Merge "Remove ProjectSecret table-related code"

2015-06-24 20:42:14 +00:00 · 2015-06-24 20:42:14 +00:00 · 2aaf6c7b40
commit 2aaf6c7b40
parent 094530c2e6 910431319e
17 changed files with 106 additions and 272 deletions
--- a/barbican/api/controllers/acls.py
+++ b/barbican/api/controllers/acls.py
@ -49,8 +49,7 @@ class SecretACLsController(controllers.ACLMixin):
    def __init__(self, secret):
        self.secret = secret
-        self.secret_project_id = (self.secret.project_assocs[0].
+        self.secret_project_id = self.secret.project.external_id
                                  projects.external_id)
        self.acl_repo = repo.get_secret_acl_repository()
        self.validator = validators.ACLValidator()
--- a/barbican/api/controllers/secrets.py
+++ b/barbican/api/controllers/secrets.py
@ -64,7 +64,7 @@ class SecretController(controllers.ACLMixin):
    def get_acl_tuple(self, req, **kwargs):
        d = self.get_acl_dict_for_user(req, self.secret.secret_acls)
-        d['project_id'] = self.secret.project_assocs[0].projects.external_id
+        d['project_id'] = self.secret.project.external_id
        d['creator_id'] = self.secret.creator_id
        return 'secret', d
@ -124,7 +124,7 @@ class SecretController(controllers.ACLMixin):
        # project associated with secret. The lookup project_id needs to be
        # derived from the secret's data considering authorization is already
        # done.
-        external_project_id = secret.project_assocs[0].projects.external_id
+        external_project_id = secret.project.external_id
        project = res.get_or_create_project(external_project_id)
        # default to application/octet-stream if there is no Accept header
--- a/barbican/model/migration/alembic_migrations/versions/1bece815014f_remove_projectsecret_table.py
+++ b/barbican/model/migration/alembic_migrations/versions/1bece815014f_remove_projectsecret_table.py
@ -0,0 +1,50 @@
 """remove ProjectSecret table
 Revision ID: 1bece815014f
 Revises: 161f8aceb687
 Create Date: 2015-06-23 16:17:50.805295
 """
 # revision identifiers, used by Alembic.
 revision = '1bece815014f'
 down_revision = '161f8aceb687'
 from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import postgresql
 def upgrade():
    op.drop_table('project_secret')
 def downgrade():
    op.create_table(
        'project_secret',
        sa.Column('id', sa.VARCHAR(length=36), autoincrement=False,
                  nullable=False),
        sa.Column('created_at', postgresql.TIMESTAMP(), autoincrement=False,
                  nullable=False),
        sa.Column('updated_at', postgresql.TIMESTAMP(), autoincrement=False,
                  nullable=False),
        sa.Column('deleted_at', postgresql.TIMESTAMP(), autoincrement=False,
                  nullable=True),
        sa.Column('deleted', sa.BOOLEAN(), autoincrement=False,
                  nullable=False),
        sa.Column('status', sa.VARCHAR(length=20), autoincrement=False,
                  nullable=False),
        sa.Column('role', sa.VARCHAR(length=255), autoincrement=False,
                  nullable=True),
        sa.Column('project_id', sa.VARCHAR(length=36), autoincrement=False,
                  nullable=False),
        sa.Column('secret_id', sa.VARCHAR(length=36), autoincrement=False,
                  nullable=False),
        sa.ForeignKeyConstraint(['project_id'], [u'projects.id'],
                                name=u'project_secret_project_fk'),
        sa.ForeignKeyConstraint(['secret_id'], [u'secrets.id'],
                                name=u'project_secret_secret_fk'),
        sa.PrimaryKeyConstraint('id', name=u'project_secret_pkey'),
        sa.UniqueConstraint('project_id', 'secret_id',
                            name=u'_project_secret_uc')
    )
--- a/barbican/model/models.py
+++ b/barbican/model/models.py
@ -215,28 +215,6 @@ class SoftDeleteMixIn(object):
        self._do_delete_children(session)
 class ProjectSecret(BASE, SoftDeleteMixIn, ModelBase):
    """Represents an association between a Project and a Secret."""
    __tablename__ = 'project_secret'
    role = sa.Column(sa.String(255))
    secret = orm.relationship("Secret", backref="project_assocs")
    project_id = sa.Column(
        sa.String(36),
        sa.ForeignKey('projects.id', name='project_secret_project_fk'),
        index=True,
        nullable=False)
    secret_id = sa.Column(
        sa.String(36),
        sa.ForeignKey('secrets.id', name='project_secret_secret_fk'),
        index=True,
        nullable=False)
    __table_args__ = (sa.UniqueConstraint(
        'project_id', 'secret_id', name='_project_secret_uc'),)
 class ContainerSecret(BASE, SoftDeleteMixIn, ModelBase):
    """Represents an association between a Container and a Secret."""
@ -272,7 +250,6 @@ class Project(BASE, SoftDeleteMixIn, ModelBase):
    orders = orm.relationship("Order", backref="project")
    secrets = orm.relationship("Secret", backref="project")
    old_secrets = orm.relationship("ProjectSecret", backref="projects")
    keks = orm.relationship("KEKDatum", backref="project")
    containers = orm.relationship("Container", backref="project")
    cas = orm.relationship("ProjectCertificateAuthority", backref="project")
@ -305,7 +282,7 @@ class Secret(BASE, SoftDeleteMixIn, ModelBase):
        sa.String(36),
        sa.ForeignKey('projects.id', name='secrets_project_fk'),
        index=True,
-        nullable=True)
+        nullable=False)
    # TODO(jwood): Performance - Consider avoiding full load of all
    #   datum attributes here. This is only being done to support the
@ -337,6 +314,7 @@ class Secret(BASE, SoftDeleteMixIn, ModelBase):
            self.bit_length = parsed_request.get('bit_length')
            self.mode = parsed_request.get('mode')
            self.creator_id = parsed_request.get('creator_id')
            self.project_id = parsed_request.get('project_id')
        self.status = States.ACTIVE
--- a/barbican/model/repositories.py
+++ b/barbican/model/repositories.py
@ -61,7 +61,6 @@ _ORDER_RETRY_TASK_REPOSITORY = None
 _PREFERRED_CA_REPOSITORY = None
 _PROJECT_REPOSITORY = None
 _PROJECT_CA_REPOSITORY = None
 _PROJECT_SECRET_REPOSITORY = None
 _SECRET_ACL_REPOSITORY = None
 _SECRET_META_REPOSITORY = None
 _SECRET_REPOSITORY = None
@ -313,9 +312,6 @@ def delete_all_project_resources(project_id):
    kek_repo = get_kek_datum_repository()
    kek_repo.delete_project_entities(
        project_id, suppress_exception=False, session=session)
    project_secret_repo = get_project_secret_repository()
    project_secret_repo.delete_project_entities(
        project_id, suppress_exception=False, session=session)
    project_repo = get_project_repository()
    project_repo.delete_project_entities(
        project_id, suppress_exception=False, session=session)
@ -610,59 +606,25 @@ class SecretRepo(BaseRepo):
        if secret_type:
            query = query.filter(models.Secret.secret_type == secret_type)
-        query_projects, query_old_project_assoc = (
+        query = query.join(models.Project)
-            self._build_filter_secrets_by_project_queries(
+        query = query.filter(models.Project.external_id == external_project_id)
                query, external_project_id))
-        total, entities = self._page_old_and_new_secret_project_assocs(
+        total = query.count()
-            query_projects, query_old_project_assoc, offset, limit)
+        end_offset = offset + limit
        LOG.debug('Retrieving from %s to %s', offset, end_offset)
        query = query.limit(limit).offset(offset)
        entities = query.all()
        LOG.debug('Number entities retrieved: %s out of %s',
                  len(entities), total)
        if total <= 0 and not suppress_exception:
            _raise_no_entities_found(self._do_entity_name())
        return entities, offset, limit, total
    def _build_filter_secrets_by_project_queries(self, query, project_id):
        query_projects = query.filter(models.Secret.project_id == project_id)
        query_old_project_assoc = query.join(models.ProjectSecret,
                                             models.Secret.project_assocs)
        query_old_project_assoc = query_old_project_assoc.join(
            models.Project, models.ProjectSecret.projects)
