async def test_create_certif_too_old(alice, alice_backend_sock):
now = pendulum.now()
# Generate a certificate
realm_id = RealmID.from_hex("C0000000000000000000000000000000")
certif = RealmRoleCertificateContent.build_realm_root_certif(
author=alice.device_id, timestamp=now,
realm_id=realm_id).dump_and_sign(alice.signing_key)
# Create a realm a tiny bit too late
later = now.add(seconds=BALLPARK_CLIENT_LATE_OFFSET)
with freeze_time(later):
rep = await realm_create(alice_backend_sock, certif)
assert rep == {
"status": "bad_timestamp",
"backend_timestamp": later,
"ballpark_client_early_offset": BALLPARK_CLIENT_EARLY_OFFSET,
"ballpark_client_late_offset": BALLPARK_CLIENT_LATE_OFFSET,
"client_timestamp": now,
}
# Create a realm late but right before the deadline
later = now.add(seconds=BALLPARK_CLIENT_LATE_OFFSET, microseconds=-1)
with freeze_time(later):
rep = await realm_create(alice_backend_sock, certif)
assert rep["status"] == "ok"
# Generate a new certificate
realm_id = RealmID.from_hex("C0000000000000000000000000000001")
certif = RealmRoleCertificateContent.build_realm_root_certif(
author=alice.device_id, timestamp=now,
realm_id=realm_id).dump_and_sign(alice.signing_key)
# Create a realm a tiny bit too soon
sooner = now.subtract(seconds=BALLPARK_CLIENT_EARLY_OFFSET)
with freeze_time(sooner):
rep = await realm_create(alice_backend_sock, certif)
assert rep == {
"status": "bad_timestamp",
"backend_timestamp": sooner,
"ballpark_client_early_offset": BALLPARK_CLIENT_EARLY_OFFSET,
"ballpark_client_late_offset": BALLPARK_CLIENT_LATE_OFFSET,
"client_timestamp": now,
}
# Create a realm soon but after the limit
sooner = now.subtract(seconds=BALLPARK_CLIENT_EARLY_OFFSET,
microseconds=-1)
with freeze_time(sooner):
rep = await realm_create(alice_backend_sock, certif)
assert rep["status"] == "ok"
async def _test_create_ok(backend, device, device_backend_sock):
await events_subscribe(device_backend_sock)
realm_id = RealmID.from_hex("C0000000000000000000000000000000")
certif = RealmRoleCertificateContent.build_realm_root_certif(
author=device.device_id, timestamp=pendulum.now(),
realm_id=realm_id).dump_and_sign(device.signing_key)
with backend.event_bus.listen() as spy:
rep = await realm_create(device_backend_sock, certif)
assert rep == {"status": "ok"}
await spy.wait_with_timeout(BackendEvent.REALM_ROLES_UPDATED)
async def test_create_invalid_certif(bob, alice_backend_sock):
realm_id = RealmID.from_hex("C0000000000000000000000000000000")
certif = RealmRoleCertificateContent.build_realm_root_certif(
author=bob.device_id, timestamp=pendulum.now(),
realm_id=realm_id).dump_and_sign(bob.signing_key)
rep = await realm_create(alice_backend_sock, certif)
assert rep == {
"status": "invalid_certification",
"reason":
"Invalid certification data (Signature was forged or corrupt).",
}
async def test_create_certif_role_not_owner(alice, alice_backend_sock):
realm_id = RealmID.from_hex("C0000000000000000000000000000000")
certif = RealmRoleCertificateContent(
author=alice.device_id,
timestamp=pendulum.now(),
realm_id=realm_id,
user_id=alice.user_id,
role=RealmRole.MANAGER,
).dump_and_sign(alice.signing_key)
rep = await realm_create(alice_backend_sock, certif)
assert rep == {
"status": "invalid_data",
"reason": "Initial realm role certificate must set OWNER role.",
}
# Parsec Cloud (https://parsec.cloud) Copyright (c) AGPLv3 2016-2021 Scille SAS
import pytest
from pendulum import datetime
from unittest.mock import ANY
from parsec.api.protocol import VlobID, RealmID, RealmRole
from parsec.api.data import RealmRoleCertificateContent, UserProfile
from parsec.backend.realm import RealmGrantedRole
from tests.common import freeze_time, customize_fixtures
from tests.backend.common import realm_update_roles, realm_get_role_certificates, vlob_create
NOW = datetime(2000, 1, 1)
VLOB_ID = VlobID.from_hex("00000000000000000000000000000001")
REALM_ID = RealmID.from_hex("0000000000000000000000000000000A")
@pytest.mark.trio
async def test_get_roles_not_found(alice_backend_sock):
rep = await realm_get_role_certificates(alice_backend_sock, REALM_ID)
assert rep == {
"status": "not_found",
"reason": "Realm `0000000000000000000000000000000a` doesn't exist",
}
async def _realm_get_clear_role_certifs(sock, realm_id):
rep = await realm_get_role_certificates(sock, realm_id)
assert rep["status"] == "ok"
cooked = [
