def test1_exploit_invalid_session(self):
req = DELETE(config.ui_host, config.ui_port, "/auth")
req.authorize("\xc0\x8d\xc0\x8a\xc0\x8d\xc0\x8a{\"attack\": \"payload\"}")
response, content = req.perform()
self.assertEqual(401, response.status)
result = json.loads(content)
self.assertEqual("error", result["status"])
self.assertEqual(401, result["code"])
def tearDown(self):
try:
req = DELETE("localhost", globalConfig.uiPort, "/auth")
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
finally:
super().tearDown()
def test4_fail_on_delete_read_only_firmware(self):
req = DELETE(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/firmware")
req.authorize(self.session)
response, content = req()
self.assertEqual(405, response.status)
result = json.loads(content)
self.assertEqual("Method Not Allowed", result["status"])
def test3_unpair_non_existing(self):
req = DELETE(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id + "/devices/0xf101201230234023")
req.authorize(self.session)
response, content = req()
self.assertEqual(403, response.status)
result = json.loads(content)
self.assertEqual("error", result["status"])
self.assertEqual("not enough permission to access the resource",
result["message"])
def tearDown(self): req = DELETE(config.ui_host, config.ui_port, "/gateways/" + config.gateway_id) req.authorize(self.session) response, content = req() self.assertEqual(204, response.status) req = DELETE(config.ui_host, config.ui_port, "/auth") req.authorize(self.session) response, content = req() self.assertEqual(204, response.status)
def test2_register_unregister_token(self):
req = POST(config.ui_host, config.ui_port, "/notifications/fcm")
req.authorize(self.session)
req.body(json.dumps({"id": config.fcm_token}))
response, _ = req()
self.assertEqual(204, response.status)
req = DELETE(config.ui_host, config.ui_port,
"/notifications/fcm/" + config.fcm_token)
req.authorize(self.session)
response, _ = req()
self.assertEqual(204, response.status)
def test4_unpair_inactive(self):
req = DELETE(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id + "/devices/0xa371959aad24618e")
req.authorize(self.session)
response, content = req()
self.assertEqual(202, response.status)
data = json.loads(content)
self.assertEqual("success", data["status"])
device_uri = response.getheader("Location")
for i in range(10):
req = GET(config.ui_host, config.ui_port, device_uri)
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
if result["data"]["state"] == "inactive":
break
time.sleep(1)
req = GET(config.ui_host, config.ui_port, device_uri)
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
self.assertEqual("inactive", result["data"]["state"])
def test1_add_and_delete(self):
req = POST(config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id + "/locations")
req.authorize(self.session)
req.body(json.dumps({"name": "New location", "type": 0}))
response, content = req()
self.assertEqual(201, response.status)
req = DELETE(config.ui_host, config.ui_port,
response.headers["Location"])
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
def test1_assign_unassign(self):
# assign a prepared gateway
req = POST(config.ui_host, config.ui_port, "/gateways")
req.authorize(self.session)
req.body(
json.dumps({
"id": config.gateway_id,
"name": "My Home",
"timezone_id": "Europe/Prague"
}))
response, content = req()
self.assertEqual(201, response.status)
self.assertEqual("/gateways/" + config.gateway_id,
response.getheader("Location"))
# check the gateway's contents
resultLink = response.getheader("Location")
req = GET(config.ui_host, config.ui_port, resultLink)
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
self.assertEqual("My Home", result["data"]["name"])
self.assertEqual(config.gateway_id, result["data"]["id"])
self.assertEqual("Europe/Prague", result["data"]["timezone"]["id"])
# unassign the gateway
req = DELETE(config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id)
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
# test the gateway is inaccessible
req = GET(config.ui_host, config.ui_port, resultLink)
req.authorize(self.session)
response, content = req()
self.assertEqual(403, response.status)
result = json.loads(content)
self.assertEqual(403, result["code"])
self.assertEqual("not enough permission to access the resource",
result["message"])
def test7_create_get_remove_password(self):
req = GET(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
response, content = req()
self.assertEqual(404, response.status)
result = json.loads(content)
self.assertEqual("error", result["status"])
req = POST(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
req.body(json.dumps({"value": "some-password"}))
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
req = GET(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
self.assertEqual("password", result["data"]["key"])
self.assertEqual("Password", result["data"]["display_name"])
self.assertIsNone(result["data"]["value"])
self.assertTrue(result["data"]["write-only"])
self.assertNotIn("read-only", result["data"])
