserId())
self.compute_node.generateCertificate()
compute_node_key = self.portal.REQUEST.get('compute_node_key')
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
destination_reference = self.compute_node.getDestinationReference()
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, destination_reference)
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
destination_reference = certificate_login.getDestinationReference()
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
self.assertNotEqual(None, destination_reference)
self.compute_node.revokeCertificate()
self.compute_node.generateCertificate()
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(None, self.compute_node.getDestinationReference())
self.assertNotEqual(compute_node_key, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(compute_node_certificate, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(destination_reference, self.compute_node.getDestinationReference())
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
self.assertEqual(certificate_login.getDestinationReference(), destination_reference)
self.assertNotEqual(certificate_login.getReference(), None)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 2)
new_certificate_login = [i for i in certificate_login_list \
if i.getId() != certificate_login.getId()][0]
destination_reference = certificate_login.getDestinationReference()
self.assertEqual(new_certificate_login.getValidationState(), 'validated')
self.assertNotEqual(new_certificate_login.getReference(), None)
self.assertNotEqual(new_certificate_login.getReference(),
certificate_login.getReference())
self.assertNotEqual(new_certificate_login.getDestinationReference(), None)
self.assertNotEqual(new_certificate_login.getDestinationReference(),
certificate_login.getDestinationReference())
serial = '0x%x' % int(new_certificate_login.getDestinationReference(), 16)
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(new_certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertFalse(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
def test_renewCertificate_twice(self):
self.login(self.compute_node.getUserId())
self.compute_node.generateCertificate()
compute_node_key = self.portal.REQUEST.get('compute_node_key')
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
destination_reference = self.compute_node.getDestinationReference()
self.assertNotEqual(None, compute_node_key)
self.assertNotEqual(None, compute_node_certificate)
self.assertNotEqual(None, self.compute_node.getDestinationReference())
serial = '0x%x' % int(self.compute_node.getDestinationReference(), 16)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
destination_reference = certificate_login.getDestinationReference()
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(self.compute_node.getReference() in compute_node_certificate.decode('string_escape'))
self.assertTrue(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
self.assertNotEqual(None, destination_reference)
self.compute_node.revokeCertificate()
self.compute_node.generateCertificate()
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(None, self.compute_node.getDestinationReference())
self.assertNotEqual(compute_node_key, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(compute_node_certificate, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(destination_reference, self.compute_node.getDestinationReference())
compute_node_key = self.portal.REQUEST.get('compute_node_key')
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
self.assertEqual(certificate_login.getDestinationReference(), destination_reference)
self.assertNotEqual(certificate_login.getReference(), None)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 2)
new_certificate_login = [i for i in certificate_login_list \
if i.getId() != certificate_login.getId()][0]
destination_reference = certificate_login.getDestinationReference()
self.assertEqual(new_certificate_login.getValidationState(), 'validated')
self.assertNotEqual(new_certificate_login.getReference(), None)
self.assertNotEqual(new_certificate_login.getReference(),
certificate_login.getReference())
self.assertNotEqual(new_certificate_login.getDestinationReference(), None)
self.assertNotEqual(new_certificate_login.getDestinationReference(),
certificate_login.getDestinationReference())
serial = '0x%x' % int(new_certificate_login.getDestinationReference(), 16)
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
destination_reference = self.compute_node.getDestinationReference()
