def test_invitation(request,accounts,bilateral,invitations,client):
from idapi.backendviews import get_invitations, update_invitations
from ekklesia.data import json_decrypt, json_encrypt
import os
response, invitations = api(client,'backend/invitations/?changed=1',user='******')
assert response.status_code == 200
invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
assert encrypted and signed
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered','inv1'],['uid5','failed','inv5']])
response, invitations = api(client,'backend/invitations/',user='******')
assert response.status_code == 200
#invitations = get_invitations(crypto=bilateral['id1'])
invitations, encrypted, signed, result = json_decrypt(invitations,bilateral['id2'])
assert encrypted and signed
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered','inv1'],['uid4','new','inv4'],['uid5','failed','inv5']])
invitations = dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid1','registered',''],['uid4','new','inv4b'],
['uid5','new','inv5b'],['uid6','new','inv6']])
invitations, result = json_encrypt(invitations,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
response, result = api(client,'backend/invitations/','post',invitations,user='******')
assert response.status_code == 200
invitations = get_invitations(crypto=False)
assert invitations == dict(fields=['uuid','status','code'], version=[1, 0], format='invitation',
data=[['uid4', 'new','inv4b'], ['uid5', 'new','inv5b'], ['uid6', 'new','inv6']])
def test_session(apps, accounts, tokens, client):
from idapi.models import get_auid
from accounts.models import Account
portal = apps['portal']
debug = apps['debug']
user = accounts['member1']
token = tokens['member1']
ngroups = [ngroup.id for ngroup in user.nested_groups.all()]
allngroups = list(set([g.id
for g in user.get_nested_groups(parents=True)]))
status = dict(Account.STATUS_CHOICES)[user.status]
verified = user.is_identity_verified()
data = {
'type': status,
'verified': verified,
'nested_groups': ngroups,
'all_nested_groups': allngroups
}
response, out = api(client, 'user/membership/')
assert response.status_code == 401
response, out = api(client, 'user/membership/', token=token)
assert response.status_code == 200 and out == data
response, out = api(client, 'session/membership/')
assert response.status_code == 403
assert client.login(username='******', password='******')
response, out = api(client, 'session/membership/')
assert response.status_code == 200 and out == data
def sendit(subject, sign, encrypt):
content['subject'] = subject
data['sign'], data['encrypt'] = sign, encrypt
if queue is True:
response, out = api(client,
'user/mails/',
'post',
data,
token=token)
if not excpt:
assert response.status_code == 200
else:
assert response.status_code == (estatus or 400)
assert not error or out['error'] == error
else:
if not excpt:
resp = send_mail(data, user, app, debug=debug)
if queue == 'crypto' and (sign or encrypt):
assert resp['status'] == 'queued'
send_queue(resp['msgid'], debug=debug)
response, out = api(client,
'user/mails/%s/' % resp['msgid'],
token=token)
assert response.status_code == 200 and out[
'status'] == 'sent'
assert out['encrypt'] == encrypt and out['sign'] == sign
else:
assert resp == dict(status='sent')
else:
with raises(excpt) as excinfo:
resp = send_mail(data, user, app, debug=debug)
assert not error or excinfo.value.detail['error'] == error
def test_auid(apps,accounts,tokens,client):
from idapi.models import get_auid
from accounts.models import Account
portal = apps['portal']
debug = apps['debug']
user = accounts['member1']
auid = get_auid(portal,user).uuid
token = tokens['member1']
response, out = api(client,'user/auid/',token=token)
assert response.status_code == 200 and out['auid']==auid
def test_member(request,accounts,invitations,bilateral,client,variant,settings):
from idapi.backendviews import get_members, update_members
from accounts.models import Account, NestedGroup, Invitation, EMailConfirmation
from ekklesia.data import json_decrypt, json_encrypt
from django.conf import settings
import os, json
twofactor = variant=='2fac'
setattr(settings, 'TWO_FACTOR_SIGNUP',twofactor)
#setattr(settings, 'DEBUG',True)
Invitation.objects.create(code='inv6',secret='password6',uuid='uid6',status=Invitation.REGISTERING)
Invitation.objects.create(code='inv7',secret='password7',uuid='uid7',status=Invitation.REGISTERING)
Invitation.objects.create(code='inv8',secret='password8',uuid='uid8',status=Invitation.REGISTERING)
member6 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member6@localhost',uuid='uid6')
