def handle(self, *args, **options): models = apps.get_models() script = "" for model in models: updates = get_updates_for_model(model) if updates: script += updates return script
def test_query_sanitises_date_data(self): first_purchase = Purchase.objects.get(book__title="Baking things") second_purchase = Purchase.objects.get(book__title="Treaty Negotiations") clive = Person.objects.get(first_name="Clive") assert first_purchase.purchased_at > second_purchase.purchased_at assert clive.date_of_birth == datetime.date(1920, 1, 9) cursor = connection.cursor() cursor.execute(get_updates_for_model(Purchase)) cursor.execute(get_updates_for_model(Person)) first_purchase = Purchase.objects.get(book__title="Baking things") second_purchase = Purchase.objects.get(book__title="Treaty Negotiations") clive = Person.objects.get(pk=clive.pk) assert first_purchase.purchased_at == second_purchase.purchased_at assert clive.date_of_birth != datetime.date(1920, 1, 9)
def test_query_sanitises_character_data(self): books = ["{0}".format(book) for book in Book.objects.all()] assert "Baking things by Mary Berry" in books assert "They don't like it up 'em by Clive Dunn" in books assert "Treaty Negotiations by Elizabeth Weir" in books cursor = connection.cursor() cursor.execute(get_updates_for_model(Person)) books = ["{0}".format(book) for book in Book.objects.all()] assert "Baking things by Mary Berry" not in books assert "They don't like it up 'em by Clive Dunn" not in books assert "Treaty Negotiations by Elizabeth Weir" not in books
def test_query_sanitises_IP_data(self): first_purchase = Purchase.objects.get(book__title="Baking things") second_purchase = Purchase.objects.get(book__title="Treaty Negotiations") assert first_purchase.buyer_ip == "192.0.2.1" assert second_purchase.buyer_ip == "192.0.2.21" cursor = connection.cursor() cursor.execute(get_updates_for_model(Purchase)) first_purchase = Purchase.objects.get(book__title="Baking things") second_purchase = Purchase.objects.get(book__title="Treaty Negotiations") assert first_purchase.buyer_ip != "192.0.2.1" assert second_purchase.buyer_ip != "192.0.2.21"
def test_query_sanitises_passwords(self): from django.contrib.auth.models import User from django.contrib.auth.hashers import check_password User._meta.sensitive_fields = {'email', 'username', 'password'} admin = User.objects.create_user(username="******", email="*****@*****.**", password="******") editor = User.objects.create_user(username="******", email="*****@*****.**", password="******") assert check_password("secrets!", admin.password) assert check_password("ilovehorses", editor.password) cursor = connection.cursor() cursor.execute(get_updates_for_model(User)) # Refresh users from DB admin = User.objects.get(pk=admin.pk) editor = User.objects.get(pk=editor.pk) assert admin.email == '*****@*****.**' assert editor.email == '*****@*****.**' assert check_password("password", admin.password) assert check_password("password", editor.password)
def test_query_not_generated_if_model_has_no_sensitive_fields(self): assert get_updates_for_model(Book) is None
def test_query_generated_if_model_has_sensitive_fields(self): assert get_updates_for_model(Person) is not None