Beispiel #1
0
def test_invitation(request,accounts,bilateral,invitations,client):
    from idapi.backendviews import get_invitations, update_invitations
    from ekklesia.data import json_decrypt, json_encrypt
    import os

    response, invitations = api(client,'backend/invitations/?changed=1',user='******')
    assert response.status_code == 200
    invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
    assert encrypted and signed
    assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
         data=[['uid1','registered','inv1'],['uid5','failed','inv5']])

    response, invitations = api(client,'backend/invitations/',user='******')
    assert response.status_code == 200
    #invitations = get_invitations(crypto=bilateral['id1'])
    invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
    assert encrypted and signed
    assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
         data=[['uid1','registered','inv1'],['uid4','new','inv4'],['uid5','failed','inv5']])

    invitations = dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
         data=[['uid1','registered',''],['uid4','new','inv4b'],
         ['uid5','new','inv5b'],['uid6','new','inv6']])

    invitations, result = json_encrypt(invitations,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
    response, result = api(client,'backend/invitations/','post',invitations,user='******')
    assert response.status_code == 200

    invitations = get_invitations(crypto=False)
    assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
        data=[['uid4', 'new','inv4b'], ['uid5', 'new','inv5b'], ['uid6', 'new','inv6']])
Beispiel #2
0
def test_session(apps, accounts, tokens, client):
    from idapi.models import get_auid
    from accounts.models import Account
    portal = apps['portal']
    debug = apps['debug']
    user = accounts['member1']
    token = tokens['member1']

    ngroups = [ngroup.id for ngroup in user.nested_groups.all()]
    allngroups = list(set([g.id
                           for g in user.get_nested_groups(parents=True)]))
    status = dict(Account.STATUS_CHOICES)[user.status]
    verified = user.is_identity_verified()
    data = {
        'type': status,
        'verified': verified,
        'nested_groups': ngroups,
        'all_nested_groups': allngroups
    }

    response, out = api(client, 'user/membership/')
    assert response.status_code == 401
    response, out = api(client, 'user/membership/', token=token)
    assert response.status_code == 200 and out == data

    response, out = api(client, 'session/membership/')
    assert response.status_code == 403
    assert client.login(username='******', password='******')
    response, out = api(client, 'session/membership/')
    assert response.status_code == 200 and out == data
Beispiel #3
0
 def sendit(subject, sign, encrypt):
     content['subject'] = subject
     data['sign'], data['encrypt'] = sign, encrypt
     if queue is True:
         response, out = api(client,
                             'user/mails/',
                             'post',
                             data,
                             token=token)
         if not excpt:
             assert response.status_code == 200
         else:
             assert response.status_code == (estatus or 400)
             assert not error or out['error'] == error
     else:
         if not excpt:
             resp = send_mail(data, user, app, debug=debug)
             if queue == 'crypto' and (sign or encrypt):
                 assert resp['status'] == 'queued'
                 send_queue(resp['msgid'], debug=debug)
                 response, out = api(client,
                                     'user/mails/%s/' % resp['msgid'],
                                     token=token)
                 assert response.status_code == 200 and out[
                     'status'] == 'sent'
                 assert out['encrypt'] == encrypt and out['sign'] == sign
             else:
                 assert resp == dict(status='sent')
         else:
             with raises(excpt) as excinfo:
                 resp = send_mail(data, user, app, debug=debug)
             assert not error or excinfo.value.detail['error'] == error
Beispiel #4
0
def test_auid(apps,accounts,tokens,client):
    from idapi.models import get_auid
    from accounts.models import Account
    portal = apps['portal']
    debug = apps['debug']
    user = accounts['member1']
    auid = get_auid(portal,user).uuid
    token = tokens['member1']

    response, out = api(client,'user/auid/',token=token)
    assert response.status_code == 200 and out['auid']==auid
Beispiel #5
0
def test_member(request,accounts,invitations,bilateral,client,variant,settings):
    from idapi.backendviews import get_members, update_members
    from accounts.models import Account, NestedGroup, Invitation, EMailConfirmation
    from ekklesia.data import json_decrypt, json_encrypt
    from django.conf import settings
    import os, json

    twofactor = variant=='2fac'
    setattr(settings, 'TWO_FACTOR_SIGNUP',twofactor)
    #setattr(settings, 'DEBUG',True)

    Invitation.objects.create(code='inv6',secret='password6',uuid='uid6',status=Invitation.REGISTERING)
    Invitation.objects.create(code='inv7',secret='password7',uuid='uid7',status=Invitation.REGISTERING)
    Invitation.objects.create(code='inv8',secret='password8',uuid='uid8',status=Invitation.REGISTERING)
    member6 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
        email='member6@localhost',uuid='uid6')
    member7 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
        email='member7@localhost',uuid='uid7')
    member8 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
        email='member8@localhost',uuid='uid8')
    conf8 = EMailConfirmation.objects.create(user=member8, confirmation_key='key8')

    activate = ['activate'] if twofactor else []

    response, members = api(client,'backend/members/?new=1',user='******')
    assert response.status_code == 200
    members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
    assert encrypted and signed
    data = [['uid6','password6'],['uid7','password7']]
    assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
         data=data if twofactor else [v[:-1] for v in data])

    response, members = api(client,'backend/members/',user='******')
    assert response.status_code == 200
    #members = get_members(crypto=bilateral['id1'])
    members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
    assert encrypted and signed
    data = [['uid1',''],['uid2',''],['uid3','']]+data
    assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
         data=data if twofactor else [v[:-1] for v in data])

