RDBC-790 Working Secured RavenDB Embedded Server

poissoncorp · poissoncorp · commit a17358e3d176 · 2024-01-31T15:07:39.000+01:00
diff --git a/.gitignore b/.gitignore
@@ -1,7 +1,7 @@
 /.idea
 /test.py
 /dist
-/ravendb-embedded.egg-info
+/ravendb_embedded.egg-info
 /ravendb_embedded/target
 *.pyc
 *.log
diff --git a/ravendb_embedded/embedded_server.py b/ravendb_embedded/embedded_server.py
@@ -67,7 +67,7 @@ def start_server(self, options_param: ServerOptions = None) -> None:
 
         if options.security is not None:
             self.client_pem_certificate_path = options.security.client_pem_certificate_path
-            self.trust_store_path = options.security.trust_store_path
+            self.trust_store_path = options.security.ca_certificate_path
 
         start_server.get_value()
 
@@ -78,8 +78,9 @@ def _initialize_document_store(self, database_name, options):
         server_url = self.get_server_uri()
 
         store = DocumentStore(server_url, database_name)
-        store.certificate = self.client_pem_certificate_path
-        store.trust_store = self.trust_store_path
+        if self.client_pem_certificate_path:
+            store.certificate_pem_path = self.client_pem_certificate_path
+        store.trust_store_path = self.trust_store_path
         store.conventions = options.conventions
 
         store.add_after_close(lambda: self.document_stores.pop(database_name))
diff --git a/ravendb_embedded/options.py b/ravendb_embedded/options.py
@@ -27,7 +27,7 @@ def __init__(self):
         self.server_pfx_certificate_path: Optional[str] = None
         self.server_pfx_certificate_password: Optional[str] = None
         self.client_pem_certificate_path: Optional[str] = None
-        self.trust_store_path: Optional[str] = None
+        self.ca_certificate_path: Optional[str] = None
         self.certificate_exec: Optional[str] = None
         self.certificate_arguments: Optional[str] = None
 
diff --git a/ravendb_embedded/raven_server_runner.py b/ravendb_embedded/raven_server_runner.py
@@ -85,7 +85,6 @@ def run(options: ServerOptions) -> subprocess.Popen:
                         f"{CommandLineArgumentEscaper.escape_single_arg(options.security.certificate_arguments)}",
                     ]
                 )
-            # todo : test this case
             if options.security.client_pem_certificate_path:
                 with open(options.security.client_pem_certificate_path, "rb") as cert_file:
                     cert_data = cert_file.read()
diff --git a/tests/test_secured_basic.py b/tests/test_secured_basic.py
@@ -0,0 +1,43 @@
+import shutil
+import tempfile
+from pathlib import Path
+from unittest import TestCase
+
+from ravendb_embedded.embedded_server import EmbeddedServer
+from ravendb_embedded.options import ServerOptions, DatabaseOptions
+from ravendb_embedded.provide import CopyServerFromNugetProvider
+from tests import Person
+
+
+class TestSecuredBasic(TestCase):
+    def test_secured_embedded(self):
+        SERVER_CERTIFICATE_LOCATION = "C:\\RavenDB Clients\\Https\\server.pfx"
+        CA_CERTIFICATE_LOCATION = "C:\\RavenDB Clients\\Https\\ca.crt"
+        CLIENT_CERTIFICATE_LOCATION = "C:\\RavenDB Clients\\Https\\python.pem"
+        temp_dir = tempfile.mkdtemp()
+        try:
+            with EmbeddedServer() as embedded:
+                server_options = ServerOptions()
+                server_options.secured(
+                    SERVER_CERTIFICATE_LOCATION,
+                    CLIENT_CERTIFICATE_LOCATION,
+                    ca_certificate_path=CA_CERTIFICATE_LOCATION,
+                )
+
+                server_options.target_server_location = str(Path(temp_dir, "RavenDBServer"))
+                server_options.data_directory = str(Path(temp_dir, "RavenDB"))
+                server_options.logs_path = str(Path(temp_dir, "Logs"))
+                server_options.provider = CopyServerFromNugetProvider()
+                embedded.start_server(server_options)
+
+                database_options = DatabaseOptions.from_database_name("Test")
+
+                with embedded.get_document_store_from_options(database_options) as store:
+                    with store.open_session() as session:
+                        person = Person()
+                        person.name = "Gracjan"
+
+                        session.store(person, "people/1")
+                        session.save_changes()
+        finally:
+            shutil.rmtree(temp_dir)

Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,6 @@ def run(options: ServerOptions) -> subprocess.Popen:`
`85`	`85`	`f"{CommandLineArgumentEscaper.escape_single_arg(options.security.certificate_arguments)}",`
`86`	`86`	`]`
`87`	`87`	`)`
`88`		`- # todo : test this case`
`89`	`88`	`if options.security.client_pem_certificate_path:`
`90`	`89`	`with open(options.security.client_pem_certificate_path, "rb") as cert_file:`
`91`	`90`	`cert_data = cert_file.read()`