コード例 #1
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_regen_invalid_keys(self):
     from MHLogin.KMS.shortcuts import regen_invalid_keys_for_users
     c = self.client
     cleartext = "I enjoy going to tax seminars."
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     user = authenticate(username='******', password='******')
     # verify we are logged in
     self.assertEqual(c.session['_auth_user_id'], user.id)
     opub = OwnerPublicKey.objects.get_pubkey(owner=user)
     # NOTE: encrypt_object leaks m._key but using that fact to test this for now
     msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
     # regen key (just regen don't re-encrypt object, for another test)
     regen_invalid_keys_for_users(msg, [user])
     msg_type = ContentType.objects.get_for_model(msg)
     EncryptedObject.objects.filter(object_type=msg_type,
                                    object_id=msg.id).delete()
     # simulate re-creation of encrypted objects and singleton cast to array
     regen_invalid_keys_for_users(msg, [user])
     # logout. cleanup
     response = c.logout()
     self.assertTrue('_auth_user_id' not in c.session)
コード例 #2
0
ファイル: utils.py プロジェクト: cnzhuran/mdcom
def save_voice_attachment(request, msg):
    wav_data, metadata = _download_recording(request)
    metadata = json.dumps(metadata)
    if (not wav_data):
        admin_email_body = ''.join([
            ('Answering service recording download failed on call SID '),
            request.REQUEST['CallSid'], ('. Since the automatic '),
            ('downloader hasn\'t been implemented yet, please go and'),
            ('manually deal with the message.\n\n'), settings.SERVER_ADDRESS
        ])
        admin_email_subject = _('Answering Service Message Download Failed')
        mail_admins(admin_email_subject, admin_email_body)
        return None
    attachment = encrypt_object(
        MessageAttachment, {
            'message': msg,
            'size': len(wav_data),
            'encrypted': True,
            'metadata': metadata
        })
    attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
    attachment.encrypt_filename(
        request, ''.join([
            'call_from_', request.session['ivr_makeRecording_callbacknumber'],
            '.mp3'
        ]))
    try:
        attachment.encrypt_file(request, [wav_data])
    except Exception as e:
        log = AnsSvcDLFailure(
            practice_id=request.session.get('practice_id', 0),
            error_message_uuid=msg.uuid,
            recording_url=request.session['ivr_makeRecording_recording'],
            callback_number=request.
            session['ivr_makeRecording_callbacknumber'],
            failure_type='UL',
        )
        log.init_from_post_data(request.REQUEST)
        log.save()
        admin_email_body = ''.join([
            ('Answering service recording upload failed on call SID '),
            request.REQUEST['CallSid'], ('. Since the automatic '),
            ('downloader hasn\'t been implemented yet, please go and'),
            ('manually deal with the message.\n\n'), settings.SERVER_ADDRESS,
            ('\n\nException: '),
            repr(e)
        ])
        admin_email_subject = _('Answering Service Message Upload Failed')
        mail_admins(admin_email_subject, admin_email_body)
        return None

    if (not USE_MP3):
        attachment.suffix = 'wav'
        attachment.content_type = 'audio/wav'
    else:
        attachment.suffix = 'mp3'
        attachment.content_type = 'audio/mp3'

    attachment.save()
    return attachment
コード例 #3
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_admin_API_shortcuts(self):
     # TODO: functions in this test to use common api from utils or shortcuts
     cleartext = "42: the answer to life the universe and everything."
     c = self.client
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     c.user = authenticate(username='******', password='******')
     c.user = MHLUser.objects.get(id=c.user.id)
     opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
     msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
     upriv = UserPrivateKey.objects.get_privkey(c.user, opub)
     # fetch something that shouldn't exist as encrypted data
     notthere = admin_decrypt_cipherkey(ADMIN_PASSWORD, c.user)
     self.assertTrue(notthere == None)
     clearkey1 = admin_decrypt_cipherkey(ADMIN_PASSWORD, msg)
     encobj = EncryptedObject.objects.get_object(msg, opub)
     # import upriv.privatekey with credentials and decrypt cipherkey
     clearkey2 = encobj.decrypt_cipherkey(upriv, get_user_key(c))
     self.assertTrue(clearkey1 == clearkey2)
     clearkey = admin_decrypt_cipherkey(ADMIN_PASSWORD, msg)
     cleartext2 = msg.decrypt(None, clearkey)
     self.assertTrue(cleartext == cleartext2)
コード例 #4
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
    def test_encrypt_object_withIVR(self):
        u = User.objects.get(username="******")
        opub = OwnerPublicKey.objects.get_pubkey(owner=u, keytype=RSA_IVR)
        m = encrypt_object(SecureTestMessage, {}, self.clear_text, opub)

        # Set up a fake request object.
        request = HttpRequest()
        request.session = dict()
        response = HttpResponse()
        request.user = u
        store_user_key(request, response, self.ivr_pin)
        request.COOKIES['ss'] = response.cookies['ss'].value

        m_get = SecureTestMessage.objects.get(pk=m.pk)
        m_body = decrypt_object(request, m_get, ivr=True)

        self.assertEqual(m_body, self.clear_text)

        # Set up a fake IVR request object.
        ivr_request = HttpRequest()
        ivr_request.session = dict()
        ivr_response = HttpResponse()
        ivr_request.user = u
        store_user_key(ivr_request, ivr_response, self.ivr_pin)
        ivr_request.COOKIES['ss'] = ivr_response.cookies['ss'].value

        ivr_m_get = SecureTestMessage.objects.get(pk=m.pk)
        ivr_m_body = decrypt_object(ivr_request, ivr_m_get, ivr=True)

        self.assertEqual(ivr_m_body, self.clear_text)
コード例 #5
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_gen_new_keys(self):
		cleartext = "A sql query walks in to a bar, approaches two tables and asks 'may I join you?'"
		c = self.client
		# after successful login should get re-direct to /
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		c.user = authenticate(username='******', password='******')
		c.user = MHLUser.objects.get(id=c.user.id)
		msg = encrypt_object(SecureTestMessage, {}, cleartext)
		gen_keys_for_users(msg, [c.user], None, c, ivr=True)
		generate_new_user_keys(c.user, 'monkey')
		c.user.set_password('monkey')
		c.user.save()
		# logout. cleanup
		response = c.logout()
		# simulate admin update invalid keys
		creds = strengthen_key(ADMIN_PASSWORD)
		admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
		reset_user_invalid_keys(MHLUser.objects.get(id=c.user.id), admin_rsa)
		# login with new password and verify we can decrypt message
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		c.user = authenticate(username='******', password='******')
		# verify we are logged in
		self.assertEqual(c.session['_auth_user_id'], c.user.id)
		decrypted_cleartext = decrypt_object(c, msg)
		self.assertEqual(decrypted_cleartext, cleartext)
		response = c.logout()
コード例 #6
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_static_reset(self):
		# new way will obsolete test_gen_new_keys when rm #2115 in
		cleartext = "We never really grow up, we only learn how to act in public."
		c = self.client
		# after successful login should get re-direct to /
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		c.user = authenticate(username='******', password='******')
		c.user = MHLUser.objects.get(id=c.user.id)
		opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
		msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
		c.user.set_password('gorilla')
		c.user.save()
		creds = strengthen_key(ADMIN_PASSWORD)
		admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
		privs = UserPrivateKey.objects.filter(user=c.user, credtype=CRED_WEBAPP)
		reset_keys(privs, admin_rsa, 'gorilla')
		c.logout()
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		decrypted_cleartext = decrypt_object(c, msg)
		self.assertEqual(decrypted_cleartext, cleartext)
		msg.id += 1
		with self.assertRaises(KeyInvalidException):
			decrypt_object(c, msg)
		response = c.logout()
コード例 #7
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_static_reset(self):
     # new way will obsolete test_gen_new_keys when rm #2115 in
     cleartext = "We never really grow up, we only learn how to act in public."
     c = self.client
     # after successful login should get re-direct to /
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     c.user = authenticate(username='******', password='******')
     c.user = MHLUser.objects.get(id=c.user.id)
     opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
     msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
     c.user.set_password('gorilla')
     c.user.save()
     creds = strengthen_key(ADMIN_PASSWORD)
     admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
     privs = UserPrivateKey.objects.filter(user=c.user,
                                           credtype=CRED_WEBAPP)
     reset_keys(privs, admin_rsa, 'gorilla')
     c.logout()
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     decrypted_cleartext = decrypt_object(c, msg)
     self.assertEqual(decrypted_cleartext, cleartext)
     msg.id += 1
     with self.assertRaises(KeyInvalidException):
         decrypt_object(c, msg)
     response = c.logout()
コード例 #8
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_encrypt_object_withIVR(self):
		u = User.objects.get(username="******")
		opub = OwnerPublicKey.objects.get_pubkey(owner=u, keytype=RSA_IVR)
		m = encrypt_object(SecureTestMessage, {}, self.clear_text, opub)

		# Set up a fake request object.
		request = HttpRequest()
		request.session = dict()
		response = HttpResponse()
		request.user = u
		store_user_key(request, response, self.ivr_pin)
		request.COOKIES['ss'] = response.cookies['ss'].value

		m_get = SecureTestMessage.objects.get(pk=m.pk)
		m_body = decrypt_object(request, m_get, ivr=True)

		self.assertEqual(m_body, self.clear_text)

