def setUpBasicData(self): # Make a tag self.tag = Tag(name='tag') self.tag.save() # Make a simple credential self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() # Make a cred that'll be tagged self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() # A cred that attempts script injection self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group ) self.injectcred.save() # A cred with markdown self.markdowncred = Cred( title='Markdown Cred', password='******', group=self.group, description='# Test', descriptionmarkdown=True, ) self.markdowncred.save() # Add a Unicode credential self.unicodecred = Cred( title='Unicode ‑ Cred', password='******', group=self.group, description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο', ) self.unicodecred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def setUpBasicData(self): self.tag = Tag(name='tag') self.tag.save() self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def setUp(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.tag = Tag(name="tag") self.tag.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.group) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = Client() self.norm.login(username="******", password="******") self.staff = Client() self.staff.login(username="******", password="******") self.nobody = Client() self.nobody.login(username="******", password="******") self.cred = Cred(title="secret", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
def setUpBasicData(self): self.tag = Tag(name="tag") self.tag.save() self.cred = Cred(title="secret", username="******", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group, ) self.injectcred.save() self.markdowncred = Cred( title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True ) self.markdowncred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title="Viewed", password="******", group=self.group) self.viewedcred.save() self.changedcred = Cred(title="Changed", password="******", group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def loginLDAP(self, username, password): c = Client() loginurl = reverse('django.contrib.auth.views.login') c.post(loginurl, {'username': username, 'password': password}) return c def getLDAPAuthData(self): self.norm = self.loginLDAP(username='******', password='******') self.unorm = User.objects.get(username='******') self.normpass = '******' self.staff = self.loginLDAP(username='******', password='******') self.ustaff = User.objects.get(username='******') self.nobody = self.loginLDAP(username='******', password='******') self.unobody = User.objects.get(username='******') self.group = Group.objects.get(name='testgroup') self.othergroup = Group.objects.get(name='othergroup') def setUpAuthData(self): self.group = Group(name='testgroup') self.group.save() self.othergroup = Group(name='othergroup') self.othergroup.save() self.unorm = User(username='******', email='*****@*****.**') self.unorm.set_password('password') self.normpass = '******' self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username='******', email='*****@*****.**', is_staff=True) self.ustaff.set_password('password') self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username='******', email='*****@*****.**') self.unobody.set_password('password') self.unobody.save() self.norm = Client() self.norm.login(username='******', password='******') self.staff = Client() self.staff.login(username='******', password='******') self.nobody = Client() self.nobody.login(username='******', password='******') def setUpBasicData(self): self.tag = Tag(name='tag') self.tag.save() self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def login(self, username, password): c = Client() loginurl = reverse('login') c.post(loginurl, { 'auth-username': username, 'auth-password': password, 'rattic_tfa_login_view-current_step': 'auth', }) return c def getLDAPAuthData(self): self.norm = self.login(username='******', password='******') self.unorm = User.objects.get(username='******') self.normpass = '******' self.staff = self.login(username='******', password='******') self.ustaff = User.objects.get(username='******') self.nobody = self.login(username='******', password='******') self.unobody = User.objects.get(username='******') self.group = Group.objects.get(name='testgroup') self.othergroup = Group.objects.get(name='othergroup') def setUpAuthData(self): self.group = Group(name='testgroup') self.group.save() self.othergroup = Group(name='othergroup') self.othergroup.save() self.unorm = User(username='******', email='*****@*****.**') self.unorm.set_password('password') self.normpass = '******' self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username='******', email='*****@*****.**', is_staff=True) self.ustaff.set_password('password') self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username='******', email='*****@*****.