Merge pull request #3455 from hosseinsh/exclude-revoked-certs-default-autorotatet
Exclude revoked certs from defaulting them to auto-rotate
This commit is contained in:
commit
2e43211496
@ -153,6 +153,7 @@ def get_all_certs_attached_to_endpoint_without_autorotate():
|
||||
return (
|
||||
Certificate.query.filter(Certificate.endpoints.any())
|
||||
.filter(Certificate.rotation == false())
|
||||
.filter(Certificate.revoked == false())
|
||||
.filter(Certificate.not_after >= arrow.now())
|
||||
.filter(not_(Certificate.replaced.any()))
|
||||
.all() # noqa
|
||||
|
@ -84,6 +84,25 @@ def test_get_by_serial(session, certificate):
|
||||
assert found
|
||||
|
||||
|
||||
def test_get_all_certs_attached_to_endpoint_without_autorotate(session):
|
||||
from lemur.certificates.service import get_all_certs_attached_to_endpoint_without_autorotate, \
|
||||
cleanup_after_revoke
|
||||
from lemur.tests.factories import EndpointFactory
|
||||
|
||||
# add a certificate with endpoint
|
||||
EndpointFactory()
|
||||
|
||||
list_before = get_all_certs_attached_to_endpoint_without_autorotate()
|
||||
len_list_before = len(list_before)
|
||||
assert len_list_before > 0
|
||||
# revoked the first certificate
|
||||
first_cert_with_endpoint = list_before[0]
|
||||
cleanup_after_revoke(first_cert_with_endpoint)
|
||||
|
||||
list_after = get_all_certs_attached_to_endpoint_without_autorotate()
|
||||
assert len(list_after) + 1 == len_list_before
|
||||
|
||||
|
||||
def test_delete_cert(session):
|
||||
from lemur.certificates.service import delete, get
|
||||
from lemur.tests.factories import CertificateFactory
|
||||
|
@ -32,7 +32,7 @@ def test_rotate_certificate(client, source_plugin):
|
||||
)
|
||||
def test_endpoint_get(client, token, status):
|
||||
assert (
|
||||
client.get(api.url_for(Endpoints, endpoint_id=1), headers=token).status_code
|
||||
client.get(api.url_for(Endpoints, endpoint_id=2), headers=token).status_code
|
||||
== status
|
||||
)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user