def test_hard_deleted_model_propagates_to_store_record(self): """ It could be the case that we have two store records, one that is hard deleted and the other that has a fk pointing to the hard deleted record. When we deserialize, we want to ensure that the record with the fk pointer also gets the hard deleted flag set, while also not deserializing the data into a model. """ # user will be deleted user = MyUser(username='******') user.save(update_dirty_bit_to=False) # log may be synced in from other device log = SummaryLog(user_id=user.id) log.id = log.calculate_uuid() StoreModelFacilityFactory(model_name="user", id=user.id, serialized=json.dumps(user.serialize()), deleted=True, hard_deleted=True) StoreModelFacilityFactory(model_name="contentsummarylog", id=log.id, serialized=json.dumps(log.serialize())) # make sure delete propagates to store due to deleted foreign key self.mc.deserialize_from_store() # have to serialize to update deleted models self.mc.serialize_into_store() self.assertFalse(SummaryLog.objects.filter(id=log.id).exists()) self.assertTrue(Store.objects.get(id=log.id).hard_deleted)
def test_invalid_model_leaves_store_dirty_bit(self): user = MyUser(username='******' * 21) st = StoreModelFacilityFactory(model_name="user", id=uuid.uuid4().hex, serialized=json.dumps(user.serialize())) self.mc.deserialize_from_store() st.refresh_from_db() self.assertTrue(st.dirty_bit)
def test_store_hard_delete_propagates(self): user = MyUser(username='******') user.save(update_dirty_bit_to=False) log = SummaryLog(user=user) log.save(update_dirty_bit_to=False) StoreModelFacilityFactory(model_name="user", id=user.id, serialized=json.dumps(user.serialize()), hard_deleted=True, deleted=True) # make sure hard_deleted propagates to related models even if they are not hard_deleted self.mc.deserialize_from_store() self.assertTrue(HardDeletedModels.objects.filter(id=log.id).exists())
def test_regular_model_deserialization(self): # deserialization should be able to handle multiple records user = MyUser(username='******', password='******') user2 = MyUser(username='******', password='******') user.save(update_dirty_bit_to=False) user2.save(update_dirty_bit_to=False) user.username = '******' user2.username = '******' StoreModelFacilityFactory(id=user.id, serialized=json.dumps(user.serialize()), model_name="user") StoreModelFacilityFactory(id=user2.id, serialized=json.dumps(user2.serialize()), model_name="user") self.mc.deserialize_from_store() self.assertFalse(MyUser.objects.filter(username='******').exists()) self.assertFalse(MyUser.objects.filter(username='******').exists()) self.assertTrue(MyUser.objects.filter(username='******').exists()) self.assertTrue(MyUser.objects.filter(username='******').exists())
def _create_two_users_to_deserialize(self): user = MyUser(username="******", password="******") user2 = MyUser(username="******", password="******") user.save() user2.save() self.mc.serialize_into_store() user.username = "******" user2.username = "******" Store.objects.filter(id=user.id).update(serialized=json.dumps(user.serialize()), dirty_bit=True) Store.objects.filter(id=user2.id).update(serialized=json.dumps(user2.serialize()), dirty_bit=True) return user, user2
def setUp(self): self.user = MyUser(username="******") self.user.actual_password = "******" self.user.set_password(self.user.actual_password) self.user.save() self.superuser = MyUser(username="******", is_superuser=True) self.superuser.actual_password = "******" self.superuser.set_password(self.superuser.actual_password) self.superuser.save() self.fakeuser = MyUser(username="******") self.fakeuser.actual_password = "******" self.profile = "facilitydata" self.root_scope_def = ScopeDefinition.objects.create( id="rootcert", profile=self.profile, version=1, primary_scope_param_key="mainpartition", description="Root cert for ${mainpartition}.", read_filter_template="", write_filter_template="", read_write_filter_template="${mainpartition}", ) self.subset_scope_def = ScopeDefinition.objects.create( id="subcert", profile=self.profile, version=1, primary_scope_param_key="", description= "Subset cert under ${mainpartition} for ${subpartition}.", read_filter_template= "${mainpartition}:shared\n${mainpartition}:${subpartition}", write_filter_template="${mainpartition}:${subpartition}", read_write_filter_template="", ) self.root_cert1_with_key = Certificate.generate_root_certificate( self.root_scope_def.id) self.subset_cert1_without_key = Certificate( parent=self.root_cert1_with_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.root_cert1_with_key.id, "subpartition": "abracadabra" }), private_key=Key(), ) self.root_cert1_with_key.sign_certificate( self.subset_cert1_without_key) self.subset_cert1_without_key.save() self.sub_subset_cert1_with_key = Certificate( parent=self.subset_cert1_without_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=self.subset_cert1_without_key.scope_params, private_key=Key(), ) self.subset_cert1_without_key.sign_certificate( self.sub_subset_cert1_with_key) self.sub_subset_cert1_with_key.save() self.subset_cert1_without_key._private_key = None self.subset_cert1_without_key.save() self.root_cert2_without_key = Certificate.generate_root_certificate( self.root_scope_def.id) self.subset_cert2_with_key = Certificate( parent=self.root_cert2_without_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.root_cert2_without_key.id, "subpartition": "abracadabra" }), private_key=Key(), ) self.root_cert2_without_key.sign_certificate( self.subset_cert2_with_key) self.subset_cert2_with_key.save() self.root_cert2_without_key._private_key = None self.root_cert2_without_key.save() self.original_cert_count = Certificate.objects.count() self.sharedkey = SharedKey.get_or_create_shared_key() # create a root cert self.unsaved_root_cert = Certificate( scope_definition=self.root_scope_def, scope_version=self.root_scope_def.version, profile=self.profile, private_key=Key()) self.unsaved_root_cert.id = self.unsaved_root_cert.calculate_uuid() self.unsaved_root_cert.scope_params = json.dumps({ self.root_scope_def.primary_scope_param_key: self.unsaved_root_cert.id }) self.unsaved_root_cert.sign_certificate(self.unsaved_root_cert) # create a child cert self.unsaved_subset_cert = Certificate( parent=self.unsaved_root_cert, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.unsaved_root_cert.id, "subpartition": "hooplah" }), public_key=self.sharedkey.public_key, )
class CertificateTestCaseMixin(object): def setUp(self): self.user = MyUser(username="******") self.user.actual_password = "******" self.user.set_password(self.user.actual_password) self.user.save() self.superuser = MyUser(username="******", is_superuser=True) self.superuser.actual_password = "******" self.superuser.set_password(self.superuser.actual_password) self.superuser.save() self.fakeuser = MyUser(username="******") self.fakeuser.actual_password = "******" self.profile = "facilitydata" self.root_scope_def = ScopeDefinition.objects.create( id="rootcert", profile=self.profile, version=1, primary_scope_param_key="mainpartition", description="Root cert for ${mainpartition}.", read_filter_template="", write_filter_template="", read_write_filter_template="${mainpartition}", ) self.subset_scope_def = ScopeDefinition.objects.create( id="subcert", profile=self.profile, version=1, primary_scope_param_key="", description= "Subset cert under ${mainpartition} for ${subpartition}.", read_filter_template= "${mainpartition}:shared\n${mainpartition}:${subpartition}", write_filter_template="${mainpartition}:${subpartition}", read_write_filter_template="", ) self.root_cert1_with_key = Certificate.generate_root_certificate( self.root_scope_def.id) self.subset_cert1_without_key = Certificate( parent=self.root_cert1_with_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.root_cert1_with_key.id, "subpartition": "abracadabra" }), private_key=Key(), ) self.root_cert1_with_key.sign_certificate( self.subset_cert1_without_key) self.subset_cert1_without_key.save() self.sub_subset_cert1_with_key = Certificate( parent=self.subset_cert1_without_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=self.subset_cert1_without_key.scope_params, private_key=Key(), ) self.subset_cert1_without_key.sign_certificate( self.sub_subset_cert1_with_key) self.sub_subset_cert1_with_key.save() self.subset_cert1_without_key._private_key = None self.subset_cert1_without_key.save() self.root_cert2_without_key = Certificate.generate_root_certificate( self.root_scope_def.id) self.subset_cert2_with_key = Certificate( parent=self.root_cert2_without_key, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.root_cert2_without_key.id, "subpartition": "abracadabra" }), private_key=Key(), ) self.root_cert2_without_key.sign_certificate( self.subset_cert2_with_key) self.subset_cert2_with_key.save() self.root_cert2_without_key._private_key = None self.root_cert2_without_key.save() self.original_cert_count = Certificate.objects.count() self.sharedkey = SharedKey.get_or_create_shared_key() # create a root cert self.unsaved_root_cert = Certificate( scope_definition=self.root_scope_def, scope_version=self.root_scope_def.version, profile=self.profile, private_key=Key()) self.unsaved_root_cert.id = self.unsaved_root_cert.calculate_uuid() self.unsaved_root_cert.scope_params = json.dumps({ self.root_scope_def.primary_scope_param_key: self.unsaved_root_cert.id }) self.unsaved_root_cert.sign_certificate(self.unsaved_root_cert) # create a child cert self.unsaved_subset_cert = Certificate( parent=self.unsaved_root_cert, profile=self.profile, scope_definition=self.subset_scope_def, scope_version=self.subset_scope_def.version, scope_params=json.dumps({ "mainpartition": self.unsaved_root_cert.id, "subpartition": "hooplah" }), public_key=self.sharedkey.public_key, ) def make_cert_endpoint_request(self, params={}, method="GET"): fn = getattr(self.client, method.lower()) response = fn(reverse('certificates-list'), params, format='json') data = json.loads(response.content.decode()) return (response, data) def perform_basic_authentication(self, user): basic_auth_header = b'Basic ' + base64.encodestring( ("username=%s:%s" % (user.username, user.actual_password)).encode()) self.client.credentials(HTTP_AUTHORIZATION=basic_auth_header) def create_syncsession(self, client_certificate=None, server_certificate=None): if not client_certificate: client_certificate = self.sub_subset_cert1_with_key if not server_certificate: server_certificate = self.root_cert1_with_key # fetch a nonce value to use in creating the syncsession response = self.client.post(reverse('nonces-list'), {}, format='json') nonce = json.loads(response.content.decode())["id"] # prepare the data to send in the syncsession creation request data = { "id": uuid.uuid4().hex, "server_certificate_id": server_certificate.id, "client_certificate_id": client_certificate.id, "profile": client_certificate.profile, "certificate_chain": json.dumps( CertificateSerializer( client_certificate.get_ancestors(include_self=True), many=True).data), "connection_path": "http://127.0.0.1:8000", "instance": json.dumps( InstanceIDSerializer( InstanceIDModel.get_or_create_current_instance()[0]).data), "nonce": nonce, } # sign the nonce/ID combo to attach to the request data["signature"] = client_certificate.sign( "{nonce}:{id}".format(**data)) # make the API call to create the SyncSession response = self.client.post(reverse('syncsessions-list'), data, format='json') self.assertEqual(response.status_code, 201) return SyncSession.objects.get(id=data["id"]) def make_transfersession_creation_request(self, filter, push, syncsession=None, expected_status=201, expected_message=None, **kwargs): if not syncsession: syncsession = self.create_syncsession() data = { "id": uuid.uuid4().hex, "filter": filter, "push": push, "records_total": 0, "sync_session_id": syncsession.id, } # make the API call to attempt to create the TransferSession response = self.client.post(reverse('transfersessions-list'), data, format='json') self.assertEqual(response.status_code, expected_status) if expected_status == 201: # check that the syncsession was created transfersession = TransferSession.objects.get( id=json.loads(response.content.decode())["id"]) self.assertTrue(transfersession.active) else: # check that the syncsession was not created self.assertEqual(TransferSession.objects.count(), 0) if expected_message: self.assertIn(expected_message, response.content.decode()) return response