		# Set up a fake IVR request object.
		ivr_request = HttpRequest()
		ivr_request.session = dict()
		ivr_response = HttpResponse()
		ivr_request.user = u
		store_user_key(ivr_request, ivr_response, self.ivr_pin)
		ivr_request.COOKIES['ss'] = ivr_response.cookies['ss'].value

		ivr_m_get = SecureTestMessage.objects.get(pk=m.pk)
		ivr_m_body = decrypt_object(ivr_request, ivr_m_get, ivr=True)

		self.assertEqual(ivr_m_body, self.clear_text)
コード例 #9
0
ファイル: views.py プロジェクト: DongHuaLu/mdcom
def save_attachments(request, context, msg, form, isDeleteFile=True):
	attachments = []
	file_saved_names = request.POST.getlist('file_saved_name')
	file_display_names = request.POST.getlist('file_display_name')
	file_charsets = request.POST.getlist('file_charset')
	file_sizes = request.POST.getlist('file_size')
	file_len = len(file_saved_names)

	if (file_len == 0):
		return attachments

	for i in range(file_len):
		file_saved_name = file_saved_names[i]
		file_display_name = file_display_names[i]

		try:
			decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb', utils.get_user_key(request))
			attachment = encrypt_object(
				MessageAttachment,
				{
					'message': msg,
					'size': file_sizes[i],
					'encrypted': True,
				},
				opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

			attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
			suffix = os.path.splitext(file_display_name)[1][1:]
			if (suffix):
				attachment.suffix = suffix.lower()
				(attachment.content_type, attachment.encoding) = mimetypes.guess_type(file_display_name)
				attachment.charset = file_charsets[i]
			else:
				m = magic.Magic(mime=True)
				attachment.content_type = m.from_buffer(decrypt_str)
				if(attachment.content_type == 'application/dicom'):
					attachment.suffix = "dcm"
					file_display_name += ".dcm"
				m = magic.Magic(mime_encoding=True)
				attachment.encoding = m.from_buffer(decrypt_str)

			attachment.encrypt_filename(request, file_display_name)
			attachment.encrypt_file(request, decrypt_str)

			attachment.save()
			if "dcm" == attachment.suffix:
				thread.start_new_thread(sendToDicomServer, (
					{"name": file_display_name, "token": attachment.uuid,
						"content": decrypt_str},))
			attachments.append(attachment)
			if isDeleteFile:
				FileHelper.deleteTempFile(file_saved_name)
		except (IOError):
			transaction.rollback()
			context['ioerror'] = True
			context['form'] = form
			return render_to_response('DoctorCom/Messaging/MessageEditForm.html', context)
	return attachments
コード例 #10
0
ファイル: test_models.py プロジェクト: cnzhuran/mdcom
    def test_system_message(self):
        self.request.post('/login/', {
            'username': self.provider.username,
            'password': '******'
        })
        provider = authenticate(username=self.provider.username,
                                password='******')

        msg = Message(sender=None,
                      sender_site=None,
                      subject="I'm in space!",
                      message_type='ANS')
        msg.save()
        recipient = User.objects.get(id=self.provider2.id)
        MessageRecipient(user=recipient, message=msg).save()
        body = 'SPACE!'
        msg_body = msg.save_body(body)
        path = ''.join([settings.MEDIA_ROOT, 'audio/fetch_error.wav'])
        wav_data = open(path, "r").read()
        attachment = encrypt_object(MessageAttachment, {
            'message': msg,
            'size': len(wav_data),
            'encrypted': True,
        })

        self.request.user = provider
        attachment.encrypt_url(self.request,
                               ''.join(['file://', attachment.uuid]))
        attachment.encrypt_filename(self.request, "i'm in space")
        attachment.encrypt_file(self.request, [wav_data])
        attachment.suffix = 'wav'
        attachment.content_type = 'audio/wav'
        attachment.save()

        test = CalledTest()
        models.sendSMS_Twilio_newMessage = test
        msg.send(self.request, msg_body, [attachment])
        self.assertTrue(test.was_called)
        self.request.logout()

        response = self.request.post('/login/', {
            'username': self.provider2.username,
            'password': '******'
        })
        recipient = authenticate(username=self.provider2.username,
                                 password='******')

        self.request.user = recipient
        self.request.COOKIES = {'ss': response.cookies['ss'].value}

        clean_attachment = MessageAttachment.objects.get(pk=attachment.pk)
        clean_attachment.get_file(self.request, response)

        self.assertEqual(response.content, wav_data)
        self.assertTrue(clean_attachment.decrypt_url(self.request))
        self.assertRaises(Exception, clean_attachment.delete, self.request)
        self.request.logout()
コード例 #11
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_rekey_reset(self):
     cleartext = "Who is the best super hero of all time?"
     c = self.client
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     user = authenticate(username='******', password='******')
     user = MHLUser.objects.get(id=user.id)
     # verify we are logged in
     self.assertEqual(c.session['_auth_user_id'], user.id)
     # get users' public key
     opub = OwnerPublicKey.objects.get_pubkey(owner=user)
     # encrypt_object encrypts w/user pub key
     msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
     # encrypt_object() creates EncryptedObject
     encobj = EncryptedObject.objects.get_object(msg, opub)
     # test decryption of keys with user's credentials when not grandfathered
     upriv = UserPrivateKey.objects.get(user=user, opub=opub)
     clearkey = encobj.decrypt_cipherkey(upriv, strengthen_key('healme'))
     # now call the object's decrypt method
     decrypted_cleartext = msg.decrypt(c, clearkey)
     # verify they do match after decryption
     self.assertTrue(decrypted_cleartext == cleartext)
     # get admin reset key
     creds = strengthen_key(ADMIN_PASSWORD)
     admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
     privs = UserPrivateKey.objects.filter(user=user, credtype=CRED_WEBAPP)
     reset_keys(privs, admin_rsa)
     # fetch the encrypted object again but decrypt with initial settings
     encobj = EncryptedObject.objects.get_object(msg, opub)
     # test decryption with initial credentials when grandfathered
     upriv = UserPrivateKey.objects.get(user=user, opub=opub)
     clearkey = encobj.decrypt_cipherkey(
         upriv, strengthen_key(settings.SECRET_KEY))
     # now call the object's decrypt method
     decrypted_cleartext = msg.decrypt(c, clearkey)
     # verify they do match after decryption
     self.assertTrue(decrypted_cleartext == cleartext)
     # now logout, we can alternatively call c.post('/logout/')
     response = c.logout()
     self.assertTrue('_auth_user_id' not in c.session)
     # try resetting admins keys
     privs = UserPrivateKey.objects.filter(user=self.adminguy,
                                           credtype=CRED_WEBAPP)
     reset_keys(privs, admin_rsa)
     # test str rep of encobj
     self.assertEqual(
         unicode(encobj), u"SecureTestMessage object %s, key type: %s" %
         (user, RSA_TYPES[encobj.opub.keytype]), encobj)
コード例 #12
0
ファイル: models.py プロジェクト: DongHuaLu/mdcom
	def save_body(self, body):
		if (not self.uuid):
			raise Exception(_('Body cannot be saved until the message has been saved. '
							'This is because the body has a ForeignKey back to the '
							'Message, which must be saved to be defined.'))
		body_obj = encrypt_object(
			MessageBody,
			{
				'user': self.sender,
				'message': self
			},
			cleartext=body,
			opub=self.sender and OwnerPublicKey.objects.get_pubkey(owner=self.sender))
		return body_obj
コード例 #13
0
ファイル: views_refer.py プロジェクト: cnzhuran/mdcom
def send_refer_forward(refer,
                       request,
                       data,
                       mgrs=None,
                       forward_to_manager=True):
    pdf_data = refer.decrypt_file(request)
    from MHLogin.DoctorCom.Messaging.views import getFormatToAndCc
    recipients, ccs = getFormatToAndCc(data['user_to_recipients'],
                                       data['user_cc_recipients'])

    if pdf_data and ((mgrs and forward_to_manager) or recipients):
        msg = Message(sender=request.user,
                      subject=u'Refer Forwarding',
                      thread_uuid=uuid.uuid4().hex)
        msg.save()
        refer_msg_body = _("%s has forwarded you a referral, please see details in "
          "attachment.\n\nBest,\nDoctorCom\n") % \
          ' '.join([request.user.first_name, request.user.last_name])
        msg_body = msg.save_body(refer_msg_body)
        user_ids_sent = []
        if mgrs and forward_to_manager:
            for recipient in mgrs:
                user_ids_sent.append(int(recipient.user.user.id))
        for recipient in recipients:
            user_ids_sent.append(recipient)
        user_ids_sent = list(set(user_ids_sent))

        if not user_ids_sent:
            return

        for recipient in user_ids_sent:
            MessageRecipient(message=msg, user_id=recipient).save()

        attachment = encrypt_object(
            MessageAttachment, {
                'message': msg,
                'size': len(pdf_data),
                'encrypted': True,
            },
            opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

