コード例 #1
0
class TestSigningSchema(DatabaseTest):
    def setUp(self):
        super().setUp()
        self.user = UserFactory()
        self.p = DefaultProposalFactory(client=None)
        self.sig = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0MAAALoCAYAAAC6bC52"

    def test_block_schema(self):
        s = self.p.create_shared([])
        blocks = [x.to_json() for x in s.blocks]
        jsonschema.validate(blocks, schemas.blocks)

    def test_signing_doc_schema(self):
        doc = self.p.create_shared([]).get_signing_doc(self.sig, "bob",
                                                       "127.0.0.1",
                                                       "user-agent")
        jsonschema.validate(doc, schemas.signed_proposal_v1)

    def test_signing(self):
        doc = self.p.create_shared([]).get_signing_doc(self.sig, "bob",
                                                       "127.0.0.1",
                                                       "user-agent")
        jsonschema.validate(doc, schemas.signed_proposal_v1)

        encoded = json.dumps(doc)
        signer = flask.current_app.config['KEYCZAR_SIGNER']

        # Doesn't raise an exception
        signer.Sign(encoded)
コード例 #2
0
ファイル: test_auth.py プロジェクト: WeAreWizards/proppyweb 
 def setUp(self):
     super(TestAuth, self).setUp()
     self.user = UserFactory()
     self.user2 = UserFactory()
     self.other_company = self.user2.company
     self.p = DefaultProposalFactory(company=self.other_company,
                                     client=None)
コード例 #3
0
 def setUp(self):
     super().setUp()
     self.user = UserFactory()
     self.p = DefaultProposalFactory(company=self.user.company, client=None)
     self.shared = self.p.create_shared([])
     self.url = "/shared/%s/sign" % self.p.share_uid
     self.data = {
         "signature":
         "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0MAAALoCAYAAAC6bC52",
         "name": "Bob",
         "userAgent": "user-agent"
     }
     self.sig_block = SharedBlock.from_proposal_block(
         Block(BlockType.Signature.value, ordering=10))
コード例 #4
0
    def setUp(self):
        super().setUp()
        self.proposal1 = DefaultProposalFactory()
        self.proposal2 = DefaultProposalFactory()

        self.company2 = self.proposal2.company

        self.proposal1.company.users.append(UserFactory())
        self.proposal2.company.users.append(UserFactory())

        self.proposal1.company.clients.append(ClientFactory())
        self.proposal2.company.clients.append(ClientFactory())

        print(self.proposal1.company.users.all())
        print(self.proposal2.company)
コード例 #5
0
    def run(self):
        """
        The data here is as mix of randomized and hardcoded to
        capture a few corner cases (long names etc).
        """
        db = setup.db

        for table in reversed(db.metadata.sorted_tables):
            db.engine.execute(table.delete())

        company = CompanyFactory(name="A Cool Agency")
        user = UserFactory(id=None,
                           company=company,
                           email="*****@*****.**",
                           is_admin=True)
        db.session.add(user)
        db.session.commit()

        # we generate proposals with share uids of the templates so we can test
        # duplication locally
        for i in range(4):
            title = "Proposal for %s" % f.company()
            p = DefaultProposalFactory(company=company,
                                       title=title,
                                       client=None,
                                       share_uid=PROPOSAL_TEMPLATES[i]["uid"])
            db.session.add(p)
            s = SharedProposalFactory(proposal=p, version=1)
            db.session.add(s)

        # Super long title
        p = DefaultProposalFactory(
            company=company,
            title="long " * 12,
            client=None,
        )
        db.session.add(p)

        db.session.commit()
コード例 #6
0
ファイル: test_auth.py プロジェクト: WeAreWizards/proppyweb 
    def test_cant_import_other_company_section(self):
        p_new = DefaultProposalFactory()
        uid = p_new.blocks.filter_by(type='section').first().uid

        with self.assertRaises(Exception):
            self.p.get_import_section_blocks(uid)

        # Check API level as well.
        data, status_code = self.post_json(
            "/proposals/{}/sections/import".format(self.p.id),
            {"uidToImport": uid},
            user=self.user)

        # We're not cat
        self.assertEqual(status_code, 403)
コード例 #7
0
class TestSigning(DatabaseTest):
    def setUp(self):
        super().setUp()
        self.user = UserFactory()
        self.p = DefaultProposalFactory(company=self.user.company, client=None)
        self.shared = self.p.create_shared([])
        self.url = "/shared/%s/sign" % self.p.share_uid
        self.data = {
            "signature":
            "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0MAAALoCAYAAAC6bC52",
            "name": "Bob",
            "userAgent": "user-agent"
        }
        self.sig_block = SharedBlock.from_proposal_block(
            Block(BlockType.Signature.value, ordering=10))

    def test_can_sign_shared_proposal_anon(self):
        self.shared.blocks.append(self.sig_block)

        with mail.record_messages() as outbox:
            _, code = self.post_json(self.url, self.data)