        query_old_project_assoc = query_old_project_assoc.filter(
            models.Project.external_id == project_id)
        return query_projects, query_old_project_assoc
    def _page_old_and_new_secret_project_assocs(
            self, query_projects, query_old_project_assoc, offset, limit):
        project_count = query_projects.count()
        old_project_count = query_old_project_assoc.count()
        total = project_count + old_project_count
        end_offset = offset + limit
        LOG.debug('Retrieving from %s to %s', offset, end_offset)
        # Page over new-association secrets first, then old-association secrets
        if end_offset < project_count:
            query_project = query_projects.limit(limit).offset(offset)
            entities = query_project.all()
        elif offset >= project_count:
            query_old_project_assoc = (
                query_old_project_assoc.limit(limit).offset(
                    offset - project_count))
            entities = query_old_project_assoc.all()
        else:
            query_project = query_projects.limit(limit).offset(offset)
            entities = query_project.all()
            query_old_project_assoc = query_old_project_assoc.limit(
                end_offset - project_count + 1).offset(0)
            entities.extend(query_old_project_assoc.all())
        LOG.debug('Number entities retrieved: %s out of %s',
                  len(entities), total)
        return total, entities
    def _do_entity_name(self):
        """Sub-class hook: return entity name, such as for debugging."""
        return "Secret"
@ -679,14 +641,9 @@ class SecretRepo(BaseRepo):
        query = session.query(models.Secret)
        query = query.filter_by(id=entity_id, deleted=False)
        query = query.filter(expiration_filter)
-        query_projects, query_old_project_assoc = (
+        query = query.join(models.Project)
-            self._build_filter_secrets_by_project_queries(
+        query = query.filter(models.Project.external_id == external_project_id)
-                query, external_project_id))
+        return query
        if query_projects.count() > 0:
            return query_projects
        else:
            return query_old_project_assoc
    def _do_validate(self, values):
        """Sub-class hook: validate values."""
@ -695,18 +652,11 @@ class SecretRepo(BaseRepo):
    def _build_get_project_entities_query(self, project_id, session):
        """Builds query for retrieving Secrets associated with a given project
        Discovery is done via a ProjectSecret association.
        :param project_id: id of barbican project entity
        :param session: existing db session reference.
        """
        query = session.query(models.Secret).filter_by(deleted=False)
-
+        query = query.filter(models.Secret.project_id == project_id)
        query_projects, query_old_project_assoc = (
            self._build_filter_secrets_by_project_queries(
                query, project_id))
        query = query_projects.union(query_old_project_assoc)
        return query
@ -877,31 +827,6 @@ class KEKDatumRepo(BaseRepo):
            project_id=project_id).filter_by(deleted=False)
 class ProjectSecretRepo(BaseRepo):
    """Repository for the ProjectSecret entity."""
    def _do_entity_name(self):
        """Sub-class hook: return entity name, such as for debugging."""
        return "ProjectSecret"
    def _do_build_get_query(self, entity_id, external_project_id, session):
        """Sub-class hook: build a retrieve query."""
        return session.query(models.ProjectSecret).filter_by(id=entity_id)
    def _do_validate(self, values):
        """Sub-class hook: validate values."""
        pass
    def _build_get_project_entities_query(self, project_id, session):
        """Builds query for retrieving ProjectSecret related to given project.
        :param project_id: id of barbican project entity
        :param session: existing db session reference.
        """
        return session.query(models.ProjectSecret).filter_by(
            project_id=project_id).filter_by(deleted=False)
 class OrderRepo(BaseRepo):
    """Repository for the Order entity."""