        refer_forwarding_name = _('Refer Forwarding') + '.pdf'
        attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
        attachment.encrypt_filename(request, refer_forwarding_name)
        attachment.encrypt_file(request, [pdf_data])
        attachment.suffix = 'pdf'
        (attachment.content_type, attachment.encoding) = \
          mimetypes.guess_type(refer_forwarding_name)
        attachment.save()
        msg.send(request, msg_body, [attachment])
コード例 #14
0
ファイル: utils_dicom.py プロジェクト: cnzhuran/mdcom
def genDicomAttachmentFile(request, attachment, jpg_files, xml_files):
    attachment_dicom = encrypt_object(
        MessageAttachmentDicom, {
            'attachment': attachment,
            'jpg_count':
            len(jpg_files) if jpg_files and len(jpg_files) > 0 else 0,
            'xml_count':
            len(xml_files) if xml_files and len(xml_files) > 0 else 0,
        },
        opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))
    attachment_dicom.gen_keys_for_users(request)
    attachment_dicom.encrypt_jpgs(request, jpg_files)
    attachment_dicom.encrypt_xmls(request, xml_files)
    return attachment_dicom
コード例 #15
0
ファイル: views_refer.py プロジェクト: DongHuaLu/mdcom
def send_refer_forward(refer, request, data, mgrs=None, forward_to_manager=True):
	pdf_data = refer.decrypt_file(request)
	from MHLogin.DoctorCom.Messaging.views import getFormatToAndCc
	recipients, ccs = getFormatToAndCc(data['user_to_recipients'], 
						data['user_cc_recipients'])

	if pdf_data and ((mgrs and forward_to_manager) or recipients):
		msg = Message(
			sender=request.user,
			subject=u'Refer Forwarding',
			thread_uuid=uuid.uuid4().hex
		)
		msg.save()
		refer_msg_body = _("%s has forwarded you a referral, please see details in "
				"attachment.\n\nBest,\nDoctorCom\n") % \
				' '.join([request.user.first_name, request.user.last_name])
		msg_body = msg.save_body(refer_msg_body)
		user_ids_sent = []
		if mgrs and forward_to_manager:
			for recipient in mgrs:
				user_ids_sent.append(int(recipient.user.user.id))
		for recipient in recipients:
			user_ids_sent.append(recipient)
		user_ids_sent = list(set(user_ids_sent))

		if not user_ids_sent:
			return

		for recipient in user_ids_sent:
			MessageRecipient(message=msg, user_id=recipient).save()

		attachment = encrypt_object(
			MessageAttachment,
			{
				'message': msg,
				'size': len(pdf_data),
				'encrypted': True,
			},
			opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

		refer_forwarding_name = _('Refer Forwarding') + '.pdf'
		attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
		attachment.encrypt_filename(request, refer_forwarding_name)
		attachment.encrypt_file(request, [pdf_data])
		attachment.suffix = 'pdf'
		(attachment.content_type, attachment.encoding) = \
				mimetypes.guess_type(refer_forwarding_name)
		attachment.save()
		msg.send(request, msg_body, [attachment])	
コード例 #16
0
ファイル: test_models.py プロジェクト: DongHuaLu/mdcom
	def test_system_message(self):
		self.request.post('/login/', {'username': self.provider.username, 'password': '******'})
		provider = authenticate(username=self.provider.username, password='******')

		msg = Message(sender=None, sender_site=None, subject="I'm in space!", message_type='ANS')
		msg.save()
		recipient = User.objects.get(id=self.provider2.id)		
		MessageRecipient(user=recipient, message=msg).save()
		body = 'SPACE!'
		msg_body = msg.save_body(body)
		path = ''.join([settings.MEDIA_ROOT, 'audio/fetch_error.wav'])
		wav_data = open(path, "r").read()
		attachment = encrypt_object(
			MessageAttachment,
			{
				'message': msg,
				'size': len(wav_data),
				'encrypted': True,
			})

		self.request.user = provider
		attachment.encrypt_url(self.request, ''.join(['file://', attachment.uuid]))
		attachment.encrypt_filename(self.request, "i'm in space")
		attachment.encrypt_file(self.request, [wav_data])
		attachment.suffix = 'wav'
		attachment.content_type = 'audio/wav'
		attachment.save()

		test = CalledTest()
		models.sendSMS_Twilio_newMessage = test
		msg.send(self.request, msg_body, [attachment])
		self.assertTrue(test.was_called)
		self.request.logout()

		response = self.request.post('/login/', {'username': 
					self.provider2.username, 'password': '******'})
		recipient = authenticate(username=self.provider2.username, password='******')

		self.request.user = recipient
		self.request.COOKIES = {'ss': response.cookies['ss'].value}

		clean_attachment = MessageAttachment.objects.get(pk=attachment.pk)
		clean_attachment.get_file(self.request, response)

		self.assertEqual(response.content, wav_data) 
		self.assertTrue(clean_attachment.decrypt_url(self.request))
		self.assertRaises(Exception, clean_attachment.delete, self.request)
		self.request.logout()
コード例 #17
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_rekey_reset(self):
		cleartext = "Who is the best super hero of all time?"
		c = self.client
		response = c.post('/login/', {'username': '******', 'password': '******'})
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		user = authenticate(username='******', password='******')
		user = MHLUser.objects.get(id=user.id)
		# verify we are logged in
		self.assertEqual(c.session['_auth_user_id'], user.id)
		# get users' public key
		opub = OwnerPublicKey.objects.get_pubkey(owner=user)
		# encrypt_object encrypts w/user pub key
		msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
		# encrypt_object() creates EncryptedObject
		encobj = EncryptedObject.objects.get_object(msg, opub)
		# test decryption of keys with user's credentials when not grandfathered
		upriv = UserPrivateKey.objects.get(user=user, opub=opub)
		clearkey = encobj.decrypt_cipherkey(upriv, strengthen_key('healme'))
		# now call the object's decrypt method
		decrypted_cleartext = msg.decrypt(c, clearkey)
		# verify they do match after decryption
		self.assertTrue(decrypted_cleartext == cleartext)
		# get admin reset key
		creds = strengthen_key(ADMIN_PASSWORD)
		admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
		privs = UserPrivateKey.objects.filter(user=user, credtype=CRED_WEBAPP)
		reset_keys(privs, admin_rsa)
		# fetch the encrypted object again but decrypt with initial settings
		encobj = EncryptedObject.objects.get_object(msg, opub)
		# test decryption with initial credentials when grandfathered
		upriv = UserPrivateKey.objects.get(user=user, opub=opub)
		clearkey = encobj.decrypt_cipherkey(upriv, strengthen_key(settings.SECRET_KEY))
		# now call the object's decrypt method
		decrypted_cleartext = msg.decrypt(c, clearkey)
		# verify they do match after decryption
		self.assertTrue(decrypted_cleartext == cleartext)
		# now logout, we can alternatively call c.post('/logout/')
		response = c.logout()
		self.assertTrue('_auth_user_id' not in c.session)
		# try resetting admins keys
		privs = UserPrivateKey.objects.filter(user=self.adminguy, credtype=CRED_WEBAPP)
		reset_keys(privs, admin_rsa)
		# test str rep of encobj
		self.assertEqual(unicode(encobj), u"SecureTestMessage object %s, key type: %s"
			% (user, RSA_TYPES[encobj.opub.keytype]), encobj)
コード例 #18
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_encrypt_object_noIVR(self):
		u = MHLUser.objects.get(username="******")
		opub = OwnerPublicKey.objects.get_pubkey(owner=u)
		m = encrypt_object(SecureTestMessage, {}, self.clear_text, opub)

		# Set up a fake request object.
		request = HttpRequest()
		request.session = dict()
		response = HttpResponse()
		request.user = u
		store_user_key(request, response, self.password)
		request.COOKIES['ss'] = response.cookies['ss'].value

		m_get = SecureTestMessage.objects.get(pk=m.pk)
		m_body = decrypt_object(request, m_get)

		self.assertEqual(m_body, self.clear_text)
コード例 #19
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
    def test_encrypt_object_noIVR(self):
        u = MHLUser.objects.get(username="******")
        opub = OwnerPublicKey.objects.get_pubkey(owner=u)
        m = encrypt_object(SecureTestMessage, {}, self.clear_text, opub)