req = DELETE(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
def test6_create_get_remove_ip_address(self):
req = GET(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/ip-address")
req.authorize(self.session)
response, content = req()
self.assertEqual(404, response.status)
result = json.loads(content)
self.assertEqual("error", result["status"])
req = POST(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/ip-address")
req.authorize(self.session)
req.body(json.dumps({"value": "192.168.0.1"}))
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
req = GET(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/ip-address")
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
self.assertEqual("ip-address", result["data"]["key"])
self.assertEqual("IP address", result["data"]["display_name"])
self.assertEqual("192.168.0.1", result["data"]["value"])
self.assertNotIn("read-only", result["data"])
self.assertNotIn("write-only", result["data"])
req = DELETE(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/ip-address")
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
def unassignGateway(self, gwId, resultLink):
# unassign the gateway
req = DELETE("localhost", globalConfig.uiPort, "/gateways/" + gwId)
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
# test the gateway is inaccessible
req = GET("localhost", globalConfig.uiPort, resultLink)
req.authorize(self.session)
response, content = req()
self.assertEqual(403, response.status)
result = json.loads(content)
self.assertEqual(403, result["code"])
self.assertEqual("not enough permission to access the resource", result["message"])
def test8_create_twice_password(self):
req = GET(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
response, content = req()
self.assertEqual(404, response.status)
result = json.loads(content)
self.assertEqual("error", result["status"])
req = POST(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
req.body(json.dumps({"value": "some-password"}))
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
req = POST(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
req.body(json.dumps({"value": "some-password"}))
response, content = req()
self.assertEqual(409, response.status)
result = json.loads(content)
self.assertEqual("Conflict", result["status"])
req = DELETE(
config.ui_host, config.ui_port, "/gateways/" + config.gateway_id +
"/devices/0xa335d00019f5234e/properties/password")
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
def test9_create_properties(self):
properties = {"ip-address": "10.0.0.1", "password": "******"}
for key, value in properties.items():
req = POST(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id +
"/devices/0xa371959aad24618e/properties/" + key)
req.authorize(self.session)
req.body(json.dumps({"value": "10.0.0.1"}))
response, content = req()
self.assertEqual(200, response.status)
req = DELETE(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id +
"/devices/0xa371959aad24618e/properties/" + key)
req.authorize(self.session)
response, content = req()
self.assertEqual(204, response.status)
def logout(session): req = DELETE(config.ui_host, config.ui_port, "/auth") req.authorize(session) return req()
def tearDown(self): req = DELETE(config.ui_host, config.ui_port, "/auth") req.authorize(self.session) response, _ = req() self.assertEqual(204, response.status)
def unpairDevice(self, gwId, deviceId):
req = DELETE("localhost", globalConfig.uiPort, "/gateways/" + str(gwId) + "/devices/" + str(deviceId))
req.authorize(self.session)
response, content = req()
self.assertEqual(202, response.status)
def test5_activate_and_unpair(self):
req = PUT(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id + "/devices/0xa371959aad24618e")
req.authorize(self.session)
req.body(json.dumps({"name": "Activated device"}))
response, content = req()
result = json.loads(content)
self.assertEqual(200, response.status)
self.assertTrue("state" in result["data"])
while result["data"]["state"] != "active":
req = GET(
config.ui_host, config.ui_port, "/gateways/" +
config.gateway_id + "/devices/0xa371959aad24618e")
req.authorize(self.session)
response, content = req()
result = json.loads(content)
self.assertEqual(200, response.status)
self.assertTrue("active_since" in result["data"])
self.assertEqual("active", result["data"]["state"])
req = DELETE(
config.ui_host, config.ui_port,
"/gateways/" + config.gateway_id + "/devices/0xa371959aad24618e")
req.authorize(self.session)
response, content = req()
self.assertEqual(202, response.status)
data = json.loads(content)
self.assertEqual("success", data["status"])
device_uri = response.getheader("Location")
for i in range(10):
req = GET(config.ui_host, config.ui_port, device_uri)
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
if result["data"]["state"] == "inactive":
break
time.sleep(1)
req = GET(config.ui_host, config.ui_port, device_uri)
req.authorize(self.session)
response, content = req()
self.assertEqual(200, response.status)
result = json.loads(content)
self.assertEqual("success", result["status"])
self.assertEqual("inactive", result["data"]["state"])