def setUpBasicData(self):
self.tag = Tag(name='tag')
self.tag.save()
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
def setUp(self):
g = Group(name='h')
g.save()
c = Cred(title='testcred', password='******', group=g)
c.save()
self.c = c
class StaffChangeAdviceTest(TestCase):
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
def test_disable_user(self):
resp = self.staff.get(reverse("staff.views.change_advice_by_user", args=(self.unorm.id,)))
self.assertEqual(resp.status_code, 200)
credlist = resp.context["creds"]
self.assertIn(self.viewedcred, credlist)
self.assertNotIn(self.changedcred, credlist)
def test_remove_group(self):
resp = self.staff.get(
reverse("staff.views.change_advice_by_user_and_group", args=(self.unorm.id, self.group.id))
)
self.assertEqual(resp.status_code, 200)
credlist = resp.context["creds"]
self.assertIn(self.viewedcred, credlist)
self.assertNotIn(self.changedcred, credlist)
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.tag = Tag(name="tag")
self.tag.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.nobody = Client()
self.nobody.login(username="******", password="******")
self.cred = Cred(title="secret", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class ApiTest(TestCase):
def setUp(self):
self.data = TestData()
self.cred = Cred(title="one", username="******", password="******", group=self.data.group)
self.cred.save()
self.detail_url = reverse("api_dispatch_detail", kwargs={"resource_name": "cred", "api_name": "v1", "pk": self.cred.pk})
def test_cant_use_expired_key(self):
res = self.data.norm.get(self.detail_url)
data = json.loads(res.content)
for key, val in [("title", "one"), ("username", "two"), ("password", "three")]:
self.assertEqual(data[key], val)
def test_can_post_ssh_key_into_cred(self):
self.cred.ssh_key = None
self.cred.save()
res = self.data.norm.get(self.detail_url)
data = json.loads(res.content)
assert 'ssh_key' not in data
with open(os.path.join(ssh_keys, "1.pem")) as fle:
res = self.data.norm.post(self.detail_url, {'ssh_key': fle})
data = json.loads(res.content)
with open(os.path.join(ssh_keys, "1.pem")) as fle:
self.assertEqual(data['ssh_key'], fle.read())
res = self.data.norm.get(self.detail_url)
data = json.loads(res.content)
with open(os.path.join(ssh_keys, "1.pem")) as fle:
self.assertEqual(data['ssh_key'], fle.read())
def test_it_complains_if_given_something_that_isnt_an_ssh_key(self):
with a_temp_file() as filename:
with open(filename, 'w') as fle:
fle.write("blah")
res = self.data.norm.post(self.detail_url, {"ssh_key": open(filename)})
self.assertEqual(res.status_code, 500)
self.assertEqual(res.content, "not a valid RSA private key file")
def import_from_keepass(request):
if request.method == 'POST':
form = KeepassImportForm(request.user, request.POST, request.FILES)
if form.is_valid():
group = form.cleaned_data['group']
for e in form.cleaned_data['db']['entries']:
cred = Cred(
title=e['title'],
username=e['username'],
password=e['password'],
description=e['description'],
group=group,
)
cred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=cred, user=request.user).save()
for t in e['tags']:
(tag, create) = Tag.objects.get_or_create(name=t)
cred.tags.add(tag)
return HttpResponseRedirect(reverse('staff.views.home'))
else:
form = KeepassImportForm(request.user)
return render(request, 'staff_keepassimport.html', {'form': form})
def setUpBasicData(self):
self.tag = Tag(name="tag")
self.tag.save()
self.cred = Cred(title="secret", username="******", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group,
)
self.injectcred.save()
self.markdowncred = Cred(
title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
)
self.markdowncred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUp(self):
g = Group(name='h')
g.save()
c = Cred(title='testcred', password='******', group=g)
c.save()
d = Cred(title='todelete', password='******', group=g)
d.save()
d.delete()
md = Cred(title='Markdown Cred', password='******', group=g, description='# Test')
md.save()
u = User(username='******')
u.save()
u.groups.add(g)
u.save()
f = User(username='******')
f.save()
s = User(username='******', is_staff=True)
s.save()
s.groups.add(g)
s.save()
self.c = c
self.d = d
self.u = u
self.f = f
self.s = s
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def loginLDAP(self, username, password):
c = Client()
loginurl = reverse('django.contrib.auth.views.login')
c.post(loginurl, {'username': username, 'password': password})
return c
def getLDAPAuthData(self):
self.norm = self.loginLDAP(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.loginLDAP(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.loginLDAP(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = Client()
self.norm.login(username='******', password='******')
self.staff = Client()