            self.assertEqual(code, 200)
            self.assertEqual(self.p.signature.count(), 1)
            # It should update the signature block
            signed_block = self.shared.get_signature_block()
            self.assertEqual(signed_block.data["signature"],
                             self.data["signature"])
            self.assertEqual(signed_block.data["name"], self.data["name"])
            self.assertIn("hash", signed_block.data)
            self.assertEqual(self.p.status, "won")
            self.assertEqual(len(outbox), 1)
            self.assertIn(self.p.title, outbox[0].body)
            self.assertIn(self.data["name"], outbox[0].body)

    def test_cannot_sign_proposal_already_signed(self):
        SignatureFactory(proposal=self.p, shared_proposal=self.shared)
        _, code = self.post_json(self.url, self.data)

        self.assertEqual(code, 400)
        self.assertEqual(self.p.signature.count(), 1)

    def test_cannot_sign_proposal_without_signature_block(self):
        SignatureFactory(proposal=self.p, shared_proposal=self.shared)
        _, code = self.post_json(self.url, self.data)

        self.assertEqual(code, 400)
        self.assertEqual(self.p.signature.count(), 1)
コード例 #8
0
ファイル: test_auth.py プロジェクト: WeAreWizards/proppyweb 
class TestAuth(DatabaseTest):
    def setUp(self):
        super(TestAuth, self).setUp()
        self.user = UserFactory()
        self.user2 = UserFactory()
        self.other_company = self.user2.company
        self.p = DefaultProposalFactory(company=self.other_company,
                                        client=None)

    def test_cant_get_other_company_proposal(self):
        response = self.get("/proposals/{}".format(self.p.id), user=self.user)

        self.assertEqual(response.status_code, 403)

    def test_cant_edit_other_company_proposal(self):
        _, status_code = self.put_json("/proposals/{}".format(self.p.id), {
            "title": "hello",
            "tags": []
        },
                                       user=self.user)
        self.assertEqual(status_code, 403)

    def test_cant_share_other_company_proposal(self):
        _, status_code = self.post_json("/proposals/{}/share".format(
            self.p.id), {"emails": ["*****@*****.**"]},
                                        user=self.user)
        self.assertEqual(status_code, 403)

    def test_cant_delete_other_company_client(self):
        client = ClientFactory(company=self.other_company)
        response = self.delete("/clients/{}".format(client.id), self.user)
        self.assertEqual(response.status_code, 403)

    def test_cant_edit_other_company_client(self):
        client = ClientFactory(company=self.other_company)
        _, status_code = self.put_json("/clients/{}".format(client.id),
                                       {"name": "ACME"}, self.user)
        self.assertEqual(status_code, 403)

    def test_cant_import_other_company_section(self):
        p_new = DefaultProposalFactory()
        uid = p_new.blocks.filter_by(type='section').first().uid

        with self.assertRaises(Exception):
            self.p.get_import_section_blocks(uid)

        # Check API level as well.
        data, status_code = self.post_json(
            "/proposals/{}/sections/import".format(self.p.id),
            {"uidToImport": uid},
            user=self.user)

        # We're not cat
        self.assertEqual(status_code, 403)

    def test_cant_do_anything_while_disabled(self):
        user = UserFactory(disabled=True, company=self.other_company)

        # any request should 403
        response = self.get("/proposals/{}".format(self.p.id), user=user)
        self.assertEqual(response.status_code, 403)

    def test_can_access_during_trial(self):
        user = UserFactory(activation_token=b'dasdsad',
                           company=self.other_company)
        # any request should 200
        response = self.get("/proposals/{}".format(self.p.id), user=user)
        self.assertEqual(response.status_code, 200)
コード例 #9
0
 def setUp(self):
     super(TestProposalUpdate, self).setUp()
     self.user = UserFactory()
     self.p = DefaultProposalFactory(company=self.user.company, client=None)
     self.now = datetime.utcnow().timestamp() + 1000
コード例 #10
0
 def setUp(self):
     super(TestSectionImporting, self).setUp()
     self.user = UserFactory()
     self.p1 = DefaultProposalFactory(company=self.user.company)
     self.p2 = DefaultProposalFactory(company=self.user.company)
コード例 #11
0
 def setUp(self):
     super(TestProposal, self).setUp()
     self.user = UserFactory()
     self.p = DefaultProposalFactory(company=self.user.company, client=None)
コード例 #12
0
ファイル: test_search.py プロジェクト: WeAreWizards/proppyweb 
 def setUp(self):
     super(SearchIndexingProposal, self).setUp()
     self.proposal1 = DefaultProposalFactory()
     self.proposal2 = DefaultProposalFactory(company=self.proposal1.company)
     self.index = current_app.config["ES_IMPORT_INDEX"]
     self.es_client = get_test_client(delete_index=True)
コード例 #13
0
 def setUp(self):
     super().setUp()
     self.user = UserFactory()
     self.p = DefaultProposalFactory(client=None)
     self.sig = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA0MAAALoCAYAAAC6bC52"
コード例 #14
0
 def setUp(self):
     super(TestSharedCommenting, self).setUp()
     self.user = UserFactory()
     self.p = DefaultProposalFactory(company=self.user.company)
     self.shared = SharedProposalFactory(proposal=self.p)
     self.url = "/shared/{}/comments".format(self.p.share_uid)