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(new_certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertFalse(certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(certificate_login.getReference(),
self.compute_node.getReference())
self.compute_node.revokeCertificate()
self.compute_node.generateCertificate()
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(None, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(None, self.compute_node.getDestinationReference())
self.assertNotEqual(compute_node_key, self.portal.REQUEST.get('compute_node_key'))
self.assertNotEqual(compute_node_certificate, self.portal.REQUEST.get('compute_node_certificate'))
self.assertNotEqual(destination_reference, self.compute_node.getDestinationReference())
self.assertEqual(new_certificate_login.getValidationState(), 'invalidated')
self.assertNotEqual(new_certificate_login.getDestinationReference(), destination_reference)
self.assertNotEqual(new_certificate_login.getReference(), None)
certificate_login_list = self.compute_node.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 3)
third_certificate_login = [i for i in certificate_login_list \
if i.getId() not in [certificate_login.getId(), new_certificate_login.getId()]][0]
destination_reference = new_certificate_login.getDestinationReference()
self.assertEqual(third_certificate_login.getValidationState(), 'validated')
self.assertNotEqual(third_certificate_login.getReference(), None)
self.assertNotEqual(third_certificate_login.getReference(),
certificate_login.getReference())
self.assertNotEqual(third_certificate_login.getDestinationReference(), None)
self.assertNotEqual(third_certificate_login.getDestinationReference(),
new_certificate_login.getDestinationReference())
serial = '0x%x' % int(third_certificate_login.getDestinationReference(), 16)
compute_node_certificate = self.portal.REQUEST.get('compute_node_certificate')
self.assertTrue(serial in compute_node_certificate)
self.assertTrue(third_certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertFalse(new_certificate_login.getReference() in compute_node_certificate.decode('string_escape'))
self.assertNotEqual(third_certificate_login.getReference(),
self.compute_node.getReference())
self.assertNotEqual(new_certificate_login.getReference(),
self.compute_node.getReference())
class TestSlapOSCoreComputeNodeSlapInterfaceWorkflowSupply(SlapOSTestCaseMixin):
......
......@@ -6,12 +6,6 @@
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_recorded_property_dict</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_reference</string> </key>
<value> <string>testSlapOSCloudComputeNodeSlapInterfaceWorkflow</string> </value>
......@@ -61,28 +55,13 @@
<item>
<key> <string>workflow_history</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
......@@ -95,7 +74,7 @@
<item>
<key> <string>component_validation_workflow</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
</dictionary>
......@@ -104,7 +83,7 @@
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="WorkflowHistoryList" module="Products.ERP5Type.Workflow"/>
</pickle>
......
......@@ -1140,68 +1140,88 @@ class TestSlapOSCoreInstanceSlapInterfaceWorkflowTransfer(SlapOSTestCaseMixin):
def test_generateCertificate(self):
self.login()
self.software_instance.setSslKey(None)
self.software_instance.setSslCertificate(None)
self.software_instance.setDestinationReference(None)
self.software_instance.getSslKey(None)
self.software_instance.getSslCertificate(None)
self.software_instance.generateCertificate()
self.assertNotEqual(self.software_instance.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(), None)
self.assertNotEqual(self.software_instance.getSslCertificate(), None)
self.assertEqual(self.software_instance.getDestinationReference(), None)
certificate_login_list = self.software_instance.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
self.assertTrue(serial in self.software_instance.getSslCertificate())
self.assertTrue(certificate_login.getReference() in \
self.software_instance.getSslCertificate().decode('string_escape'))
self.assertRaises(ValueError, self.software_instance.generateCertificate)
def test_revokeCertificate(self):
self.login()
self.assertNotEqual(self.software_instance.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(), None)
self.assertNotEqual(self.software_instance.getSslCertificate(), None)
self.software_instance.revokeCertificate()
self.assertEqual(self.software_instance.getDestinationReference(), None)
self.assertEqual(self.software_instance.getSslKey(), None)
self.assertEqual(self.software_instance.getSslCertificate(), None)
self.assertRaises(ValueError, self.software_instance.revokeCertificate)