self.staff.login(username='******', password='******')
self.nobody = Client()
self.nobody.login(username='******', password='******')
def setUpBasicData(self):
self.tag = Tag(name='tag')
self.tag.save()
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class StaffViewTests(TestCase):
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.tag = Tag(name="tag")
self.tag.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.nobody = Client()
self.nobody.login(username="******", password="******")
self.cred = Cred(title="secret", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def test_home(self):
resp = self.staff.get(reverse("staff.views.home"))
self.assertEqual(resp.status_code, 200)
userlist = resp.context["userlist"]
grouplist = resp.context["grouplist"]
self.assertIn(self.unorm, userlist)
self.assertIn(self.ustaff, userlist)
self.assertIn(self.unobody, userlist)
self.assertIn(self.group, grouplist)
self.assertIn(self.othergroup, grouplist)
def test_view_trash(self):
self.cred.is_deleted = True
self.cred.save()
resp = self.staff.get(reverse("staff.views.view_trash"))
self.assertEqual(resp.status_code, 200)
credlist = resp.context["credlist"].object_list
self.assertIn(self.cred, credlist)
self.assertNotIn(self.tagcred, credlist)
def test_userdetail(self):
resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["viewuser"]
self.assertEqual(self.unobody.id, user.id)
def test_groupadd(self):
resp = self.staff.get(reverse("staff.views.groupadd"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["name"] = "Test Group"
resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True)
self.assertEqual(resp.status_code, 200)
newgroup = Group.objects.get(name="Test Group")
def test_groupdetail(self):
resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,)))
self.assertEqual(resp.status_code, 200)
group = resp.context["group"]
self.assertEqual(self.group.id, group.id)
def test_groupdelete(self):
resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,)))
self.assertEqual(resp.status_code, 200)
group = resp.context["group"]
self.assertEqual(self.othergroup.id, group.id)
resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True)
with self.assertRaises(Group.DoesNotExist):
delgroup = Group.objects.get(id=self.othergroup.id)
def test_userdelete(self):
resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["viewuser"]
self.assertEqual(self.unobody.id, user.id)
resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True)
self.assertEqual(resp.status_code, 200)
with self.assertRaises(User.DoesNotExist):
deluser = User.objects.get(id=self.unobody.id)
def test_audit_by_cred(self):
resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,)))
self.assertEqual(resp.status_code, 200)
cred = resp.context["cred"]
loglist = resp.context["logs"].object_list
self.assertEqual(self.cred.id, cred.id)
self.assertEqual(resp.context["type"], "cred")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_audit_by_user(self):
resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["loguser"]
loglist = resp.context["logs"].object_list
self.assertEqual(self.ustaff.id, user.id)
self.assertEqual(resp.context["type"], "user")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_audit_by_days(self):
resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,)))
self.assertEqual(resp.status_code, 200)
days_ago = resp.context["days_ago"]
loglist = resp.context["logs"].object_list
self.assertEqual(int(days_ago), 2)
self.assertEqual(resp.context["type"], "time")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_NewUser(self):
resp = self.staff.get(reverse("user_add"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["username"] = "******"
post["email"] = "*****@*****.**"
post["groups"] = self.othergroup.id
post["newpass"] = "******"
post["confirmpass"] = "******"
resp = self.staff.post(reverse("user_add"), post, follow=True)
with self.assertRaises(KeyError):
print resp.context["form"].errors
self.assertEqual(resp.status_code, 200)
newuser = User.objects.get(username="******")
self.assertEqual(newuser.email, "*****@*****.**")
self.assertTrue(newuser.check_password("crazypass"))
self.assertIn(self.othergroup, newuser.groups.all())
self.assertNotIn(self.group, newuser.groups.all())
def test_UpdateUser(self):
resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["email"] = "*****@*****.**"
post["newpass"] = "******"
post["confirmpass"] = "******"
resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True)
self.assertEqual(resp.status_code, 200)
newuser = User.objects.get(id=self.unobody.id)
self.assertEqual(newuser.email, "*****@*****.**")
self.assertTrue(newuser.check_password("differentpass"))
def test_import_from_keepass(self):
gp = Group(name="KeepassImportTest")
gp.save()
self.ustaff.groups.add(gp)
self.ustaff.save()
