def data_maker_for____TestAuthAPI___get_inside_criteria(session):
yield models.Org(
org_id='o1',
inside_filter_asns=[
models.InsideFilterASN(asn=12),
models.InsideFilterASN(asn=34)
],
inside_filter_ccs=[
models.InsideFilterCC(cc='PL'),
models.InsideFilterCC(cc=u'US')
],
inside_filter_fqdns=[
models.InsideFilterFQDN(fqdn='example.com'),
models.InsideFilterFQDN(fqdn=u'xyz.example.net')
],
inside_filter_ip_networks=[
models.InsideFilterIPNetwork(ip_network='1.2.3.4/16'),
models.InsideFilterIPNetwork(ip_network=u'101.102.103.104/32')
],
inside_filter_urls=[
models.InsideFilterURL(url='exp.pl'),
models.InsideFilterURL(url=u'bank.pl/auth.php'),
models.InsideFilterURL(url=u'Łódź')
])
yield models.Org(org_id='o2',
inside_filter_asns=[models.InsideFilterASN(asn=1234567)])
yield models.Org(
org_id='o3',
inside_filter_fqdns=[models.InsideFilterFQDN(fqdn='example.org')])
yield models.Org(org_id='o4')
yield models.Org(
org_id='abcdefghijklmnoabcdefghijklmno12',
inside_filter_fqdns=[models.InsideFilterFQDN(fqdn='example.org')])
def _get_mocked_db_state(self):
# * users:
test_user = models.User(login=TEST_USER)
admin_user = models.User(login=ADMIN_USER)
regular_user = models.User(login=REGULAR_USER)
# * components:
regular_comp = models.Component(login=REGULAR_COMPONENT)
privileged_comp = models.Component(login=PRIVILEGED_COMPONENT)
# (a special case: for any username that is present in the
# `StreamApiBrokerAuthManager.EXPLICITLY_ILLEGAL_USERNAMES`
# collection, in particular for the 'guest' username, access
# will always be *denied* -- even if a matching record, such
# as the following one, exists in the Auth DB)
comp_whose_login_is_illegal_username = models.Component(login=GUEST_USERNAME)
# * system groups:
admins_group = models.SystemGroup(name=ADMINS_GROUP)
# * organizations:
org1 = models.Org(org_id=ORG1)
org2 = models.Org(org_id=ORG2)
# * relations:
admins_group.users.append(admin_user)
# noinspection PyUnresolvedReferences
org1.users.append(test_user)
# noinspection PyUnresolvedReferences
org2.users.extend([admin_user, regular_user])
# * whole DB state:
db = {
'user': [test_user, admin_user, regular_user],
'component': [regular_comp, privileged_comp, comp_whose_login_is_illegal_username],
'system_group': [admins_group],
'org': [org1, org2],
}
return db
def data_maker_for____TestAuthAPI__get_user_ids_to_org_ids(session):
yield models.Org(org_id='o1',
users=[
models.User(login='******'),
models.User(login='******')
])
yield models.Org(org_id='o2', users=[models.User(login='******')])
yield models.Org(org_id='o3', users=[models.User(login='******')])
yield models.Org(org_id='o4',
users=[
models.User(login='******'),
models.User(login='******')
])
yield models.Org(org_id='o42')
def data_maker_for____TestAuthAPI__get_stream_api_disabled_org_ids(session):
yield models.Org(org_id='o1', stream_api_enabled=True)
yield models.Org(org_id='o2', stream_api_enabled=False)
yield models.Org(org_id='o3')
yield models.Org(org_id='o4', stream_api_enabled=False)
yield models.Org(org_id='o5', stream_api_enabled=True)
yield models.Org(org_id='o6')
def create_org_and_user_according_to_registration_request(self, req_id):
req = self._get_by_primary_key(models.RegistrationRequest, req_id)
assert isinstance(req, models.RegistrationRequest)
email_notification_enabled = bool(req.email_notification_addresses)
email_notification_time_values = (
