コード例 #1
0
class PasswordCollectionRESTView(object):

    def __init__(self, request):
        self.request = request
        self.passwords_manager = PasswordsManager(request.db)

    @view_config(request_method='OPTIONS', renderer='string')
    def options(self):
        headers = self.request.response.headers
        headers['Access-Control-Allow-Methods'] = 'GET, POST'
        headers['Access-Control-Allow-Headers'] = ('Origin, Content-Type, '
                                                   'Accept, Authorization')
        return ''

    @view_config(request_method='GET')
    def get(self):
        user = authorize_user(self.request)
        return list(self.passwords_manager.retrieve(user))

    @view_config(request_method='POST')
    def post(self):
        user = authorize_user(self.request)
        password, errors = validate_password(self.request.body,
                                             self.request.charset)

        if errors:
            result = {'message': ','.join(errors)}
            return HTTPBadRequest(body=json.dumps(result),
                                  content_type='application/json')

        return self.passwords_manager.create(user, password)
コード例 #2
0
ファイル: views.py プロジェクト: srus/yith-library-server
def backups_import(request):
    response = HTTPFound(location=request.route_path('backups_index'))

    if 'passwords-file' in request.POST:
        passwords_field = request.POST['passwords-file']
        if passwords_field != '':
            try:
                json_data = uncompress(passwords_field.file.read())
                passwords_manager = PasswordsManager(request.db)
                passwords_manager.delete(request.user)
                passwords_manager.create(request.user, json_data)
            except (IOError, ValueError):
                request.session.flash(
                    _('There was a problem reading your passwords file'),
                    'error')
                return response

            n_passwords = len(json_data)
            localizer = get_localizer(request)
            msg = localizer.pluralize(
                _('Congratulations, ${n_passwords} password has been imported'),
                _('Congratulations, ${n_passwords} passwords have been imported'),
                n_passwords,
                domain=translation_domain,
                mapping={'n_passwords': n_passwords},
            )
            request.session.flash(msg, 'success')
        else:
            request.session.flash(
                _('The passwords file is required to upload the passwords'),
                'error')
            return response
    else:
        request.session.flash(
            _('The passwords file is required to upload the passwords'),
            'error')
        return response

    return response
コード例 #3
0
class PasswordsManagerTests(unittest.TestCase):

    def setUp(self):
        self.config = testing.setUp()
        mdb = MongoDB(MONGO_URI)
        self.db = mdb.get_database()
        self.pm = PasswordsManager(self.db)
        self.user_id = self.db.users.insert({'name': 'John'}, safe=True)
        self.user = self.db.users.find_one({'_id': self.user_id}, safe=True)

    def tearDown(self):
        testing.tearDown()
        self.db.drop_collection('users')
        self.db.drop_collection('passwords')

    def test_create(self):
        n_passwords = self.db.passwords.count()
        password = {'secret': 'secret1'}
        created_password = self.pm.create(self.user, password)
        self.assertEqual(created_password['owner'], self.user_id)
        self.assertTrue('_id' in created_password)
        self.assertEqual(n_passwords + 1, self.db.passwords.count())

    def test_retrieve(self):
        p1 = self.db.passwords.insert({
                'secret': 'secret1',
                'owner': self.user_id,
                }, safe=True)

        password = self.pm.retrieve(self.user, p1)
        self.assertEqual(password, {
                'secret': 'secret1',
                'owner': self.user_id,
                '_id': p1,
                })

        p2 = self.db.passwords.insert({
                'secret': 'secret2',
                'owner': self.user_id,
                }, safe=True)
        passwords = self.pm.retrieve(self.user)
        self.assertEqual(list(passwords), [{
                    'secret': 'secret1',
                    'owner': self.user_id,
                    '_id': p1,
                    }, {
                    'secret': 'secret2',
                    'owner': self.user_id,
                    '_id': p2,
                    }])

    def test_update(self):
        p1 = self.db.passwords.insert({
                'secret': 'secret1',
                'owner': self.user_id,
                }, safe=True)
        new_password = {'secret': 'new secret'}
        updated_password = self.pm.update(self.user, p1, new_password)
        self.assertEqual(updated_password, {
                '_id': p1,
                'owner': self.user_id,
                'secret': 'new secret',
                })

        fake_user = {'_id': '000000000000000000000000'}
        new_password['secret'] = 'another secret'
        updated_password = self.pm.update(fake_user, p1, new_password)
        self.assertEqual(None, updated_password)

    def test_delete(self):
        p1 = self.db.passwords.insert({
                'secret': 'secret1',
                'owner': self.user_id,
                }, safe=True)
        n_passwords = self.db.passwords.count()

        self.assertTrue(self.pm.delete(self.user, p1))
        self.assertEqual(n_passwords - 1, self.db.passwords.count())
        password = self.db.passwords.find_one({'_id': p1}, safe=True)
        self.assertEqual(None, password)

