From ed03a4a679a37845e0e1b50ab617f85304f26a12 Mon Sep 17 00:00:00 2001
From: Mathias Ertl <mati@er.tl>
Date: Sat, 3 Nov 2018 16:24:02 +0100
Subject: [PATCH] better test case for unwritable

---
 ca/django_ca/management/commands/import_ca.py |  2 +-
 ca/django_ca/tests/tests_command_import_ca.py | 17 ++++++++---------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/ca/django_ca/management/commands/import_ca.py b/ca/django_ca/management/commands/import_ca.py
index d566ac71b..87df80a2c 100644
--- a/ca/django_ca/management/commands/import_ca.py
+++ b/ca/django_ca/management/commands/import_ca.py
@@ -112,7 +112,7 @@ def handle(self, name, key, pem, **options):
         try:
             write_private_file(ca.private_key_path, pem)
         except PermissionError:
-            perm_denied = '%s: Permission denied: Could not open file for writing.' % ca.private_key_path
+            perm_denied = '%s: Permission denied: Could not open file for writing' % ca.private_key_path
             raise CommandError(perm_denied)
 
         # Only save CA to database if we loaded all data and copied private key
diff --git a/ca/django_ca/tests/tests_command_import_ca.py b/ca/django_ca/tests/tests_command_import_ca.py
index faa32ffa5..9b34c32aa 100644
--- a/ca/django_ca/tests/tests_command_import_ca.py
+++ b/ca/django_ca/tests/tests_command_import_ca.py
@@ -21,7 +21,6 @@
 from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
 
 from django.conf import settings
-from django.core.management.base import CommandError
 
 from .. import ca_settings
 from ..models import CertificateAuthority
@@ -116,24 +115,24 @@ def test_intermediate(self):
 
     @override_tmpcadir()
     def test_permission_denied(self):
-        # Import the same CA twice, 2nd time should throw an error, because the file already exists
         name = 'testname'
         pem_path = os.path.join(settings.FIXTURES_DIR, 'root.pem')
         key_path = os.path.join(settings.FIXTURES_DIR, 'root.key')
-        out, err = self.cmd('import_ca', name, key_path, pem_path)
-
-        ca = CertificateAuthority.objects.get(name=name)
+        os.chmod(settings.CA_DIR, 0o000)
 
-        error = '%s: Permission denied: Could not open file for writing.' % ca.private_key_path
+        error = r'^%s/%s.key: Permission denied: Could not open file for writing$' % (
+            settings.CA_DIR, certs['root']['serial']
+        )
         with self.assertCommandError(error):
-            out, err = self.cmd('import_ca', name, key_path, pem_path)
+            self.cmd('import_ca', name, key_path, pem_path)
+        os.chmod(settings.CA_DIR, 0o644)
 
     @override_tmpcadir(CA_MIN_KEY_SIZE=1024)
     def test_bogus_pub(self):
         name = 'testname'
         pem_path = os.path.join(settings.FIXTURES_DIR, __file__)
         key_path = os.path.join(settings.FIXTURES_DIR, 'root-key.der')
-        with self.assertRaisesRegex(CommandError, r'^Unable to load public key\.$'):
+        with self.assertCommandError(r'^Unable to load public key\.$'):
             self.cmd('import_ca', name, key_path, pem_path)
         self.assertEqual(CertificateAuthority.objects.count(), 0)
 
@@ -142,6 +141,6 @@ def test_bogus_priv(self):
         name = 'testname'
         pem_path = os.path.join(settings.FIXTURES_DIR, 'root-pub.der')
         key_path = os.path.join(settings.FIXTURES_DIR, __file__)
-        with self.assertRaisesRegex(CommandError, r'^Unable to load private key\.$'):
+        with self.assertCommandError(r'^Unable to load private key\.$'):
             self.cmd('import_ca', name, key_path, pem_path)
         self.assertEqual(CertificateAuthority.objects.count(), 0)