def handle(self, *args, **options):
models = apps.get_models()
script = ""
for model in models:
updates = get_updates_for_model(model)
if updates:
script += updates
return script
def test_query_sanitises_date_data(self):
first_purchase = Purchase.objects.get(book__title="Baking things")
second_purchase = Purchase.objects.get(book__title="Treaty Negotiations")
clive = Person.objects.get(first_name="Clive")
assert first_purchase.purchased_at > second_purchase.purchased_at
assert clive.date_of_birth == datetime.date(1920, 1, 9)
cursor = connection.cursor()
cursor.execute(get_updates_for_model(Purchase))
cursor.execute(get_updates_for_model(Person))
first_purchase = Purchase.objects.get(book__title="Baking things")
second_purchase = Purchase.objects.get(book__title="Treaty Negotiations")
clive = Person.objects.get(pk=clive.pk)
assert first_purchase.purchased_at == second_purchase.purchased_at
assert clive.date_of_birth != datetime.date(1920, 1, 9)
def test_query_sanitises_character_data(self):
books = ["{0}".format(book) for book in Book.objects.all()]
assert "Baking things by Mary Berry" in books
assert "They don't like it up 'em by Clive Dunn" in books
assert "Treaty Negotiations by Elizabeth Weir" in books
cursor = connection.cursor()
cursor.execute(get_updates_for_model(Person))
books = ["{0}".format(book) for book in Book.objects.all()]
assert "Baking things by Mary Berry" not in books
assert "They don't like it up 'em by Clive Dunn" not in books
assert "Treaty Negotiations by Elizabeth Weir" not in books
def test_query_sanitises_IP_data(self):
first_purchase = Purchase.objects.get(book__title="Baking things")
second_purchase = Purchase.objects.get(book__title="Treaty Negotiations")
assert first_purchase.buyer_ip == "192.0.2.1"
assert second_purchase.buyer_ip == "192.0.2.21"
cursor = connection.cursor()
cursor.execute(get_updates_for_model(Purchase))
first_purchase = Purchase.objects.get(book__title="Baking things")
second_purchase = Purchase.objects.get(book__title="Treaty Negotiations")
assert first_purchase.buyer_ip != "192.0.2.1"
assert second_purchase.buyer_ip != "192.0.2.21"
def test_query_sanitises_passwords(self):
from django.contrib.auth.models import User
from django.contrib.auth.hashers import check_password
User._meta.sensitive_fields = {'email', 'username', 'password'}
admin = User.objects.create_user(username="******", email="*****@*****.**", password="******")
editor = User.objects.create_user(username="******", email="*****@*****.**", password="******")
assert check_password("secrets!", admin.password)
assert check_password("ilovehorses", editor.password)
cursor = connection.cursor()
cursor.execute(get_updates_for_model(User))
# Refresh users from DB
admin = User.objects.get(pk=admin.pk)
editor = User.objects.get(pk=editor.pk)
assert admin.email == '*****@*****.**'
assert editor.email == '*****@*****.**'
assert check_password("password", admin.password)
assert check_password("password", editor.password)
def test_query_not_generated_if_model_has_no_sensitive_fields(self):
assert get_updates_for_model(Book) is None
def test_query_generated_if_model_has_sensitive_fields(self):
assert get_updates_for_model(Person) is not None