@ -1991,12 +1916,6 @@ def get_project_ca_repository():
                           ProjectCertificateAuthorityRepo)
 def get_project_secret_repository():
    """Returns a singleton ProjectSecret repository instance."""
    global _PROJECT_SECRET_REPOSITORY
    return _get_repository(_PROJECT_SECRET_REPOSITORY, ProjectSecretRepo)
 def get_secret_acl_repository():
    """Returns a singleton Secret ACL repository instance."""
    global _SECRET_ACL_REPOSITORY
--- a/barbican/plugin/resources.py
+++ b/barbican/plugin/resources.py
@ -345,14 +345,6 @@ def _save_secret_in_repo(secret_model, project_model):
    if not secret_model.id:
        secret_model.project_id = project_model.id
        secret_repo.create_from(secret_model)
        new_assoc = models.ProjectSecret()
        new_assoc.project_id = project_model.id
        new_assoc.secret_id = secret_model.id
        new_assoc.role = "admin"
        new_assoc.status = models.States.ACTIVE
        project_secret_repo = repos.get_project_secret_repository()
        project_secret_repo.create_from(new_assoc)
    else:
        secret_repo.save(secret_model)
--- a/barbican/plugin/store_crypto.py
+++ b/barbican/plugin/store_crypto.py
@ -304,18 +304,11 @@ def _store_secret_and_datum(
    if not secret_model.id:
        secret_model.project_id = context.project_model.id
        repositories.get_secret_repository().create_from(secret_model)
        new_assoc = models.ProjectSecret()
        new_assoc.project_id = context.project_model.id
        new_assoc.secret_id = secret_model.id
        new_assoc.role = "admin"
        new_assoc.status = models.States.ACTIVE
        repositories.get_project_secret_repository().create_from(new_assoc)
    # setup and store encrypted datum
    datum_model = models.EncryptedDatum(secret_model, kek_datum_model)
    datum_model.content_type = context.content_type
-    datum_model.cypher_text = (
+    datum_model.cypher_text = base64.b64encode(generated_dto.cypher_text)
        base64.b64encode(generated_dto.cypher_text))
    datum_model.kek_meta_extended = generated_dto.kek_meta_extended
    datum_model.secret_id = secret_model.id
    repositories.get_encrypted_datum_repository().create_from(
--- a/barbican/tests/api/test_resources.py
+++ b/barbican/tests/api/test_resources.py
@ -236,11 +236,6 @@ class BaseSecretsResource(FunctionalTest):
        self.secret_repo.create_from.return_value = self.secret
        self.setup_secret_repository_mock(self.secret_repo)
        # Set up mocked project-secret repo
        self.project_secret_repo = mock.MagicMock()
        self.project_secret_repo.create_from.return_value = None
        self.setup_project_secret_repository_mock(self.project_secret_repo)
        # Set up mocked encrypted datum repo
        self.datum_repo = mock.MagicMock()
        self.datum_repo.create_from.return_value = None
@ -327,9 +322,8 @@ class WhenGettingPuttingOrDeletingSecretUsingSecretResource(FunctionalTest):
                                    content_type=self.datum.content_type)
        self.secret.secret_acls = []
-        self.secret.project_assocs = [mock.MagicMock()]
+        self.secret.project = mock.MagicMock()
-        secret_project = self.secret.project_assocs[0].projects
+        self.secret.project.external_id = self.external_project_id
        secret_project.external_id = self.external_project_id
        # Set up mocked project
        self.project = models.Project()
@ -350,9 +344,6 @@ class WhenGettingPuttingOrDeletingSecretUsingSecretResource(FunctionalTest):
        self.secret_repo.delete_entity_by_id = mock.Mock(return_value=None)
        self.setup_secret_repository_mock(self.secret_repo)
        # Set up mocked project-secret repo
        self.setup_project_secret_repository_mock()
        # Set up mocked encrypted datum repo
        self.datum_repo = mock.MagicMock()
        self.datum_repo.create_from.return_value = None
--- a/barbican/tests/api/test_resources_policy.py
+++ b/barbican/tests/api/test_resources_policy.py
@ -256,7 +256,6 @@ class WhenTestingSecretsResource(BaseTestCase):
        self.setup_encrypted_datum_repository_mock()
        self.setup_kek_datum_repository_mock()
        self.setup_project_repository_mock()
        self.setup_project_secret_repository_mock()
        self.setup_secret_meta_repository_mock()
        self.setup_transport_key_repository_mock()
@ -323,8 +322,7 @@ class WhenTestingSecretResource(BaseTestCase):
        self.acl_list = [acl_read]
        secret = mock.MagicMock()
        secret.secret_acls.__iter__.return_value = self.acl_list
-        secret.project_assocs[0].projects.external_id = (self.
