def setUpBasicData(self): self.tag = Tag(name='tag') self.tag.save() self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def credundelete(request, cred_id): cred = get_object_or_404(Cred, pk=cred_id) try: lastchange = CredAudit.objects.filter( cred=cred, audittype__in=[CredAudit.CREDCHANGE, CredAudit.CREDADD], ).latest().time except CredAudit.DoesNotExist: lastchange = _("Unknown (Logs deleted)") # Check user has perms if not cred.is_accessible_by(request.user): raise Http404 if request.method == 'POST': CredAudit(audittype=CredAudit.CREDADD, cred=cred, user=request.user).save() cred.is_deleted = False cred.save() return HttpResponseRedirect( reverse('cred.views.list', args=('special', 'trash'))) CredAudit(audittype=CredAudit.CREDVIEW, cred=cred, user=request.user).save() return render( request, 'cred_detail.html', { 'cred': cred, 'lastchange': lastchange, 'action': reverse('cred.views.delete', args=(cred_id, )), 'undelete': True })
def setUpBasicData(self): # Make a tag self.tag = Tag(name='tag') self.tag.save() # Make a simple credential self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() # Make a cred that'll be tagged self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() # A cred that attempts script injection self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group ) self.injectcred.save() # A cred with markdown self.markdowncred = Cred( title='Markdown Cred', password='******', group=self.group, description='# Test', descriptionmarkdown=True, ) self.markdowncred.save() # Add a Unicode credential self.unicodecred = Cred( title='Unicode ‑ Cred', password='******', group=self.group, description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο', ) self.unicodecred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def setUp(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.tag = Tag(name="tag") self.tag.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.group) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = Client() self.norm.login(username="******", password="******") self.staff = Client() self.staff.login(username="******", password="******") self.nobody = Client() self.nobody.login(username="******", password="******") self.cred = Cred(title="secret", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def update_detail(self, object_list, bundle): # Check user has perms if not bundle.obj.is_owned_by(bundle.request.user): return False CredAudit(audittype=CredAudit.CREDCHANGE, cred=bundle.obj, user=bundle.request.user).save() return True
def read_detail(self, object_list, bundle): # Check user has perms if not bundle.obj.is_visible_by(bundle.request.user): return False # This audit should go somewhere else, is there a detail list function we can override? CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=bundle.obj, user=bundle.request.user).save() return True
def setUpBasicData(self): self.tag = Tag(name="tag") self.tag.save() self.cred = Cred(title="secret", username="******", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group, ) self.injectcred.save() self.markdowncred = Cred( title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True ) self.markdowncred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title="Viewed", password="******", group=self.group) self.viewedcred.save() self.changedcred = Cred(title="Changed", password="******", group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def import_process(request, import_id): # If there was no session data, return 404 if 'imported_data' not in request.session.keys(): raise Http404 # Get the entry we are concerned with try: entry = request.session['imported_data']['entries'][int(import_id)] except IndexError: raise Http404 # Get the group groupid = request.session['imported_data']['group'] try: group = Group.objects.get(pk=groupid) except Group.DoesNotExist: del request.session['imported_data'] raise Http404 if request.method == 'POST': # Try and import what we have now # Did the user upload a new attachment if entry['filename'] and 'attachment' not in request.FILES.keys(): sfile = SimpleUploadedFile(entry['filename'], bytes(entry['filecontent'])) request.FILES['attachment'] = sfile # Build the form form = CredForm(request.user, request.POST, request.FILES) # Do we have enough data to save? if form.is_valid(): # Save the credential form.save() # Write the audit log CredAudit( audittype=CredAudit.CREDADD, cred=form.instance, user=request.user, ).save() # Remove the entry we're importing del request.session['imported_data']['entries'][int(import_id)] request.session.save() # Go back to the overview return HttpResponseRedirect(reverse('staff.views.import_overview')) else: # Init the cred, and create the form processed = dict(entry) # Create all the tags tlist = [] for t in processed['tags']: (tag, create) = Tag.objects.get_or_create(name=t) tlist.append(tag) processed['tags'] = tlist # Setup the group processed['group'] = group # If the icon is empty set it if 'iconname' not in processed.keys(): processed['iconname'] = 'Key.png' # Remove the attachment if processed['filename']: del processed['filename'] del processed['filecontent'] # Create the form form = CredForm(request.user, processed, {}) return render(request, 'staff_import_process.html', { 'form': form, 'icons': get_icon_list(), })
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def loginLDAP(self, username, password): c = Client() loginurl = reverse('django.contrib.auth.views.login') c.post(loginurl, {'username': username, 'password': password}) return c def getLDAPAuthData(self): self.norm = self.loginLDAP(username='******', password='******') self.unorm = User.objects.get(username='******') self.normpass = '******' self.staff = self.loginLDAP(username='******', password='******') self.ustaff = User.objects.get(username='******') self.nobody = self.loginLDAP(username='******', password='******') self.unobody = User.objects.get(username='******') self.group = Group.objects.get(name='testgroup') self.othergroup = Group.objects.get(name='othergroup') def setUpAuthData(self): self.group = Group(name='testgroup') self.group.save() self.othergroup = Group(name='othergroup') self.othergroup.save() self.unorm = User(username='******', email='*****@*****.**') self.unorm.set_password('password') self.normpass = '******' self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username='******', email='*****@*****.**', is_staff=True) self.ustaff.set_password('password') self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username='******', email='*****@*****.**') self.unobody.set_password('password') self.unobody.save() self.norm = Client() self.norm.login(username='******', password='******') self.staff = Client() self.staff.login(username='******', password='******') self.nobody = Client() self.nobody.login(username='******', password='******') def setUpBasicData(self): self.tag = Tag(name='tag') self.tag.save() self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def login(self, username, password): c = Client() loginurl = reverse('login') c.post(loginurl, { 'auth-username': username, 'auth-password': password, 'rattic_tfa_login_view-current_step': 'auth', }) return c def getLDAPAuthData(self): self.norm = self.login(username='******', password='******') self.unorm = User.objects.get(username='******') self.normpass = '******' self.staff = self.login(username='******', password='******') self.ustaff = User.objects.get(username='******') self.nobody = self.login(username='******', password='******') self.unobody = User.objects.get(username='******') self.group = Group.objects.get(name='testgroup') self.othergroup = Group.objects.get(name='othergroup') def setUpAuthData(self): self.group = Group(name='testgroup') self.group.save() self.othergroup = Group(name='othergroup') self.othergroup.save() self.unorm = User(username='******', email='*****@*****.**') self.unorm.set_password('password') self.normpass = '******' self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username='******', email='*****@*****.**', is_staff=True) self.ustaff.set_password('password') self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username='******', email='*****@*****.**') self.unobody.set_password('password') self.unobody.save() self.norm = self.login(username='******', password='******') self.staff = self.login(username='******', password='******') self.nobody = self.login(username='******', password='******') def setUpBasicData(self): # Make a tag self.tag = Tag(name='tag') self.tag.save() # Make a simple credential self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() # Make a cred that'll be tagged self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() # A cred that attempts script injection self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group ) self.injectcred.save() # A cred with markdown self.markdowncred = Cred( title='Markdown Cred', password='******', group=self.group, description='# Test', descriptionmarkdown=True, ) self.markdowncred.save() # Add a Unicode credential self.unicodecred = Cred( title='Unicode ‑ Cred', password='******', group=self.group, description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο', ) self.unicodecred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def read_detail(self, object_list, bundle): # This audit should go somewhere else, is there a detail list function we can override? CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=bundle.obj, user=bundle.request.user).save() return True
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def login(self, username, password): c = Client() loginurl = reverse("django.contrib.auth.views.login") c.post(loginurl, {"username": username, "password": password}) return c def getLDAPAuthData(self): self.norm = self.login(username="******", password="******") self.unorm = User.objects.get(username="******") self.normpass = "******" self.staff = self.login(username="******", password="******") self.ustaff = User.objects.get(username="******") self.nobody = self.login(username="******", password="******") self.unobody = User.objects.get(username="******") self.group = Group.objects.get(name="testgroup") self.othergroup = Group.objects.get(name="othergroup") def setUpAuthData(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.normpass = "******" self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = self.login(username="******", password="******") self.staff = self.login(username="******", password="******") self.nobody = self.login(username="******", password="******") def setUpBasicData(self): self.tag = Tag(name="tag") self.tag.save() self.cred = Cred(title="secret", username="******", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group, ) self.injectcred.save() self.markdowncred = Cred( title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True ) self.markdowncred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title="Viewed", password="******", group=self.group) self.viewedcred.save() self.changedcred = Cred(title="Changed", password="******", group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