member7 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member7@localhost',uuid='uid7')
member8 = create_user(username='******',status=Account.NEWMEMBER,is_active=False,
email='member8@localhost',uuid='uid8')
conf8 = EMailConfirmation.objects.create(user=member8, confirmation_key='key8')
activate = ['activate'] if twofactor else []
response, members = api(client,'backend/members/?new=1',user='******')
assert response.status_code == 200
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid6','password6'],['uid7','password7']]
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=data if twofactor else [v[:-1] for v in data])
response, members = api(client,'backend/members/',user='******')
assert response.status_code == 200
#members = get_members(crypto=bilateral['id1'])
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid1',''],['uid2',''],['uid3','']]+data
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=data if twofactor else [v[:-1] for v in data])
# change data by upload
data = [['uid1','eligible',1,[2],''],['uid2','member',1,[3],''],['uid3','deleted',0,[],''],
['uid6','member',1,[0],True],['uid7','deleted',0,[],False]]
members = dict(fields=['uuid','status','verified','departments']+activate,
version=[1, 0], format='member',
# data=[['uid1',0,0,2],['uid2',1,1,3],['uid3',1,1,4]])
data=data if twofactor else [v[:-1] for v in data])
departments = dict(fields=('id','parent','name','depth'), version=[1, 0], format='department',
# data=[[1,None,'root',1],[2,1,'sub',2],[3,2,'subsub',4],[4,1,'sub2',2],[5,None,'root2',1],[6,5,'r2sub',2]])
data=[[1,None,'r00t',1],[2,1,'s0b',2],[3,2,'s0bsub',3],[5,2,'s0bsub2',3],[6,None,'r00t2',1],[7,6,'r2s0b',2]])
members, result = json_encrypt(members,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
#data, encrypted, signed, result = json_decrypt(members,bilateral['id1'])
departments, result = json_encrypt(departments,bilateral['id2'],encrypt=['foo@localhost'],sign=True)
response, result = api(client,'backend/members/','post',user='******',
data=dict(members=members,departments=departments))
assert response.status_code == 200
root = NestedGroup.objects.get(syncid=1)
assert root.name=='r00t' and root.is_root() and root.level==1
sub = NestedGroup.objects.get(syncid=2)
assert sub.name=='s0b' and sub.parent==root and sub.level==2
ssub = NestedGroup.objects.get(syncid=3)
assert ssub.name=='s0bsub' and ssub.parent==sub and ssub.level==3
assert not NestedGroup.objects.filter(syncid=4).exists()
ssub2 = NestedGroup.objects.get(syncid=5)
assert ssub2.name=='s0bsub2' and ssub2.parent==sub and ssub2.level==3
root2 = NestedGroup.objects.get(syncid=6)
assert root2.name=='r00t2' and root2.is_root() and root2.level==1
r2sub = NestedGroup.objects.get(syncid=7)
assert r2sub.name=='r2s0b' and r2sub.parent==root2 and r2sub.level==2
indep = NestedGroup.objects.get(name='indep')
assert indep.syncid is None and indep.level==1
m = Account.objects.get(uuid='uid3')
assert m.status==Account.DELETED
assert list(m.nested_groups.all())==[indep]
m = Account.objects.get(uuid='uid1')
assert m.status==Account.ELIGIBLE and m.verified
assert list(m.nested_groups.all())==[sub]
m = Account.objects.get(uuid='uid2')
assert m.status==Account.MEMBER and m.verified
assert set(m.nested_groups.all())==set([ssub,indep])
m = Account.objects.get(uuid='uid6')
assert m.status==Account.MEMBER and m.verified
assert not m.nested_groups.count()
inv = Invitation.objects.get(uuid='uid6')
assert inv.status==Invitation.REGISTERED
assert not Account.objects.filter(uuid='uid7').exists()
m = Account.objects.get(uuid='uid8')
assert m.status==Account.NEWMEMBER
inv = Invitation.objects.get(uuid='uid8')
assert inv.status==Invitation.REGISTERING
response, members = api(client,'backend/members/',user='******')
assert response.status_code == 200
members, encrypted, signed, result = json_decrypt(members,bilateral['id2'])
assert encrypted and signed
data = [['uid1',''],['uid2',''],['uid6','']]
if not twofactor: data = [v[:-1] for v in data]
assert listset_equal(members['data'], data)
assert members == dict(fields=['uuid']+activate, version=[1, 0], format='member',
data=members['data'])
def test_receive(request, accounts, tokens, mails, bilateral, client, defect):
from accounts.models import Account
from idapi.models import Message, PublicKey
from idapi.mails import get_mails, update_keyrings
import email.mime.text, six
from kryptomime import create_mail, protect_mail
from kryptomime.pgp import find_gnupg_key
user = accounts['member1']