**') self.unobody.set_password('password') self.unobody.save() self.norm = self.login(username='******', password='******') self.staff = self.login(username='******', password='******') self.nobody = self.login(username='******', password='******') def setUpBasicData(self): # Make a tag self.tag = Tag(name='tag') self.tag.save() # Make a simple credential self.cred = Cred(title='secret', username='******', password='******', group=self.group) self.cred.save() # Make a cred that'll be tagged self.tagcred = Cred(title='tagged', password='******', group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() # A cred that attempts script injection self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group ) self.injectcred.save() # A cred with markdown self.markdowncred = Cred( title='Markdown Cred', password='******', group=self.group, description='# Test', descriptionmarkdown=True, ) self.markdowncred.save() # Add a Unicode credential self.unicodecred = Cred( title='Unicode ‑ Cred', password='******', group=self.group, description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο', ) self.unicodecred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title='Viewed', password='******', group=self.group) self.viewedcred.save() self.changedcred = Cred(title='Changed', password='******', group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
from django.db import IntegrityError from staff.importloaders import keepass import django import os django.setup() res = keepass(open(os.getenv("RATTIC_KEEPASS_FILE"), "rb"), os.getenv("RATTIC_KEEPASS_PASSWORD")) owner_group = Group.objects.get(name=os.getenv("RATTIC_KEEPASS_GROUP")) print("=> import Tag") for tag_name in res.get("tags", []): try: Tag(name=tag_name).save() except IntegrityError as e: if e.message.endswith(" is not unique"): pass else: print(tag_name, e) except Exception as e: print(tag_name, e) print("=> import Entry") for entry in res.get("entries", []): try: kwargs = {} tags = [] for k, v in entry.items(): if k == "tags":
class TestData: def __init__(self): if settings.LDAP_ENABLED: self.getLDAPAuthData() else: self.setUpAuthData() self.setUpBasicData() def login(self, username, password): c = Client() loginurl = reverse("django.contrib.auth.views.login") c.post(loginurl, {"username": username, "password": password}) return c def getLDAPAuthData(self): self.norm = self.login(username="******", password="******") self.unorm = User.objects.get(username="******") self.normpass = "******" self.staff = self.login(username="******", password="******") self.ustaff = User.objects.get(username="******") self.nobody = self.login(username="******", password="******") self.unobody = User.objects.get(username="******") self.group = Group.objects.get(name="testgroup") self.othergroup = Group.objects.get(name="othergroup") def setUpAuthData(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.normpass = "******" self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.othergroup) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = self.login(username="******", password="******") self.staff = self.login(username="******", password="******") self.nobody = self.login(username="******", password="******") def setUpBasicData(self): self.tag = Tag(name="tag") self.tag.save() self.cred = Cred(title="secret", username="******", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() self.injectcred = Cred( title='<script>document.write("BADTITLE!")</script>Bold!', username='******', password='******', group=self.group, ) self.injectcred.save() self.markdowncred = Cred( title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True ) self.markdowncred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.viewedcred = Cred(title="Viewed", password="******", group=self.group) self.viewedcred.save() self.changedcred = Cred(title="Changed", password="******", group=self.group) self.changedcred.save() CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save() CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save() self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save()
class StaffViewTests(TestCase): def setUp(self): self.group = Group(name="testgroup") self.group.save() self.othergroup = Group(name="othergroup") self.othergroup.save() self.tag = Tag(name="tag") self.tag.save() self.unorm = User(username="******", email="*****@*****.**") self.unorm.set_password("password") self.unorm.save() self.unorm.groups.add(self.group) self.unorm.save() self.ustaff = User(username="******", email="*****@*****.**", is_staff=True) self.ustaff.set_password("password") self.ustaff.save() self.ustaff.groups.add(self.group) self.ustaff.save() self.unobody = User(username="******", email="*****@*****.**") self.unobody.set_password("password") self.unobody.save() self.norm = Client() self.norm.login(username="******", password="******") self.staff = Client() self.staff.login(username="******", password="******") self.nobody = Client() self.nobody.login(username="******", password="******") self.cred = Cred(title="secret", password="******", group=self.group) self.cred.save() self.tagcred = Cred(title="tagged", password="******", group=self.group) self.tagcred.save() self.tagcred.tags.add(self.tag) self.tagcred.save() CredChangeQ.objects.add_to_changeq(self.cred) self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff) self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff) self.logadd.save() self.logview.save() def test_home(self): resp = self.staff.get(reverse("staff.views.home")) self.assertEqual(resp.status_code, 