Refactor password generation methods into shared find_or_create methods

This allows the "fetch from the database or generate and save" behavior to be shared across different embedded ansible platforms
ManageIQ · Nov 28, 2017 · 52bab34 · 52bab34
1 parent 90fe730
commit 52bab34
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 56 deletions.
diff --git a/lib/embedded_ansible.rb b/lib/embedded_ansible.rb
@@ -43,9 +43,41 @@ def api_connection_raw(host, port)
     )
   end
 
+  def find_or_create_secret_key
+    miq_database.ansible_secret_key || miq_database.ansible_secret_key = SecureRandom.hex(16)
+  end
+
+  def find_or_create_admin_authentication
+    miq_database.ansible_admin_authentication || miq_database.set_ansible_admin_authentication(:password => generate_password)
+  end
+
+  def find_or_create_rabbitmq_authentication
+    miq_database.ansible_rabbitmq_authentication || miq_database.set_ansible_rabbitmq_authentication(:password => generate_password)
+  end
+
+  def find_or_create_database_authentication
+    auth = miq_database.ansible_database_authentication
+    return auth if auth
+
+    auth = miq_database.set_ansible_database_authentication(:password => generate_password)
+
+    database_connection.select_value("CREATE ROLE #{database_connection.quote_column_name(auth.userid)} WITH LOGIN PASSWORD #{database_connection.quote(auth.password)}")
+    database_connection.select_value("CREATE DATABASE awx OWNER #{database_connection.quote_column_name(auth.userid)} ENCODING 'utf8'")
+
+    auth
+  end
+
+  def generate_password
+    SecureRandom.base64(18).tr("+/", "-_")
+  end
+
   def miq_database
     MiqDatabase.first
   end
+
+  def database_connection
+    ActiveRecord::Base.connection
+  end
 end
 
 Dir.glob(File.join(File.dirname(__FILE__), "embedded_ansible/*.rb")).each { |f| require_dependency f }
diff --git a/lib/embedded_ansible/appliance_embedded_ansible.rb b/lib/embedded_ansible/appliance_embedded_ansible.rb
@@ -112,7 +112,7 @@ def with_inventory_file
   end
 
   def configure_secret_key
-    key = miq_database.ansible_secret_key || generate_secret_key
+    key = find_or_create_secret_key
     File.write(SECRET_KEY_FILE, key)
   end
 
@@ -130,29 +130,10 @@ def update_proxy_settings
     File.write(SETTINGS_FILE, new_contents)
   end
 
-  def generate_secret_key
-    miq_database.ansible_secret_key = SecureRandom.hex(16)
-  end
-
-  def generate_admin_authentication
-    miq_database.set_ansible_admin_authentication(:password => generate_password)
-  end
-
-  def generate_rabbitmq_authentication
-    miq_database.set_ansible_rabbitmq_authentication(:password => generate_password)
-  end
-
-  def generate_database_authentication
-    auth = miq_database.set_ansible_database_authentication(:password => generate_password)
-    database_connection.select_value("CREATE ROLE #{database_connection.quote_column_name(auth.userid)} WITH LOGIN PASSWORD #{database_connection.quote(auth.password)}")
-    database_connection.select_value("CREATE DATABASE awx OWNER #{database_connection.quote_column_name(auth.userid)} ENCODING 'utf8'")
-    auth
-  end
-
   def inventory_file_contents
-    admin_auth    = miq_database.ansible_admin_authentication || generate_admin_authentication
-    rabbitmq_auth = miq_database.ansible_rabbitmq_authentication || generate_rabbitmq_authentication
-    database_auth = miq_database.ansible_database_authentication || generate_database_authentication
+    admin_auth    = find_or_create_admin_authentication
+    rabbitmq_auth = find_or_create_rabbitmq_authentication
+    database_auth = find_or_create_database_authentication
     db_config     = Rails.configuration.database_configuration[Rails.env]
 
     <<-EOF.strip_heredoc
@@ -181,14 +162,6 @@ def inventory_file_contents
     EOF
   end
 
-  def generate_password
-    SecureRandom.base64(18).tr("+/", "-_")
-  end
-
-  def database_connection
-    ActiveRecord::Base.connection
-  end
-
   def local_tower_version
     File.read(TOWER_VERSION_FILE).strip
   end

diff --git a/spec/lib/embedded_ansible/appliance_embedded_ansible_spec.rb b/spec/lib/embedded_ansible/appliance_embedded_ansible_spec.rb
@@ -242,7 +242,7 @@
 
       it "generates new passwords with no passwords set" do
         expect(subject).to receive(:alive?).and_return(true)
-        expect(subject).to receive(:generate_database_authentication).and_return(double(:userid => "awx", :password => "databasepassword"))
+        expect(subject).to receive(:find_or_create_database_authentication).and_return(double(:userid => "awx", :password => "databasepassword"))
         expect(AwesomeSpawn).to receive(:run!) do |script_path, options|
           params                  = options[:params]
           inventory_file_contents = File.read(params[:inventory=])
@@ -292,36 +292,13 @@
 
       it "removes the secret key from the database when setup fails" do
         miq_database.ansible_secret_key = "supersecretkey"
-        expect(subject).to receive(:generate_database_authentication).and_return(double(:userid => "awx", :password => "databasepassword"))
+        expect(subject).to receive(:find_or_create_database_authentication).and_return(double(:userid => "awx", :password => "databasepassword"))
 
         expect(AwesomeSpawn).to receive(:run!).and_raise(AwesomeSpawn::CommandResultError.new("error", 1))
         expect { subject.start }.to raise_error(AwesomeSpawn::CommandResultError)
         expect(miq_database.reload.ansible_secret_key).not_to be_present
       end
     end
-
-    describe "#generate_database_authentication (private)" do
-      let(:password)        { "secretpassword" }
-      let(:quoted_password) { ActiveRecord::Base.connection.quote(password) }
-      let(:connection)      { double(:quote => quoted_password) }
-
-      before do
-        allow(connection).to receive(:quote_column_name) do |name|
-          ActiveRecord::Base.connection.quote_column_name(name)
-        end
-      end
-
-      it "creates the database" do
-        allow(subject).to receive(:database_connection).and_return(connection)
-        expect(subject).to receive(:generate_password).and_return(password)
-        expect(connection).to receive(:select_value).with("CREATE ROLE \"awx\" WITH LOGIN PASSWORD #{quoted_password}")
-        expect(connection).to receive(:select_value).with("CREATE DATABASE awx OWNER \"awx\" ENCODING 'utf8'")
-
-        auth = subject.send(:generate_database_authentication)
-        expect(auth.userid).to eq("awx")
-        expect(auth.password).to eq(password)
-      end
-    end
   end
 
   describe "#update_proxy_settings (private)" do

diff --git a/spec/lib/embedded_ansible_spec.rb b/spec/lib/embedded_ansible_spec.rb
@@ -128,5 +128,35 @@
         end
       end
     end
+
+    describe "#find_or_create_database_authentication (private)" do
+      let(:password)        { "secretpassword" }
+      let(:quoted_password) { ActiveRecord::Base.connection.quote(password) }
+      let(:connection)      { double(:quote => quoted_password) }
+
+      before do
+        allow(connection).to receive(:quote_column_name) do |name|
+          ActiveRecord::Base.connection.quote_column_name(name)
+        end
+      end
+
+      it "creates the database" do
+        allow(subject).to receive(:database_connection).and_return(connection)
+        expect(subject).to receive(:generate_password).and_return(password)
+        expect(connection).to receive(:select_value).with("CREATE ROLE \"awx\" WITH LOGIN PASSWORD #{quoted_password}")
+        expect(connection).to receive(:select_value).with("CREATE DATABASE awx OWNER \"awx\" ENCODING 'utf8'")
+
+        auth = subject.send(:find_or_create_database_authentication)
+        expect(auth.userid).to eq("awx")
+        expect(auth.password).to eq(password)
+      end
+
+      it "returns the saved authentication" do
+        miq_database.set_ansible_database_authentication(:password => "mypassword")
+        auth = subject.send(:find_or_create_database_authentication)
+        expect(auth.userid).to eq("awx")
+        expect(auth.password).to eq("mypassword")
+      end
+    end
   end
 end