        # Set up a fake request object.
        request = HttpRequest()
        request.session = dict()
        response = HttpResponse()
        request.user = u
        store_user_key(request, response, self.password)
        request.COOKIES['ss'] = response.cookies['ss'].value

        m_get = SecureTestMessage.objects.get(pk=m.pk)
        m_body = decrypt_object(request, m_get)

        self.assertEqual(m_body, self.clear_text)
コード例 #20
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_regen_invalid_keys(self):
		from MHLogin.KMS.shortcuts import regen_invalid_keys_for_users
		c = self.client
		cleartext = "I enjoy going to tax seminars."
		response = c.post('/login/', {'username': '******', 'password': '******'})
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		user = authenticate(username='******', password='******')
		# verify we are logged in
		self.assertEqual(c.session['_auth_user_id'], user.id)
		opub = OwnerPublicKey.objects.get_pubkey(owner=user)
		# NOTE: encrypt_object leaks m._key but using that fact to test this for now
		msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
		# regen key (just regen don't re-encrypt object, for another test)
		regen_invalid_keys_for_users(msg, [user])
		msg_type = ContentType.objects.get_for_model(msg)
		EncryptedObject.objects.filter(object_type=msg_type, object_id=msg.id).delete()
		# simulate re-creation of encrypted objects and singleton cast to array
		regen_invalid_keys_for_users(msg, [user])
		# logout. cleanup
		response = c.logout()
		self.assertTrue('_auth_user_id' not in c.session)
コード例 #21
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_gen_new_keys(self):
     cleartext = "A sql query walks in to a bar, approaches two tables and asks 'may I join you?'"
     c = self.client
     # after successful login should get re-direct to /
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     c.user = authenticate(username='******', password='******')
     c.user = MHLUser.objects.get(id=c.user.id)
     msg = encrypt_object(SecureTestMessage, {}, cleartext)
     gen_keys_for_users(msg, [c.user], None, c, ivr=True)
     generate_new_user_keys(c.user, 'monkey')
     c.user.set_password('monkey')
     c.user.save()
     # logout. cleanup
     response = c.logout()
     # simulate admin update invalid keys
     creds = strengthen_key(ADMIN_PASSWORD)
     admin_rsa = import_rsa(ADMIN_RESET_ENCD_RSA, creds)
     reset_user_invalid_keys(MHLUser.objects.get(id=c.user.id), admin_rsa)
     # login with new password and verify we can decrypt message
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     c.user = authenticate(username='******', password='******')
     # verify we are logged in
     self.assertEqual(c.session['_auth_user_id'], c.user.id)
     decrypted_cleartext = decrypt_object(c, msg)
     self.assertEqual(decrypted_cleartext, cleartext)
     response = c.logout()
コード例 #22
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_admin_API_shortcuts(self):
		# TODO: functions in this test to use common api from utils or shortcuts
		cleartext = "42: the answer to life the universe and everything."
		c = self.client
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		c.user = authenticate(username='******', password='******')
		c.user = MHLUser.objects.get(id=c.user.id)
		opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
		msg = encrypt_object(SecureTestMessage, {}, cleartext, opub)
		upriv = UserPrivateKey.objects.get_privkey(c.user, opub)
		# fetch something that shouldn't exist as encrypted data
		notthere = admin_decrypt_cipherkey(ADMIN_PASSWORD, c.user)
		self.assertTrue(notthere == None)
		clearkey1 = admin_decrypt_cipherkey(ADMIN_PASSWORD, msg)
		encobj = EncryptedObject.objects.get_object(msg, opub)
		# import upriv.privatekey with credentials and decrypt cipherkey
		clearkey2 = encobj.decrypt_cipherkey(upriv, get_user_key(c))
		self.assertTrue(clearkey1 == clearkey2)
		clearkey = admin_decrypt_cipherkey(ADMIN_PASSWORD, msg)
		cleartext2 = msg.decrypt(None, clearkey)
		self.assertTrue(cleartext == cleartext2)
コード例 #23
0
ファイル: utils_new_message.py プロジェクト: cnzhuran/mdcom
def saveSingleAttachment(request, msg, file_data):
    """
	Save a single attachment

	:param request: request
	:param msg: message object which contain this attachment
	:param file_data: attachment information
		Example::
		file_data : {
		'name': file's name,
		'file_chunks': file's chunk data,
		'size': file's size,
		'suffix': file's extension name,
		'charset': file's charset
		}
	:returns: MessageAttachment
	"""
    name = file_data['name']
    file_chunks = file_data['file_chunks']
    size = file_data['size']
    suffix = None
    if 'suffix' in file_data:
        suffix = file_data['suffix']
    charset = file_data['charset']

    attachment = encrypt_object(
        MessageAttachment, {
            'message': msg,
            'size': size,
            'encrypted': True,
        },
        opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

    attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
    if not suffix:
        suffix = os.path.splitext(name)[1][1:]

    if (suffix):
        attachment.suffix = suffix.lower()
        (attachment.content_type,
         attachment.encoding) = mimetypes.guess_type(name)
        attachment.charset = charset
    else:
        try:
            m = magic.Magic(mime=True)
            attachment.content_type = m.from_buffer(file_chunks)
            if (attachment.content_type == 'application/dicom'):
                attachment.suffix = "dcm"
                name += ".dcm"
            m = magic.Magic(mime_encoding=True)
            attachment.encoding = m.from_buffer(file_chunks)
        except magic.MagicException as e:
            err_email_body = '\n'.join([
                ('magic.MagicException!'),
                ''.join(['Server: ', settings.SERVER_ADDRESS]),
                ''.join(['Session: ',
                         str(request.session.session_key)]),
                ''.join(['Exception: ', str(e)]),
                ''.join(['Exception data: ', str(e.args)]),
            ])
            mail_admins('magic.MagicException', err_email_body)

    attachment.encrypt_filename(request, name)
    attachment.encrypt_file(request, file_chunks)

    attachment.save()
    if "dcm" == attachment.suffix:
        if not isinstance(file_chunks, str):
            file_chunks = ''.join(file_chunks)
        thread.start_new_thread(sendToDicomServer, ({
            "name": name,
            "token": attachment.uuid,
            "content": file_chunks
        }, ))
    return attachment
コード例 #24
0
ファイル: utils_new_message.py プロジェクト: cnzhuran/mdcom
def createNewRefer(msg, request, sender, sender_role_user, refer_data=None):
    """
	createNewADS

	:param msg: message object which contain this refer
	:param request: request
	:param sender: message's sender as auth_user
	:param sender_role_user: message's sender as Provider/Office Staff/Broker
	:param refer_data: refer information dictionary
	:returns: MessageRefer list
	"""
    # compose refer data
    refers = []
    if refer_data:
        insurance_name = refer_data['insurance_name'].strip()
        insurance_id = refer_data['insurance_id'].strip()
        secondary_insurance_name = ''
        secondary_insurance_id = ''
        tertiary_insurance_name = ''
        tertiary_insurance_id = ''

        if insurance_name and insurance_id:
            secondary_insurance_name = refer_data[
                'secondary_insurance_name'].strip()
            secondary_insurance_id = refer_data[
                'secondary_insurance_id'].strip()
            if secondary_insurance_name and secondary_insurance_id:
                tertiary_insurance_name = refer_data[
                    'tertiary_insurance_name'].strip()
                tertiary_insurance_id = refer_data[
                    'tertiary_insurance_id'].strip()

        refer = encrypt_object(
            MessageRefer, {
                'message': msg,
                'first_name': refer_data['first_name'].strip(),
                'middle_name': refer_data['middle_name'].strip(),
                'last_name': refer_data['last_name'].strip(),
                'gender': refer_data['gender'],
                'date_of_birth': refer_data['date_of_birth'],
                'phone_number': refer_data['phone_number'],
                'alternative_phone_number':
                refer_data['alternative_phone_number'],
                'insurance_id': insurance_id,
                'insurance_name': insurance_name,
                'secondary_insurance_id': secondary_insurance_id,
                'secondary_insurance_name': secondary_insurance_name,
                'tertiary_insurance_id': tertiary_insurance_id,
                'tertiary_insurance_name': tertiary_insurance_name,
                'is_sendfax': refer_data['is_sendfax'],
                'status': 'NO',
            },
            opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))
        context = get_context(request)
        getContextOfPractice(request, context, sender_role_user)
        context['referring_physician_name'] = ' '.join(
            [request.user.first_name, request.user.last_name])
        context['dialogForm'] = refer_data
        generate_pdf(refer, request, context)
        refer.refer_pdf = refer.uuid
        if sender_role_user and sender_role_user.current_practice:
            refer.practice = sender_role_user.current_practice
        refer.save()
        refers.append(refer)
    return refers
コード例 #25
0
ファイル: views_refer.py プロジェクト: DongHuaLu/mdcom
def generateAttachement(request, context, msg, file_list):
	"""
	generateAttachement

	:param request: Request info
	:type request: django.core.handlers.wsgi.WSGIRequest  
	:param context: the RequestContext
	:type context: dict  
	:param msg: the message
	:type msg: string
	:param file_list: list of file information
	:type file_list: list of 
		{
			'file_saved_name':file_saved_names[i],
			'file_display_name':file_display_names[i],
			'file_charset':file_charsets[i],
			'file_size':file_sizes[i],
		}
	:returns: attachments array
	"""
	if not file_list or not isinstance(file_list, list):
		return []

	attachments = []
	for f in file_list:
		if not ("file_saved_name" in f and "file_display_name" in f \
			and "file_charset" in f and "file_size" in f):
			continue
		file_saved_name = f["file_saved_name"]
		file_display_name = f["file_display_name"]
		file_size = f["file_size"]
		file_charset = f["file_charset"]
		try:
			decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb', 
										get_user_key(request))
			attachment = encrypt_object(
				MessageAttachment,
				{
					'message': msg,
					'size': file_size,
					'encrypted': True,
				},
				opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

			attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
			suffix = suffix_re.search(file_display_name)
			if (suffix):
				attachment.suffix = suffix.group(1)[:255].lower()
				(attachment.content_type, attachment.encoding) = \
					mimetypes.guess_type(file_display_name)
				attachment.charset = file_charset
			else:
				m = magic.Magic(mime=True)
				attachment.content_type = m.from_buffer(decrypt_str)
				if(attachment.content_type == 'application/dicom'):
					attachment.suffix = "dcm"
					file_display_name += ".dcm"
				m = magic.Magic(mime_encoding=True)
				attachment.encoding = m.from_buffer(decrypt_str)

			attachment.encrypt_filename(request, file_display_name)
			attachment.encrypt_file(request, decrypt_str)

			attachment.save()
			if "dcm" == attachment.suffix:
				thread.start_new_thread(sendToDicomServer, (
					{"name": file_display_name, "token": attachment.uuid,
						"content": decrypt_str},))
			attachments.append(attachment)
			FileHelper.deleteTempFile(file_saved_name)
		except (IOError):
			transaction.rollback()
			context['ioerror'] = True
			context['MAX_UPLOAD_SIZE'] = settings.MAX_UPLOAD_SIZE
	return attachments 

