[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] Fwd: CDS: gofer authentication



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One last point, I swear.

The CDS DB verification script needs to be updated for the addition of
the "secret" field and a migrate script created.

On 03/18/2011 12:40 PM, Jay Dobies wrote:
> One more thing:
> 
>         try:
>             secret = self._cds_stub(cds).initialize()
>             return secret
>         except RequestTimeout, e:
>             raise CdsTimeoutException(e), None, sys.exc_info()[2]
>         except DispatchError, e:
>             raise CdsCommunicationsException(e), None, sys.exc_info()[2]
>         except NotAuthorized, e:
>             raise CdsAuthException(e), None, sys.exc_info()[2]
>         except Exception, e:
>             raise CdsMethodException(e), None, sys.exc_info()[2]
> 
> NotAuthorized is a subclass of DispatchError, so that code block will
> never get executed. Need to reverse the order on those.
> 
> 
> On 03/18/2011 12:38 PM, Jay Dobies wrote:
>>> Jason,
> 
>>> I pushed the pulp -> external CDS authentication feature.
> 
>>> Commit: cf449c22299e01e872dff9b92a3cff65ac39cc36
> 
>>> Mind doing a quick review?  I'll be making a pass though the unit tests
>>> today.
> 
>>> -jeff
> 
> 
>> Looks pretty solid. Most of my comments focus around things you'll run
>> into in one way or another when you do the unit tests, though you may
>> have approaches in mind and I'm just not thinking of.
> 
> 
>> dispatcher.py:
>> - init_cds():  Method now returns the secret, don't forget to update the
>> docstring to mention that and say if it's a string or something more
>> complex.
> 
> 
>> gofer_cds_plugin.py:
>> - There aren't any tests for this (sorry about that, my bad) so you'll
>> have to add the test file itself.
> 
>> - How are you going to override the location of the secret file for unit
>> tests? The path can be specified but the object is constructed inside of
>> getsecret(). The default is to read from config, but that's loaded by
>> gofer (there may be some way of overriding config values loaded by
>> gofer, which is one reason I'm asking since I don't know).
> 
>> - We'll need tests that run both with the secret file present (scenario
>> of normal usage) and not present (scenario of an initialize). When
>> cleaning up the test runs by deleting the secret file directory, won't
>> we run into an issue since Secret is a singleton, is already loaded, so
>> __mkdir won't get called again?
> 
>> - The caching doesn't come into play if gofer is restarted. The secret
>> is cached on write, but not on read. So if the CDS is bounced after it's
>> initialized, the caching isn't used.
> 
>> - In my experience, singletons have always been a headache in unit tests
>> since modules aren't unloaded between runs, so you never know exactly
>> which test is the one causing the instantiation. Is there a benefit to
>> this approach over simply having module methods read_secret,
>> write_secret, and delete_secret and caching in the module itself?
> 
> 
> 
> _______________________________________________
> Pulp-list mailing list
> Pulp-list redhat com
> https://www.redhat.com/mailman/listinfo/pulp-list
> 
> 

_______________________________________________
Pulp-list mailing list
Pulp-list redhat com
https://www.redhat.com/mailman/listinfo/pulp-list


- -- 
Jay Dobies
RHCE# 805008743336126
Freenode: jdob
http://pulpproject.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNg6JnAAoJEOMmcTqOSQHCEb0IALJ7jupCu84TPluJoNuHAQaA
6A7KvMespAymr6MLYQJU2VGLbkwLYaI8ixmAPWLWfqQEouEgQWxxAuv1GfyTBWYJ
upnZ9+qvdp7zjWs40SkdqKTn6nqJ9F2qWJqqD0ugnNBPqtfLNl7Y4K1d4j0u4F0g
irTw7YXurSHXRoRuf71xfhxC53mFLb0VFfarpMgtSA77gkT7q5yiqkyWszrFqTbQ
XqI6kFgOi4Z0cFYUDuPNhHMEiz9H9Mr0akmSRXf79f2CHUe8L7+3vDos0Wvcsl2f
IY+BeWmXvrHv8lknwhXBtBrIzXJ1aYG+HVzHgMDzTFdslVwtq8VBPvtW9P7TvZM=
=xbsX
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]