class StaffViewTests(TestCase): def setUp(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.tag = Tag(name="tag") self.tag.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.group) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = Client() self.norm.login(username="******", password="******") self.staff = Client() self.staff.login(username="******", password="******") self.nobody = Client() self.nobody.login(username="******", password="******") self.cred = Cred(title="secret", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save() def test_home(self): resp = self.staff.get(reverse("staff.views.home")) self.assertEqual(resp.status_code, 200) userlist = resp.context["userlist"] grouplist = resp.context["grouplist"] self.assertIn(self.unorm, userlist) self.assertIn(self.ustaff, userlist) self.assertIn(self.unobody, userlist) self.assertIn(self.group, grouplist) self.assertIn(self.othergroup, grouplist) def test_view_trash(self): self.cred.is_deleted = True self.cred.save() resp = self.staff.get(reverse("staff.views.view_trash")) self.assertEqual(resp.status_code, 200) credlist = resp.context["credlist"].object_list self.assertIn(self.cred, credlist) self.assertNotIn(self.tagcred, credlist) def test_userdetail(self): resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["viewuser"] self.assertEqual(self.unobody.id, user.id) def test_groupadd(self): resp = self.staff.get(reverse("staff.views.groupadd")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["name"] = "Test Group" resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True) self.assertEqual(resp.status_code, 200) newgroup = Group.objects.get(name="Test Group") def test_groupdetail(self): resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,))) self.assertEqual(resp.status_code, 200) group = resp.context["group"] self.assertEqual(self.group.id, group.id) def test_groupdelete(self): resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,))) self.assertEqual(resp.status_code, 200) group = resp.context["group"] self.assertEqual(self.othergroup.id, group.id) resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True) with self.assertRaises(Group.DoesNotExist): delgroup = Group.objects.get(id=self.othergroup.id) def test_userdelete(self): resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["viewuser"] self.assertEqual(self.unobody.id, user.id) resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True) self.assertEqual(resp.status_code, 200) with self.assertRaises(User.DoesNotExist): deluser = User.objects.get(id=self.unobody.id) def test_audit_by_cred(self): resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,))) self.assertEqual(resp.status_code, 200) cred = resp.context["cred"] loglist = resp.context["logs"].object_list self.assertEqual(self.cred.id, cred.id) self.assertEqual(resp.context["type"], "cred") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_audit_by_user(self): resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["loguser"] loglist = resp.context["logs"].object_list self.assertEqual(self.ustaff.id, user.id) self.assertEqual(resp.context["type"], "user") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_audit_by_days(self): resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,))) self.assertEqual(resp.status_code, 200) days_ago = resp.context["days_ago"] loglist = resp.context["logs"].object_list self.assertEqual(int(days_ago), 2) self.assertEqual(resp.context["type"], "time") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_NewUser(self): resp = self.staff.get(reverse("user_add")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["username"] = "******" post["email"] = "*****@*****.**" post["groups"] = self.othergroup.id post["newpass"] = "******" post["confirmpass"] = "******" resp = self.staff.post(reverse("user_add"), post, follow=True) with self.assertRaises(KeyError): print resp.context["form"].errors self.assertEqual(resp.status_code, 200) newuser = User.objects.get(username="******") self.assertEqual(newuser.email, "*****@*****.**") self.assertTrue(newuser.check_password("crazypass")) self.assertIn(self.othergroup, newuser.groups.all()) self.assertNotIn(self.group, newuser.groups.all()) def test_UpdateUser(self): resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["email"] = "*****@*****.**" post["newpass"] = "******" post["confirmpass"] = "******" resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True) self.assertEqual(resp.status_code, 200) newuser = User.objects.get(id=self.unobody.id) self.assertEqual(newuser.email, "*****@*****.**") self.assertTrue(newuser.check_password("differentpass")) def test_import_from_keepass(self): gp = Group(name="KeepassImportTest") gp.save() self.ustaff.groups.add(gp) self.ustaff.save() resp = self.staff.get(reverse("staff.views.import_from_keepass")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["password"] = "******" post["group"] = gp.id with open("docs/keepass/test2.kdb") as fp: post["file"] = fp resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True) self.assertEqual(resp.status_code, 200) newcred = Cred.objects.get(title="Google", group=gp) self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK") self.assertEqual(newcred.tags.all()[0].name, "Internet") def test_credundelete(self): self.cred.delete() resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,))) self.assertEqual(resp.status_code, 200) self.assertEqual(resp.context["cred"], self.cred) resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True) self.assertEqual(resp.status_code, 200) cred = Cred.objects.get(id=self.cred.id) self.assertFalse(cred.is_deleted)