list(self._NEW_ORG_EMAIL_NOTIFICATION_TIME_INITIAL_VALUES)
if email_notification_enabled
else [])
# noinspection PyArgumentList
new_user = models.User(login=req.email)
# noinspection PyArgumentList
new_org = models.Org(
org_id=req.org_id,
actual_name=req.actual_name,
org_groups=[req.org_group],
users=[new_user],
access_to_inside=self._NEW_ORG_ACCESS_TO_INSIDE_VALUE,
access_to_threats=self._NEW_ORG_ACCESS_TO_THREATS_VALUE,
email_notification_enabled=email_notification_enabled,
email_notification_addresses=[
models.EMailNotificationAddress.from_value(obj.email)
for obj in req.email_notification_addresses],
email_notification_times=[
models.EMailNotificationTime.from_value(notification_time)
for notification_time in email_notification_time_values],
email_notification_language=req.email_notification_language,
inside_filter_asns=[
models.InsideFilterASN.from_value(obj.asn)
for obj in req.asns],
inside_filter_fqdns=[
models.InsideFilterFQDN.from_value(obj.fqdn)
for obj in req.fqdns],
inside_filter_ip_networks=[
models.InsideFilterIPNetwork.from_value(obj.ip_network)
for obj in req.ip_networks])
self._db_session.add(new_org)
self._db_session.flush()
def data_maker(session):
criteria_category_bots = session.query(models.CriteriaCategory).filter(
models.CriteriaCategory.category == 'bots').one()
yield models.CriteriaContainer(
label='crit1', criteria_categories=[criteria_category_bots])
yield models.Org(
org_id='o1',
actual_name='Actual Name Zażółć',
email_notification_enabled=True,
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
],
org_groups=[
models.OrgGroup(org_group_id='og1',
comment=u'Oh! Zażółć \U0001f340'),
],
users=[
models.User(login='******'),
models.User(login='******', password='******'),
models.User(login='******', is_blocked=True),
])
def _data_matching_those_from_auth_related_test_helpers(session):
### (see: n6lib.auth_related_test_helpers)
# criteria containers
criteria_category_bots = session.query(models.CriteriaCategory).filter(
models.CriteriaCategory.category == 'bots').one()
criteria_category_cnc = session.query(models.CriteriaCategory).filter(
models.CriteriaCategory.category == 'cnc').one()
cri1 = models.CriteriaContainer(
label='cri1',
criteria_asns=[
models.CriteriaASN(asn=1),
models.CriteriaASN(asn=2),
models.CriteriaASN(asn=3)
],
criteria_ip_networks=[
models.CriteriaIPNetwork(ip_network='10.0.0.0/8'),
models.CriteriaIPNetwork(ip_network='192.168.0.0/24')
])
cri2 = models.CriteriaContainer(label='cri2',
criteria_asns=[
models.CriteriaASN(asn=3),
models.CriteriaASN(asn=4),
models.CriteriaASN(asn=5)
])
cri3 = models.CriteriaContainer(label='cri3',
criteria_ccs=[models.CriteriaCC(cc='PL')])
cri4 = models.CriteriaContainer(
label='cri4',
criteria_categories=[criteria_category_bots, criteria_category_cnc])
cri5 = models.CriteriaContainer(
label='cri5', criteria_names=[models.CriteriaName(name='foo')])
cri6 = models.CriteriaContainer(label='cri6')
# sources
s1 = models.Source(source_id='source.one',
anonymized_source_id='anon-source.one')
s2 = models.Source(source_id='source.two',
anonymized_source_id='anon-source.two')
s3 = models.Source(source_id='xyz.some-other',
anonymized_source_id='anon-xyz.some-other')
# subsources
p1 = models.Subsource(label='p1',
source=s1,
inclusion_criteria=[cri1],
exclusion_criteria=[])
p2 = models.Subsource(label='p2',
source=s1,