async def test_vlobs_updated_event_realm_created_after_subscribe(
backend, alice_backend_sock, alice, alice2, realm_created_by_self):
realm_id = RealmID.from_hex("0000000000000000000000000000000A")
await events_subscribe(alice_backend_sock)
# New realm, should get events anyway
with backend.event_bus.listen() as spy:
realm_creator = alice if realm_created_by_self else alice2
# Create the realm
await backend.realm.create(
organization_id=realm_creator.organization_id,
self_granted_role=RealmGrantedRole(
realm_id=realm_id,
user_id=realm_creator.user_id,
certificate=b"<dummy>",
role=RealmRole.OWNER,
granted_by=realm_creator.device_id,
granted_on=datetime(2000, 1, 2),
),
)
# Create vlob in realm
await backend.vlob.create(
organization_id=realm_creator.organization_id,
author=realm_creator.device_id,
realm_id=realm_id,
encryption_revision=1,
vlob_id=VLOB_ID,
timestamp=NOW,
blob=b"v1",
)
# Update vlob in realm
await backend.vlob.update(
organization_id=alice2.organization_id,
author=alice2.device_id,
encryption_revision=1,
vlob_id=VLOB_ID,
version=2,
timestamp=NOW,
blob=b"v2",
)
# Wait for events to be processed by the backend
await spy.wait_multiple_with_timeout([
BackendEvent.REALM_ROLES_UPDATED,
BackendEvent.REALM_VLOBS_UPDATED,
BackendEvent.REALM_VLOBS_UPDATED,
])
# Realm access granted
rep = await events_listen_nowait(alice_backend_sock)
assert rep == {
"status": "ok",
"event": APIEvent.REALM_ROLES_UPDATED,
"realm_id": realm_id,
"role": RealmRole.OWNER,
}
# Create vlob in realm event
if not realm_created_by_self:
rep = await events_listen_nowait(alice_backend_sock)
assert rep == {
"status": "ok",
"event": APIEvent.REALM_VLOBS_UPDATED,
"realm_id": realm_id,
"checkpoint": 1,
"src_id": VLOB_ID,
"src_version": 1,
}
# Update vlob in realm event
rep = await events_listen_nowait(alice_backend_sock)
assert rep == {
"status": "ok",
"event": APIEvent.REALM_VLOBS_UPDATED,
"realm_id": realm_id,
"checkpoint": 2,
"src_id": VLOB_ID,
"src_version": 2,
}
rep = await events_listen_nowait(alice_backend_sock)
assert rep == {"status": "no_events"}
# Parsec Cloud (https://parsec.cloud) Copyright (c) AGPLv3 2016-2021 Scille SAS
import pytest
from parsec.api.protocol import RealmID, VlobID, BlockID
from tests.backend.common import realm_stats
from tests.backend.common import vlob_create, block_create
REALM_ID_FAKE = RealmID.from_hex("00000000-0000-0000-0000-000000000001")
@pytest.mark.trio
async def test_realm_stats_ok(alice_backend_sock, realm):
# Create new data
await block_create(alice_backend_sock,
realm_id=realm,
block_id=BlockID.new(),
block=b"1234")
rep = await realm_stats(alice_backend_sock, realm_id=realm)
assert rep == {"status": "ok", "blocks_size": 4, "vlobs_size": 0}
# Create new metadata
await vlob_create(alice_backend_sock,
realm_id=realm,
vlob_id=VlobID.new(),
blob=b"1234")
rep = await realm_stats(alice_backend_sock, realm_id=realm)
assert rep == {"status": "ok", "blocks_size": 4, "vlobs_size": 4}
async def bob_realm(backend, bob, realm_factory):
realm_id = RealmID.from_hex("C0000000000000000000000000000000")
return await realm_factory(backend, bob, realm_id, datetime(2000, 1, 2))
async def other_realm(backend, alice, realm_factory):
realm_id = RealmID.from_hex("B0000000000000000000000000000000")
return await realm_factory(backend, alice, realm_id, datetime(2000, 1, 2))
# Parsec Cloud (https://parsec.cloud) Copyright (c) AGPLv3 2016-2021 Scille SAS
import pytest
from pendulum import datetime
from parsec.api.data import RealmRoleCertificateContent
from parsec.api.protocol import VlobID, RealmID, RealmRole
from tests.backend.common import realm_update_roles, vlob_update, vlob_poll_changes
NOW = datetime(2000, 1, 3)
VLOB_ID = VlobID.from_hex("00000000000000000000000000000001")
OTHER_VLOB_ID = VlobID.from_hex("00000000000000000000000000000002")
YET_ANOTHER_VLOB_ID = VlobID.from_hex("00000000000000000000000000000003")
UNKNOWN_REALM_ID = RealmID.from_hex("0000000000000000000000000000000F")
@pytest.fixture
def realm_generate_certif_and_update_roles_or_fail(next_timestamp):
async def _realm_generate_certif_and_update_roles_or_fail(
backend_sock, author, realm_id, user_id, role
):
certif = RealmRoleCertificateContent(
author=author.device_id,
timestamp=next_timestamp(),
realm_id=realm_id,
user_id=user_id,
role=role,
).dump_and_sign(author.signing_key)
return await realm_update_roles(backend_sock, certif, check_rep=False)
