def test_policy_submission_with_valid_data_DEPR(gpg_key, gpg, factories, api_client,
                                                user, policy_data, monkeypatch, job_data):
    policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
    policy_data['employmentHistory']['jobs'].append(job_data)

    monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])

    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(
        user=user,
        data=json.dumps(policy_data),
    )
    # sanity check that it isn't already finalized
    assert not policy_application.is_final

    submit_url = reverse('v1:policy-submit', kwargs={'pk': policy_application.pk})

    data = {
        'keybase_username': '******',
        'signed_message': gpg.sign(policy_application.data).data,
    }

    response = api_client.post(submit_url, data)
    assert response.status_code == status.HTTP_200_OK, response.data

    policy_application = PolicyApplication.objects.get()
    assert policy_application.is_final is True

    assert policy_application.review_tasks.count() == 0

    assert policy_application.state == POLICY_STATUS_SUBMITTED
def test_generate_employment_history_job_records_extended(gpg_key, gpg, factories, api_client,
                                                          user, policy_data, monkeypatch, job_data_extended):
    policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
    policy_data['employmentHistory']['jobs'].append(job_data_extended)

    monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])

    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(
        user=user,
        data=json.dumps(policy_data),
    )
    generate_employment_history_job_records(policy_application)

    job_record = EmploymentHistoryJob.objects.get()
    assert job_record.user == policy_application.user
    assert job_record.policy == policy_application
    assert job_record.company == job_data_extended['company']
    assert job_record.is_current_job == job_data_extended['currentJob']
    assert job_record.notes == job_data_extended['notes']
    assert job_record.state == job_data_extended['state']
    assert job_record.city == job_data_extended['city']
    assert job_record.confirmer_email == job_data_extended['confirmerEmail']
    assert job_record.confirmer_name == job_data_extended['confirmerName']
    assert job_record.job_titile == job_data_extended['jobTitile']
    assert job_record.date_begin.month == int(job_data_extended['startMonth']) + 1
    assert job_record.date_begin.year == int(job_data_extended['startYear'])
    assert job_record.date_end.month == int(job_data_extended['endMonth']) + 1
    assert job_record.date_end.year == int(job_data_extended['endYear'])
def test_policy_submission_with_invalid_signature(gpg_key, generate_gpg_key,
                                                  gpg, factories, policy_data):
    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))
    other_key = generate_gpg_key('wrong_username')

    data = {
        'keybase_username': '******',
        'signed_message': gpg.sign(policy_application.data, keyid=other_key.fingerprint).data,
    }
    serializer = PolicySubmissionSerializer(policy_application, data=data)
    assert not serializer.is_valid()
    assert serializer.error_messages['signature_invalid'] in serializer.errors['non_field_errors']
def test_generate_employment_history_job_records_incorrect_job_data(gpg_key, gpg, factories, api_client,
                                                                    user, policy_data, monkeypatch):
    policy_data['identity']['verification_data']['proofs'].append({'dummy': 'data'})
    policy_data['employmentHistory']['jobs'].append({'dummy': 'data'})

    monkeypatch.setitem(testing.PROOF_DB, ('test',), policy_data['identity']['verification_data']['proofs'])

    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(
        user=user,
        data=json.dumps(policy_data),
    )
    with pytest.raises(ValidationError) as excinfo:
        generate_employment_history_job_records(policy_application)
    assert excinfo.value.detail[0] == 'Incorrect job data'
Example #5
0
    def validate(self, data):
        keybase_username = data["keybase_username"]
        signed_message = data['signed_message']

        public_key_provider = get_provider()
        public_key_pem = public_key_provider.get_public_key(keybase_username)

        with gpg_keyring(public_key_pem) as gpg:
            verification = gpg.verify(signed_message)
            validate_signature(verification)

            message = gpg.decrypt(signed_message).data

        try:
            policy_data = json.loads(message)
        except ValueError:
            raise serializers.ValidationError(self.error_messages['json_invalid'])

        validate_policy_application(policy_data)

        expected_proofs = public_key_provider.get_proofs(keybase_username)
        actual_proofs = policy_data['identity']['verification_data']['proofs']

        expected_proofs_set = set(json.dumps(v, sort_keys=True) for v in expected_proofs)
        actual_proofs_set = set(json.dumps(v, sort_keys=True) for v in actual_proofs)

        if expected_proofs_set != actual_proofs_set:
            raise serializers.ValidationError(self.error_messages['proofs_invalid'])

        validated_data = {
            'is_final': True,
            'data': json.dumps({
                'policy_data': policy_data,
                'signed_message': signed_message,
                'public_key': public_key_pem,
                'public_key_provider': public_key_provider.name,
                'public_key_identity': {
                    'username': keybase_username,
                }
            }, sort_keys=True),
            'is_signed': True
        }
        return validated_data
def test_policy_submission_with_valid_data(gpg_key, gpg, factories, policy_data):
    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))

    data = {
        'keybase_username': '******',
        'signed_message': gpg.sign(policy_application.data).data,
    }
    serializer = PolicySubmissionSerializer(policy_application, data=data)
    assert serializer.is_valid(), serializer.errors

    assert policy_application.is_final is False

    saved_policy_application = serializer.save()

    assert saved_policy_application.pk == policy_application.pk
    assert saved_policy_application.is_final is True
    assert saved_policy_application.is_signed is True
def test_policy_submission_with_out_of_order_proofs(gpg_key, gpg, factories,
                                                    policy_data, monkeypatch):
    proof_a = {
        'field-a': 'x',
        'field-b': 'y',
    }
    proof_b = {
        'field-a': '1',
        'field-b': '2',
    }
    policy_data['identity']['verification_data']['proofs'] = [proof_a, proof_b]
    monkeypatch.setitem(testing.PROOF_DB, ('test',), [proof_b, proof_a])

    # sanity check that we are using valid test data.
    validate_policy_application(policy_data)

    policy_application = factories.PolicyApplicationFactory(data=json.dumps(policy_data))

    data = {
        'keybase_username': '******',
        'signed_message': gpg.sign(policy_application.data).data,
    }
    serializer = PolicySubmissionSerializer(policy_application, data=data)
    assert serializer.is_valid(), serializer.errors