Updating userName schema and adding new tests for PATCH method (a045129a) · Commits · OCF / capif

services/helper/helper_service/openapi_helper_visibility_control.yaml

+3 −0

Original line number	Original line	Diff line number	Diff line
	@@ -285,6 +285,9 @@ components:
	items: { type: string }		items: { type: string }
	minItems: 0		minItems: 0
	uniqueItems: true		uniqueItems: true
			userName:
			type: string
			minLength: 1
	additionalProperties: false		additionalProperties: false

	ProviderSelector:		ProviderSelector:

services/helper/helper_service/services/visibility_control/auth.py

+4 −2

Original line number	Original line	Diff line number	Diff line
	@@ -13,14 +13,16 @@ def cert_validation():
	@wraps(f)		@wraps(f)
	def __cert_validation(args, *kwargs):		def __cert_validation(args, *kwargs):
	# 1. Get certificate header safely		# 1. Get certificate header safely
	cert_tmp = request.headers.get('X-Ssl-Client-Cert')		# cert_tmp = request.headers.get('X-Ssl-Client-Cert')
			cert_tmp = request.headers.get('X-Ssl-Client-Cert') or request.headers.get('X-SSL-Client-Cert') or request.headers.get('x-ssl-client-cert')

	if not cert_tmp:		if not cert_tmp:
	return {"title": "Unauthorized", "detail": "Certificate header missing"}, 401		return {"title": "Unauthorized", "detail": "Certificate header missing"}, 401

	try:		try:
	# 2. Process certificate		# 2. Process certificate
	cert_raw = cert_tmp.replace('\\t', '')		# cert_raw = cert_tmp.replace('\\t', '')
			cert_raw = cert_tmp.replace('\\t', '').replace('\\n', '\n').replace('\\\\n', '\n').replace('\"', '')
	cert = x509.load_pem_x509_certificate(str.encode(cert_raw), default_backend())		cert = x509.load_pem_x509_certificate(str.encode(cert_raw), default_backend())
	cn = cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)[0].value.strip()		cn = cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)[0].value.strip()

services/helper/helper_service/services/visibility_control/openapi/openapi.yaml

+12 −3

Original line number	Original line	Diff line number	Diff line
	@@ -260,7 +260,8 @@ components:
	apiName:		apiName:
	- apiName		- apiName
	- apiName		- apiName
	userName: userName		userName:
			- userName
	aefId:		aefId:
	- aefId		- aefId
	- aefId		- aefId
	@@ -375,7 +376,8 @@ components:
	apiName:		apiName:
	- apiName		- apiName
	- apiName		- apiName
	userName: userName		userName:
			- userName
	aefId:		aefId:
	- aefId		- aefId
	- aefId		- aefId
	@@ -445,7 +447,13 @@ components:
	apiId:		apiId:
	- apiId		- apiId
	- apiId		- apiId
			userName:
			- userName
	properties:		properties:
			userName:
			minLength: 1
			title: userName
			type: string
	apiProviderId:		apiProviderId:
	items:		items:
	type: string		type: string
	@@ -488,7 +496,8 @@ components:
	apiName:		apiName:
	- apiName		- apiName
	- apiName		- apiName
	userName: userName		userName:
			- userName
	aefId:		aefId:
	- aefId		- aefId
	- aefId		- aefId

services/nginx/nginx.conf

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -14,7 +14,7 @@ http {
	}		}
	map "$request_method:$uri:$ssl_client_s_dn_cn" $helper_error_message {		map "$request_method:$uri:$ssl_client_s_dn_cn" $helper_error_message {
	default 'SUCCESS';		default 'SUCCESS';
	"~(GET\|DELETE\|POST):.:(?!(superadmin\|AMF))(.*)" '{"status":401, "title":"Unauthorized" ,"detail":"Role not authorized for this API route", "cause":"User role must be superadmin"}';		"~(GET\|DELETE\|POST\|PATCH):.:(?!(superadmin\|AMF))(.*)" '{"status":401, "title":"Unauthorized" ,"detail":"Role not authorized for this API route", "cause":"User role must be superadmin"}';
	}		}
	map "$request_method:$uri:$ssl_client_s_dn_cn" $invoker_error_message {		map "$request_method:$uri:$ssl_client_s_dn_cn" $invoker_error_message {
	default 'SUCCESS';		default 'SUCCESS';

tests/features/Helper/Visibility Control Api/visibility_control.robot

+55 −1

Original line number	Original line	Diff line number	Diff line
	@@ -174,7 +174,61 @@ Create and Delete Visibility Control Rule by AMF Provider
	... /helper/visibility-control/rules		... /helper/visibility-control/rules
	... server=${CAPIF_HTTPS_URL}		... server=${CAPIF_HTTPS_URL}
	... verify=ca.crt		... verify=ca.crt
	... username=${SUPERADMIN_USERNAME}		... username=${AMF_PROVIDER_USERNAME}

			Length Should Be ${resp.json()['rules']} 0

			Create Update and Delete Visibility Control Rule by AMF Provider
			[Tags] visibility_control-7

			${register_user_info}= Provider Default Registration

			${body}= Create Visibility Control Rule Body

			${resp}= Post Request Capif
			... /helper/visibility-control/rules
			... server=${CAPIF_HTTPS_URL}
			... verify=ca.crt
			... username=${AMF_PROVIDER_USERNAME}
			... json=${body}

			Status Should Be 201 ${resp}

			${rule_id}= Set Variable ${resp.json()['ruleId']}

			${resp}= Get Request Capif
			... /helper/visibility-control/rules
			... server=${CAPIF_HTTPS_URL}
			... verify=ca.crt
			... username=${AMF_PROVIDER_USERNAME}

			Length Should Be ${resp.json()['rules']} 1

			${body}= Create Visibility Control Rule body 2

			${resp}= Patch Request Capif
			... /helper/visibility-control/rules/${rule_id}
			... server=${CAPIF_HTTPS_URL}
			... verify=ca.crt
			... username=${AMF_PROVIDER_USERNAME}
			... json=${body}

			Status Should Be 200 ${resp}

			${resp}= Delete Request Capif
			... /helper/visibility-control/rules/${rule_id}
			... server=${CAPIF_HTTPS_URL}
			... verify=ca.crt
			... username=${AMF_PROVIDER_USERNAME}

			Status Should Be 204 ${resp}

			# Check empty list
			${resp}= Get Request Capif
			... /helper/visibility-control/rules
			... server=${CAPIF_HTTPS_URL}
			... verify=ca.crt
			... username=${AMF_PROVIDER_USERNAME}

	Length Should Be ${resp.json()['rules']} 0		Length Should Be ${resp.json()['rules']} 0