@Override protected void startUp() throws Exception { secureStoreService.startAndWait(); }
@Override protected void shutDown() throws Exception { secureStoreService.stopAndWait(); } }
secureStoreService.put(NAMESPACE1, key1, value1, description1, properties); secureStoreService.put(NAMESPACE1, key2, value2, description2, properties); SecureStoreData ns1Key1 = secureStoreService.get(NAMESPACE1, key1); SecureStoreData ns1Key2 = secureStoreService.get(NAMESPACE1, key2); List<SecureStoreMetadata> metadatas = secureStoreService.list(NAMESPACE1); metadatas.sort(Comparator.comparing(SecureStoreMetadata::getName)); for (SecureStoreMetadata metadata : metadatas) { secureStoreService.delete(NAMESPACE1, key1); secureStoreService.delete(NAMESPACE1, key2); Assert.assertEquals(0, secureStoreService.list(NAMESPACE1).size());
@Test(expected = SecureKeyNotFoundException.class) public void testKeyNotFound() throws Exception { secureStoreService.get(NAMESPACE1, "nonexistingkey"); } }
/** * Deletes the key if the user has ADMIN privileges to the key. * * @throws UnauthorizedException If the user does not have admin privileges required to delete the secure key. * @throws NamespaceNotFoundException If the specified namespace does not exist. * @throws NotFoundException If the key to be deleted is not found. * @throws IOException If there was a problem deleting it from the underlying provider. */ @Override public final void delete(String namespace, String name) throws Exception { Principal principal = authenticationContext.getPrincipal(); SecureKeyId secureKeyId = new SecureKeyId(namespace, name); authorizationEnforcer.enforce(secureKeyId, principal, Action.ADMIN); secureStoreService.delete(namespace, name); }
/** * Puts the user provided data in the secure store, if the user has admin access to the key. * * @throws UnauthorizedException If the user does not have write permissions on the namespace. * @throws NamespaceNotFoundException If the specified namespace does not exist. * @throws IOException If there was a problem storing the key to underlying provider. */ @Override public final synchronized void put(String namespace, String name, String value, @Nullable String description, Map<String, String> properties) throws Exception { Principal principal = authenticationContext.getPrincipal(); NamespaceId namespaceId = new NamespaceId(namespace); SecureKeyId secureKeyId = namespaceId.secureKey(name); authorizationEnforcer.enforce(secureKeyId, principal, Action.ADMIN); secureStoreService.put(namespace, name, value, description, properties); }
/** * Lists all the secure keys in the given namespace that the user has access to. * Returns an empty list if the user does not have access to any of the keys in the namespace. * * @return A map of key names accessible by the user and their descriptions. * @throws NamespaceNotFoundException If the specified namespace does not exist. * @throws IOException If there was a problem reading from the store. * */ @Override public final List<SecureStoreMetadata> list(final String namespace) throws Exception { Principal principal = authenticationContext.getPrincipal(); List<SecureStoreMetadata> metadatas = secureStoreService.list(namespace); return AuthorizationUtil.isVisible(metadatas, authorizationEnforcer, principal, input -> new SecureKeyId(namespace, input.getName()), null); }
/** * Checks if the user has access to read the secure key and returns the {@link SecureStoreData} associated * with the key if they do. * * @return Data associated with the key if the user has read access. * @throws NamespaceNotFoundException If the specified namespace does not exist. * @throws NotFoundException If the key is not found in the store. * @throws IOException If there was a problem reading from the store. * @throws UnauthorizedException If the user does not have READ permissions on the secure key. */ @Override public final SecureStoreData get(String namespace, String name) throws Exception { Principal principal = authenticationContext.getPrincipal(); SecureKeyId secureKeyId = new SecureKeyId(namespace, name); authorizationEnforcer.enforce(secureKeyId, principal, Action.READ); return secureStoreService.get(namespace, name); }
secureStoreService.startAndWait();
@AfterClass public static void cleanUp() { secureStoreService.stopAndWait(); }
@BeforeClass public static void setUp() throws Exception { InMemoryNamespaceAdmin namespaceClient = new InMemoryNamespaceAdmin(); NamespaceMeta namespaceMeta = new NamespaceMeta.Builder() .setName(NAMESPACE1) .build(); namespaceClient.create(namespaceMeta); secureStoreService = new SecretManagerSecureStoreService(namespaceClient, new MockSecretManagerContext(), "mock", new MockSecretManager()); secureStoreService.startAndWait(); }
secureStoreService.stopAndWait(); operationalStatsService.stopAndWait();