    # change data by upload
    data = [['uid1','eligible',1,[2],''],['uid2','member',1,[3],''],['uid3','deleted',0,[],''],
            ['uid6','member',1,[0],True],['uid7','deleted',0,[],False]]
    members = dict(fields=['uuid','status','verified','departments']+activate,
         version=[1, 0], format='member',
    #    data=[['uid1',0,0,2],['uid2',1,1,3],['uid3',1,1,4]])
         data=data if twofactor else [v[:-1] for v in data])
    departments = dict(fields=('id','parent','name','depth'), version=[1, 0], format='department',
    #    data=[[1,None,'root',1],[2,1,'sub',2],[3,2,'subsub',4],[4,1,'sub2',2],[5,None,'root2',1],[6,5,'r2sub',2]])
         data=[[1,None,'r00t',1],[2,1,'s0b',2],[3,2,'s0bsub',3],[5,2,'s0bsub2',3],[6,None,'r00t2',1],[7,6,'r2s0b',2]])
    members, result = json_encrypt(members,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
    #data, encrypted, signed, result = json_decrypt(members,bilateral['id1'])
    departments, result = json_encrypt(departments,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
    response, result = api(client,'backend/members/','post',user='******',
        data=dict(members=members,departments=departments))
    assert response.status_code == 200

    root = NestedGroup.objects.get(syncid=1)
    assert root.name=='r00t' and root.is_root() and root.level==1
    sub = NestedGroup.objects.get(syncid=2)
    assert sub.name=='s0b' and sub.parent==root and sub.level==2
    ssub = NestedGroup.objects.get(syncid=3)
    assert ssub.name=='s0bsub' and ssub.parent==sub and ssub.level==3
    assert not NestedGroup.objects.filter(syncid=4).exists()
    ssub2 = NestedGroup.objects.get(syncid=5)
    assert ssub2.name=='s0bsub2' and ssub2.parent==sub and ssub2.level==3
    root2 = NestedGroup.objects.get(syncid=6)
    assert root2.name=='r00t2' and root2.is_root() and root2.level==1
    r2sub = NestedGroup.objects.get(syncid=7)
    assert r2sub.name=='r2s0b' and r2sub.parent==root2 and r2sub.level==2
    indep = NestedGroup.objects.get(name='indep')
    assert indep.syncid is None and indep.level==1

    m = Account.objects.get(uuid='uid3')
    assert m.status==Account.DELETED
    assert list(m.nested_groups.all())==[indep]
    m = Account.objects.get(uuid='uid1')
    assert m.status==Account.ELIGIBLE and m.verified
    assert list(m.nested_groups.all())==[sub]
    m = Account.objects.get(uuid='uid2')
    assert m.status==Account.MEMBER and m.verified
    assert set(m.nested_groups.all())==set([ssub,indep])
    m = Account.objects.get(uuid='uid6')
    assert m.status==Account.MEMBER and m.verified
    assert not m.nested_groups.count()
    inv = Invitation.objects.get(uuid='uid6')
    assert inv.status==Invitation.REGISTERED
    assert not Account.objects.filter(uuid='uid7').exists()
    m = Account.objects.get(uuid='uid8')
    assert m.status==Account.NEWMEMBER
    inv = Invitation.objects.get(uuid='uid8')
    assert inv.status==Invitation.REGISTERING

    response, members = api(client,'backend/members/',user='******')
    assert response.status_code == 200
    members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
    assert encrypted and signed
    data = [['uid1',''],['uid2',''],['uid6','']]
    if not twofactor: data = [v[:-1] for v in data]
    assert listset_equal(members['data'], data)
    assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
         data=members['data'])
Beispiel #6
0
def test_receive(request, accounts, tokens, mails, bilateral, client, defect):
    from accounts.models import Account
    from idapi.models import Message, PublicKey
    from idapi.mails import get_mails, update_keyrings
    import email.mime.text, six
    from kryptomime import create_mail, protect_mail
    from kryptomime.pgp import find_gnupg_key

    user = accounts['member1']
    token = tokens['member1']
    #update_keyrings()
    id1, id2 = bilateral['id1'], bilateral['id2']
    key1 = find_gnupg_key(bilateral['gpg1'], sender)
    key2 = find_gnupg_key(bilateral['gpg2'], receiver)
    livemail = request.config.getoption('livemail')
    if livemail: server = mails
    else: server, imapsend, imaprecv = mails
    if not livemail: assert not len(imapsend) and not len(imaprecv)