token = tokens['member1']
#update_keyrings()
id1, id2 = bilateral['id1'], bilateral['id2']
key1 = find_gnupg_key(bilateral['gpg1'], sender)
key2 = find_gnupg_key(bilateral['gpg2'], receiver)
livemail = request.config.getoption('livemail')
if livemail: server = mails
else: server, imapsend, imaprecv = mails
if not livemail: assert not len(imapsend) and not len(imaprecv)
user.publickeys.create(active=True,
keytype=PublicKey.PGP,
trust=PublicKey.TRUSTED)
key1 = find_gnupg_key(bilateral['gpg1'], sender)
key2 = find_gnupg_key(bilateral['gpg2'], receiver)
attachment = email.mime.text.MIMEText('some\nattachment')
msg = create_mail(receiver,
sender,
'subject',
'body\nmessage',
attach=[attachment])
msg = protect_mail(msg, linesep='\r\n')
assert server.send(msg)
if not livemail: assert len(imapsend) == 1 and not len(imaprecv)
sgn, _ = id2.sign(msg, inline=True, verify=True)
assert sgn and id1.analyze(sgn) == (False, True)
assert server.send(sgn)
if not livemail: assert len(imapsend) == 2 and not len(imaprecv)
enc, _ = id2.encrypt(msg, sign=True, inline=False)
assert enc and id1.analyze(enc) == (True, None)
assert server.send(enc)
if not livemail: assert len(imapsend) == 3 and not len(imaprecv)
"""
for mail, flags in imapsend:
mtype = id1.analyze(mail)
if mtype != (False,False):
if mtype == (False,True):
verified, result = id1.verify(mail)
mail = id1.strip_signature(mail)[0]
mail = protect_mail(mail,linesep='\r\n')
else: #if mtype == (True,None):
mail, verified, result = id1.decrypt(mail)
assert mail and verified and result
assert result['signed'] and result['fingerprints']==[key2]
assert result['encrypted']==(mtype != (False,True))
else: mail = protect_mail(mail,linesep='\r\n')
compare_mail(msg,mail)
assert not len(imapsend) and not len(imaprecv)
"""
get_mails(joint=True,
debug=None if livemail else server,
debug_gpg=bilateral['gpg1'],
keep=False)
if not livemail: assert not len(imapsend) and not len(imaprecv)
response, out = api(client, 'user/mails/', token=token)
assert response.status_code == 200
todo = [(False, False), (True, False), (True, True)]
for mid in out['items']:
response, out = api(client, 'user/mails/%i/' % mid, token=token)
assert response.status_code == 200
parts = out['parts']
assert out['subject'] == 'subject' and len(parts) == 2
signed, encrypted = out['signed'], out['encrypted']
contents = ['body\r\nmessage', 'some\r\nattachment']
assert parts[0] == {
'content': contents[0],
'content-charset': 'us-ascii',
'content-type': 'text/plain',
'content-encoding': '7bit'
}
assert parts[1] == {
'content': contents[1],
'content-charset': 'us-ascii',
'content-type': 'text/plain',
'content-encoding': '7bit'
}
todo.remove((signed, encrypted))
if signed: assert out['verified'] == 'trusted'
#print out
assert not todo
if livemail: server.close()
def test_send(request, accounts, tokens, mails, bilateral, client, defect):
from accounts.models import Account
from idapi.models import Message, PublicKey
from idapi.mails import send_mails, update_keyrings
from kryptomime.pgp import find_gnupg_key
user = accounts['member1']
token = tokens['member1']
#update_keyrings()
id1, id2 = bilateral['id1'], bilateral['id2']
key1 = find_gnupg_key(bilateral['gpg1'], sender)
key2 = find_gnupg_key(bilateral['gpg2'], receiver)
livemail = request.config.getoption('livemail')
if livemail: server = None
else: server, imapsend, imaprecv = mails
user.publickeys.create(active=True,
keytype=PublicKey.PGP,
trust=PublicKey.TRUSTED)
data = {
'identity': 'portal',
'content': {
'subject': 'hallo1',
'body': 'foö'
}
}
response, out = api(client, 'user/mails/', 'post', data, token=token)
assert response.status_code == 200
data = {
'identity': 'portal',
'content': {
'subject': 'hallo2',
'body': 'foo'
},
'sign': True
}
response, out = api(client, 'user/mails/', 'post', data, token=token)
assert response.status_code == 200
data = {
'identity': 'portal',
'content': {
'subject': 'hallo3',
'body': 'foo'
},
'sign': True,
'encrypt': True
}
response, out = api(client, 'user/mails/', 'post', data, token=token)
assert response.status_code == 200
send_mails(joint=True, debug=server, debug_gpg=bilateral['gpg1'])
if livemail:
server.close()
return
assert not len(imapsend) and len(imaprecv) == 3
for mail, flags in imaprecv:
mail, verified, result = id2.decrypt(mail)
assert mail and result
subj = mail.get('subject')
if subj == 'hallo1':
assert not result['encrypted'] and not result['signed']
else:
assert result['encrypted'] == (
subj == 'hallo3'
) and result['signed'] and result['fingerprints'] == [key1]