def test_policy_submission_with_valid_data_DEPR(gpg_key, gpg, factories, api_client,
user, policy_data, monkeypatch, job_data):
policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
policy_data['employmentHistory']['jobs'].append(job_data)
monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(
user=user,
data=json.dumps(policy_data),
)
# sanity check that it isn't already finalized
assert not policy_application.is_final
submit_url = reverse('v1:policy-submit', kwargs={'pk': policy_application.pk})
data = {
'keybase_username': '******',
'signed_message': gpg.sign(policy_application.data).data,
}
response = api_client.post(submit_url, data)
assert response.status_code == status.HTTP_200_OK, response.data
policy_application = PolicyApplication.objects.get()
assert policy_application.is_final is True
assert policy_application.review_tasks.count() == 0
assert policy_application.state == POLICY_STATUS_SUBMITTED
def test_generate_employment_history_job_records_extended(gpg_key, gpg, factories, api_client,
user, policy_data, monkeypatch, job_data_extended):
policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
policy_data['employmentHistory']['jobs'].append(job_data_extended)
monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(
user=user,
data=json.dumps(policy_data),
)
generate_employment_history_job_records(policy_application)
job_record = EmploymentHistoryJob.objects.get()
assert job_record.user == policy_application.user
assert job_record.policy == policy_application
assert job_record.company == job_data_extended['company']
assert job_record.is_current_job == job_data_extended['currentJob']
assert job_record.notes == job_data_extended['notes']
assert job_record.state == job_data_extended['state']
assert job_record.city == job_data_extended['city']
assert job_record.confirmer_email == job_data_extended['confirmerEmail']
assert job_record.confirmer_name == job_data_extended['confirmerName']
assert job_record.job_titile == job_data_extended['jobTitile']
assert job_record.date_begin.month == int(job_data_extended['startMonth']) + 1
assert job_record.date_begin.year == int(job_data_extended['startYear'])
assert job_record.date_end.month == int(job_data_extended['endMonth']) + 1
assert job_record.date_end.year == int(job_data_extended['endYear'])
def test_policy_submission_with_invalid_signature(gpg_key, generate_gpg_key,
gpg, factories, policy_data):
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))
other_key = generate_gpg_key('wrong_username')
data = {
'keybase_username': '******',
'signed_message': gpg.sign(policy_application.data, keyid=other_key.fingerprint).data,
}
serializer = PolicySubmissionSerializer(policy_application, data=data)
assert not serializer.is_valid()
assert serializer.error_messages['signature_invalid'] in serializer.errors['non_field_errors']
def test_generate_employment_history_job_records_incorrect_job_data(gpg_key, gpg, factories, api_client,
user, policy_data, monkeypatch):
policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
policy_data['employmentHistory']['jobs'].append({'dummy': 'data'})
monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(
user=user,
data=json.dumps(policy_data),
)
with pytest.raises(ValidationError) as excinfo:
generate_employment_history_job_records(policy_application)
assert excinfo.value.detail[0] == 'Incorrect job data'
def validate(self, data):
keybase_username = data["keybase_username"]
signed_message = data['signed_message']
public_key_provider = get_provider()
public_key_pem = public_key_provider.get_public_key(keybase_username)
with gpg_keyring(public_key_pem) as gpg:
verification = gpg.verify(signed_message)
validate_signature(verification)
message = gpg.decrypt(signed_message).data
try:
policy_data = json.loads(message)
except ValueError:
raise serializers.ValidationError(self.error_messages['json_invalid'])
validate_policy_application(policy_data)
expected_proofs = public_key_provider.get_proofs(keybase_username)
actual_proofs = policy_data['identity']['verification_data']['proofs']
expected_proofs_set = set(json.dumps(v, sort_keys=True) for v in expected_proofs)
actual_proofs_set = set(json.dumps(v, sort_keys=True) for v in actual_proofs)
if expected_proofs_set != actual_proofs_set:
raise serializers.ValidationError(self.error_messages['proofs_invalid'])
validated_data = {
'is_final': True,
'data': json.dumps({
'policy_data': policy_data,
'signed_message': signed_message,
'public_key': public_key_pem,
'public_key_provider': public_key_provider.name,
'public_key_identity': {
'username': keybase_username,
}
}, sort_keys=True),
'is_signed': True
}
return validated_data
def test_policy_submission_with_valid_data(gpg_key, gpg, factories, policy_data):
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))
data = {
'keybase_username': '******',
'signed_message': gpg.sign(policy_application.data).data,
}
serializer = PolicySubmissionSerializer(policy_application, data=data)
assert serializer.is_valid(), serializer.errors
assert policy_application.is_final is False
saved_policy_application = serializer.save()
assert saved_policy_application.pk == policy_application.pk
assert saved_policy_application.is_final is True
assert saved_policy_application.is_signed is True
def test_policy_submission_with_out_of_order_proofs(gpg_key, gpg, factories,
policy_data, monkeypatch):
proof_a = {
'field-a': 'x',
'field-b': 'y',
}
proof_b = {
'field-a': '1',
'field-b': '2',
}
policy_data['identity']['verification_data']['proofs'] = [proof_a, proof_b]
monkeypatch.setitem(testing.PROOF_DB, ('test',), [proof_b, proof_a])
# sanity check that we are using valid test data.
validate_policy_application(policy_data)
policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))
data = {
'keybase_username': '******',
'signed_message': gpg.sign(policy_application.data).data,
}
serializer = PolicySubmissionSerializer(policy_application, data=data)
assert serializer.is_valid(), serializer.errors