inclusion_criteria=[cri1, cri2],
exclusion_criteria=[cri6])
p3 = models.Subsource(label='p3', source=s1)
p4 = models.Subsource(label='p4',
source=s2,
inclusion_criteria=[cri5],
exclusion_criteria=[cri3, cri4, cri5, cri6])
p5 = models.Subsource(label='p5',
source=s2,
inclusion_criteria=[cri4, cri5, cri6])
p6 = models.Subsource(label='p6',
source=s2,
inclusion_criteria=[cri6],
exclusion_criteria=[])
p7 = models.Subsource(label='p7',
source=s3,
exclusion_criteria=[cri3, cri6])
p8 = models.Subsource(label='p8',
source=s3,
exclusion_criteria=[cri3, cri6])
p9 = models.Subsource(label='p9',
source=s3,
exclusion_criteria=[cri3, cri6])
# subsource groups
gp1 = models.SubsourceGroup(label='gp1', subsources=[p1, p2])
gp2 = models.SubsourceGroup(label='gp2', subsources=[p3, p4])
gp3 = models.SubsourceGroup(label='gp3', subsources=[p1, p3, p7, p9])
gp4 = models.SubsourceGroup(label='gp4', subsources=[p6])
gp5 = models.SubsourceGroup(label='gp5', subsources=[p7])
gp6 = models.SubsourceGroup(label='gp6', subsources=[p8])
gp7 = models.SubsourceGroup(label='gp7')
gp8 = models.SubsourceGroup(label='gp8', subsources=[p9])
# org groups
go1 = models.OrgGroup(
org_group_id='go1',
inside_subsources=[p2, p5],
inside_subsource_groups=[gp2],
search_subsources=[p8],
search_subsource_groups=[gp6],
threats_subsources=[p2, p5],
threats_subsource_groups=[gp2],
)
go2 = models.OrgGroup(
org_group_id='go2',
inside_subsources=[p1, p3],
inside_subsource_groups=[gp4],
search_subsources=[],
threats_subsources=[p1, p3],
threats_subsource_groups=[gp4],
)
go3 = models.OrgGroup(
org_group_id='go3',
inside_subsources=[p6],
inside_subsource_groups=[],
threats_subsources=[p6],
)
go4 = models.OrgGroup(
org_group_id='go4',
search_subsources=[],
search_subsource_groups=[],
)
go5 = models.OrgGroup(
org_group_id='go5',
inside_subsources=[p1, p2, p5, p6],
inside_subsource_groups=[gp2, gp3, gp4, gp7],
search_subsources=[p1, p2, p5, p6],
search_subsource_groups=[gp2, gp3, gp4, gp7],
threats_subsources=[p1, p2, p5, p6],
threats_subsource_groups=[gp2, gp3, gp4, gp7],
)
# orgs
o1 = models.Org(
org_id='o1',
actual_name=u'Actual Name Zażółć',
org_groups=[go1],
full_access=True,
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=True,
inside_subsources=[],
inside_subsource_groups=[gp1, gp3, gp7],
inside_off_subsources=[],
inside_off_subsource_groups=[],
access_to_search=True,
search_subsources=[p2],
search_off_subsources=[p2],
search_off_subsource_groups=[gp2, gp6],
access_to_threats=True,
threats_subsources=[],
threats_subsource_groups=[gp1, gp3, gp7],
threats_off_subsources=[],
threats_off_subsource_groups=[gp2],
)
o2 = models.Org(
org_id='o2',
org_groups=[go1, go3],
full_access=False,
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=False,
inside_subsources=[p7, p9],
inside_subsource_groups=[],
access_to_search=True,
search_off_subsources=[p5, p8],
search_off_subsource_groups=[gp3],
access_to_threats=True,
threats_subsources=[p7, p9],
threats_subsource_groups=[],
threats_off_subsources=[p5],
threats_off_subsource_groups=[gp3],
)
o3 = models.Org(
org_id='o3',
org_groups=[go2, go3],
full_access=False,
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=True,
inside_subsources=[p2],
access_to_search=True,
access_to_threats=True,
threats_subsources=[p2],
threats_off_subsource_groups=[gp1],
)
o4 = models.Org(
org_id='o4',
org_groups=[go2],
full_access=False,
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=True,
inside_subsources=[p5],
inside_off_subsource_groups=[gp8],
access_to_search=True,
search_subsources=[p2, p6, p8],
search_subsource_groups=[gp4, gp5, gp8],
search_off_subsources=[p6],
search_off_subsource_groups=[gp5, gp6, gp8],
access_to_threats=True,
threats_subsources=[p5],
threats_off_subsources=[p6],
threats_off_subsource_groups=[gp5],
)
o5 = models.Org(
org_id='o5',
actual_name='Actual Name Five',
org_groups=[],
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=True,
inside_subsources=[p4],
inside_subsource_groups=[gp1, gp5, gp8],
inside_off_subsource_groups=[gp8],
access_to_search=True,
search_subsources=[],
search_subsource_groups=[],
search_off_subsources=[],
search_off_subsource_groups=[],
access_to_threats=True,
threats_subsources=[p4],
threats_subsource_groups=[gp1, gp5, gp8],
threats_off_subsources=[p2, p6],
threats_off_subsource_groups=[gp4, gp5],
)
o6 = models.Org(
org_id='o6',
org_groups=[go4],
full_access=True,
stream_api_enabled=True,
email_notification_enabled=True,
access_to_inside=True,
access_to_search=False,
search_subsources=[p2, p4, p6],
search_subsource_groups=[gp4, gp5, gp6, gp8],
search_off_subsource_groups=[gp2, gp6],
access_to_threats=False,
)
o7 = models.Org(
org_id='o7',
full_access=False,
stream_api_enabled=False,
email_notification_enabled=False,
access_to_inside=True,
inside_subsources=[p5, p6],
inside_subsource_groups=[gp1, gp5, gp8],
inside_off_subsources=[p9],
access_to_search=True,
search_subsources=[p5, p6],
search_subsource_groups=[gp1, gp5, gp6, gp8],
search_off_subsource_groups=[gp6],
access_to_threats=True,
threats_subsources=[p5, p6],
threats_subsource_groups=[gp1, gp5, gp8],
threats_off_subsources=[p1, p7],
threats_off_subsource_groups=[gp4],
)
o8 = models.Org(
org_id='o8',
stream_api_enabled=False,
email_notification_enabled=False,
access_to_inside=True,
inside_subsources=[p4],
inside_subsource_groups=[gp1, gp5, gp8],
inside_off_subsource_groups=[gp8],
access_to_search=False,
access_to_threats=True,
threats_subsources=[p4],
threats_subsource_groups=[gp1, gp5, gp8],
threats_off_subsources=[p2, p6],
threats_off_subsource_groups=[gp4, gp5],
)
o9 = models.Org(
org_id='o9',
actual_name='Actual Name Nine',
stream_api_enabled=False,
access_to_inside=True,
inside_subsources=[p4],
inside_subsource_groups=[gp1, gp5, gp8],
inside_off_subsource_groups=[gp8],
access_to_threats=True,
threats_subsources=[p4],
threats_subsource_groups=[gp1, gp5, gp8],
threats_off_subsources=[p2, p6],
threats_off_subsource_groups=[gp4, gp5],
)
o10 = models.Org(
org_id='o10',
access_to_inside=True,
inside_subsources=[p4],
inside_subsource_groups=[gp1, gp5, gp8],
inside_off_subsource_groups=[gp8],
access_to_threats=True,
threats_subsources=[p4],
threats_subsource_groups=[gp1, gp5, gp8],
threats_off_subsources=[p2, p6],
threats_off_subsource_groups=[gp4, gp5],
)
o11 = models.Org(
org_id='o11',
access_to_inside=True,
access_to_threats=True,
)
o12 = models.Org(
org_id='o12',
org_groups=[go1],
full_access=False,
stream_api_enabled=True,
email_notification_enabled=True,
inside_subsources=[p1],
search_subsources=[p1],
search_off_subsources=[p8],
search_off_subsource_groups=[gp6],
threats_subsources=[p1],
)
return [
cri1,
cri2,
cri3,
cri4,
cri5,
cri6,
s1,
s2,
s3,
p1,
p2,
p3,
p4,
p5,
p6,
p7,
p8,
p9,
gp1,
gp2,
gp3,
gp4,
gp5,
gp6,
gp7,
gp8,
go1,
go2,
go3,
go4,
go5,
o1,
o2,
o3,
o4,
o5,
o6,
o7,
o8,
o9,
o10,
o11,
o12,
]
def data_maker_for____TestAuthAPI__get_org_ids_to_notification_configs(
session):
yield models.Org(
org_id='o1',
email_notification_enabled=True,
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
models.EMailNotificationAddress(email='*****@*****.**'),
],
email_notification_times=[
models.EMailNotificationTime(notification_time=dt.time(12)),
models.EMailNotificationTime(notification_time=dt.time(9, 15)),
],
stream_api_enabled=False)
yield models.Org(
org_id='o2',
actual_name='testname2',
email_notification_enabled=True,
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
],
email_notification_times=[
models.EMailNotificationTime(notification_time=dt.time(9, 15)),
models.EMailNotificationTime(notification_time=dt.time(12)),
],
email_notification_language='PL',
email_notification_business_days_only=False,
)
yield models.Org(
org_id='o3',
actual_name='testname3',
email_notification_enabled=True,
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
models.EMailNotificationAddress(email='*****@*****.**'),
],
email_notification_times=[
models.EMailNotificationTime(notification_time=dt.time(10, 15)),
models.EMailNotificationTime(notification_time=dt.time(13)),
],
email_notification_language='en',
email_notification_business_days_only=True,
stream_api_enabled=True)
yield models.Org(
org_id='o4',
email_notification_enabled=False,
email_notification_times=[
models.EMailNotificationTime(notification_time=dt.time(9, 15)),
models.EMailNotificationTime(notification_time=dt.time(12)),
],
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
])
yield models.Org(
org_id='o5',
actual_name='testname5',
email_notification_enabled=True,
email_notification_addresses=[
models.EMailNotificationAddress(email='*****@*****.**'),
],
email_notification_times=[
models.EMailNotificationTime(notification_time=dt.time(12)),
models.EMailNotificationTime(notification_time=dt.time(9, 15)),
],
stream_api_enabled=True)
def data_maker_for____TestAuthAPI__get_org_ids(session):
yield models.Org(org_id='o1')
yield models.Org(org_id='o2')
yield models.Org(org_id='o3')
yield models.Org(org_id='o4')
def data_maker(session):
o1 = models.Org(org_id='o1')
o2 = models.Org(org_id='o2')
o3 = models.Org(org_id='o3')
u1 = models.User(
login='******',
password=models.User.get_password_hash_or_none('qwe123'),
org=o1,
)
u2 = models.User(
login='******',
# `password` omitted -> NULL
org=o1,
)
u3 = models.User(
login='******',
password=None, # `password` explicitly specified as NULL
org=o1,
)
u4 = models.User(
login='******',
password='', # `password` empty!
org=o1,
)
u5 = models.User(
login='******',
password='******', # `password` unhashed!
org=o1,
)
u6 = models.User(
login='******',
password=models.User.get_password_hash_or_none('qwe123'),
org=o1,
)
u7 = models.User(
login='******',
password=models.User.get_password_hash_or_none('qwe123'),
org=o2,
)
u8 = models.User(
login='******',
password=models.User.get_password_hash_or_none('kukuRyQu'),
org=o2,
)
u9 = models.User(
login='******',
password=models.User.get_password_hash_or_none('qwe123'),
is_blocked=True,
org=o1,
)
u10 = models.User(
login='******',
password=models.User.get_password_hash_or_none('qwe123'),
is_blocked=True,
org=o3,
)
return [
o1,
o2,
o3,
u1,
u2,
u3,
u4,
u5,
u6,
u7,
u8,
u9,
u10,
]