+        secret.project.external_id = self.external_project_id
                                                         external_project_id)
        secret.creator_id = self.creator_user_id
        self.resource = SecretResource(secret)
--- a/barbican/tests/model/repositories/test_repositories_acls.py
+++ b/barbican/tests/model/repositories/test_repositories_acls.py
@ -49,7 +49,6 @@ class WhenTestingSecretACLRepository(database_utils.RepositoryTestCase,
        # Setup the secret and needed base relationship
        secret_repo = repositories.get_secret_repository()
        session = secret_repo.get_session()
        secret = secret_repo.create_from(models.Secret(), session=session)
        if project_id is None:  # don't re-create project if it created earlier
            project = models.Project()
@ -57,10 +56,11 @@ class WhenTestingSecretACLRepository(database_utils.RepositoryTestCase,
            project.save(session=session)
            project_id = project.id
-        project_secret = models.ProjectSecret()
+        secret_model = models.Secret()
-        project_secret.secret_id = secret.id
+        secret_model.project_id = project_id
-        project_secret.project_id = project_id
+        secret = secret_repo.create_from(secret_model, session=session)
-        project_secret.save(session=session)
+
        secret.save(session=session)
        session.commit()
        return secret
@ -226,8 +226,7 @@ class WhenTestingSecretACLRepository(database_utils.RepositoryTestCase,
                                         session)
        self.acl_repo.create_or_replace_from(secret1, acl1)
-        secret2 = self._create_base_secret(
+        secret2 = self._create_base_secret(secret1.project.id)
            secret1.project_assocs[0].project_id)
        acl21 = self.acl_repo.create_from(models.SecretACL(secret2.id, 'read',
                                                           None, ['u3', 'u4']),
                                          session)
--- a/barbican/tests/model/repositories/test_repositories_secrets.py
+++ b/barbican/tests/model/repositories/test_repositories_secrets.py
@ -56,15 +56,13 @@ class WhenTestingSecretRepository(database_utils.RepositoryTestCase):
    def test_get_by_create_date(self):
        session = self.repo.get_session()
        secret = self.repo.create_from(models.Secret(), session=session)
        project = models.Project()
        project.external_id = "my keystone id"
        project.save(session=session)
-        project_secret = models.ProjectSecret()
+        secret_model = models.Secret()
-        project_secret.secret_id = secret.id
+        secret_model.project_id = project.id
-        project_secret.project_id = project.id
+        secret = self.repo.create_from(secret_model, session=session)
        project_secret.save(session=session)
        session.commit()
@ -81,15 +79,14 @@ class WhenTestingSecretRepository(database_utils.RepositoryTestCase):
    def test_get_secret_by_id(self):
        session = self.repo.get_session()
        secret = self.repo.create_from(models.Secret(), session=session)
        project = models.Project()
        project.external_id = "my keystone id"
        project.save(session=session)
-        project_secret = models.ProjectSecret()
+        secret_model = models.Secret()
-        project_secret.secret_id = secret.id
+        secret_model.project_id = project.id
-        project_secret.project_id = project.id
+        secret = self.repo.create_from(secret_model, session=session)
-        project_secret.save(session=session)
+
        session.commit()
        db_secret = self.repo.get_secret_by_id(secret.id)
@ -104,31 +101,24 @@ class WhenTestingSecretRepository(database_utils.RepositoryTestCase):
                                                     suppress_exception=True))
    @utils.parameterized_dataset(dataset_for_filter_tests)
-    def test_get_by_create_date_with_filter(
+    def test_get_by_create_date_with_filter(self, secret_1_dict, secret_2_dict,
-            self, secret_1_dict, secret_2_dict, query_dict):
+                                            query_dict):
