diff --git a/lemur/plugins/lemur_entrust/plugin.py b/lemur/plugins/lemur_entrust/plugin.py index 9b7848ed..515e2400 100644 --- a/lemur/plugins/lemur_entrust/plugin.py +++ b/lemur/plugins/lemur_entrust/plugin.py @@ -34,8 +34,7 @@ def determine_end_date(end_date): if not end_date: end_date = max_validity_end - - if end_date > max_validity_end: + elif end_date > max_validity_end: end_date = max_validity_end return end_date.format('YYYY-MM-DD') diff --git a/lemur/plugins/lemur_entrust/tests/test_entrust.py b/lemur/plugins/lemur_entrust/tests/test_entrust.py index b1cd4c83..354e204e 100644 --- a/lemur/plugins/lemur_entrust/tests/test_entrust.py +++ b/lemur/plugins/lemur_entrust/tests/test_entrust.py @@ -3,6 +3,7 @@ from unittest.mock import patch, Mock import arrow from cryptography import x509 from lemur.plugins.lemur_entrust import plugin +from freezegun import freeze_time def config_mock(*args): @@ -21,11 +22,18 @@ def config_mock(*args): return values[args[0]] +@patch("lemur.plugins.lemur_digicert.plugin.current_app") +def test_determine_end_date(mock_current_app): + with freeze_time(time_to_freeze=arrow.get(2016, 11, 3).datetime): + assert arrow.get(2017, 12, 3).format('YYYY-MM-DD') == plugin.determine_end_date(0) # 1 year + 1 month + assert arrow.get(2017, 3, 5).format('YYYY-MM-DD') == plugin.determine_end_date(arrow.get(2017, 3, 5)) + assert arrow.get(2017, 12, 3).format('YYYY-MM-DD') == plugin.determine_end_date(arrow.get(2020, 5, 7)) + + @patch("lemur.plugins.lemur_entrust.plugin.current_app") def test_process_options(mock_current_app, authority): mock_current_app.config.get = Mock(side_effect=config_mock) - plugin.determine_end_date = Mock(return_value=arrow.get(2020, 10, 7).format('YYYY-MM-DD')) - + plugin.determine_end_date = Mock(return_value=arrow.get(2017, 11, 5).format('YYYY-MM-DD')) authority.name = "Entrust" names = [u"one.example.com", u"two.example.com", u"three.example.com"] options = { @@ -35,7 +43,7 @@ def test_process_options(mock_current_app, authority): "extensions": {"sub_alt_names": {"names": [x509.DNSName(x) for x in names]}}, "organization": "Example, Inc.", "organizational_unit": "Example Org", - "validity_end": arrow.get(2020, 10, 7), + "validity_end": arrow.utcnow().shift(years=1, months=+1), "authority": authority, } @@ -43,7 +51,7 @@ def test_process_options(mock_current_app, authority): "signingAlg": "SHA-2", "eku": "SERVER_AND_CLIENT_AUTH", "certType": "ADVANTAGE_SSL", - "certExpiryDate": arrow.get(2020, 10, 7).format('YYYY-MM-DD'), + "certExpiryDate": arrow.get(2017, 11, 5).format('YYYY-MM-DD'), "tracking": { "requesterName": mock_current_app.config.get("ENTRUST_NAME"), "requesterEmail": mock_current_app.config.get("ENTRUST_EMAIL"), diff --git a/lemur/tests/conf.py b/lemur/tests/conf.py index f1019d04..8255e674 100644 --- a/lemur/tests/conf.py +++ b/lemur/tests/conf.py @@ -37,9 +37,9 @@ LEMUR_ENCRYPTION_KEYS = base64.urlsafe_b64encode(get_random_secret(length=32).en # List of domain regular expressions that non-admin users can issue LEMUR_WHITELISTED_DOMAINS = [ - "^[a-zA-Z0-9-]+\.example\.com$", - "^[a-zA-Z0-9-]+\.example\.org$", - "^example\d+\.long\.com$", + r"^[a-zA-Z0-9-]+\.example\.com$", + r"^[a-zA-Z0-9-]+\.example\.org$", + r"^example\d+\.long\.com$", ] # Mail Server