resp = self.staff.get(reverse("staff.views.import_from_keepass"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["password"] = "******"
post["group"] = gp.id
with open("docs/keepass/test2.kdb") as fp:
post["file"] = fp
resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True)
self.assertEqual(resp.status_code, 200)
newcred = Cred.objects.get(title="Google", group=gp)
self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK")
self.assertEqual(newcred.tags.all()[0].name, "Internet")
def test_credundelete(self):
self.cred.delete()
resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,)))
self.assertEqual(resp.status_code, 200)
self.assertEqual(resp.context["cred"], self.cred)
resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True)
self.assertEqual(resp.status_code, 200)
cred = Cred.objects.get(id=self.cred.id)
self.assertFalse(cred.is_deleted)
def setUp(self):
self.data = TestData()
self.cred = Cred(title="one", username="******", password="******", group=self.data.group)
self.cred.save()
self.detail_url = reverse("api_dispatch_detail", kwargs={"resource_name": "cred", "api_name": "v1", "pk": self.cred.pk})
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse('login')
c.post(loginurl, {
'auth-username': username,
'auth-password': password,
'rattic_tfa_login_view-current_step': 'auth',
})
return c
def getLDAPAuthData(self):
self.norm = self.login(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.login(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.login(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = self.login(username='******', password='******')
self.staff = self.login(username='******', password='******')
self.nobody = self.login(username='******', password='******')
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUp(self):
g = Group(name='h')
g.save()
c = Cred(title='testcred', password='******', group=g)
c.save()
d = Cred(title='todelete', password='******', group=g)
d.save()
d.delete()
md = Cred(title='Markdown Cred',
password='******',
group=g,
description='# Test')
md.save()
u = User(username='******')
u.save()
u.groups.add(g)
u.save()
f = User(username='******')
f.save()
s = User(username='******', is_staff=True)
s.save()
s.groups.add(g)
s.save()
self.c = c
self.d = d
self.u = u
self.f = f
self.s = s
except Exception as e:
print(tag_name, e)
print("=> import Entry")
for entry in res.get("entries", []):
try:
kwargs = {}
tags = []
for k, v in entry.items():
if k == "tags":
tags = v
continue
if k in ["filename", "filecontent"]:
continue
kwargs[k] = v
kwargs["group"] = owner_group
cred = Cred(**kwargs)
cred.save()
for tag_name in tags:
cred.tags.add(Tag.objects.get(name=tag_name))
cred.save()
except IntegrityError as e:
if e.message.endswith(" is not unique"):
pass
else:
print(entry.get("title"), entry.get("name"), e)
except Exception as e:
print(entry.get("title"), entry.get("name"), e)
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse("django.contrib.auth.views.login")
c.post(loginurl, {"username": username, "password": password})
return c
def getLDAPAuthData(self):
self.norm = self.login(username="******", password="******")
self.unorm = User.objects.get(username="******")
self.normpass = "******"
self.staff = self.login(username="******", password="******")
self.ustaff = User.objects.get(username="******")
self.nobody = self.login(username="******", password="******")
self.unobody = User.objects.get(username="******")
self.group = Group.objects.get(name="testgroup")
self.othergroup = Group.objects.get(name="othergroup")
def setUpAuthData(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.normpass = "******"
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = self.login(username="******", password="******")
self.staff = self.login(username="******", password="******")
self.nobody = self.login(username="******", password="******")
def setUpBasicData(self):
self.tag = Tag(name="tag")
self.tag.save()
self.cred = Cred(title="secret", username="******", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group,
)
self.injectcred.save()
self.markdowncred = Cred(
title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
)
self.markdowncred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse('login')
c.post(loginurl, {
'auth-username': username,
'auth-password': password,
'rattic_tfa_login_view-current_step': 'auth',
})
return c
def getLDAPAuthData(self):
self.norm = self.login(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.login(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.login(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = self.login(username='******', password='******')
self.staff = self.login(username='******', password='******')
self.nobody = self.login(username='******', password='******')
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
