def test_sync_crypto(bilateral,crypto_db):
from ekklesia.data import json_encrypt, json_decrypt
db = crypto_db
id2 = bilateral['id2']
input, result = json_encrypt(members_down,id2,[sender],True)
assert result.ok
input = StringIO(json.dumps(input))
memfile, depfile, emails = StringIO(), StringIO(), StringIO()
db.gpg = bilateral['id1']
db.sync_members(input=input,output=[memfile,depfile,emails],format='csv')
q = db.session.query(db.Member)
assert q.filter_by(uuid='uid2').one().registered and not q.filter_by(uuid='uid1').one().registered
members = memfile.getvalue()
members, encrypted, signed, result = json_decrypt(json.loads(members),id2)
assert result.ok and result.valid
for m in members['data']:
if m[0]=='uid3':
if m[3]==[7,4]: m[3] = [4,7] # normalize order
break
assert members==members_up
deps = depfile.getvalue()
deps, encrypted, signed, result = json_decrypt(json.loads(deps),id2)
assert result.ok and result.valid
assert deps==deps_dict
result = id2.decrypt_str(emails.getvalue())
assert result.ok and result.valid
emails = str(result)
assert emails==emails_sync
db.session.rollback()
def test_invitation(request,accounts,bilateral,invitations,client):
from idapi.backendviews import get_invitations, update_invitations
from ekklesia.data import json_decrypt, json_encrypt
import os
response, invitations = api(client,'backend/invitations/?changed=1',user='******')
assert response.status_code == 200
invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
assert encrypted and signed
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered','inv1'],['uid5','failed','inv5']])
response, invitations = api(client,'backend/invitations/',user='******')
assert response.status_code == 200
#invitations = get_invitations(crypto=bilateral['id1'])
invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
assert encrypted and signed
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered','inv1'],['uid4','new','inv4'],['uid5','failed','inv5']])
invitations = dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered',''],['uid4','new','inv4b'],
['uid5','new','inv5b'],['uid6','new','inv6']])
invitations, result = json_encrypt(invitations,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
response, result = api(client,'backend/invitations/','post',invitations,user='******')
assert response.status_code == 200
invitations = get_invitations(crypto=False)
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid4', 'new','inv4b'], ['uid5', 'new','inv5b'], ['uid6', 'new','inv6']])
def test_sync_crypto(bilateral,crypto_db):
from ekklesia.data import json_encrypt, json_decrypt
db = crypto_db
id2 = bilateral['id2']
input, result = json_encrypt(members_down,id2,[sender],True)
assert result.ok
input = StringIO(json.dumps(input))
memfile, depfile, emails = StringIO(), StringIO(), StringIO()
db.gpg = bilateral['id1']
db.sync_members(input=input,output=[memfile,depfile,emails],format='csv')
q = db.session.query(db.Member)
assert q.filter_by(uuid='uid2').one().registered and not q.filter_by(uuid='uid1').one().registered
members = memfile.getvalue()
members, encrypted, signed, result = json_decrypt(json.loads(members),id2)
assert result.ok and result.valid
for m in members['data']:
if m[0]=='uid3':
if m[3]==[7,4]: m[3] = [4,7] # normalize order
break
assert members==members_up
deps = depfile.getvalue()
deps, encrypted, signed, result = json_decrypt(json.loads(deps),id2)
assert result.ok and result.valid
assert deps==deps_dict
result = id2.decrypt_str(emails.getvalue())
assert result.ok and result.valid
emails = str(result)
assert emails==emails_sync
db.session.rollback()
def test_json_bad_encsign2(self, bilateral, gpgreceiver):
# id1 encrypt+sign for id1, but id2 doesn't know id1
c, result = json_encrypt(json_data, bilateral['id1'], [sender], True)
assert c and result
d, encrypted, signed, result = json_decrypt(c, gpgreceiver)
assert (d, encrypted, signed, result.valid) == (None, True, True,
False)
def test_json_bad_encsign(self, bilateral):
# id1 encrypt+sign for id1, but id2 cant decrypt id1
c, result = json_encrypt(json_data, bilateral['id1'], [sender], True)
assert c and result
d, encrypted, signed, result = json_decrypt(c, bilateral['id2'])
assert (d, encrypted, signed, result.valid) == (None, True, True,
False)
def json(self,ids,encrypt,sign):
plain = not encrypt and not sign
c, result = json_encrypt(json_data,ids['id1'],[receiver] if encrypt else False,sign)
assert c and plain or result
d, encrypted, signed, result = json_decrypt(c,ids['id2'])
assert encrypted==encrypt and signed==sign and (result is None)==plain
assert plain or result.valid==sign
assert d==json_data
def json(self, ids, encrypt, sign):
plain = not encrypt and not sign
c, result = json_encrypt(json_data, ids['id1'],
[receiver] if encrypt else False, sign)
assert c and plain or result
d, encrypted, signed, result = json_decrypt(c, ids['id2'])
assert encrypted == encrypt and signed == sign and (result is
None) == plain
assert plain or result.valid == sign
assert d == json_data
def test_sync_crypto(bilateral):
from ekklesia.data import json_encrypt, json_decrypt
apiconfig = dict(format='json', encrypt=True, sign=True, receiver=receiver)
cfg = dict(def_config)
cfg.update(dict(email_receiver=receiver, department_spec='number'))
db = setup_db(dict(config=cfg, apiconfig=apiconfig))
deps = gen_departments(db, 'number')
members = gen_members(db, deps, 'name')
db.session.add_all(list(deps.values()) + list(members))
id2 = bilateral['id2']
input, result = json_encrypt(members_down, id2, sender, True)
assert result.ok
input = StringIO(json.dumps(input))
memfile, depfile, emails = StringIO(), StringIO(), StringIO()
db.gpg = bilateral['id1']
db.sync_members(input=input,
output=[memfile, depfile, emails],
format='csv')
q = db.session.query(db.Member)
assert q.get('uid2').registered and not q.get('uid1').registered
members = memfile.getvalue()
members, encrypted, signed, result = json_decrypt(json.loads(members), id2)
assert result.ok and result.valid
assert members == members_upnum
deps = depfile.getvalue()
deps, encrypted, signed, result = json_decrypt(json.loads(deps), id2)
assert result.ok and result.valid
assert deps == deps_dictnum
result = id2.decrypt_str(emails.getvalue())
assert result.ok and result.valid
emails = str(result)
assert emails == emails_sync
def test_sync_crypto(bilateral, crypto_db):
from ekklesia.data import json_encrypt, json_decrypt
db = crypto_db
input = remove_email(inv_pre) if db.member_class else inv_pre
db.import_invitations(input, allfields=True, format='json')
id2 = bilateral['id2']
input, result = json_encrypt(inv_down, id2, [sender], True)
assert result.ok
input = StringIO(json.dumps(input))
output = StringIO()
db.gpg = bilateral['id1']
db.sync_invitations(input=input, output=output)
output = output.getvalue()
output, encrypted, signed, result = json_decrypt(json.loads(output), id2)
assert result.ok and result.valid
check_sync(db, output)
db.session.rollback()
def test_sync_crypto(bilateral):
from ekklesia.data import json_encrypt, json_decrypt
apiconfig = dict(format='json', encrypt=True, sign=True, receiver=receiver)
cfg = dict(def_config)
db = setup_db(dict(config=def_config, apiconfig=apiconfig))
db.import_invitations(inv_pre, allfields=True, format='json')
id2 = bilateral['id2']
input, result = json_encrypt(inv_down, id2, sender, True)
assert result.ok
input = StringIO(json.dumps(input))
output = StringIO()
db.gpg = bilateral['id1']
db.sync_invitations(input=input, output=output)
output = output.getvalue()
output, encrypted, signed, result = json_decrypt(json.loads(output), id2)
assert result.ok and result.valid
check_sync(db, output)
def test_sync_crypto(bilateral,crypto_db):
from ekklesia.data import json_encrypt, json_decrypt
db = crypto_db
input = remove_email(inv_pre) if db.member_class else inv_pre
db.import_invitations(input,allfields=True,format='json')
id2 = bilateral['id2']
input, result = json_encrypt(inv_down,id2,[sender],True)
assert result.ok
input = StringIO(json.dumps(input))
output = StringIO()
db.gpg = bilateral['id1']
db.sync_invitations(input=input,output=output)
output = output.getvalue()
output, encrypted, signed, result = json_decrypt(json.loads(output),id2)
assert result.ok and result.valid
check_sync(db,output)
db.session.rollback()
def test_json_bad_encsign2(self,bilateral,gpgreceiver):
# id1 encrypt+sign for id1, but id2 doesn't know id1
c, result = json_encrypt(json_data,bilateral['id1'],[sender],True)
assert c and result
d, encrypted, signed, result = json_decrypt(c,gpgreceiver)
assert (d, encrypted, signed, result.valid) == (None, True, True, False)
def test_json_bad_encsign(self,bilateral):
# id1 encrypt+sign for id1, but id2 cant decrypt id1
c, result = json_encrypt(json_data,bilateral['id1'],[sender],True)
assert c and result
d, encrypted, signed, result = json_decrypt(c,bilateral['id2'])
assert (d, encrypted, signed, result.valid) == (None, True, True, False)
def test_member(request,accounts,invitations,bilateral,client,variant,settings):
from idapi.backendviews import get_members, update_members
from accounts.models import Account, NestedGroup, Invitation, EMailConfirmation
from ekklesia.data import json_decrypt, json_encrypt
from django.conf import settings
import os, json
twofactor = variant=='2fac'
setattr(settings, 'TWO_FACTOR_SIGNUP',twofactor)
#setattr(settings, 'DEBUG',True)
Invitation.objects.create(code='inv6',secret='password6',uuid='uid6',status=Invitation.REGISTERING)
Invitation.objects.create(code='inv7',secret='password7',uuid='uid7',status=Invitation.REGISTERING)
Invitation.objects.create(code='inv8',secret='password8',uuid='uid8',status=Invitation.REGISTERING)
member6 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member6@localhost',uuid='uid6')
member7 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member7@localhost',uuid='uid7')
member8 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member8@localhost',uuid='uid8')
conf8 = EMailConfirmation.objects.create(user=member8, confirmation_key='key8')
activate = ['activate'] if twofactor else []
response, members = api(client,'backend/members/?new=1',user='******')
assert response.status_code == 200
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid6','password6'],['uid7','password7']]
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=data if twofactor else [v[:-1] for v in data])
response, members = api(client,'backend/members/',user='******')
assert response.status_code == 200
#members = get_members(crypto=bilateral['id1'])
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid1',''],['uid2',''],['uid3','']]+data
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=data if twofactor else [v[:-1] for v in data])
# change data by upload
data = [['uid1','eligible',1,[2],''],['uid2','member',1,[3],''],['uid3','deleted',0,[],''],
['uid6','member',1,[0],True],['uid7','deleted',0,[],False]]
members = dict(fields=['uuid','status','verified','departments']+activate,
version=[1, 0], format='member',
# data=[['uid1',0,0,2],['uid2',1,1,3],['uid3',1,1,4]])
data=data if twofactor else [v[:-1] for v in data])
departments = dict(fields=('id','parent','name','depth'), version=[1, 0], format='department',
# data=[[1,None,'root',1],[2,1,'sub',2],[3,2,'subsub',4],[4,1,'sub2',2],[5,None,'root2',1],[6,5,'r2sub',2]])
data=[[1,None,'r00t',1],[2,1,'s0b',2],[3,2,'s0bsub',3],[5,2,'s0bsub2',3],[6,None,'r00t2',1],[7,6,'r2s0b',2]])
members, result = json_encrypt(members,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
#data, encrypted, signed, result = json_decrypt(members,bilateral['id1'])
departments, result = json_encrypt(departments,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
response, result = api(client,'backend/members/','post',user='******',
data=dict(members=members,departments=departments))
assert response.status_code == 200
root = NestedGroup.objects.get(syncid=1)
assert root.name=='r00t' and root.is_root() and root.level==1
sub = NestedGroup.objects.get(syncid=2)
assert sub.name=='s0b' and sub.parent==root and sub.level==2
ssub = NestedGroup.objects.get(syncid=3)
assert ssub.name=='s0bsub' and ssub.parent==sub and ssub.level==3
assert not NestedGroup.objects.filter(syncid=4).exists()
ssub2 = NestedGroup.objects.get(syncid=5)
assert ssub2.name=='s0bsub2' and ssub2.parent==sub and ssub2.level==3
root2 = NestedGroup.objects.get(syncid=6)
assert root2.name=='r00t2' and root2.is_root() and root2.level==1
r2sub = NestedGroup.objects.get(syncid=7)
assert r2sub.name=='r2s0b' and r2sub.parent==root2 and r2sub.level==2
indep = NestedGroup.objects.get(name='indep')
assert indep.syncid is None and indep.level==1
m = Account.objects.get(uuid='uid3')
assert m.status==Account.DELETED
assert list(m.nested_groups.all())==[indep]
m = Account.objects.get(uuid='uid1')
assert m.status==Account.ELIGIBLE and m.verified
assert list(m.nested_groups.all())==[sub]
m = Account.objects.get(uuid='uid2')
assert m.status==Account.MEMBER and m.verified
assert set(m.nested_groups.all())==set([ssub,indep])
m = Account.objects.get(uuid='uid6')
assert m.status==Account.MEMBER and m.verified
assert not m.nested_groups.count()
inv = Invitation.objects.get(uuid='uid6')
assert inv.status==Invitation.REGISTERED
assert not Account.objects.filter(uuid='uid7').exists()
m = Account.objects.get(uuid='uid8')
assert m.status==Account.NEWMEMBER
inv = Invitation.objects.get(uuid='uid8')
assert inv.status==Invitation.REGISTERING
response, members = api(client,'backend/members/',user='******')
assert response.status_code == 200
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid1',''],['uid2',''],['uid6','']]
if not twofactor: data = [v[:-1] for v in data]
assert listset_equal(members['data'], data)
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=members['data'])