        session = self.repo.get_session()
        secret1 = self.repo.create_from(
            models.Secret(secret_1_dict),
            session=session,
        )
        secret2 = self.repo.create_from(
            models.Secret(secret_2_dict),
            session=session,
        )
        project = models.Project()
        project.external_id = "my keystone id"
        project.save(session=session)
-        project_secret1 = models.ProjectSecret()
+        secret_1_dict['project_id'] = project.id
-        project_secret1.secret_id = secret1.id
+        secret1 = self.repo.create_from(
-        project_secret1.project_id = project.id
+            models.Secret(secret_1_dict),
-        project_secret1.save(session=session)
+            session=session,
-
+        )
-        project_secret2 = models.ProjectSecret()
+        secret_2_dict['project_id'] = project.id
-        project_secret2.secret_id = secret2.id
+        secret2 = self.repo.create_from(
-        project_secret2.project_id = project.id
+            models.Secret(secret_2_dict),
-        project_secret2.save(session=session)
+            session=session,
        )
        session.commit()
@ -137,8 +127,9 @@ class WhenTestingSecretRepository(database_utils.RepositoryTestCase):
            session=session,
            **query_dict
        )
-
+        resulting_secret_ids = [s.id for s in secrets]
-        self.assertEqual([s.id for s in secrets], [secret1.id])
+        self.assertIn(secret1.id, resulting_secret_ids)
        self.assertNotIn(secret2.id, resulting_secret_ids)
        self.assertEqual(offset, 0)
        self.assertEqual(limit, 10)
        self.assertEqual(total, 1)
--- a/barbican/tests/plugin/test_resource.py
+++ b/barbican/tests/plugin/test_resource.py
@ -75,10 +75,6 @@ class WhenTestingPluginResource(testtools.TestCase,
        self.setup_container_secret_repository_mock(
            self.container_secret_repo)
        self.project_secret_repo = mock.MagicMock()
        self.project_secret_repo.create_from.return_value = None
        self.setup_project_secret_repository_mock(self.project_secret_repo)
        self.secret_meta_repo = mock.MagicMock()
        self.secret_meta_repo.create_from.return_value = None
        self.setup_secret_meta_repository_mock(self.secret_meta_repo)
--- a/barbican/tests/plugin/test_store_crypto.py
+++ b/barbican/tests/plugin/test_store_crypto.py
@ -125,7 +125,6 @@ class TestSecretStoreBase(testtools.TestCase,
    def init_patchers(self):
        self._config_get_secret_repository()
        self._config_get_project_secret_repository()
        self._config_get_encrypted_datum_repository()
        self._config_get_kek_datum_repository()
@ -140,12 +139,6 @@ class TestSecretStoreBase(testtools.TestCase,
        self.secret_repo.create_from.return_value = self.secret_model
        self.setup_secret_repository_mock(self.secret_repo)
    def _config_get_project_secret_repository(self):
        """Mock the get_project_secret_repository() factory function."""
        self.project_secret_repo = mock.MagicMock()
        self.project_secret_repo.create_from.return_value = None
        self.setup_project_secret_repository_mock(self.project_secret_repo)
    def _config_get_encrypted_datum_repository(self):
        """Mock the get_encrypted_datum_repository() factory function."""
        self.datum_repo = mock.MagicMock()
@ -676,7 +669,6 @@ class WhenTestingStoreCryptoStoreSecretAndDatum(TestSecretStoreBase):
        # Verify the repository interactions.
        self._verify_secret_repository_interactions()
        self._verify_project_secret_repository_interactions()
        self._verify_encrypted_datum_repository_interactions()
    def test_with_existing_secret(self):
@ -692,8 +684,6 @@ class WhenTestingStoreCryptoStoreSecretAndDatum(TestSecretStoreBase):
        # Verify **not** these repository interactions.
        self.assertEqual(
            self.secret_repo.create_from.call_count, 0)
        self.assertEqual(
            self.project_secret_repo.create_from.call_count, 0)
    def _verify_secret_repository_interactions(self):
        """Verify the secret repository interactions."""