        p1 = self.db.passwords.insert({
                'secret': 'secret1',
                'owner': self.user_id,
                }, safe=True)
        p2 = self.db.passwords.insert({
                'secret': 'secret2',
                'owner': self.user_id,
                }, safe=True)
        n_passwords = self.db.passwords.count()
        self.assertTrue(self.pm.delete(self.user))
        self.assertEqual(n_passwords - 2, self.db.passwords.count())
        password1 = self.db.passwords.find_one({'_id': p1}, safe=True)
        self.assertEqual(None, password1)
        password2 = self.db.passwords.find_one({'_id': p2}, safe=True)
        self.assertEqual(None, password2)
コード例 #4
0
class PasswordsManagerTests(unittest.TestCase):

    def setUp(self):
        self.config = testing.setUp()
        mdb = MongoDB(MONGO_URI)
        self.db = mdb.get_database()
        self.pm = PasswordsManager(self.db)
        self.user_id = self.db.users.insert({'name': 'John'})
        self.user = self.db.users.find_one({'_id': self.user_id})

    def tearDown(self):
        testing.tearDown()
        clean_db(self.db)

    def test_create(self):
        n_passwords = self.db.passwords.count()
        result = self.pm.create(self.user, {})
        self.assertEqual(result, None)
        self.assertEqual(n_passwords, self.db.passwords.count())

        password = {'secret': 'secret1'}
        created_password = self.pm.create(self.user, password)
        self.assertEqual(created_password['owner'], self.user_id)
        self.assertTrue('_id' in created_password)
        self.assertEqual(n_passwords + 1, self.db.passwords.count())

        result = self.pm.create(self.user, [])
        self.assertEqual(result, None)
        self.assertEqual(n_passwords + 1, self.db.passwords.count())

        result = self.pm.create(self.user, [{}])
        self.assertEqual(result, None)
        self.assertEqual(n_passwords + 1, self.db.passwords.count())

        passwords = [{
            'secret1': 'abc',
        }, {
            'secret2': 'def',
        }, {
            'secret3': 'ghi',
        }]
        created_passwords = self.pm.create(self.user, passwords)
        self.assertEqual(created_passwords[0]['owner'], self.user_id)
        self.assertEqual(created_passwords[1]['owner'], self.user_id)
        self.assertEqual(created_passwords[2]['owner'], self.user_id)
        self.assertTrue('_id' in created_passwords[0])
        self.assertTrue('_id' in created_passwords[1])
        self.assertTrue('_id' in created_passwords[2])
        self.assertEqual(n_passwords + 4, self.db.passwords.count())

    def test_retrieve(self):
        p1 = self.db.passwords.insert({
            'secret': 'secret1',
            'owner': self.user_id,
        })

        password = self.pm.retrieve(self.user, p1)
        self.assertEqual(password, {
            'secret': 'secret1',
            'owner': self.user_id,
            '_id': p1,
        })

        p2 = self.db.passwords.insert({
            'secret': 'secret2',
            'owner': self.user_id,
        })
        passwords = self.pm.retrieve(self.user)
        self.assertEqual(list(passwords), [{
            'secret': 'secret1',
            'owner': self.user_id,
            '_id': p1,
        }, {
            'secret': 'secret2',
            'owner': self.user_id,
            '_id': p2,
        }])

    def test_update(self):
        p1 = self.db.passwords.insert({
            'secret': 'secret1',
            'owner': self.user_id,
        })
        new_password = {'secret': 'new secret'}
        updated_password = self.pm.update(self.user, p1, new_password)
        self.assertEqual(updated_password, {
            '_id': p1,
            'owner': self.user_id,
            'secret': 'new secret',
        })

        fake_user = {'_id': '000000000000000000000000'}
        new_password['secret'] = 'another secret'
        updated_password = self.pm.update(fake_user, p1, new_password)
        self.assertEqual(None, updated_password)

    def test_delete(self):
        p1 = self.db.passwords.insert({
            'secret': 'secret1',
            'owner': self.user_id,
        })
        n_passwords = self.db.passwords.count()

        self.assertTrue(self.pm.delete(self.user, p1))
        self.assertEqual(n_passwords - 1, self.db.passwords.count())
        password = self.db.passwords.find_one({'_id': p1})
        self.assertEqual(None, password)

        p1 = self.db.passwords.insert({
            'secret': 'secret1',
            'owner': self.user_id,
        })
        p2 = self.db.passwords.insert({
            'secret': 'secret2',
            'owner': self.user_id,
        })
        n_passwords = self.db.passwords.count()
        self.assertTrue(self.pm.delete(self.user))
        self.assertEqual(n_passwords - 2, self.db.passwords.count())
        password1 = self.db.passwords.find_one({'_id': p1})
        self.assertEqual(None, password1)
        password2 = self.db.passwords.find_one({'_id': p2})
        self.assertEqual(None, password2)