def testProvisioningQueryCreatedBySortingOrder(self):
models.ProvisioningVolume.created.auto_now = False
today = datetime.datetime.today()
for i in range(2 * search.MAX_PASSPHRASES_PER_QUERY):
models.ProvisioningVolume(
owner='stub7',
serial='stub',
volume_uuid=str(uuid.uuid4()),
created_by=users.User('*****@*****.**'),
hdd_serial='stub',
passphrase=str(uuid.uuid4()),
platform_uuid='stub',
created=today - datetime.timedelta(days=i),
).put()
resp = util.FromSafeJson(
self.testapp.get(
'/search?search_type=provisioning&'
'field1=created_by&[email protected]&json=1').body)
self.assertTrue(resp['too_many_results'])
volumes = resp['passphrases']
self.assertEqual(search.MAX_PASSPHRASES_PER_QUERY, len(volumes))
for i in range(search.MAX_PASSPHRASES_PER_QUERY):
self.assertEqual('stub7', volumes[i]['created_by'])
self.assertEqual(str(today - datetime.timedelta(days=i)),
volumes[i]['created'])
models.ProvisioningVolume.created.auto_now = True
def testOkStatusWithoutPermissions(self, *_):
resp = gae_main.app.get_response('/api/internal/volume_types',
{'REQUEST_METHOD': 'GET'})
self.assertEqual(httplib.OK, resp.status_int)
self.assertEqual(0, len(util.FromSafeJson(resp.body)))
def testLog(self, _):
self.volume.put()
volumes.LuksAccessLog.Log(entity=self.volume, message='PUT')
resp = util.FromSafeJson(self.testapp.get('/logs?log_type=luks').body)
self.assertEqual('luks', resp['log_type'])
self.assertEqual(1, len(resp['logs']))
def testWindowsFirmwareSearch(self):
firmware.WindowsFirmwarePassword(
owner='stub7', serial='stub', created_by=users.User('*****@*****.**'),
password=str(uuid.uuid4()), smbios_guid='stub', hostname='host1'
).put()
resp = self.testapp.get(
'/search?search_type=windows_firmware&field1=owner&value1=stub7&json=1')
self.assertEqual(1, len(util.FromSafeJson(resp.body)['passphrases']))
def testForceRekeying(self):
self.v.force_rekeying = True
self.v.put()
resp = self.testapp.get('/api/v1/rekey-required/luks/' +
self.target_id,
status=httplib.OK)
self.assertTrue(util.FromSafeJson(resp.body))
def testLinuxFirmwareSearch(self):
firmware.LinuxFirmwarePassword(
owner='stub7', serial='stub', created_by=users.User('*****@*****.**'),
password=str(uuid.uuid4()), machine_uuid='stub', hostname='host1',
manufacturer='Vendor',
).put()
resp = self.testapp.get(
'/search?search_type=linux_firmware&field1=owner&value1=stub7&json=1')
self.assertEqual(1, len(util.FromSafeJson(resp.body)['passphrases']))
def testFilterResult(self):
base.User(
key_name='*****@*****.**', user=users.get_current_user(),
bitlocker_perms=[permissions.RETRIEVE_OWN],
).put()
resp = util.FromSafeJson(self.testapp.get(
'/search?search_type=bitlocker&field1=owner&value1=stub&json=1').body)
self.assertTrue(resp['results_access_warning'])
self.assertEqual(0, len(resp['passphrases']))
def testNoSearchPermissionsCanRetrieveOwn(self):
resp = gae_main.app.get_response('/api/internal/volume_types',
{'REQUEST_METHOD': 'GET'})
self.assertEqual(httplib.OK, resp.status_int)
data = util.FromSafeJson(resp.body)
self.assertEqual('stub7', data['user'])
self.assertEqual(2, len(data))
self.assertEqual([permissions.RETRIEVE_OWN],
data[permissions.TYPE_LUKS].keys())
self.assertTrue(data[permissions.TYPE_LUKS][permissions.RETRIEVE_OWN])
def testShowOnlyErrors(self, _):
self.volume.put()
volumes.LuksAccessLog.Log(entity=self.volume, message='PUT')
volumes.LuksAccessLog.Log(entity=self.volume,
message='PUT',
successful=False)
resp = util.FromSafeJson(
self.testapp.get('/logs?log_type=luks&only_errors=true').body)
self.assertEqual('luks', resp['log_type'])
self.assertEqual(1, len(resp['logs']))
def testRetrieval(self):
password = '******'
hostname = 'host1'
serial = 'SERIAL'
firmware.LenovoFirmwarePassword(
serial=serial, hostname=hostname, password=password, owner='stub7',
).put()
resp = util.FromSafeJson(