    user.publickeys.create(active=True,
                           keytype=PublicKey.PGP,
                           trust=PublicKey.TRUSTED)

    key1 = find_gnupg_key(bilateral['gpg1'], sender)
    key2 = find_gnupg_key(bilateral['gpg2'], receiver)
    attachment = email.mime.text.MIMEText('some\nattachment')
    msg = create_mail(receiver,
                      sender,
                      'subject',
                      'body\nmessage',
                      attach=[attachment])
    msg = protect_mail(msg, linesep='\r\n')

    assert server.send(msg)
    if not livemail: assert len(imapsend) == 1 and not len(imaprecv)

    sgn, _ = id2.sign(msg, inline=True, verify=True)
    assert sgn and id1.analyze(sgn) == (False, True)
    assert server.send(sgn)
    if not livemail: assert len(imapsend) == 2 and not len(imaprecv)

    enc, _ = id2.encrypt(msg, sign=True, inline=False)
    assert enc and id1.analyze(enc) == (True, None)
    assert server.send(enc)
    if not livemail: assert len(imapsend) == 3 and not len(imaprecv)
    """
    for mail, flags in imapsend:
        mtype = id1.analyze(mail)
        if mtype != (False,False):
            if mtype == (False,True):
                verified, result = id1.verify(mail)
                mail = id1.strip_signature(mail)[0]
                mail = protect_mail(mail,linesep='\r\n')
            else: #if mtype == (True,None):
                mail, verified, result = id1.decrypt(mail)
            assert mail and verified and result
            assert result['signed'] and result['fingerprints']==[key2]
            assert result['encrypted']==(mtype != (False,True))
        else: mail = protect_mail(mail,linesep='\r\n')
        compare_mail(msg,mail)
    assert not len(imapsend) and not len(imaprecv)
    """
    get_mails(joint=True,
              debug=None if livemail else server,
              debug_gpg=bilateral['gpg1'],
              keep=False)
    if not livemail: assert not len(imapsend) and not len(imaprecv)

    response, out = api(client, 'user/mails/', token=token)
    assert response.status_code == 200
    todo = [(False, False), (True, False), (True, True)]
    for mid in out['items']:
        response, out = api(client, 'user/mails/%i/' % mid, token=token)
        assert response.status_code == 200
        parts = out['parts']
        assert out['subject'] == 'subject' and len(parts) == 2
        signed, encrypted = out['signed'], out['encrypted']
        contents = ['body\r\nmessage', 'some\r\nattachment']
        assert parts[0] == {
            'content': contents[0],
            'content-charset': 'us-ascii',
            'content-type': 'text/plain',
            'content-encoding': '7bit'
        }
        assert parts[1] == {
            'content': contents[1],
            'content-charset': 'us-ascii',
            'content-type': 'text/plain',
            'content-encoding': '7bit'
        }
        todo.remove((signed, encrypted))
        if signed: assert out['verified'] == 'trusted'
        #print out
    assert not todo

    if livemail: server.close()
Beispiel #7
0
def test_send(request, accounts, tokens, mails, bilateral, client, defect):
    from accounts.models import Account
    from idapi.models import Message, PublicKey
    from idapi.mails import send_mails, update_keyrings
    from kryptomime.pgp import find_gnupg_key
    user = accounts['member1']
    token = tokens['member1']
    #update_keyrings()
    id1, id2 = bilateral['id1'], bilateral['id2']
    key1 = find_gnupg_key(bilateral['gpg1'], sender)
    key2 = find_gnupg_key(bilateral['gpg2'], receiver)
    livemail = request.config.getoption('livemail')
    if livemail: server = None
    else: server, imapsend, imaprecv = mails

    user.publickeys.create(active=True,
                           keytype=PublicKey.PGP,
                           trust=PublicKey.TRUSTED)

    data = {
        'identity': 'portal',
        'content': {
            'subject': 'hallo1',
            'body': 'foö'
        }
    }
    response, out = api(client, 'user/mails/', 'post', data, token=token)
    assert response.status_code == 200
    data = {
        'identity': 'portal',
        'content': {
            'subject': 'hallo2',
            'body': 'foo'
        },
        'sign': True
    }
    response, out = api(client, 'user/mails/', 'post', data, token=token)
    assert response.status_code == 200
    data = {
        'identity': 'portal',
        'content': {
            'subject': 'hallo3',
            'body': 'foo'
        },
        'sign': True,
        'encrypt': True
    }
    response, out = api(client, 'user/mails/', 'post', data, token=token)
    assert response.status_code == 200

    send_mails(joint=True, debug=server, debug_gpg=bilateral['gpg1'])
    if livemail:
        server.close()
        return
    assert not len(imapsend) and len(imaprecv) == 3
    for mail, flags in imaprecv:
        mail, verified, result = id2.decrypt(mail)
        assert mail and result
        subj = mail.get('subject')
        if subj == 'hallo1':
            assert not result['encrypted'] and not result['signed']
        else:
            assert result['encrypted'] == (
                subj == 'hallo3'
            ) and result['signed'] and result['fingerprints'] == [key1]