@ -703,19 +693,6 @@ class WhenTestingStoreCryptoStoreSecretAndDatum(TestSecretStoreBase):
        test_secret_model = args[0]
        self.assertEqual(self.secret_model, test_secret_model)
    def _verify_project_secret_repository_interactions(self):
        """Verify the project-secret repository interactions."""
        self.assertEqual(
            self.project_secret_repo.create_from.call_count, 1)
        args, kwargs = self.project_secret_repo.create_from.call_args
        test_project_secret_model = args[0]
        self.assertIsInstance(test_project_secret_model, models.ProjectSecret)
        self.assertEqual(
            self.context.project_model.id,
            test_project_secret_model.project_id)
        self.assertEqual(
            models.States.ACTIVE, test_project_secret_model.status)
    def _verify_encrypted_datum_repository_interactions(self):
        """Verify the encrypted datum repository interactions."""
        self.assertEqual(
--- a/barbican/tests/tasks/test_certificate_resources.py
+++ b/barbican/tests/tasks/test_certificate_resources.py
@ -37,7 +37,6 @@ ca_repo = repositories.get_ca_repository()
 preferred_ca_repo = repositories.get_preferred_ca_repository()
 project_repo = repositories.get_project_repository()
 order_repo = repositories.get_order_repository()
 project_secret_repo = repositories.get_project_secret_repository()
 class WhenPerformingPrivateOperations(utils.BaseTestCase,
@ -167,30 +166,23 @@ class BaseCertificateRequestsTestCase(utils.BaseTestCase):
        # data for stored key cases
        self.private_key = models.Secret()
        self.private_key.secret_type = 'PRIVATE'
        self.private_key.project_id = self.project.id
        secret_repo.create_from(self.private_key)
        ps = models.ProjectSecret()
        ps.project_id = self.project.id
        ps.secret_id = self.private_key.id
        project_secret_repo.save(ps)
        self.public_key = models.Secret()
        self.public_key.secret_type = 'PUBLIC'
        self.public_key.project_id = self.project.id
        secret_repo.create_from(self.public_key)
        self.passphrase = models.Secret()
        self.passphrase.secret_type = 'PASSPHRASE'
        self.passphrase.project_id = self.project.id
        secret_repo.create_from(self.passphrase)
        self.private_key_value = None
        self.public_key_value = "public_key"
        self.passphrase_value = None
        ps = models.ProjectSecret()
        ps.project_id = self.project.id
        ps.secret_id = self.passphrase.id
        project_secret_repo.save(ps)
        self.parsed_container_with_passphrase = {
            'name': 'container name',
            'type': 'rsa',
--- a/barbican/tests/tasks/test_keystone_consumer.py
+++ b/barbican/tests/tasks/test_keystone_consumer.py
@ -72,7 +72,6 @@ class WhenUsingKeystoneEventConsumer(
        super(WhenUsingKeystoneEventConsumer, self).setUp()
        self.kek_repo = rep.get_kek_datum_repository()
        self.project_repo = rep.get_project_repository()
        self.project_secret_repo = rep.get_project_secret_repository()
        self.secret_meta_repo = rep.get_secret_meta_repository()
        self.secret_repo = rep.get_secret_repository()
        self.transport_key_repo = rep.get_transport_key_repository()
@ -89,10 +88,6 @@ class WhenUsingKeystoneEventConsumer(
        self.assertEqual(1, len(db_secrets))
        self.assertEqual(secret.id, db_secrets[0].id)
        db_project_secret = (
            self.project_secret_repo.get_project_entities(project2_id))
        self.assertEqual(1, len(db_project_secret))
        db_kek = self.kek_repo.get_project_entities(project2_id)
        self.assertEqual(1, len(db_kek))