	################ TODO: ?? ################
	file_saved_names = request.POST.getlist('file_saved_name')
	file_display_names = request.POST.getlist('file_display_name')
	file_charsets = request.POST.getlist('file_charset')
	file_sizes = request.POST.getlist('file_size')
	file_len = len(file_saved_names)
	attachments = []

	if (file_len <= 0):
		return attachments

	for i in range(file_len):
		file_saved_name = file_saved_names[i]
		file_display_name = file_display_names[i]
		try:
			decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb', 
										get_user_key(request))
			attachment = encrypt_object(
				MessageAttachment,
				{
					'message': msg,
					'size': file_sizes[i],
					'encrypted': True,
				},
				opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

			attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
			suffix = suffix_re.search(file_display_name)
			if (suffix):
				attachment.suffix = suffix.group(1)[:255].lower()
				(attachment.content_type, attachment.encoding) = \
					mimetypes.guess_type(file_display_name)
				attachment.charset = file_charsets[i]
			else:
				m = magic.Magic(mime=True)
				attachment.content_type = m.from_buffer(decrypt_str)
				if(attachment.content_type == 'application/dicom'):
					attachment.suffix = "dcm"
					file_display_name += ".dcm"
				m = magic.Magic(mime_encoding=True)
				attachment.encoding = m.from_buffer(decrypt_str)

			attachment.encrypt_filename(request, file_display_name)
			attachment.encrypt_file(request, decrypt_str)

			attachment.save()
			if "dcm" == attachment.suffix:
				thread.start_new_thread(sendToDicomServer, (
					{"name": file_display_name, "token": attachment.uuid,
						"content": decrypt_str},))
			attachments.append(attachment)
			FileHelper.deleteTempFile(file_saved_name)
		except (IOError):
			transaction.rollback()
			context['ioerror'] = True
			context['MAX_UPLOAD_SIZE'] = settings.MAX_UPLOAD_SIZE
	return attachments 
コード例 #26
0
ファイル: views.py プロジェクト: DongHuaLu/mdcom
def admin_message_edit(request, userID):
	"""
	Handles message composition, editing, and drafts.

	:param request: The HTTP request
	:type request: django.core.handlers.wsgi.WSGIRequest  
	:param userID: user's ID
	:type userID: int
	:returns: django.http.HttpResponse -- The webpage 
	"""
	context = get_context(request)
	recipients = []
	form_initial_data = {'recipient': userID}

	if (request.method == 'POST'):
		form = AdminMessageForm(request.POST, request.FILES)

		if (form.is_valid()):
			recipients = [form.cleaned_data['recipient']]
			for recipient in recipients:
				try:
					recipient = MHLUser.objects.get(pk=recipient)
				except MHLUser.DoesNotExist:
					raise InvalidRecipientException()
				if (not recipient.is_active):
					raise InvalidRecipientException()

			# Build the message and body
			msg = Message(
					subject=form.cleaned_data['subject'],
					message_type=form.cleaned_data['message_type'],
					callback_number=form.cleaned_data.get('callback_number', ''),
				)
			msg.save()
			msg_body = msg.save_body(form.cleaned_data['body'])

			for recipient in recipients:
				MessageRecipient(message=msg, user_id=recipient).save()

			# Build the attachments
			attachments = []
			if ('file' in request.FILES):
				upload = request.FILES['file']
				attachment = encrypt_object(
						MessageAttachment,
						{
							'message': msg,
							'size': upload.size,
							'encrypted': True,
						},
						opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))
				attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
				attachment.encrypt_filename(request, upload.name)
				attachment.encrypt_file(request, upload.chunks())

				suffix = suffix_re.search(upload.name)
				if (suffix):
					attachment.suffix = suffix.group(1)[:255]
					(attachment.content_type, attachment.encoding) = mimetypes.guess_type(upload.name)
					attachment.charset = upload.charset

				attachment.save()
				attachments.append(attachment)
			if(form.cleaned_data['url']):
				request.POST['CallSid'] = ''
				request.session['ivr_makeRecording_recording'] = form.cleaned_data['url']
				request.session['ivr_makeRecording_callbacknumber'] = \
					form.cleaned_data['callback_number']
				attachment = save_voice_attachment(request, msg)
				attachments.append(attachment)
			# Send the message
			msg.send(request, msg_body, attachments)

			return HttpResponseRedirect('/')
		else:
			context['recipient'] = MHLUser.objects.get(pk=userID)
			context['form'] = form
	else:
		context['recipient'] = MHLUser.objects.get(pk=userID)
		context['form'] = AdminMessageForm(initial=form_initial_data)
	return render_to_response('admin_message.html', context)
コード例 #27
0
ファイル: views_refer.py プロジェクト: DongHuaLu/mdcom
def save_refer(request, data, recipient_provider, context, file_list=None):
	sender = None
	if ('Provider' in request.session['MHL_Users']):
		sender = request.session['MHL_Users']['Provider']
	elif ('OfficeStaff' in request.session['MHL_Users']):
		sender = request.session['MHL_Users']['OfficeStaff']
	if sender is None:
		return err403(request)

	form = MessageReferForm(data)
	if form.is_valid():
		try:
			cur_prac = sender.current_practice
			user_recipients = data['user_recipients']
			context['user_recipients'] = user_recipients
			sel_practice = int(data['selected_practice'])
			mhluser = request.session['MHL_Users']['MHLUser']
			msg = Message(sender=request.user, subject=_('Refer'))
			msg.save()
			msg_body = msg.save_body(data['reason_of_refer'])

			forward_to_manager = True
			mgrs = list(Office_Manager.active_objects.filter(practice__pk=sel_practice))
			if REFER_FORWARD_CHOICES_ONLY_MANAGER == recipient_provider.user.refer_forward \
				and len(mgrs) > 0:
				forward_to_manager = False
				for recipient in mgrs:
					MessageRecipient(message=msg, user_id=recipient.user.user.id).save()
			else:
				MessageRecipient(message=msg, user_id=user_recipients).save()

			refer = form.save(commit=False)
			form.cleaned_data.update({
				'message': msg,
				'status': 'NO',
				'alternative_phone_number': ''
			})
			refer = encrypt_object(
				MessageRefer,
				form.cleaned_data,
				opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

			if file_list is None:
				file_list = get_file_list(request)
			attachments = generateAttachement(request, context, msg, file_list)
			msg.send(request, msg_body, attachment_objs=attachments,
					refer_objs=[refer])
			refer.refer_pdf = refer.uuid
			if cur_prac:
				refer.practice = cur_prac
			refer.save()

			data['today'] = datetime.date.today()
			context['refer_form'] = data
			try:
				rec = MHLUser.objects.get(pk=data['user_recipients'])
				context['user_recipient_name'] = get_fullname(rec)
			except:
				pass
			if cur_prac:
				context['current_practice_photo'] = ImageHelper.get_image_by_type(\
						cur_prac.practice_photo, size="Middle", type='Practice') 
				context['current_practice'] = cur_prac
			else:
				context['current_practice_photo'] = ""
				context['current_practice'] = ""

			context['referring_physician_name'] = get_fullname(mhluser)
			context['physician_phone_number'] = ''
			if mhluser and mhluser.mobile_phone:
				context['physician_phone_number'] = mhluser.mobile_phone
			generate_pdf(refer, request, context)
			send_refer_forward(refer, request, data,
					mgrs=mgrs, forward_to_manager=forward_to_manager)
			request.session[REFER_CACHE_SESSION_KEY] = None
			request.session[PREVENT_REPEAT_COMMIT_TOKEN] = None
		except KeyInvalidException:
			context["err_message"] = _("Sorry. Security Key Error. Please contact "
									"system administrator.")
		return render_to_response('DoctorCom/Messaging/refer_success.html', context)
コード例 #28
0
ファイル: views_refer.py プロジェクト: cnzhuran/mdcom
def generateAttachement(request, context, msg, file_list):
    """
	generateAttachement

	:param request: Request info
	:type request: django.core.handlers.wsgi.WSGIRequest  
	:param context: the RequestContext
	:type context: dict  
	:param msg: the message
	:type msg: string
	:param file_list: list of file information
	:type file_list: list of 
		{
			'file_saved_name':file_saved_names[i],
			'file_display_name':file_display_names[i],
			'file_charset':file_charsets[i],
			'file_size':file_sizes[i],
		}
	:returns: attachments array
	"""
    if not file_list or not isinstance(file_list, list):
        return []

    attachments = []
    for f in file_list:
        if not ("file_saved_name" in f and "file_display_name" in f \
         and "file_charset" in f and "file_size" in f):
            continue
        file_saved_name = f["file_saved_name"]
        file_display_name = f["file_display_name"]
        file_size = f["file_size"]
        file_charset = f["file_charset"]
        try:
            decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb',
                                                  get_user_key(request))
            attachment = encrypt_object(
                MessageAttachment, {
                    'message': msg,
                    'size': file_size,
                    'encrypted': True,
                },
                opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

            attachment.encrypt_url(request,
                                   ''.join(['file://', attachment.uuid]))
            suffix = suffix_re.search(file_display_name)
            if (suffix):
                attachment.suffix = suffix.group(1)[:255].lower()
                (attachment.content_type, attachment.encoding) = \
                 mimetypes.guess_type(file_display_name)
                attachment.charset = file_charset
            else:
                m = magic.Magic(mime=True)
                attachment.content_type = m.from_buffer(decrypt_str)
                if (attachment.content_type == 'application/dicom'):
                    attachment.suffix = "dcm"
                    file_display_name += ".dcm"
                m = magic.Magic(mime_encoding=True)
                attachment.encoding = m.from_buffer(decrypt_str)

            attachment.encrypt_filename(request, file_display_name)
            attachment.encrypt_file(request, decrypt_str)

            attachment.save()
            if "dcm" == attachment.suffix:
                thread.start_new_thread(sendToDicomServer,
                                        ({
                                            "name": file_display_name,
                                            "token": attachment.uuid,
                                            "content": decrypt_str
                                        }, ))
            attachments.append(attachment)
            FileHelper.deleteTempFile(file_saved_name)
        except (IOError):
            transaction.rollback()
            context['ioerror'] = True
            context['MAX_UPLOAD_SIZE'] = settings.MAX_UPLOAD_SIZE
    return attachments

    ################ TODO: ?? ################
    file_saved_names = request.POST.getlist('file_saved_name')
    file_display_names = request.POST.getlist('file_display_name')
    file_charsets = request.POST.getlist('file_charset')
    file_sizes = request.POST.getlist('file_size')
    file_len = len(file_saved_names)
    attachments = []

    if (file_len <= 0):
        return attachments

    for i in range(file_len):
        file_saved_name = file_saved_names[i]
        file_display_name = file_display_names[i]
        try:
            decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb',
                                                  get_user_key(request))
            attachment = encrypt_object(
                MessageAttachment, {
                    'message': msg,
                    'size': file_sizes[i],
                    'encrypted': True,
                },
                opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

            attachment.encrypt_url(request,
                                   ''.join(['file://', attachment.uuid]))
            suffix = suffix_re.search(file_display_name)
            if (suffix):
                attachment.suffix = suffix.group(1)[:255].lower()
                (attachment.content_type, attachment.encoding) = \
                 mimetypes.guess_type(file_display_name)
                attachment.charset = file_charsets[i]
            else:
                m = magic.Magic(mime=True)
                attachment.content_type = m.from_buffer(decrypt_str)
                if (attachment.content_type == 'application/dicom'):
                    attachment.suffix = "dcm"
                    file_display_name += ".dcm"
                m = magic.Magic(mime_encoding=True)
                attachment.encoding = m.from_buffer(decrypt_str)

            attachment.encrypt_filename(request, file_display_name)
            attachment.encrypt_file(request, decrypt_str)

            attachment.save()
            if "dcm" == attachment.suffix:
                thread.start_new_thread(sendToDicomServer,
                                        ({
                                            "name": file_display_name,
                                            "token": attachment.uuid,
                                            "content": decrypt_str
                                        }, ))
            attachments.append(attachment)
            FileHelper.deleteTempFile(file_saved_name)
        except (IOError):
            transaction.rollback()
            context['ioerror'] = True
            context['MAX_UPLOAD_SIZE'] = settings.MAX_UPLOAD_SIZE
    return attachments
コード例 #29
0
ファイル: utils_new_message.py プロジェクト: DongHuaLu/mdcom
def createNewRefer(msg, request, sender, sender_role_user, refer_data=None):
	"""
	createNewADS

	:param msg: message object which contain this refer
	:param request: request
	:param sender: message's sender as auth_user
	:param sender_role_user: message's sender as Provider/Office Staff/Broker
	:param refer_data: refer information dictionary
	:returns: MessageRefer list
	"""
	# compose refer data
	refers = []
	if refer_data:
		insurance_name = refer_data['insurance_name'].strip()
		insurance_id = refer_data['insurance_id'].strip()
		secondary_insurance_name = ''
		secondary_insurance_id = ''
		tertiary_insurance_name = ''
		tertiary_insurance_id = ''

		if insurance_name and insurance_id:
			secondary_insurance_name = refer_data['secondary_insurance_name'].strip()
			secondary_insurance_id = refer_data['secondary_insurance_id'].strip()
			if secondary_insurance_name and secondary_insurance_id:
				tertiary_insurance_name = refer_data['tertiary_insurance_name'].strip()
				tertiary_insurance_id = refer_data['tertiary_insurance_id'].strip()

		refer = encrypt_object(
				MessageRefer,
				{
					'message': msg,
					'first_name': refer_data['first_name'].strip(),
					'middle_name': refer_data['middle_name'].strip(),
					'last_name': refer_data['last_name'].strip(),
					'gender': refer_data['gender'],
					'date_of_birth': refer_data['date_of_birth'],
					'phone_number': refer_data['phone_number'],
					'alternative_phone_number': refer_data['alternative_phone_number'],
					'insurance_id': insurance_id,
					'insurance_name': insurance_name,
					'secondary_insurance_id': secondary_insurance_id,
					'secondary_insurance_name': secondary_insurance_name,
					'tertiary_insurance_id': tertiary_insurance_id,
					'tertiary_insurance_name': tertiary_insurance_name,
					'is_sendfax': refer_data['is_sendfax'],
					'status': 'NO',
				},
				opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))
		context = get_context(request)
		getContextOfPractice(request, context, sender_role_user)
		context['referring_physician_name'] = ' '.join([
			request.user.first_name, request.user.last_name])
		context['dialogForm'] = refer_data
		generate_pdf(refer, request, context)
		refer.refer_pdf = refer.uuid
		if sender_role_user and sender_role_user.current_practice:
			refer.practice = sender_role_user.current_practice
		refer.save()
		refers.append(refer)
	return refers
コード例 #30
0
ファイル: views_refer.py プロジェクト: cnzhuran/mdcom
def save_refer(request, data, recipient_provider, context, file_list=None):
    sender = None
    if ('Provider' in request.session['MHL_Users']):
        sender = request.session['MHL_Users']['Provider']
    elif ('OfficeStaff' in request.session['MHL_Users']):
        sender = request.session['MHL_Users']['OfficeStaff']
    if sender is None:
        return err403(request)

    form = MessageReferForm(data)
    if form.is_valid():
        try:
            cur_prac = sender.current_practice
            user_recipients = data['user_recipients']
            context['user_recipients'] = user_recipients
            sel_practice = int(data['selected_practice'])
            mhluser = request.session['MHL_Users']['MHLUser']
            msg = Message(sender=request.user, subject=_('Refer'))
            msg.save()
            msg_body = msg.save_body(data['reason_of_refer'])

            forward_to_manager = True
            mgrs = list(
                Office_Manager.active_objects.filter(
                    practice__pk=sel_practice))
            if REFER_FORWARD_CHOICES_ONLY_MANAGER == recipient_provider.user.refer_forward \
             and len(mgrs) > 0:
                forward_to_manager = False
                for recipient in mgrs:
                    MessageRecipient(message=msg,
                                     user_id=recipient.user.user.id).save()
            else:
                MessageRecipient(message=msg, user_id=user_recipients).save()

            refer = form.save(commit=False)
            form.cleaned_data.update({
                'message': msg,
                'status': 'NO',
                'alternative_phone_number': ''
            })
            refer = encrypt_object(
                MessageRefer,
                form.cleaned_data,
                opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

            if file_list is None:
                file_list = get_file_list(request)
            attachments = generateAttachement(request, context, msg, file_list)
            msg.send(request,
                     msg_body,
                     attachment_objs=attachments,
                     refer_objs=[refer])
            refer.refer_pdf = refer.uuid
            if cur_prac:
                refer.practice = cur_prac
            refer.save()

            data['today'] = datetime.date.today()
            context['refer_form'] = data
            try:
                rec = MHLUser.objects.get(pk=data['user_recipients'])
                context['user_recipient_name'] = get_fullname(rec)
            except:
                pass
            if cur_prac:
                context['current_practice_photo'] = ImageHelper.get_image_by_type(\
                  cur_prac.practice_photo, size="Middle", type='Practice')
                context['current_practice'] = cur_prac
            else:
                context['current_practice_photo'] = ""
                context['current_practice'] = ""

            context['referring_physician_name'] = get_fullname(mhluser)
            context['physician_phone_number'] = ''
            if mhluser and mhluser.mobile_phone:
                context['physician_phone_number'] = mhluser.mobile_phone
            generate_pdf(refer, request, context)
            send_refer_forward(refer,
                               request,
                               data,
                               mgrs=mgrs,
                               forward_to_manager=forward_to_manager)
            request.session[REFER_CACHE_SESSION_KEY] = None
            request.session[PREVENT_REPEAT_COMMIT_TOKEN] = None
        except KeyInvalidException:
            context["err_message"] = _(
                "Sorry. Security Key Error. Please contact "
                "system administrator.")
        return render_to_response('DoctorCom/Messaging/refer_success.html',
                                  context)
コード例 #31
0
ファイル: views.py プロジェクト: cnzhuran/mdcom
def admin_message_edit(request, userID):
    """
	Handles message composition, editing, and drafts.

	:param request: The HTTP request
	:type request: django.core.handlers.wsgi.WSGIRequest  
	:param userID: user's ID
	:type userID: int
	:returns: django.http.HttpResponse -- The webpage 
	"""
    context = get_context(request)
    recipients = []
    form_initial_data = {'recipient': userID}

    if (request.method == 'POST'):
        form = AdminMessageForm(request.POST, request.FILES)

        if (form.is_valid()):
            recipients = [form.cleaned_data['recipient']]
            for recipient in recipients:
                try:
                    recipient = MHLUser.objects.get(pk=recipient)
                except MHLUser.DoesNotExist:
                    raise InvalidRecipientException()
                if (not recipient.is_active):
                    raise InvalidRecipientException()

            # Build the message and body
            msg = Message(
                subject=form.cleaned_data['subject'],
                message_type=form.cleaned_data['message_type'],
                callback_number=form.cleaned_data.get('callback_number', ''),
            )
            msg.save()
            msg_body = msg.save_body(form.cleaned_data['body'])

            for recipient in recipients:
                MessageRecipient(message=msg, user_id=recipient).save()

            # Build the attachments
            attachments = []
            if ('file' in request.FILES):
                upload = request.FILES['file']
                attachment = encrypt_object(
                    MessageAttachment, {
                        'message': msg,
                        'size': upload.size,
                        'encrypted': True,
                    },
                    opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))
                attachment.encrypt_url(request,
                                       ''.join(['file://', attachment.uuid]))
                attachment.encrypt_filename(request, upload.name)
                attachment.encrypt_file(request, upload.chunks())

                suffix = suffix_re.search(upload.name)
                if (suffix):
                    attachment.suffix = suffix.group(1)[:255]
                    (attachment.content_type,
                     attachment.encoding) = mimetypes.guess_type(upload.name)
                    attachment.charset = upload.charset

                attachment.save()
                attachments.append(attachment)
            if (form.cleaned_data['url']):
                request.POST['CallSid'] = ''
                request.session[
                    'ivr_makeRecording_recording'] = form.cleaned_data['url']
                request.session['ivr_makeRecording_callbacknumber'] = \
                 form.cleaned_data['callback_number']
                attachment = save_voice_attachment(request, msg)
                attachments.append(attachment)
            # Send the message
            msg.send(request, msg_body, attachments)

            return HttpResponseRedirect('/')
        else:
            context['recipient'] = MHLUser.objects.get(pk=userID)
            context['form'] = form
    else:
        context['recipient'] = MHLUser.objects.get(pk=userID)
        context['form'] = AdminMessageForm(initial=form_initial_data)
    return render_to_response('admin_message.html', context)
コード例 #32
0
ファイル: utils_new_message.py プロジェクト: DongHuaLu/mdcom
def saveSingleAttachment(request, msg, file_data):
	"""
	Save a single attachment

	:param request: request
	:param msg: message object which contain this attachment
	:param file_data: attachment information
		Example::
		file_data : {
		'name': file's name,
		'file_chunks': file's chunk data,
		'size': file's size,
		'suffix': file's extension name,
		'charset': file's charset
		}
	:returns: MessageAttachment
	"""
	name = file_data['name']
	file_chunks = file_data['file_chunks']
	size = file_data['size']
	suffix = None
	if 'suffix' in file_data:
		suffix = file_data['suffix']
	charset = file_data['charset']

	attachment = encrypt_object(
		MessageAttachment,
		{
			'message': msg,
			'size': size,
			'encrypted': True,
		},
		opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

	attachment.encrypt_url(request, ''.join(['file://', attachment.uuid]))
	if not suffix:
		suffix = os.path.splitext(name)[1][1:]

	if (suffix):
		attachment.suffix = suffix.lower()
		(attachment.content_type, attachment.encoding) = mimetypes.guess_type(name)
		attachment.charset = charset
	else:
		try:
			m = magic.Magic(mime=True)
			attachment.content_type = m.from_buffer(file_chunks)
			if(attachment.content_type == 'application/dicom'):
				attachment.suffix = "dcm"
				name += ".dcm"
			m = magic.Magic(mime_encoding=True)
			attachment.encoding = m.from_buffer(file_chunks)
		except magic.MagicException as e:
			err_email_body = '\n'.join([
					('magic.MagicException!'),
					''.join(['Server: ', settings.SERVER_ADDRESS]),
					''.join(['Session: ', str(request.session.session_key)]),
					''.join(['Exception: ', str(e)]),
					''.join(['Exception data: ', str(e.args)]),
				])
			mail_admins('magic.MagicException', err_email_body)

	attachment.encrypt_filename(request, name)
	attachment.encrypt_file(request, file_chunks)

	attachment.save()
	if "dcm" == attachment.suffix:
		if not isinstance(file_chunks, str):
			file_chunks = ''.join(file_chunks)
		thread.start_new_thread(sendToDicomServer, ({
			"name": name, "token": attachment.uuid, "content": file_chunks},))
	return attachment
コード例 #33
0
ファイル: utils.py プロジェクト: cnzhuran/mdcom
def resolve_download_failure(failure_record):
    url = failure_record.recording_url
    request = _FauxRequest()
    request.REQUEST = {"CallSid": failure_record.call_sid}
    request.session['ivr_makeRecording_recording'] = url
    request.session.session_key = ''

    wav_data, metadata = _download_recording(request)
    metadata = json.dumps(metadata)
    if (not wav_data):
        log = AnsSvcDLFailureActivityLog(call_sid=failure_record.call_sid,
                                         action='FAI')
        log.save()
        return False

    log = AnsSvcDLFailureActivityLog(call_sid=failure_record.call_sid,
                                     action='SUC')
    log.save()

    managers = get_all_practice_managers(failure_record.practice_id)

    msg = Message(sender=None,
                  sender_site=None,
                  subject='Answering Service - Recording Retrieved')
    msg.save()

    if (managers):
        # Assign all practice managers as recipients of this message.
        for staffer in managers:
            MessageRecipient(message=msg, user=staffer.user).save()
    else:
        #if this was a voicemail on a provider number
        error_msg = Message.objects.get(uuid=failure_record.error_message_uuid)
        recipients = error_msg.recipients.all()
        for user in recipients:
            MessageRecipient(message=msg, user=user).save()

    body = _('We were able to successfully retrieve a recording we had trouble '
     'downloading earlier today (callback number %(callbacknumber)s with '
     'ID %(call_sid)s). Please see the attached recording.\nAgain, we apologize '
     'for any inconvenience and thank you for your patience.\nDoctorCom Staff') % \
     {'callbacknumber': failure_record.callback_number, 'call_sid': failure_record.call_sid}

    body = msg.save_body(body)

    attachment = encrypt_object(
        MessageAttachment, {
            'message': msg,
            'size': len(wav_data),
            'encrypted': True,
            'metadata': metadata
        })
    attachment.encrypt_url(None, ''.join(['file://', attachment.uuid]))
    attachment.encrypt_filename(
        None, ''.join(['call_from_', failure_record.callback_number, '.mp3']))
    attachment.encrypt_file(None, [wav_data])
    if (not USE_MP3):
        attachment.suffix = 'wav'
        attachment.content_type = 'audio/wav'
    else:
        attachment.suffix = 'mp3'
        attachment.content_type = 'audio/mp3'

    attachment.save()
    attachments = [attachment]

    request.session['answering_service'] = 'yes'
    # Send the message
    msg.send(request, body, attachments)

    failure_record.mark_resolved(msg)
    return True
コード例 #34
0
ファイル: tests.py プロジェクト: cnzhuran/mdcom
 def test_secure_message(self):
     cleartext = "I drive a Dodge Stratus, don't tell anyone."
     c = self.client
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     c.COOKIES = {'ss': response.cookies['ss'].value}
     self.assertEqual(response.status_code, 302)
     # just extra verification we can get user from django auth
     c.user = authenticate(username='******', password='******')
     c.user = MHLUser.objects.get(id=c.user.id)
     # verify we are logged in
     self.assertEqual(c.session['_auth_user_id'], c.user.id)
     # These should match:
     self.assertEqual(b64encode(get_user_key(c)),
                      b64encode(strengthen_key('healme')))
     # query our KeyPair we created in setup
     opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
     with self.assertRaises(AttributeError):
         encrypt_object(str, {}, "boo")
     # NOTE: encrypt_object leaks m._key but using that fact to test this for now
     msg = encrypt_object(SecureTestMessage, {}, cleartext)
     # verify keys don't exist:
     exists = check_keys_exist_for_users(msg, [c.user])
     self.assertEqual(exists, False)
     with self.assertRaises(Exception):
         gen_keys_for_users(msg, [c.user], None, None)
     gen_keys_for_users(msg, [c.user], None, c,
                        ivr=True)  # does both default & ivr
     # test with cache
     gen_keys_for_users(msg, [self.drbob], msg._key, c)
     msg._key = None  # uncache, test with diff user
     gen_keys_for_users(msg, [self.adminguy], None, c)
     # verify keys do exist:
     exists = check_keys_exist_for_users(msg, [c.user])
     self.assertEqual(exists, True)
     exists = check_keys_exist_for_users(msg, [c.user, self.adminguy])
     self.assertEqual(exists, True)
     # time passes by .... now decrypt it
     encobj = EncryptedObject.objects.get_object(msg, opub)
     # do step by step instead of helper decrypt_object
     opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
     upriv = UserPrivateKey.objects.get(user=c.user, opub=opub)
     creds = get_user_key(c, response.cookies['ss'].value)
     clearkey = encobj.decrypt_cipherkey(upriv, creds)
     self.assertEqual(clearkey, decrypt_cipherkey(c, msg))
     # now call the object's decrypt method
     decrypted_cleartext = msg.decrypt(c, clearkey)
     # verify they do match after decryption
     self.assertTrue(decrypted_cleartext == cleartext)
     # now try calling top level helper decrypt_object and verify
     decrypted_cleartext = decrypt_object(c, msg)
     # verify they do match after decryption
     self.assertTrue(decrypted_cleartext == cleartext)
     # try calling encobj's decrypt with invalid creds
     with self.assertRaises(KeyInvalidException):
         decrypt_object(c, msg, ss="malarkey")
     # create encrypted object without encrypting
     msg2 = encrypt_object(SecureTestMessage, {})
     self.assertTrue(len(msg2.ciphertext) == 0)
     # now logout, we can alternatively call c.post('/logout/')
     response = c.logout()
     self.assertTrue('_auth_user_id' not in c.session)
     # test str rep of opub
     self.assertEqual(
         unicode(opub),
         u"%s, key type: %s" % (c.user, RSA_TYPES[opub.keytype]), opub)
     ### tickle the admin interface with all the objs created in this UT ###
     response = c.post('/login/', {
         'username': '******',
         'password': '******'
     })
     user = authenticate(username='******', password='******')
     opub = OwnerPublicKey.objects.get_pubkey(owner=user)
     url = reverse("admin:%s_%s_change" %
                   (opub._meta.app_label, opub._meta.module_name),
                   args=[opub.id])
     response = c.get(url)
     upriv = opub.userprivatekey.get()
     url = reverse("admin:%s_%s_change" %
                   (upriv._meta.app_label, upriv._meta.module_name),
                   args=[upriv.id])
     response = c.get(url)
     encobj = EncryptedObject.objects.all()[0]
     url = reverse("admin:%s_%s_change" %
                   (encobj._meta.app_label, encobj._meta.module_name),
                   args=[encobj.id])
     response = c.get(url)
     response = c.logout()
コード例 #35
0
def save_attachments(request, context, msg, form, isDeleteFile=True):
    attachments = []
    file_saved_names = request.POST.getlist('file_saved_name')
    file_display_names = request.POST.getlist('file_display_name')
    file_charsets = request.POST.getlist('file_charset')
    file_sizes = request.POST.getlist('file_size')
    file_len = len(file_saved_names)

    if (file_len == 0):
        return attachments

    for i in range(file_len):
        file_saved_name = file_saved_names[i]
        file_display_name = file_display_names[i]

        try:
            decrypt_str = FileHelper.readTempFile(file_saved_name, 'rb',
                                                  utils.get_user_key(request))
            attachment = encrypt_object(
                MessageAttachment, {
                    'message': msg,
                    'size': file_sizes[i],
                    'encrypted': True,
                },
                opub=OwnerPublicKey.objects.get_pubkey(owner=request.user))

            attachment.encrypt_url(request,
                                   ''.join(['file://', attachment.uuid]))
            suffix = os.path.splitext(file_display_name)[1][1:]
            if (suffix):
                attachment.suffix = suffix.lower()
                (attachment.content_type,
                 attachment.encoding) = mimetypes.guess_type(file_display_name)
                attachment.charset = file_charsets[i]
            else:
                m = magic.Magic(mime=True)
                attachment.content_type = m.from_buffer(decrypt_str)
                if (attachment.content_type == 'application/dicom'):
                    attachment.suffix = "dcm"
                    file_display_name += ".dcm"
                m = magic.Magic(mime_encoding=True)
                attachment.encoding = m.from_buffer(decrypt_str)

            attachment.encrypt_filename(request, file_display_name)
            attachment.encrypt_file(request, decrypt_str)

            attachment.save()
            if "dcm" == attachment.suffix:
                thread.start_new_thread(sendToDicomServer,
                                        ({
                                            "name": file_display_name,
                                            "token": attachment.uuid,
                                            "content": decrypt_str
                                        }, ))
            attachments.append(attachment)
            if isDeleteFile:
                FileHelper.deleteTempFile(file_saved_name)
        except (IOError):
            transaction.rollback()
            context['ioerror'] = True
            context['form'] = form
            return render_to_response(
                'DoctorCom/Messaging/MessageEditForm.html', context)
    return attachments
コード例 #36
0
ファイル: tests.py プロジェクト: DongHuaLu/mdcom
	def test_secure_message(self):
		cleartext = "I drive a Dodge Stratus, don't tell anyone."
		c = self.client
		response = c.post('/login/', {'username': '******', 'password': '******'})
		c.COOKIES = {'ss': response.cookies['ss'].value}
		self.assertEqual(response.status_code, 302)
		# just extra verification we can get user from django auth
		c.user = authenticate(username='******', password='******')
		c.user = MHLUser.objects.get(id=c.user.id)
		# verify we are logged in
		self.assertEqual(c.session['_auth_user_id'], c.user.id)
		# These should match:
		self.assertEqual(b64encode(get_user_key(c)),
				b64encode(strengthen_key('healme')))
		# query our KeyPair we created in setup
		opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
		with self.assertRaises(AttributeError):
			encrypt_object(str, {}, "boo")
		# NOTE: encrypt_object leaks m._key but using that fact to test this for now
		msg = encrypt_object(SecureTestMessage, {}, cleartext)
		# verify keys don't exist:
		exists = check_keys_exist_for_users(msg, [c.user])
		self.assertEqual(exists, False)
		with self.assertRaises(Exception):
			gen_keys_for_users(msg, [c.user], None, None)
		gen_keys_for_users(msg, [c.user], None, c, ivr=True)  # does both default & ivr
		# test with cache
		gen_keys_for_users(msg, [self.drbob], msg._key, c)
		msg._key = None  # uncache, test with diff user
		gen_keys_for_users(msg, [self.adminguy], None, c)
		# verify keys do exist:
		exists = check_keys_exist_for_users(msg, [c.user])
		self.assertEqual(exists, True)
		exists = check_keys_exist_for_users(msg, [c.user, self.adminguy])
		self.assertEqual(exists, True)
		# time passes by .... now decrypt it
		encobj = EncryptedObject.objects.get_object(msg, opub)
		# do step by step instead of helper decrypt_object
		opub = OwnerPublicKey.objects.get_pubkey(owner=c.user)
		upriv = UserPrivateKey.objects.get(user=c.user, opub=opub)
		creds = get_user_key(c, response.cookies['ss'].value)
		clearkey = encobj.decrypt_cipherkey(upriv, creds)
		self.assertEqual(clearkey, decrypt_cipherkey(c, msg))
		# now call the object's decrypt method
		decrypted_cleartext = msg.decrypt(c, clearkey)
		# verify they do match after decryption
		self.assertTrue(decrypted_cleartext == cleartext)
		# now try calling top level helper decrypt_object and verify
		decrypted_cleartext = decrypt_object(c, msg)
		# verify they do match after decryption
		self.assertTrue(decrypted_cleartext == cleartext)
		# try calling encobj's decrypt with invalid creds
		with self.assertRaises(KeyInvalidException):
			decrypt_object(c, msg, ss="malarkey")
		# create encrypted object without encrypting
		msg2 = encrypt_object(SecureTestMessage, {})
		self.assertTrue(len(msg2.ciphertext) == 0)
		# now logout, we can alternatively call c.post('/logout/')
		response = c.logout()
		self.assertTrue('_auth_user_id' not in c.session)
		# test str rep of opub
		self.assertEqual(unicode(opub), u"%s, key type: %s" %
			(c.user, RSA_TYPES[opub.keytype]), opub)
		### tickle the admin interface with all the objs created in this UT ###
		response = c.post('/login/', {'username': '******', 'password': '******'})
		user = authenticate(username='******', password='******')
		opub = OwnerPublicKey.objects.get_pubkey(owner=user)
		url = reverse("admin:%s_%s_change" %
			(opub._meta.app_label, opub._meta.module_name), args=[opub.id])
		response = c.get(url)
		upriv = opub.userprivatekey.get()
		url = reverse("admin:%s_%s_change" %
			(upriv._meta.app_label, upriv._meta.module_name), args=[upriv.id])
		response = c.get(url)
		encobj = EncryptedObject.objects.all()[0]
		url = reverse("admin:%s_%s_change" %
			(encobj._meta.app_label, encobj._meta.module_name), args=[encobj.id])
		response = c.get(url)
		response = c.logout()