[LDAP] Prune send-ca-cert relation check

Author: sinclert-canonical

src/ldap.py

@@ -11,12 +11,9 @@
     LdapRequirer,
     LdapUnavailableEvent,
 )
-from charms.postgresql_k8s.v0.postgresql_tls import (
-    TLS_TRANSFER_RELATION,
-)
 from ops import Relation
 from ops.framework import Object
-from ops.model import ActiveStatus, BlockedStatus
+from ops.model import ActiveStatus
 
 logger = logging.getLogger(__name__)
 
@@ -35,29 +32,13 @@ def __init__(self, charm, relation_name: str):
         self.framework.observe(self.ldap.on.ldap_ready, self._on_ldap_ready)
         self.framework.observe(self.ldap.on.ldap_unavailable, self._on_ldap_unavailable)
 
-    @property
-    def ca_transferred(self) -> bool:
-        """Return whether the CA certificate has been transferred."""
-        ca_transferred_relations = self.model.relations[TLS_TRANSFER_RELATION]
-
-        for relation in ca_transferred_relations:
-            if relation.app.name == self._relation.app.name:
-                return True
-
-        return False
-
     @property
     def _relation(self) -> Relation:
         """Return the relation object."""
         return self.model.get_relation(self.relation_name)
 
-    def _on_ldap_ready(self, event: LdapReadyEvent) -> None:
+    def _on_ldap_ready(self, _: LdapReadyEvent) -> None:
         """Handler for the LDAP ready event."""
-        if not self.ca_transferred:
-            self.charm.unit.status = BlockedStatus("LDAP insecure. Send LDAP server certificate")
-            event.defer()
-            return
-
         logger.debug("Enabling LDAP connection")
         if self.charm.unit.is_leader():
             self.charm.app_peer_data.update({"ldap_enabled": "True"})

tests/unit/test_ldap.py

@@ -3,7 +3,6 @@
 
 from unittest.mock import (
     MagicMock,
-    PropertyMock,
     patch,
 )
 
@@ -29,14 +28,10 @@ def harness():
     harness.cleanup()
 
 
-def test_on_ldap_ready_with_certificate(harness):
+def test_on_ldap_ready(harness):
     mock_event = MagicMock()
 
-    with (
-        patch("charm.PostgresqlOperatorCharm.update_config") as _update_config,
-        patch("charm.PostgreSQLLDAP.ca_transferred", new_callable=PropertyMock) as _ca_transferred,
-    ):
-        _ca_transferred.return_value = True
+    with patch("charm.PostgresqlOperatorCharm.update_config") as _update_config:
         harness.charm.ldap._on_ldap_ready(mock_event)
         _update_config.assert_called_once()
 
@@ -45,22 +40,6 @@ def test_on_ldap_ready_with_certificate(harness):
         assert "ldap_enabled" in app_databag
 
 
-def test_on_ldap_ready_without_certificate(harness):
-    mock_event = MagicMock()
-
-    with (
-        patch("charm.PostgresqlOperatorCharm.update_config") as _update_config,
-        patch("charm.PostgreSQLLDAP.ca_transferred", new_callable=PropertyMock) as _ca_transferred,
-    ):
-        _ca_transferred.return_value = False
-        harness.charm.ldap._on_ldap_ready(mock_event)
-        _update_config.assert_not_called()
-
-        peer_rel_id = harness.model.get_relation(PEER).id
-        app_databag = harness.get_relation_data(peer_rel_id, harness.charm.app)
-        assert "ldap_enabled" not in app_databag
-
-
 def test_on_ldap_unavailable(harness):
     mock_event = MagicMock()