certificate_login_list = self.software_instance.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 0)
def test_revokeAndGenerateCertificate(self):
self.login()
destination_reference = self.software_instance.getDestinationReference()
ssl_key = self.software_instance.getSslKey()
ssl_certificate = self.software_instance.getSslCertificate()
self.assertNotEqual(self.software_instance.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(), None)
self.assertNotEqual(self.software_instance.getSslCertificate(), None)
self.software_instance.revokeCertificate()
self.assertRaises(ValueError, self.software_instance.revokeCertificate)
self.software_instance.generateCertificate()
self.assertNotEqual(self.software_instance.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(), None)
self.assertNotEqual(self.software_instance.getSslCertificate(), None)
self.assertNotEqual(self.software_instance.getDestinationReference(),
destination_reference)
certificate_login_list = self.software_instance.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 1)
certificate_login = certificate_login_list[0]
self.assertEqual(certificate_login.getValidationState(), 'validated')
self.assertNotEqual(certificate_login.getReference(), None)
self.assertNotEqual(certificate_login.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(),
ssl_key)
self.assertNotEqual(self.software_instance.getSslCertificate(),
ssl_certificate)
destination_reference = self.software_instance.getDestinationReference()
ssl_key = self.software_instance.getSslKey()
ssl_certificate = self.software_instance.getSslCertificate()
self.software_instance.revokeCertificate()
self.software_instance.generateCertificate()
self.assertNotEqual(self.software_instance.getDestinationReference(), None)
self.assertNotEqual(self.software_instance.getSslKey(), None)
self.assertNotEqual(self.software_instance.getSslCertificate(), None)
self.assertNotEqual(self.software_instance.getDestinationReference(),
destination_reference)
self.assertNotEqual(self.software_instance.getSslKey(),
ssl_key)
self.assertNotEqual(self.software_instance.getSslCertificate(),
ssl_certificate)
certificate_login_list = self.software_instance.objectValues(portal_type="Certificate Login")
self.assertEqual(len(certificate_login_list), 2)
another_certificate_login = [ i for i in certificate_login_list
if i.getId() != certificate_login.getId()][0]
self.assertEqual(another_certificate_login.getValidationState(), 'validated')
self.assertNotEqual(another_certificate_login.getReference(), None)
self.assertNotEqual(another_certificate_login.getDestinationReference(), None)
self.assertEqual(certificate_login.getValidationState(), 'invalidated')
self.assertNotEqual(certificate_login.getReference(),
another_certificate_login.getReference())
self.assertNotEqual(certificate_login.getDestinationReference(),
another_certificate_login.getDestinationReference())
......@@ -6,12 +6,6 @@
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_recorded_property_dict</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_reference</string> </key>
<value> <string>testSlapOSCloudInstanceSlapInterfaceWorkflow</string> </value>
......@@ -61,28 +55,13 @@
<item>
<key> <string>workflow_history</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
......@@ -95,7 +74,7 @@
<item>
<key> <string>component_validation_workflow</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
</dictionary>
......@@ -104,7 +83,7 @@
</dictionary>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="WorkflowHistoryList" module="Products.ERP5Type.Workflow"/>
</pickle>
......
......@@ -8,10 +8,4 @@ compute_node.edit(
capacity_scope='open'
)
erp5_login = compute_node.newContent(
portal_type="Certificate Login",
reference=compute_node.getReference()
)
erp5_login.validate()
portal.portal_workflow.doActionFor(compute_node, 'validate_action')
compute_node = state_change['object']
if compute_node.getDestinationReference() is not None:
context.REQUEST.set("compute_node_certificate", None)
context.REQUEST.set("compute_node_key", None)
raise ValueError('Certificate still active.')
ca = context.getPortalObject().portal_certificate_authority
certificate_dict = ca.getNewCertificate(compute_node.getReference())
compute_node.setDestinationReference(certificate_dict["id"])
for certificate_login in compute_node.objectValues(
portal_type=["Certificate Login"]):
if certificate_login.getValidationState() == "validated":
context.REQUEST.set("compute_node_certificate", None)
context.REQUEST.set("compute_node_key", None)
raise ValueError('Certificate still active.')
