def test_login_bad(self): register(RegisteredUser('Tomer123', '12345ABCDE')) status = login(RegisteredUser('Tomer123', '12345ABCDE1')) self.assertFalse(returnStringToBoolean(status)) register(RegisteredUser('KingT678', '12345678ABCabc')) status = login(RegisteredUser('KingT678', '12345678ABCabcd')) self.assertFalse(returnStringToBoolean(status))
def edit_password(request): if request.method == 'POST': current_password = request.POST.get('current_password') new_password = request.POST.get('new_password') event = "EDIT PASSWORD" suspect_sql_injection = False suspect_sql_injection = LoggerLogic.identify_sql_injection( current_password, event) suspect_sql_injection = LoggerLogic.identify_sql_injection( new_password, event) if suspect_sql_injection: return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION) login = request.COOKIES.get('login_hash') if login is not None: username = Consumer.loggedInUsers.get(login) if UsersLogic.login(RegisteredUser(username, current_password)): return HttpResponse( UsersLogic.edit_password( RegisteredUser(username, new_password))) return HttpResponse('FAILED: You are not logged in.')
def test_policies_torture(self): UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS")) UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male') UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS")) ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2') ShopLogic.create_shop(Shop('Amazon', "Active"), 'ShaharBenS2') item1 = Item(1, 'eBay', 'apple', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) item2 = Item(2, 'Amazon', 'apple', 'fruits', 'good', 10, 500, 'regular', None, 0, 0, 0) ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2') ItemsLogic.add_item_to_shop(item2, 'ShaharBenS2') ShoppingPolicyLogic.add_shopping_policy_on_shop( 'ShaharBenS2', 'eBay', "age = ''20''", "AL", 3) ShoppingPolicyLogic.add_shopping_policy_on_shop( 'ShaharBenS2', 'Amazon', "age > ''15''", "UT", 5) ShoppingPolicyLogic.add_shopping_policy_on_identity( 'Ultimate_ShaharShahar', "sex = ''Male''", "AL", 9) ShoppingPolicyLogic.add_shopping_policy_on_category( 'Ultimate_ShaharShahar', "vegas", "state = ''AFG''", "UT", 5) ShoppingPolicyLogic.add_shopping_policy_on_items( 'Ultimate_ShaharShahar', "apple", "state != ''AFG''", "E", 2) access_token = hashlib.md5('ShaharBenS'.encode()).hexdigest() Consumer.loggedInUsers[access_token] = 'ShaharBenS' Consumer.loggedInUsersShoppingCart[access_token] = [] UserShoppingCartLogic.add_item_shopping_cart( access_token, ShoppingCartItem('ShaharBenS', 2, 3, None)) UserShoppingCartLogic.add_item_shopping_cart( access_token, ShoppingCartItem('ShaharBenS', 1, 7, None)) status = UserShoppingCartLogic.pay_all(access_token) self.assertFalse(StoB(status))
def test_permissions(self): UsersLogic.register(RegisteredUser('ShaharShahar', '1212345678')) UsersLogic.register(RegisteredUser('TomerTomerLev', '65412321')) shop = Shop('myShop', 'Active') ShopLogic.create_shop(shop, 'ShaharShahar') UsersLogic.add_manager( 'ShaharShahar', StoreManager('TomerTomerLev', 'myShop', 1, 1, 1, 1, 1, 1, 1, 1)) ItemsLogic.add_item_to_shop( Item(None, 'myShop', 'doll', 'toys', 'toys:kids', 20, 300, 'regular', None, 0, 0, 0), 'TomerTomerLev') item = Items.get_item(1) self.assertEqual(item.shop_name, 'myShop') self.assertEqual(item.price, 20) self.assertEqual(item.quantity, 300) status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'price', 40) self.assertTrue(status) status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'name', 'doll_new') self.assertTrue(status) status = ItemsLogic.edit_shop_item('TomerTomerLev', 1, 'quantity', 40) self.assertTrue(status) item = Items.get_item(1) self.assertEqual(item.name, 'doll_new') self.assertEqual(item.quantity, 40) self.assertEqual(item.keyWords, 'toys:kids') status = ItemsLogic.remove_item_from_shop(1, 'TomerTomerLev') self.assertTrue(status)
def setUp(self): init_database('db.sqlite3') register(RegisteredUser('YoniYoni', '1234567878')) register(RegisteredUser('StoreManager1', '1234567878')) shop = Shop('My Shop', 'Active') ShopLogic.create_shop(shop, 'YoniYoni') UsersLogic.add_manager('YoniYoni', StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1))
def test_supply_system(self): UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS")) UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male') UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS")) ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2') ShopLogic.create_shop(Shop('Amazon', "Active"), 'ShaharBenS2') item1 = Item(1, 'eBay', 'apple', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) item2 = Item(2, 'Amazon', 'apple', 'fruits', 'good', 10, 500, 'regular', None, 0, 0, 0) ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2') ItemsLogic.add_item_to_shop(item2, 'ShaharBenS2') access_token = hashlib.md5('ShaharBenS'.encode()).hexdigest() Consumer.loggedInUsers[access_token] = 'ShaharBenS' Consumer.loggedInUsersShoppingCart[access_token] = [] UserShoppingCartLogic.add_item_shopping_cart( access_token, ShoppingCartItem('ShaharBenS', 2, 3, None)) UserShoppingCartLogic.add_item_shopping_cart( access_token, ShoppingCartItem('ShaharBenS', 1, 7, None)) ExternalSystems.supply = ProxySupplySystem.ProxySupplySystem() status = UserShoppingCartLogic.pay_all(access_token) if isinstance(status, list) is not True: status = False self.assertFalse(status) ExternalSystems.supply = SupplySystem.SupplySystem() status = UserShoppingCartLogic.pay_all(access_token) if isinstance(status, list): status = True self.assertTrue(status)
def test_edit_profile(self): register(RegisteredUser('TomerTomerLev', 'TomerTomer6969')) old_user = get_user('TomerTomerLev') user = RegisteredUser(old_user.username, 'newpass1234') status = edit_password(user) self.assertTrue(returnStringToBoolean(status)) new_user = get_user('TomerTomerLev') self.assertEqual(new_user.username, 'TomerTomerLev')
def test_bad_remover_remove_user(self): register(RegisteredUser('YoniYoni', '12112212')) user = get_user('YoniYoni') self.assertEqual(user.username, 'YoniYoni') register(RegisteredUser('YoniYonion', '123123123')) remover = get_user('YoniYonion') status = remove_user(remover.username, user) self.assertFalse(returnStringToBoolean(status))
def test_bad_sys_man_close_shop_permanently(self): register(RegisteredUser('YoniYoni', '12121122')) register(RegisteredUser('ToniToni', '12121122')) remover = get_user('YoniYoni') owner = get_user('ToniToni') shop = Shop('My Shop', 'Active') ShopLogic.create_shop(shop, owner.username) status = close_shop_permanently(remover.username, 'My Shop') self.assertFalse(status)
def test_send_message_and_get_messages_of_users(self): UsersLogic.register(RegisteredUser('TomerTomer', '1234567878')) UsersLogic.register(RegisteredUser('ShaharShahar', '1234567878')) MessagingLogic.send_message(Message(1, 'TomerTomer', 'ShaharShahar', 'Hello 1')) MessagingLogic.send_message(Message(2, 'ShaharShahar', 'TomerTomer', 'Hello 2')) messages1 = MessagingLogic.get_all_messages('TomerTomer') messages2 = MessagingLogic.get_all_messages('ShaharShahar') self.assertTrue(messages1[0].content == 'Hello 2') self.assertTrue(messages2[0].content == 'Hello 1')
def setUp(self): init_database('db.sqlite3') UsersLogic.register(RegisteredUser('ShaharBenS', "SsS0897SsS")) UsersLogic.update_details('ShaharBenS', 'AFG', 20, 'Male') UsersLogic.register(RegisteredUser('ShaharBenS2', "SsS0897SsS")) ShopLogic.create_shop(Shop('eBay', "Active"), 'ShaharBenS2') item1 = Item(1, 'eBay', 'banana', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) ItemsLogic.add_item_to_shop(item1, 'ShaharBenS2')
def test_bad_no_items_get_all_purchased_items(self): register(RegisteredUser('ToniToniToniToni', '12121212')) register(RegisteredUser('NoniNoni', '12121212')) user = get_user('ToniToniToniToni') add_system_manager(SystemManager(user.username, user.password)) item1 = Item(1, 'My Shop', 'banana', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) add_item_to_shop(item1) lst = get_all_purchased_items('ToniToniToniToni') self.assertFalse(len(lst) > 0)
def test_close_shop_permanently(self): register(RegisteredUser('YoniYoni', '12121212')) register(RegisteredUser('ToniToniToniToni', '12112212')) remover = get_user('YoniYoni') owner = get_user('ToniToniToniToni') shop = Shop('My Shop', 'Active') ShopLogic.create_shop(shop, owner.username) add_system_manager(SystemManager(remover.username, remover.password)) status = close_shop_permanently(remover.username, shop.name) self.assertTrue(status)
def test_bad_date(self): register(RegisteredUser('ToniToniToniToni', '12121212')) register(RegisteredUser('NoniNoni', '12121212')) user = get_user('ToniToniToniToni') user1user1 = get_user('NoniNoni') add_system_manager(SystemManager(user.username, user.password)) item1 = Item(1, 'My Shop', 'banana', 'vegas', 'good', 10, 500, 'prize', None, 0, 0, 0) item2 = Item(1, 'My Shop', 'banana', 'vegas', 'good', 10, 500, 'ticket', None, 0, 0, 0) add_lottery_and_items(item1, item2, 500, '2016-12-26 17:38', 'YoniYoni') lst = get_lotteries() self.assertTrue(len(lst) == 0)
def test_bad_sys_man_get_all_purchased_items(self): register(RegisteredUser('ToniToniToniToni', '12121212')) register(RegisteredUser('NoniNoni', '12121212')) user1user1 = get_user('NoniNoni') item1 = Item(1, 'My Shop', 'banana', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) add_item_to_shop(item1) purchase_id = add_purchase_and_return_id(datetime.now(), user1user1.username, 0) add_purchased_item(purchase_id, item1.id, 7, item1.price) self.assertFalse(get_all_purchased_items('ToniToniToniToni'))
def test_get_all_logging(self): UsersLogic.register(RegisteredUser("user1user1", "13245678")) UsersLogic.register(RegisteredUser("user2user2", "13245678")) LoggerLogic.add_login_log("user1user1") LoggerLogic.add_login_log("user2user2") logs = Logger.get_all_login_logs() self.assertTrue(len(logs) == 2) login_log = logs[1] self.assertEqual(login_log.username, "user1user1") login_log = logs[0] self.assertEqual(login_log.username, "user2user2")
def test_add_invisible_discount_bad(self): register(RegisteredUser('YoniYoni', '1234567878')) register(RegisteredUser('StoreManager1', '1234567878')) shop = Shop('My Shop', 'Active') ShopLogic.create_shop(shop, 'YoniYoni') UsersLogic.add_manager( 'YoniYoni', StoreManager('StoreManager1', 'My Shop', 1, 1, 1, 1, 1, 1, 1, 1)) item1 = Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular', None, 0, 0, 0) ItemsLogic.add_item_to_shop(item1, 'StoreManager1') invdisc = InvisibleDiscount('ABCDEFGHIJKLMNO', item1.id, shop.name, -1, '2018-12-01', '2019-12-01') self.assertFalse(add_invisible_discount(invdisc, 'YoniYoni'))
def test_get_all_purchased_items(self): register(RegisteredUser('ToniToniToniToni', '12121212')) register(RegisteredUser('NoniNoni', '12121212')) user = get_user('ToniToniToniToni') user1user1 = get_user('NoniNoni') add_system_manager(SystemManager(user.username, user.password)) item1 = Item(1, 'My Shop', 'banana', 'vegas', 'good', 10, 500, 'regular', None, 0, 0, 0) add_item_to_shop(item1) purchase_id = add_purchase_and_return_id(datetime.now(), user1user1.username, 0) add_purchased_item(purchase_id, item1.id, 50, item1.price) lst = get_all_purchased_items('ToniToniToniToni') self.assertTrue(len(lst) > 0)
def test_add_store_manager(self): UsersLogic.register(RegisteredUser('ShaharShahar', '12345126')) UsersLogic.register(RegisteredUser('TomerTomerLev', '65412321')) shop = Shop('myShop', 'Active') ShopLogic.create_shop(shop, 'ShaharShahar') UsersLogic.add_manager( 'ShaharShahar', StoreManager('TomerTomerLev', 'myShop', 1, 1, 1, 1, 1, 1, 1, 1)) manager = StoreManagers.get_store_manager('TomerTomerLev', 'myShop') self.assertTrue(manager.permission_add_item > 0) self.assertTrue(manager.permission_remove_item > 0) self.assertTrue(manager.permission_edit_item > 0) self.assertEqual(manager.store_name, 'myShop') self.assertEqual(manager.username, 'TomerTomerLev')
def test_bad_no_get_all_premss_send_message_and_get_messages_of_shops(self): register(RegisteredUser('TomerTomer1', '1234567878')) shop1 = Shop('My Shop1', 'Active') ShopLogic.create_shop(shop1, 'TomerTomer1') register(RegisteredUser('TomerTomer2', '1234567878')) shop2 = Shop('My Shop2', 'Active') ShopLogic.create_shop(shop2, 'TomerTomer2') UsersLogic.add_manager('TomerTomer1', StoreManager('TomerTomer2', 'My Shop1', 1, 1, 1, 1, 0, 1, 1, 1)) UsersLogic.add_manager('TomerTomer2', StoreManager('TomerTomer1', 'My Shop2', 1, 1, 1, 1, 0, 1, 1, 1)) MessagingLogic.send_message_from_shop('TomerTomer2', Message(1, 'My Shop1', 'My Shop2', 'Hello 1')) MessagingLogic.send_message_from_shop('TomerTomer1', Message(2, 'My Shop2', 'My Shop1', 'Hello 2')) messages1 = MessagingLogic.get_all_shop_messages('TomerTomer2', 'My Shop1') messages2 = MessagingLogic.get_all_shop_messages('TomerTomer1', 'My Shop2') self.assertFalse(messages1) self.assertFalse(messages2)
def test_bad_no_permssion_send_message_and_get_messages_of_shops(self): register(RegisteredUser('TomerTomer1', '1234567878')) shop1 = Shop('My Shop1', 'Active') ShopLogic.create_shop(shop1, 'TomerTomer1') register(RegisteredUser('TomerTomer2', '1234567878')) shop2 = Shop('My Shop2', 'Active') ShopLogic.create_shop(shop2, 'TomerTomer2') UsersLogic.add_manager('TomerTomer1', StoreManager('TomerTomer2', 'My Shop1', 1, 1, 1, 0, 1, 1, 1, 1)) UsersLogic.add_manager('TomerTomer2', StoreManager('TomerTomer1', 'My Shop2', 1, 1, 1, 0, 1, 1, 1, 1)) self.assertEqual(MessagingLogic.send_message_from_shop('TomerTomer2', Message(1, 'My Shop1', 'My Shop2', 'Hello 1')) , "FAILED: You don't have the permissions") self.assertEqual(MessagingLogic.send_message_from_shop('TomerTomer1', Message(2, 'My Shop2', 'My Shop1', 'Hello 2')) , "FAILED: You don't have the permissions")
def test_add_bad_user(self): status = register(RegisteredUser('ShaharShahar', '1212')) self.assertFalse(returnStringToBoolean(status)) status = register(RegisteredUser('Tomer!', '12121212')) self.assertFalse(returnStringToBoolean(status)) status = register(RegisteredUser('Tomer@%', '12121212')) self.assertFalse(returnStringToBoolean(status)) status = register(RegisteredUser('sa', '12361123')) self.assertFalse(returnStringToBoolean(status)) status = register(RegisteredUser('', 'asdsada')) self.assertFalse(returnStringToBoolean(status))
def login(request): if request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') event = "LOGIN" suspect_sql_injection = False suspect_sql_injection = LoggerLogic.identify_sql_injection( username, event) or suspect_sql_injection suspect_sql_injection = LoggerLogic.identify_sql_injection( password, event) or suspect_sql_injection if suspect_sql_injection: return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION) user = RegisteredUser(username, password) result = UsersLogic.login(user) if result[:7] == 'SUCCESS': access_token = hashlib.md5(username.encode()).hexdigest() Consumer.loggedInUsers[access_token] = username Consumer.loggedInUsersShoppingCart[ access_token] = ShoppingLogic.get_cart_items(username) return HttpResponse(access_token) else: return HttpResponse(result)
def register(request): if request.method == 'POST': username = request.POST.get('username') password = request.POST.get('password') state = request.POST.get('state') age = request.POST.get('age') sex = request.POST.get('sex') event = "REGISTER" suspect_sql_injection = False suspect_sql_injection = LoggerLogic.identify_sql_injection( username, event) suspect_sql_injection = LoggerLogic.identify_sql_injection( password, event) suspect_sql_injection = LoggerLogic.identify_sql_injection( state, event) suspect_sql_injection = LoggerLogic.identify_sql_injection(age, event) suspect_sql_injection = LoggerLogic.identify_sql_injection(sex, event) if suspect_sql_injection: return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION) return HttpResponse( UsersLogic.register_with_user_detail( RegisteredUser(username, password), state, age, sex))
def test_bad_get_purchased_history(self): register(RegisteredUser('TomerTomer', '12121212')) user = get_user('TomerTomer') # do not purchase anything # get purchased history # assertEqual(ans, []) self.assertEqual(user, user)
def test_bad_user_remove_user(self): register(RegisteredUser('YoniYoni', '12112212')) user = get_user('YoniYoni') self.assertEqual(user.username, 'YoniYoni') add_system_manager(SystemManager('YoniYonion', '123123123')) status = remove_user('YoniYonion', None) self.assertFalse(returnStringToBoolean(status))
def test_no_permission(self): UsersLogic.register(RegisteredUser('ShaharShahar', '12312456')) UsersLogic.register(RegisteredUser('TomerTomerLev', '65431221')) shop = Shop('myShop', 'Active') ShopLogic.create_shop(shop, 'ShaharShahar') UsersLogic.add_manager( 'ShaharShahar', StoreManager('TomerTomerLev', 'myShop', 0, 0, 0, 0, 0, 0, 0, 0)) status = ItemsLogic.add_item_to_shop( Item(None, 'myShop', 'doll', 'toys', 'toys;kids', 20, 300, 'regular', None, 0, 0, 0), 'TomerTomerLev') self.assertFalse(status) message = Message(None, 'myShop', 'ShaharShahar', 'Hi There') status = MessagingLogic.send_message_from_shop('TomerTomerLev', message) self.assertFalse(returnStringToBoolean(status))
def test_bad_create_shop(self): register(RegisteredUser('TomerTomer', '1234567878')) shop = Shop('My Shop', 'Active') ShopLogic.create_shop(shop, 'TomerTomer') shop_founded = Shops.search_shop('My Shop') self.assertTrue(shop_founded.name == 'My Shop') status = ShopLogic.create_shop(shop, 'TomerTomer') self.assertEqual(status, 'FAILED: Shop name is taken')
def test_get_purchased_history(self): register(RegisteredUser('TomerTomer', '12121212')) user = get_user('TomerTomer') # add an item to Shopping cart # purchase # get purchased history # assertEqual(ans, [banana item]) self.assertEqual(user, user)
def test_review_on_item_bad(self): register(RegisteredUser('TomerTomer', '1234567878')) ItemsLogic.add_item_to_shop( Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular', None, 0, 0, 0), 'YoniYoni') ItemsLogic.add_review_on_item(ItemReview('TomerTomer', 1, 'Good', 10)) reviews = get_all_reviews_on_item(1) self.assertEqual(reviews, [])