@ -245,11 +240,6 @@ class WhenUsingKeystoneEventConsumerProcessMethod(
            entity_id=secret_metadata_id)
        self.assertIsNotNone(db_secret_store_meta)
        project_secret_repo = rep.get_project_secret_repository()
        db_project_secret = project_secret_repo.get_project_entities(
            project1_id)
        self.assertEqual(1, len(db_project_secret))
        kek_repo = rep.get_kek_datum_repository()
        db_kek = kek_repo.get_project_entities(project1_id)
        self.assertEqual(1, len(db_kek))
@ -272,11 +262,6 @@ class WhenUsingKeystoneEventConsumerProcessMethod(
                               external_project_id=self.project_id1)
        self.assertIn(secret_id, str(ex))
        # After project entities delete, make sure project_secret is not found
        entities = project_secret_repo.get_project_entities(
            project1_id)
        self.assertEqual(0, len(entities))
        # After project entities delete, make sure kek data is not found
        entities = kek_repo.get_project_entities(project1_id)
        self.assertEqual(0, len(entities))
@ -308,11 +293,6 @@ class WhenUsingKeystoneEventConsumerProcessMethod(
        self.assertEqual(1, len(db_secrets))
        self.assertEqual(secret.id, db_secrets[0].id)
        project_secret_repo = rep.get_project_secret_repository()
        db_project_secret = project_secret_repo.get_project_entities(
            project1_id)
        self.assertEqual(1, len(db_project_secret))
        kek_repo = rep.get_kek_datum_repository()
        db_kek = kek_repo.get_project_entities(project1_id)
        self.assertEqual(1, len(db_kek))
@ -346,10 +326,6 @@ class WhenUsingKeystoneEventConsumerProcessMethod(
        self.assertEqual(1, len(db_secrets))
        self.assertEqual(secret_id, db_secrets[0].id)
        db_project_secret = project_secret_repo.get_project_entities(
            project1_id)
        self.assertEqual(1, len(db_project_secret))
        db_kek = kek_repo.get_project_entities(project1_id)
        self.assertEqual(1, len(db_kek))
--- a/barbican/tests/tasks/test_resources.py
+++ b/barbican/tests/tasks/test_resources.py
@ -67,10 +67,6 @@ class BaseOrderTestCase(utils.BaseTestCase, utils.MockModelRepositoryMixin):
        self.secret_repo.create_from.return_value = None
        self.setup_secret_repository_mock(self.secret_repo)
        self.project_secret_repo = mock.MagicMock()
        self.project_secret_repo.create_from.return_value = None
        self.setup_project_secret_repository_mock(self.project_secret_repo)
        self.datum_repo = mock.MagicMock()
        self.datum_repo.create_from.return_value = None
        self.setup_encrypted_datum_repository_mock(self.datum_repo)
--- a/barbican/tests/utils.py
+++ b/barbican/tests/utils.py
@ -213,19 +213,6 @@ class MockModelRepositoryMixin(object):
                                    mock_repo_obj=mock_project_repo,
                                    patcher_obj=self.mock_project_repo_patcher)
    def setup_project_secret_repository_mock(
            self, mock_project_secret_repo=mock.MagicMock()):
        """Mocks the project-secret repository factory function
        :param mock_project_secret_repo: The pre-configured mock project-secret
                                         repo to be returned.
        """
        self.mock_project_secret_repo_patcher = None
        self._setup_repository_mock(
            repo_factory='get_project_secret_repository',
            mock_repo_obj=mock_project_secret_repo,
            patcher_obj=self.mock_project_secret_repo_patcher)
    def setup_secret_meta_repository_mock(
            self, mock_secret_meta_repo=mock.MagicMock()):
        """Mocks the secret-meta repository factory function