ref(controller): rename DomainCert to Certificate

Matthew Fisher · Matthew Fisher · commit f2438e604322 · 2015-04-03T10:50:24.000-07:00
diff --git a/controller/api/models.py b/controller/api/models.py
@@ -112,14 +112,11 @@ def validate_domain(value):
         raise ValidationError('"{}" contains unexpected characters'.format(value))
 
 
-def validate_domain_certificate(value):
+def validate_certificate(value):
     try:
-        cert = crypto.load_certificate(crypto.FILETYPE_PEM, value)
-        Domain.objects.get(domain=cert.get_subject().CN)
+        crypto.load_certificate(crypto.FILETYPE_PEM, value)
     except crypto.Error as e:
         raise ValidationError('Could not load certificate: {}'.format(e))
-    except Domain.DoesNotExist:
-        raise ValidationError('No matching domain was found for {}'.format(cert.get_subject().CN))
 
 
 class AuditedModel(models.Model):
@@ -832,20 +829,19 @@ class Domain(AuditedModel):
     owner = models.ForeignKey(settings.AUTH_USER_MODEL)
     app = models.ForeignKey('App')
     domain = models.TextField(blank=False, null=False, unique=True)
-    cert = models.ForeignKey('DomainCert', null=True)
 
     def __str__(self):
         return self.domain
 
 
 @python_2_unicode_compatible
-class DomainCert(AuditedModel):
+class Certificate(AuditedModel):
     """
     Public and private key pair used to secure application traffic at the router.
     """
     owner = models.ForeignKey(settings.AUTH_USER_MODEL)
     # there is no upper limit on the size of an x.509 certificate
-    certificate = models.TextField(validators=[validate_domain_certificate])
+    certificate = models.TextField(validators=[validate_certificate])
     key = models.TextField()
     # X.509 certificates allow any string of information as the common name.
     common_name = models.TextField(unique=True)
@@ -867,7 +863,7 @@ def save(self, *args, **kwargs):
         if not self.expires:
             # convert openssl's expiry date format to Django's DateTimeField format
             self.expires = datetime.strptime(certificate.get_notAfter(), '%Y%m%d%H%M%SZ')
-        return super(DomainCert, self).save(*args, **kwargs)
+        return super(Certificate, self).save(*args, **kwargs)
 
 
 @python_2_unicode_compatible
@@ -1011,9 +1007,9 @@ def _etcd_purge_domains(**kwargs):
 post_save.connect(_log_release_created, sender=Release, dispatch_uid='api.models.log')
 post_save.connect(_log_config_updated, sender=Config, dispatch_uid='api.models.log')
 post_save.connect(_log_domain_added, sender=Domain, dispatch_uid='api.models.log')
-post_save.connect(_log_cert_added, sender=DomainCert, dispatch_uid='api.models.log')
+post_save.connect(_log_cert_added, sender=Certificate, dispatch_uid='api.models.log')
 post_delete.connect(_log_domain_removed, sender=Domain, dispatch_uid='api.models.log')
-post_delete.connect(_log_cert_removed, sender=DomainCert, dispatch_uid='api.models.log')
+post_delete.connect(_log_cert_removed, sender=Certificate, dispatch_uid='api.models.log')
 
 
 # automatically generate a new token on creation
@@ -1038,5 +1034,5 @@ def create_auth_token(sender, instance=None, created=False, **kwargs):
     post_delete.connect(_etcd_purge_domains, sender=Domain, dispatch_uid='api.models')
     post_save.connect(_etcd_create_app, sender=App, dispatch_uid='api.models')
     post_delete.connect(_etcd_purge_app, sender=App, dispatch_uid='api.models')
-    post_save.connect(_etcd_publish_cert, sender=DomainCert, dispatch_uid='api.models')
-    post_delete.connect(_etcd_purge_cert, sender=DomainCert, dispatch_uid='api.models')
+    post_save.connect(_etcd_publish_cert, sender=Certificate, dispatch_uid='api.models')
+    post_delete.connect(_etcd_purge_cert, sender=Certificate, dispatch_uid='api.models')
diff --git a/controller/api/serializers.py b/controller/api/serializers.py
@@ -260,7 +260,7 @@ def validate_domain(self, value):
         return value
 
 
-class DomainCertSerializer(ModelSerializer):
+class CertificateSerializer(ModelSerializer):
     """Serialize a :class:`~api.models.Cert` model."""
 