self.testapp.get('/lenovo_firmware/SERIAL', status=httplib.OK).body)
self.assertEqual(password, resp['passphrase'])
self.assertEqual(serial, resp['volume_uuid'])
def testOk(self):
base.User(
key_name='*****@*****.**',
user=users.get_current_user(),
filevault_perms=[permissions.SEARCH],
luks_perms=[permissions.SEARCH],
).put()
resp = gae_main.app.get_response('/api/internal/volume_types',
{'REQUEST_METHOD': 'GET'})
self.assertEqual(httplib.OK, resp.status_int)
data = util.FromSafeJson(resp.body)
volume_fields = {x: y for x, y in data.items() if 'fields' in y}
self.assertEqual(2, len(volume_fields))
def testBarcode(self):
vol_uuid = str(uuid.uuid4()).upper()
secret = str(uuid.uuid4())
base.User(
key_name='*****@*****.**', user=users.get_current_user(),
luks_perms=[permissions.RETRIEVE_OWN],
).put()
models.LuksVolume(
owner='stub7', hdd_serial='stub', hostname='stub', passphrase=secret,
platform_uuid='stub', volume_uuid=vol_uuid
).put()
with mock.patch.object(util, 'SendEmail') as _:
resp = gae_main.app.get_response('/luks/%s?json=1' % vol_uuid)
o = util.FromSafeJson(resp.body)
self.assertTrue(o['qr_img_url'])
def testSuccess(self, factory_mock, _):
inventory_service_mock = mock.Mock(spec=services.InventoryService)
factory_mock.return_value = inventory_service_mock
inventory_service_mock.IsRetiredMac.side_effect = lambda s: s == '1234'
test_util.MakeAppleFirmware(serial='1234')
test_util.MakeAppleFirmware(serial='231')
response = self.testapp.get('/api/internal/retired-assets/1234,231')
res = util.FromSafeJson(response.body)
self.assertEqual(['231'], res['active'])
self.assertEqual([{
'password': '******',
'serial': '1234'
}], res['retired'])
def testWalkthrough(self):
models.ProvisioningVolume.created.auto_now = False
vol_uuid1 = str(uuid.uuid4()).upper()
secret1 = str(uuid.uuid4())
base.User(
key_name='*****@*****.**',
user=users.get_current_user(),
provisioning_perms=[],
).put()
models.ProvisioningVolume(
owner='stub',
created_by=users.get_current_user(),
hdd_serial='stub',
passphrase=secret1,
created=datetime.datetime.now(),
platform_uuid='stub',
serial='stub',
volume_uuid=vol_uuid1,
).put()
old = datetime.datetime.now() - datetime.timedelta(days=365)
models.ProvisioningVolume(owner='stub1',
created_by=users.get_current_user(),
hdd_serial='stub',
passphrase=secret1,
created=old,
platform_uuid='stub',
serial='stub',
volume_uuid=str(uuid.uuid4()).upper()).put()
resp = gae_main.app.get_response('/created?json=1',
{'REQUEST_METHOD': 'GET'})
self.assertEqual(httplib.OK, resp.status_int)
data = util.FromSafeJson(resp.body)
self.assertEqual(1, len(data))
self.assertEqual(secret1, data[0]['passphrase'])
models.ProvisioningVolume.created.auto_now = True
def testBarcodeTooLong(self):
vol_uuid = str(uuid.uuid4()).upper()
secret = str(uuid.uuid4()) * 10
base.User(
key_name='*****@*****.**', user=users.get_current_user(),
luks_perms=[permissions.RETRIEVE_OWN],
).put()
models.LuksVolume(
owner='stub', hdd_serial='stub', hostname='stub', passphrase=secret,
platform_uuid='stub', volume_uuid=vol_uuid
).put()
with mock.patch.object(handlers, 'settings') as mock_settings:
mock_settings.XSRF_PROTECTION_ENABLED = False
with mock.patch.object(util, 'SendEmail') as _:
resp = gae_main.app.get_response('/luks/%s?json=1' % vol_uuid)
o = util.FromSafeJson(resp.body)
self.assertFalse(o['qr_img_url'])
def testRetrieval(self):
password = '******'
hostname = 'host1'
serial = 'SERIAL'
manufacturer = 'Vendor'
machine_uuid = 'ID1'
firmware.LinuxFirmwarePassword(serial=serial,
hostname=hostname,
password=password,
owner='stub7',
machine_uuid=machine_uuid,
manufacturer=manufacturer).put()
resp = util.FromSafeJson(
self.testapp.get('/linux_firmware/VendorSERIALID1',
status=httplib.OK).body)
self.assertEqual(password, resp['passphrase'])
self.assertEqual(manufacturer + serial + machine_uuid,
resp['volume_uuid'])
