Esempio n. 1
0
    def test_gen_crypto_key(self):
        message = 'Mary had a little lamb.  Her doctors were astounded'
        action = 'lob_cheese'
        t = crypto.XsrfTokenManager.create_xsrf_token(message)

        secret = crypto.generate_transform_secret_from_xsrf_token(t, action)
        self.assertNotEqual(secret, message)
        self.assertNotEqual(secret, action)
        self.assertNotEqual(secret, t)
Esempio n. 2
0
    def test_gen_crypto_key(self):
        message = 'Mary had a little lamb.  Her doctors were astounded'
        action = 'lob_cheese'
        t = crypto.XsrfTokenManager.create_xsrf_token(message)

        secret = crypto.generate_transform_secret_from_xsrf_token(t, action)
        self.assertNotEqual(secret, message)
        self.assertNotEqual(secret, action)
        self.assertNotEqual(secret, t)
Esempio n. 3
0
    def test_use_crypto_key(self):
        action = 'lob_cheese'
        t = crypto.XsrfTokenManager.create_xsrf_token(action)
        secret = crypto.generate_transform_secret_from_xsrf_token(t, action)

        message = 'Mary had a little lamb.  Her doctors were astounded'
        e = crypto.EncryptionManager.encrypt(message, secret)
        d = crypto.EncryptionManager.decrypt(e, secret)

        self.assertEquals(d, message)
        self.assertNotEquals(e, d)
        self.assertNotEquals(e, secret)
Esempio n. 4
0
    def test_use_crypto_key(self):
        action = 'lob_cheese'
        t = crypto.XsrfTokenManager.create_xsrf_token(action)
        secret = crypto.generate_transform_secret_from_xsrf_token(t, action)

        message = 'Mary had a little lamb.  Her doctors were astounded'
        e = crypto.EncryptionManager.encrypt(message, secret)
        d = crypto.EncryptionManager.decrypt(e, secret)

        self.assertEquals(d, message)
        self.assertNotEquals(e, d)
        self.assertNotEquals(e, secret)
    def test_data_extraction(self):

        # Register a student and save some form values for that student
        student = self.register()

        entity = StudentFormEntity.load_or_default(student, 'form-0')
        entity.value = transforms.dumps({
            u'form_data': self.FORM_0_DATA})
        entity.put()

        entity = StudentFormEntity.load_or_default(student, u'form-1')
        entity.value = transforms.dumps({
            u'form_data': self.FORM_1_DATA})
        entity.put()

        entity = StudentFormEntity.load_or_default(student, u'form-2')
        entity.value = transforms.dumps({
            u'form_data': self.FORM_2_DATA})
        entity.put()

        # Log in as admin for the data query
        actions.logout()
        actions.login(ADMIN_EMAIL, is_admin=True)

        xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
            data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        pii_secret = crypto.generate_transform_secret_from_xsrf_token(
            xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        safe_user_id = crypto.hmac_sha_2_256_transform(
            pii_secret, student.user_id)

        response = self.get(
            'rest/data/questionnaire_responses/items?'
            'data_source_token=%s&page_number=0' % xsrf_token)
        data = transforms.loads(response.body)['data']

        self.assertEqual(3, len(data))

        for index in range(3):
            self.assertIn(safe_user_id, data[index]['user_id'])
            self.assertEqual('form-%s' % index, data[index]['questionnaire_id'])

        self.assertEqual(self.FORM_0_DATA, data[0]['form_data'])
        self.assertEqual(self.FORM_1_DATA, data[1]['form_data'])
        self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
    def test_data_extraction(self):

        # Register a student and save some form values for that student
        student = self.register()

        entity = StudentFormEntity.load_or_create(student, 'form-0')
        entity.value = transforms.dumps({u'form_data': self.FORM_0_DATA})
        entity.put()

        entity = StudentFormEntity.load_or_create(student, u'form-1')
        entity.value = transforms.dumps({u'form_data': self.FORM_1_DATA})
        entity.put()

        entity = StudentFormEntity.load_or_create(student, u'form-2')
        entity.value = transforms.dumps({u'form_data': self.FORM_2_DATA})
        entity.put()