     expires = serializers.DateTimeField(format=settings.DEIS_DATETIME_FORMAT, read_only=True)
@@ -269,7 +269,7 @@ class DomainCertSerializer(ModelSerializer):
 
     class Meta:
         """Metadata options for a DomainCertSerializer."""
-        model = models.DomainCert
+        model = models.Certificate
         extra_kwargs = {'certificate': {'write_only': True},
                         'key': {'write_only': True}}
         read_only_fields = ['owner', 'common_name', 'expires', 'created', 'updated']
diff --git a/controller/api/south_migrations/0021_auto__add_certificate.py b/controller/api/south_migrations/0021_auto__add_certificate.py
@@ -8,8 +8,8 @@
 class Migration(SchemaMigration):
 
     def forwards(self, orm):
-        # Adding model 'DomainCert'
-        db.create_table(u'api_domaincert', (
+        # Adding model 'Certificate'
+        db.create_table(u'api_certificate', (
             (u'id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
             ('created', self.gf('django.db.models.fields.DateTimeField')(auto_now_add=True, blank=True)),
             ('updated', self.gf('django.db.models.fields.DateTimeField')(auto_now=True, blank=True)),
@@ -19,27 +19,19 @@ def forwards(self, orm):
             ('common_name', self.gf('django.db.models.fields.TextField')(unique=True)),
             ('expires', self.gf('django.db.models.fields.DateTimeField')()),
         ))
-        db.send_create_signal(u'api', ['DomainCert'])
-
-        # Adding field 'Domain.cert'
-        db.add_column(u'api_domain', 'cert',
-                      self.gf('django.db.models.fields.related.ForeignKey')(to=orm['api.DomainCert'], null=True),
-                      keep_default=False)
+        db.send_create_signal(u'api', ['Certificate'])
 
 
     def backwards(self, orm):
-        # Deleting model 'DomainCert'
-        db.delete_table(u'api_domaincert')
-
-        # Deleting field 'Domain.cert'
-        db.delete_column(u'api_domain', 'cert_id')
+        # Deleting model 'Certificate'
+        db.delete_table(u'api_certificate')
 
 
     models = {
         u'api.app': {
             'Meta': {'object_name': 'App'},
             'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
-            'id': ('django.db.models.fields.SlugField', [], {'default': "'dogged-quotient'", 'unique': 'True', 'max_length': '64'}),
+            'id': ('django.db.models.fields.SlugField', [], {'default': "'tender-jamboree'", 'unique': 'True', 'max_length': '64'}),
             'owner': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['auth.User']"}),
             'structure': ('json_field.fields.JSONField', [], {'default': '{}', 'blank': 'True'}),
             'updated': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}),
@@ -57,6 +49,17 @@ def backwards(self, orm):
             'updated': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'}),
             'uuid': ('api.fields.UuidField', [], {'unique': 'True', 'max_length': '32', 'primary_key': 'True'})
         },
+        u'api.certificate': {
+            'Meta': {'object_name': 'Certificate'},
+            'certificate': ('django.db.models.fields.TextField', [], {}),
+            'common_name': ('django.db.models.fields.TextField', [], {'unique': 'True'}),
+            'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
+            'expires': ('django.db.models.fields.DateTimeField', [], {}),
+            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'key': ('django.db.models.fields.TextField', [], {}),
+            'owner': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['auth.User']"}),
+            'updated': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'})
+        },
         u'api.config': {
             'Meta': {'ordering': "[u'-created']", 'unique_together': "((u'app', u'uuid'),)", 'object_name': 'Config'},
             'app': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['api.App']"}),
@@ -83,24 +86,12 @@ def backwards(self, orm):
         u'api.domain': {
             'Meta': {'object_name': 'Domain'},
             'app': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['api.App']"}),
-            'cert': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['api.DomainCert']", 'null': 'True'}),
             'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
             'domain': ('django.db.models.fields.TextField', [], {'unique': 'True'}),
             u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
             'owner': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['auth.User']"}),
             'updated': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'})
         },
-        u'api.domaincert': {
-            'Meta': {'object_name': 'DomainCert'},
-            'certificate': ('django.db.models.fields.TextField', [], {}),
-            'common_name': ('django.db.models.fields.TextField', [], {'unique': 'True'}),
-            'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
-            'expires': ('django.db.models.fields.DateTimeField', [], {}),
-            u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
-            'key': ('django.db.models.fields.TextField', [], {}),
-            'owner': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['auth.User']"}),
-            'updated': ('django.db.models.fields.DateTimeField', [], {'auto_now': 'True', 'blank': 'True'})
-        },
         u'api.key': {
             'Meta': {'unique_together': "((u'owner', u'id'),)", 'object_name': 'Key'},
             'created': ('django.db.models.fields.DateTimeField', [], {'auto_now_add': 'True', 'blank': 'True'}),
diff --git a/controller/api/tests/__init__.py b/controller/api/tests/__init__.py
@@ -52,7 +52,7 @@ def run_tests(self, test_labels, extra_tests=None, **kwargs):
 from .test_build import *  # noqa
 from .test_config import *  # noqa
 from .test_domain import *  # noqa
-from .test_domain_cert import *  # noqa
+from .test_certificate import *  # noqa
 from .test_container import *  # noqa
 from .test_hooks import *  # noqa
 from .test_key import *  # noqa
diff --git a/controller/api/tests/test_certificate.py b/controller/api/tests/test_certificate.py
@@ -6,10 +6,10 @@
 from django.test import TestCase
 from rest_framework.authtoken.models import Token
 