certificate_login = compute_node.newContent(
portal_type="Certificate Login")
certificate_dict = certificate_login.getCertificate()
certificate_login.validate()
context.REQUEST.set("compute_node_certificate", certificate_dict["certificate"])
context.REQUEST.set("compute_node_key", certificate_dict["key"])
......@@ -52,6 +52,12 @@
<key> <string>_params</string> </key>
<value> <string>state_change</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>script_ComputeNode_generateCertificate</string> </value>
......
compute_node = state_change['object']
context.REQUEST.set('compute_node_certificate', None)
context.REQUEST.set('compute_node_key', None)
destination_reference = compute_node.getDestinationReference()
if destination_reference is None:
no_certificate = True
for certificate_login in compute_node.objectValues(
portal_type=["Certificate Login"]):
if certificate_login.getValidationState() == "validated":
certificate_login.invalidate()
no_certificate = False
if no_certificate:
raise ValueError('No certificate')
context.getPortalObject().portal_certificate_authority.revokeCertificate(destination_reference)
compute_node.setDestinationReference(None)
......@@ -52,6 +52,12 @@
<key> <string>_params</string> </key>
<value> <string>state_change</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>script_ComputeNode_revokeCertificate</string> </value>
......
instance = state_change['object']
if instance.getDestinationReference() is not None:
raise ValueError("Certificate still active.")
if instance.getPortalType() != "Software Instance":
# Skip if the instance isn't a Software Instance,
# since Shared Instances cannot find the object.
return
ca = context.getPortalObject().portal_certificate_authority
certificate_dict = ca.getNewCertificate(instance.getReference())
edit_kw = {'destination_reference' : certificate_dict['id'],
'ssl_key' : certificate_dict['key'],
'ssl_certificate': certificate_dict['certificate']
}
for certificate_login in instance.objectValues(
portal_type=["Certificate Login"]):
if certificate_login.getValidationState() == "validated":
raise ValueError('Certificate still active.')
# Include Certificate Login so Instance become a User
certificate_login = instance.newContent(
portal_type="Certificate Login")
certificate_dict = certificate_login.getCertificate()
certificate_login.validate()
# Keep this here?
edit_kw = {'ssl_key' : certificate_dict['key'],
'ssl_certificate': certificate_dict['certificate']}
instance.edit(**edit_kw)
instance = state_change['object']
portal = instance.getPortalObject()
if instance.getSslKey() is not None or instance.getSslCertificate() is not None:
instance.edit(ssl_key=None, ssl_certificate=None)
destination_reference = instance.getDestinationReference()
if destination_reference is None:
raise ValueError('No certificate')
no_certificate = True
for certificate_login in instance.objectValues(
portal_type=["Certificate Login"]):
if certificate_login.getValidationState() == "validated":
certificate_login.invalidate()
no_certificate = False
try:
portal.portal_certificate_authority\
.revokeCertificate(instance.getDestinationReference())
except ValueError:
# Ignore already revoked certificates, as OpenSSL backend is
# non transactional, so it is ok to allow multiple tries to destruction
# even if certificate was already revoked
pass
instance.setDestinationReference(None)
if no_certificate:
raise ValueError('No certificate')
......@@ -68,9 +68,7 @@
</item>
<item>
<key> <string>title</string> </key>
<value>
<none/>
</value>
<value> <string>None</string> </value>
</item>
</dictionary>
</pickle>
......
......@@ -93,14 +93,9 @@ if (request_software_instance is None):
reference=reference,
activate_kw={'tag': tag}
)
request_software_instance.generateCertificate()
request_software_instance.validate()
if software_instance_portal_type == "Software Instance":
# Include Certificate Login so Instance become a User
certificate_login = request_software_instance.newContent(
portal_type="Certificate Login",
reference=request_software_instance.getReference())
certificate_login.validate()
request_software_instance.generateCertificate()
request_software_instance.validate()
graph[request_software_instance.getUid()] = []
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment