Exemple #1
0
    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #2
0
    def setUpBasicData(self):
        self.tag = Tag(name='tag')
        self.tag.save()

        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #3
0
    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #4
0
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.tag = Tag(name="tag")
        self.tag.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")
        self.nobody = Client()
        self.nobody.login(username="******", password="******")

        self.cred = Cred(title="secret", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #5
0
    def setUpBasicData(self):
        self.tag = Tag(name="tag")
        self.tag.save()

        self.cred = Cred(title="secret", username="******", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group,
        )
        self.injectcred.save()
        self.markdowncred = Cred(
            title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
        )
        self.markdowncred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #6
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def loginLDAP(self, username, password):
        c = Client()
        loginurl = reverse('django.contrib.auth.views.login')
        c.post(loginurl, {'username': username, 'password': password})

        return c

    def getLDAPAuthData(self):
        self.norm = self.loginLDAP(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.loginLDAP(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.loginLDAP(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username='******', password='******')
        self.staff = Client()
        self.staff.login(username='******', password='******')
        self.nobody = Client()
        self.nobody.login(username='******', password='******')

    def setUpBasicData(self):
        self.tag = Tag(name='tag')
        self.tag.save()

        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #7
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse('login')
        c.post(loginurl, {
            'auth-username': username,
            'auth-password': password,
            'rattic_tfa_login_view-current_step': 'auth',
        })

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.login(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.login(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = self.login(username='******', password='******')
        self.staff = self.login(username='******', password='******')
        self.nobody = self.login(username='******', password='******')

    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #8
0
from django.db import IntegrityError
from staff.importloaders import keepass
import django
import os

django.setup()

res = keepass(open(os.getenv("RATTIC_KEEPASS_FILE"), "rb"),
              os.getenv("RATTIC_KEEPASS_PASSWORD"))

owner_group = Group.objects.get(name=os.getenv("RATTIC_KEEPASS_GROUP"))

print("=> import Tag")
for tag_name in res.get("tags", []):
    try:
        Tag(name=tag_name).save()
    except IntegrityError as e:
        if e.message.endswith(" is not unique"):
            pass
        else:
            print(tag_name, e)
    except Exception as e:
        print(tag_name, e)

print("=> import Entry")
for entry in res.get("entries", []):
    try:
        kwargs = {}
        tags = []
        for k, v in entry.items():
            if k == "tags":
Exemple #9
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse("django.contrib.auth.views.login")
        c.post(loginurl, {"username": username, "password": password})

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username="******", password="******")
        self.unorm = User.objects.get(username="******")
        self.normpass = "******"

        self.staff = self.login(username="******", password="******")
        self.ustaff = User.objects.get(username="******")

        self.nobody = self.login(username="******", password="******")
        self.unobody = User.objects.get(username="******")

        self.group = Group.objects.get(name="testgroup")
        self.othergroup = Group.objects.get(name="othergroup")

    def setUpAuthData(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.normpass = "******"
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = self.login(username="******", password="******")
        self.staff = self.login(username="******", password="******")
        self.nobody = self.login(username="******", password="******")

    def setUpBasicData(self):
        self.tag = Tag(name="tag")
        self.tag.save()

        self.cred = Cred(title="secret", username="******", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group,
        )
        self.injectcred.save()
        self.markdowncred = Cred(
            title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
        )
        self.markdowncred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #10
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse('login')
        c.post(loginurl, {
            'auth-username': username,
            'auth-password': password,
            'rattic_tfa_login_view-current_step': 'auth',
        })

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.login(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.login(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = self.login(username='******', password='******')
        self.staff = self.login(username='******', password='******')
        self.nobody = self.login(username='******', password='******')

    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemple #11
0
class StaffViewTests(TestCase):
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.tag = Tag(name="tag")
        self.tag.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")
        self.nobody = Client()
        self.nobody.login(username="******", password="******")

        self.cred = Cred(title="secret", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()

    def test_home(self):
        resp = self.staff.get(reverse("staff.views.home"))
        self.assertEqual(resp.status_code, 200)
        userlist = resp.context["userlist"]
        grouplist = resp.context["grouplist"]
        self.assertIn(self.unorm, userlist)
        self.assertIn(self.ustaff, userlist)
        self.assertIn(self.unobody, userlist)
        self.assertIn(self.group, grouplist)
        self.assertIn(self.othergroup, grouplist)

    def test_view_trash(self):
        self.cred.is_deleted = True
        self.cred.save()
        resp = self.staff.get(reverse("staff.views.view_trash"))
        self.assertEqual(resp.status_code, 200)
        credlist = resp.context["credlist"].object_list
        self.assertIn(self.cred, credlist)
        self.assertNotIn(self.tagcred, credlist)

    def test_userdetail(self):
        resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["viewuser"]
        self.assertEqual(self.unobody.id, user.id)

    def test_groupadd(self):
        resp = self.staff.get(reverse("staff.views.groupadd"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["name"] = "Test Group"
        resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newgroup = Group.objects.get(name="Test Group")

    def test_groupdetail(self):
        resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,)))
        self.assertEqual(resp.status_code, 200)
        group = resp.context["group"]
        self.assertEqual(self.group.id, group.id)

    def test_groupdelete(self):
        resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,)))
        self.assertEqual(resp.status_code, 200)
        group = resp.context["group"]
        self.assertEqual(self.othergroup.id, group.id)
        resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True)
        with self.assertRaises(Group.DoesNotExist):
            delgroup = Group.objects.get(id=self.othergroup.id)

    def test_userdelete(self):
        resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["viewuser"]
        self.assertEqual(self.unobody.id, user.id)
        resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True)
        self.assertEqual(resp.status_code, 200)
        with self.assertRaises(User.DoesNotExist):
            deluser = User.objects.get(id=self.unobody.id)

    def test_audit_by_cred(self):
        resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,)))
        self.assertEqual(resp.status_code, 200)
        cred = resp.context["cred"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(self.cred.id, cred.id)
        self.assertEqual(resp.context["type"], "cred")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_audit_by_user(self):
        resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["loguser"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(self.ustaff.id, user.id)
        self.assertEqual(resp.context["type"], "user")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_audit_by_days(self):
        resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,)))
        self.assertEqual(resp.status_code, 200)
        days_ago = resp.context["days_ago"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(int(days_ago), 2)
        self.assertEqual(resp.context["type"], "time")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_NewUser(self):
        resp = self.staff.get(reverse("user_add"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["username"] = "******"
        post["email"] = "*****@*****.**"
        post["groups"] = self.othergroup.id
        post["newpass"] = "******"
        post["confirmpass"] = "******"
        resp = self.staff.post(reverse("user_add"), post, follow=True)
        with self.assertRaises(KeyError):
            print resp.context["form"].errors
        self.assertEqual(resp.status_code, 200)
        newuser = User.objects.get(username="******")
        self.assertEqual(newuser.email, "*****@*****.**")
        self.assertTrue(newuser.check_password("crazypass"))
        self.assertIn(self.othergroup, newuser.groups.all())
        self.assertNotIn(self.group, newuser.groups.all())

    def test_UpdateUser(self):
        resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["email"] = "*****@*****.**"
        post["newpass"] = "******"
        post["confirmpass"] = "******"
        resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newuser = User.objects.get(id=self.unobody.id)
        self.assertEqual(newuser.email, "*****@*****.**")
        self.assertTrue(newuser.check_password("differentpass"))

    def test_import_from_keepass(self):
        gp = Group(name="KeepassImportTest")
        gp.save()
        self.ustaff.groups.add(gp)
        self.ustaff.save()

        resp = self.staff.get(reverse("staff.views.import_from_keepass"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["password"] = "******"
        post["group"] = gp.id
        with open("docs/keepass/test2.kdb") as fp:
            post["file"] = fp
            resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newcred = Cred.objects.get(title="Google", group=gp)
        self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK")
        self.assertEqual(newcred.tags.all()[0].name, "Internet")

    def test_credundelete(self):
        self.cred.delete()
        resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,)))
        self.assertEqual(resp.status_code, 200)
        self.assertEqual(resp.context["cred"], self.cred)
        resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True)
        self.assertEqual(resp.status_code, 200)
        cred = Cred.objects.get(id=self.cred.id)
        self.assertFalse(cred.is_deleted)