-from api.models import App, Domain, DomainCert
+from api.models import App, Certificate
 
 
-class DomainCertTest(TestCase):
+class CertificateTest(TestCase):
 
     """Tests creation of domain SSL certificates"""
 
@@ -22,8 +22,6 @@ def setUp(self):
         self.token2 = Token.objects.get(user=self.user).key
         self.url = '/v1/certs'
         self.app = App.objects.create(owner=self.user, id='test-app')
-        self.domain = Domain.objects.create(owner=self.user, app=self.app,
-                                            domain='autotest.example.com')
         self.key = """-----BEGIN RSA PRIVATE KEY-----
 MIIEogIBAAKCAQEAwyLIwjpUQkAmh/z6JvQMAtvNu/dBuCt+R8cnQMEw4VglglMw
 YKAm2ZXA03LYWk5EO52YaDZKPAqjng+m4k+B0ble5XG4vFRTlBhln0cR3UAYlm7Z
@@ -76,7 +74,7 @@ def setUp(self):
 -----END CERTIFICATE-----"""
 
     def test_create_certificate_with_domain(self):
-        """Tests creating a domain cert when the domain is present."""
+        """Tests creating a certificate."""
         body = {'certificate': self.autotest_example_com_cert, 'key': self.key}
         response = self.client.post(self.url, json.dumps(body), content_type='application/json',
                                     HTTP_AUTHORIZATION='token {}'.format(self.token))
@@ -105,24 +103,10 @@ def test_certficate_denied_requests(self):
         self.assertEqual(response.status_code, 405)
 
     def test_delete_certificate(self):
-        """Destroying a domain cert should generate a 204 response"""
-        DomainCert.objects.create(owner=self.user,
-                                  common_name='autotest.example.com',
-                                  certificate=self.autotest_example_com_cert)
+        """Destroying a certificate should generate a 204 response"""
+        Certificate.objects.create(owner=self.user,
+                                   common_name='autotest.example.com',
+                                   certificate=self.autotest_example_com_cert)
         url = '/v1/certs/autotest.example.com'
         response = self.client.delete(url, HTTP_AUTHORIZATION='token {}'.format(self.token))
         self.assertEqual(response.status_code, 204)
-
-    def test_create_certificate_without_domain_present(self):
-        """
-        When a domain cert is being created without the corresponding domain in place, the request
-        should be denied and no domain certificate should be created.
-        """
-        self.domain.delete()
-        body = {'certificate': self.autotest_example_com_cert, 'key': self.key}
-        response = self.client.post(self.url, json.dumps(body), content_type='application/json',
-                                    HTTP_AUTHORIZATION='token {}'.format(self.token))
-        self.assertEqual(response.status_code, 400)
-        self.assertEqual(response.data, {'certificate': ['No matching domain was found '
-                                                         'for autotest.example.com']})
-        self.assertEqual(len(DomainCert.objects.all()), 0)
diff --git a/controller/api/urls.py b/controller/api/urls.py
@@ -83,7 +83,7 @@
     url(r'^admin/perms/?',
         views.AdminPermsViewSet.as_view({'get': 'list', 'post': 'create'})),
     url(r'^certs/(?P<common_name>[-_.\w]+)/?'.format(settings.APP_URL_REGEX),
-        views.DomainCertViewSet.as_view({'get': 'retrieve', 'delete': 'destroy'})),
+        views.CertificateViewSet.as_view({'get': 'retrieve', 'delete': 'destroy'})),
     url(r'^certs/?',
-        views.DomainCertViewSet.as_view({'get': 'list', 'post': 'create'})),
+        views.CertificateViewSet.as_view({'get': 'list', 'post': 'create'})),
 )
diff --git a/controller/api/views.py b/controller/api/views.py
@@ -221,10 +221,10 @@ def get_object(self, **kwargs):
         return self.get_queryset(**kwargs)
 
 
-class DomainCertViewSet(BaseDeisViewSet):
+class CertificateViewSet(BaseDeisViewSet):
     """A viewset for interacting with Domain objects."""
-    model = models.DomainCert
-    serializer_class = serializers.DomainCertSerializer
+    model = models.Certificate
+    serializer_class = serializers.CertificateSerializer
 
     def get_object(self, **kwargs):
         """Retrieve domain certificate by common name"""