200) userlist = resp.context["userlist"] grouplist = resp.context["grouplist"] self.assertIn(self.unorm, userlist) self.assertIn(self.ustaff, userlist) self.assertIn(self.unobody, userlist) self.assertIn(self.group, grouplist) self.assertIn(self.othergroup, grouplist) def test_view_trash(self): self.cred.is_deleted = True self.cred.save() resp = self.staff.get(reverse("staff.views.view_trash")) self.assertEqual(resp.status_code, 200) credlist = resp.context["credlist"].object_list self.assertIn(self.cred, credlist) self.assertNotIn(self.tagcred, credlist) def test_userdetail(self): resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["viewuser"] self.assertEqual(self.unobody.id, user.id) def test_groupadd(self): resp = self.staff.get(reverse("staff.views.groupadd")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["name"] = "Test Group" resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True) self.assertEqual(resp.status_code, 200) newgroup = Group.objects.get(name="Test Group") def test_groupdetail(self): resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,))) self.assertEqual(resp.status_code, 200) group = resp.context["group"] self.assertEqual(self.group.id, group.id) def test_groupdelete(self): resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,))) self.assertEqual(resp.status_code, 200) group = resp.context["group"] self.assertEqual(self.othergroup.id, group.id) resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True) with self.assertRaises(Group.DoesNotExist): delgroup = Group.objects.get(id=self.othergroup.id) def test_userdelete(self): resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["viewuser"] self.assertEqual(self.unobody.id, user.id) resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True) self.assertEqual(resp.status_code, 200) with self.assertRaises(User.DoesNotExist): deluser = User.objects.get(id=self.unobody.id) def test_audit_by_cred(self): resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,))) self.assertEqual(resp.status_code, 200) cred = resp.context["cred"] loglist = resp.context["logs"].object_list self.assertEqual(self.cred.id, cred.id) self.assertEqual(resp.context["type"], "cred") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_audit_by_user(self): resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,))) self.assertEqual(resp.status_code, 200) user = resp.context["loguser"] loglist = resp.context["logs"].object_list self.assertEqual(self.ustaff.id, user.id) self.assertEqual(resp.context["type"], "user") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_audit_by_days(self): resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,))) self.assertEqual(resp.status_code, 200) days_ago = resp.context["days_ago"] loglist = resp.context["logs"].object_list self.assertEqual(int(days_ago), 2) self.assertEqual(resp.context["type"], "time") self.assertIn(self.logadd, loglist) self.assertIn(self.logview, loglist) def test_NewUser(self): resp = self.staff.get(reverse("user_add")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["username"] = "******" post["email"] = "*****@*****.**" post["groups"] = self.othergroup.id post["newpass"] = "******" post["confirmpass"] = "******" resp = self.staff.post(reverse("user_add"), post, follow=True) with self.assertRaises(KeyError): print resp.context["form"].errors self.assertEqual(resp.status_code, 200) newuser = User.objects.get(username="******") self.assertEqual(newuser.email, "*****@*****.**") self.assertTrue(newuser.check_password("crazypass")) self.assertIn(self.othergroup, newuser.groups.all()) self.assertNotIn(self.group, newuser.groups.all()) def test_UpdateUser(self): resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,))) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["email"] = "*****@*****.**" post["newpass"] = "******" post["confirmpass"] = "******" resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True) self.assertEqual(resp.status_code, 200) newuser = User.objects.get(id=self.unobody.id) self.assertEqual(newuser.email, "*****@*****.**") self.assertTrue(newuser.check_password("differentpass")) def test_import_from_keepass(self): gp = Group(name="KeepassImportTest") gp.save() self.ustaff.groups.add(gp) self.ustaff.save() resp = self.staff.get(reverse("staff.views.import_from_keepass")) self.assertEqual(resp.status_code, 200) form = resp.context["form"] post = {} for i in form: if i.value() is not None: post[i.name] = i.value() post["password"] = "******" post["group"] = gp.id with open("docs/keepass/test2.kdb") as fp: post["file"] = fp resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True) self.assertEqual(resp.status_code, 200) newcred = Cred.objects.get(title="Google", group=gp) self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK") self.assertEqual(newcred.tags.all()[0].name, "Internet") def test_credundelete(self): self.cred.delete() resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,))) self.assertEqual(resp.status_code, 200) self.assertEqual(resp.context["cred"], self.cred) resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True) self.assertEqual(resp.status_code, 200) cred = Cred.objects.get(id=self.cred.id) self.assertFalse(cred.is_deleted)