def test_pii_encoding(self): email = '*****@*****.**' actions.login(email, is_admin=True) token = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) response = transforms.loads( self.get('/rest/data/character/items').body) for d in response['data']: # Ensure that field marked as needing transformation is cleared # when we don't pass in an XSRF token used for generating a secret # for encrypting. self.assertEquals('None', d['user_id']) self.assertEquals(str(db.Key.from_path(Character.kind(), 'None')), d['key']) # Ensure that field marked for denylist is suppressed. self.assertFalse('name' in d) response = transforms.loads( self.get('/rest/data/character/items?data_source_token=' + token).body) for d in response['data']: # Ensure that field marked as needing transformation is cleared # when we don't pass in an XSRF token used for generating a secret # for encrypting. self.assertIsNotNone(d['user_id']) self.assertNotEquals('None', d['key']) # Ensure that field marked for denylist is still suppressed. self.assertFalse('name' in d)
def test_pii_encoding(self): email = '*****@*****.**' actions.login(email, is_admin=True) token = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) response = transforms.loads(self.get('/rest/data/character/items').body) for d in response['data']: # Ensure that field marked as needing transformation is cleared # when we don't pass in an XSRF token used for generating a secret # for encrypting. self.assertEquals('None', d['user_id']) self.assertEquals(str(db.Key.from_path(Character.kind(), 'None')), d['key']) # Ensure that field marked for blacklist is suppressed. self.assertFalse('name' in d) response = transforms.loads(self.get( '/rest/data/character/items?data_source_token=' + token).body) for d in response['data']: # Ensure that field marked as needing transformation is cleared # when we don't pass in an XSRF token used for generating a secret # for encrypting. self.assertIsNotNone(d['user_id']) self.assertNotEquals('None', d['key']) # Ensure that field marked for blacklist is still suppressed. self.assertFalse('name' in d)
def test_pii_encoding_changes(self): email = '*****@*****.**' actions.login(email, is_admin=True) token1 = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) time.sleep(1) # Legit: XSRF token is time-based, so will change. token2 = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) self.assertNotEqual(token1, token2) response1 = transforms.loads(self.get( '/rest/data/character/items?data_source_token=' + token1).body) response2 = transforms.loads(self.get( '/rest/data/character/items?data_source_token=' + token2).body) for c1, c2 in zip(response1['data'], response2['data']): self.assertNotEquals(c1['user_id'], c2['user_id']) self.assertNotEquals(c1['key'], c2['key'])
def test_pii_encoding_changes(self): email = '*****@*****.**' actions.login(email, is_admin=True) token1 = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) time.sleep(1) # Legit: XSRF token is time-based, so will change. token2 = data_sources_utils.generate_data_source_token( crypto.XsrfTokenManager) self.assertNotEqual(token1, token2) response1 = transforms.loads(self.get( '/rest/data/character/items?data_source_token=' + token1).body) response2 = transforms.loads(self.get( '/rest/data/character/items?data_source_token=' + token2).body) for c1, c2 in zip(response1['data'], response2['data']): self.assertNotEquals(c1['user_id'], c2['user_id']) self.assertNotEquals(c1['key'], c2['key'])