Exemple #1
0
def test_argument_to_sql_droptables():
    """ Utils.argument_to_sql with Bobby Tables. """
    binds = {}
    name = "Robert'; DROP TABLE Students;--"
    sql = Utils.argument_to_sql(name, 'name', binds)
    assert sql == '(name = :name)'
    assert binds == {'name': name}  # This function should not sanitize. That's
Exemple #2
0
def test_argument_to_sql_droptables():
    """ Utils.argument_to_sql with Bobby Tables. """
    binds = {}
    name = "Robert'; DROP TABLE Students;--"
    sql = Utils.argument_to_sql(name, 'name', binds)
    assert sql == '(name = :name)'
    assert binds == {'name': name}  # This function should not sanitize. That's
Exemple #3
0
def test_argument_to_sql_sequence():
    """ Utils.argument_to_sql with sequence. """
    sequence = [1, 2, 3]
    for seq_type in (tuple, set, list):
        binds = {}
        sql = Utils.argument_to_sql(seq_type(sequence), 'foo', binds)
        assert sql == '(foo IN (:foo0, :foo1, :foo2))'
        assert binds == {'foo0': 1, 'foo1': 2, 'foo2': 3}
Exemple #4
0
def test_argument_to_sql_sequence():
    """ Utils.argument_to_sql with sequence. """
    sequence = [1, 2, 3]
    for seq_type in (tuple, set, list):
        binds = {}
        sql = Utils.argument_to_sql(seq_type(sequence), 'foo', binds)
        assert sql == '(foo IN (:foo0, :foo1, :foo2))'
        assert binds == {'foo0': 1, 'foo1': 2, 'foo2': 3}
Exemple #5
0
    def clear_state(self, state_types=None):
        """ Remove session state data.

        Session state data mainly constists of cached passwords for the
        misc_list_passwords command.
        """
        sql = """DELETE FROM [:table schema=cerebrum name=bofhd_session_state]
                 WHERE session_id=:session_id"""
        binds = {'session_id': self.get_session_id()}
        if state_types:
            sql += " AND " + Utils.argument_to_sql(state_types, 'state_type',
                                                   binds, str)

        self._db.execute(sql, binds)
        self._remove_old_sessions()
Exemple #6
0
    def clear_state(self, state_types=None):
        """ Remove session state data.

        Session state data mainly constists of cached passwords for the
        misc_list_passwords command.

        """
        sql = """DELETE FROM [:table schema=cerebrum name=bofhd_session_state]
                 WHERE session_id=:session_id"""
        binds = {"session_id": self.get_session_id()}
        if state_types:
            sql += " AND " + Utils.argument_to_sql(state_types, "state_type", binds, str)

        self._db.execute(sql, binds)
        self._remove_old_sessions()
Exemple #7
0
def test_argument_to_sql_transform():
    """ Utils.argument_to_sql with transform function. """
    binds = {}
    sql = Utils.argument_to_sql(None, 'foo', binds, type)
    assert sql == '(foo = :foo)'
    assert binds == {'foo': type(None)}
Exemple #8
0
def test_argument_to_sql_transform():
    """ Utils.argument_to_sql with transform function. """
    binds = {}
    sql = Utils.argument_to_sql(None, 'foo', binds, type)
    assert sql == '(foo = :foo)'
    assert binds == {'foo': type(None)}