        # Log in as admin for the data query
        actions.logout()
        actions.login(ADMIN_EMAIL, is_admin=True)

        xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
            data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        pii_secret = crypto.generate_transform_secret_from_xsrf_token(
            xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        safe_user_id = crypto.hmac_sha_2_256_transform(pii_secret,
                                                       student.user_id)

        response = self.get('rest/data/questionnaire_responses/items?'
                            'data_source_token=%s&page_number=0' % xsrf_token)
        data = transforms.loads(response.body)['data']

        self.assertEqual(3, len(data))

        for index in range(3):
            self.assertIn(safe_user_id, data[index]['user_id'])
            self.assertEqual('form-%s' % index,
                             data[index]['questionnaire_id'])

        self.assertEqual(self.FORM_0_DATA, data[0]['form_data'])
        self.assertEqual(self.FORM_1_DATA, data[1]['form_data'])
        self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
Esempio n. 7
0
    def test_data_source(self):

        # Register a student and give some feedback
        self.register_student()
        student = models.Student.get_enrolled_student_by_user(
            self.make_test_user(STUDENT_EMAIL))
        response = self.post_data(
            rating_int=2, additional_comments='Good lesson')
        self.assertEquals(200, response['status'])
        self.assertIn('Thank you for your feedback', response['message'])

        # Log in as admin for the data query
        actions.logout()
        actions.login(ADMIN_EMAIL, is_admin=True)

        xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
            data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        pii_secret = crypto.generate_transform_secret_from_xsrf_token(
            xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        safe_user_id = crypto.hmac_sha_2_256_transform(
            pii_secret, student.user_id)

        response = self.get(
            'rest/data/rating_events/items?'
            'data_source_token=%s&page_number=0' % xsrf_token)
        data = transforms.loads(response.body)['data']

        self.assertEqual(1, len(data))
        record = data[0]

        self.assertEqual(7, len(record))
        self.assertEqual(safe_user_id, record['user_id'])
        self.assertEqual('2', record['rating'])
        self.assertEqual('Good lesson', record['additional_comments'])
        self.assertEqual(
            '/rating_course/unit?unit=%s&lesson=%s' % (
                self.unit.unit_id, self.lesson.lesson_id),
            record['content_url'])
        self.assertEqual(str(self.unit.unit_id), record['unit_id'])
        self.assertEqual(str(self.lesson.lesson_id), record['lesson_id'])
        self.assertIn('recorded_on', record)
Esempio n. 8
0
    def test_data_source(self):

        # Register a student and give some feedback
        user = self.register_student()
        student = models.Student.get_enrolled_student_by_user(user)
        response = self.post_data(
            rating_int=2, additional_comments='Good lesson')
        self.assertEquals(200, response['status'])
        self.assertIn('Thank you for your feedback', response['message'])

        # Log in as admin for the data query
        actions.logout()
        actions.login(ADMIN_EMAIL, is_admin=True)

        xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
            data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        pii_secret = crypto.generate_transform_secret_from_xsrf_token(
            xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)

        safe_user_id = crypto.hmac_sha_2_256_transform(
            pii_secret, student.user_id)

        response = self.get(
            'rest/data/rating_events/items?'
            'data_source_token=%s&page_number=0' % xsrf_token)
        data = transforms.loads(response.body)['data']

        self.assertEqual(1, len(data))
        record = data[0]

        self.assertEqual(7, len(record))
        self.assertEqual(safe_user_id, record['user_id'])
        self.assertEqual('2', record['rating'])
        self.assertEqual('Good lesson', record['additional_comments'])
        self.assertEqual(
            '/rating_course/unit?unit=%s&lesson=%s' % (
                self.unit.unit_id, self.lesson.lesson_id),
            record['content_url'])
        self.assertEqual(str(self.unit.unit_id), record['unit_id'])
        self.assertEqual(str(self.lesson.lesson_id), record['lesson_id'])
        self.assertIn('recorded_on', record)
 def _build_secret(cls, params):
     data_source_token = params.get('data_source_token')
     return crypto.generate_transform_secret_from_xsrf_token(
         data_source_token,
         data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
 def _build_secret(cls, params):
     data_source_token = params.get('data_source_token')
     return crypto.generate_transform_secret_from_xsrf_token(
         data_source_token,
         data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)