Handle duplicate creation of CA with same UUID.

2017-10-30 23:29:14 +00:00 · 2017-10-30 23:29:14 +00:00 · f3b217435a
commit f3b217435a
parent c81af303b0
2 changed files with 16 additions and 1 deletions
--- a/tatu/db/models.py
+++ b/tatu/db/models.py
@ -1,6 +1,7 @@
 from datetime import datetime
 import sqlalchemy as sa
 from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.exc import IntegrityError
 import falcon
 import sshpubkeys
 import uuid
@ -28,7 +29,10 @@ def createAuthority(session, auth_id):
                   user_key=RSA.generate(2048).exportKey('PEM'),
                   host_key=RSA.generate(2048).exportKey('PEM'))
  session.add(auth)
+  try:
    session.commit()
+  except IntegrityError:
+    raise falcon.HTTPConflict("This certificate authority already exists.")
  return auth

 class UserCert(Base):
--- a/tatu/tests/test_app.py
+++ b/tatu/tests/test_app.py
@ -52,6 +52,17 @@ def test_post_authority(client):
  #auth = session.query(Authority).get(auth_id)
  #assert auth is not None

+@pytest.mark.dependency(depends=['test_post_authority'])
+def test_post_authority_duplicate(client):
+  body = {
+    'auth_id': auth_id,
+  }
+  response = client.simulate_post(
+    '/authorities',
+    body=json.dumps(body)
+  )
+  assert response.status == falcon.HTTP_CONFLICT
+
 def test_post_no_body(client):
  for path in ['/authorities', '/usercerts', '/hosttokens',
               '/hostcerts', '/novavendordata']: