def test_create_manual_check_for_team_missing_param(self):
self.login_user('admin', 'admin')
query_data = {
"description": "Teams had to make a network policy",
"comments": "They did okay on this, but forgot about video sharing sites.",
"inject_number": "109",
"score": 25,
"timestamp": convert_datetime_to_timestamp(datetime.now())
}
post_data = {
"type": "IllegalParameter",
"reason": "Required parameter 'id' is not specified."
}
expected_data = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '6']
for i in expected_data:
del i['team_id'], i['type']
i['timestamp'] = convert_datetime_to_timestamp(i['timestamp'])
post = self.app.post('/checks/manual/teams/6', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 403
assert json.loads(post.data) == post_data
result = self.app.get('/checks/manual/teams/6')
assert result.status_code == 200
result_data = json.loads(result.data)
assert len(result_data) == len(expected_data)
for i, j in zip(result_data, expected_data):
show_difference_between_dicts(i, j)
assert result_data == expected_data
def test_create_inject_check_for_team_missing_param(self):
self.login_user('admin', 'admin')
query_data = {
"description": "Checking if the filesystem was set up on time.",
"machine": "Apache",
"class_name": "SampleInjectCheck",
"inject_number": "66",
"time_to_check": convert_datetime_to_timestamp(datetime.now())
}
post_data = {
"type": "IllegalParameter",
"reason": "Required parameter 'id' is not specified."
}
expected_data = [obj for obj in self.data['active_checks'] if obj['type'] == 'inject']
for i in expected_data:
del i['type']
i['time_to_check'] = convert_datetime_to_timestamp(i['time_to_check'])
post = self.app.post('/checks/injects', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 403
assert json.loads(post.data) == post_data
result = self.app.get('/checks/injects')
assert result.status_code == 200
result_data = json.loads(result.data)
assert len(result_data) == len(expected_data)
assert result_data == expected_data
def get_all_scores_for_teams():
data = g.db.get_scores_for_all_teams()
for item in data:
item['timestamp'] = convert_datetime_to_timestamp(item['timestamp'])
js = json.dumps(data, default=json_util.default)
resp = Response(js, status=200, mimetype='application/json')
return resp
def test_create_inject_check(self):
self.login_user('admin', 'admin')
query_data = {
"id": "FileSystemSetUp",
"description": "Checking if the filesystem was set up on time.",
"machine": "Apache",
"class_name": "SampleInjectCheck",
"inject_number": "66",
"time_to_check": convert_datetime_to_timestamp(datetime.now())
}
expected_result = [{
"description": "Checking if the filesystem was set up on time.",
"machine": "Apache",
"class_name": "SampleInjectCheck",
"inject_number": "66",
"time_to_check": query_data['time_to_check']
}]
post = self.app.post('/checks/injects', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 201
assert post.headers['Location'] == 'http://localhost/checks/injects/FileSystemSetUp'
result = self.app.get('/checks/injects/FileSystemSetUp')
rest_result = json.loads(result.data)
show_difference_between_dicts(rest_result[0], expected_result[0])
assert result.status_code == 200
assert rest_result == expected_result
def get_score_for_team(team_id):
data = g.db.get_score_for_team(team_id)
if len(data) == 0:
return Response(status=404)
data[0]['timestamp'] = convert_datetime_to_timestamp(data[0]['timestamp'])
js = json.dumps(data[0], default=json_util.default)
resp = Response(js, status=200, mimetype='application/json')
return resp
def test_get_score_for_specific_team(self):
self.login_user('admin', 'admin')
rest_result = self.app.get('/teams/6/score')
assert rest_result.status_code == 200
json_result = json.loads(rest_result.data)
expected_result = [obj for obj in self.data['team_scores'] if obj['team_id'] == '6'][0]
del expected_result['team_id']
expected_result['timestamp'] = convert_datetime_to_timestamp(expected_result['timestamp'])
show_difference_between_dicts(json_result, expected_result)
assert json_result == expected_result
def test_modify_inject_check_invalid_param(self):
self.login_user('admin', 'admin')
query_data = [deepcopy(obj) for obj in self.data['active_checks'] if obj['type'] == 'inject' and obj['id'] == 'RemovedFiles'][0]
del query_data['type']
query_data['time_to_check'] = convert_datetime_to_timestamp(query_data['time_to_check'])
query_data['machine'] = 'Redis'
query_data['inject_number'] = '57'
patch_data = {
"type": "IllegalParameter",
"reason": "Parameter 'id' is not valid for this interface."
}
result_data = [obj for obj in self.data['active_checks'] if obj['type'] == 'inject' and obj['id'] == 'RemovedFiles']
for i in result_data:
del i['type'], i['id']
i['time_to_check'] = convert_datetime_to_timestamp(i['time_to_check'])
patch = self.app.patch('/checks/injects/RemovedFiles', data=json.dumps(query_data))
assert patch.status_code == 403
assert json.loads(patch.data) == patch_data
result = self.app.get('/checks/injects/RemovedFiles')
assert result.status_code == 200
assert json.loads(result.data) == result_data
def test_modify_inject_check_no_param(self):
self.login_user('admin', 'admin')
query_data = {}
result_data = [obj for obj in self.data['active_checks'] if obj['type'] == 'inject' and obj['id'] == 'RemovedFiles']
for i in result_data:
del i['type'], i['id']
i['time_to_check'] = convert_datetime_to_timestamp(i['time_to_check'])
patch = self.app.patch('/checks/injects/RemovedFiles', data=json.dumps(query_data))
assert patch.status_code == 204
result = self.app.get('/checks/injects/RemovedFiles')
assert result.status_code == 200
assert json.loads(result.data) == result_data
def test_modify_manual_check_for_team_no_param(self):
self.login_user('admin', 'admin')
query_data = {}
result_data = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '1' and obj['id'] == 'BoardPresentation']
for i in result_data:
del i['team_id'], i['type'], i['id']
i['timestamp'] = convert_datetime_to_timestamp(i['timestamp'])
patch = self.app.patch('/checks/manual/BoardPresentation/teams/1', data=json.dumps(query_data))
assert patch.status_code == 204
result = self.app.get('/checks/manual/BoardPresentation/teams/1')
assert result.status_code == 200
assert json.loads(result.data) == result_data
def test_get_scores_for_all_teams(self):
self.login_user('admin', 'admin')
rest_result = self.app.get('/teams/scores')
assert rest_result.status_code == 200
expected_result = [obj for obj in self.data['team_scores']]
print rest_result.data
json_result = json.loads(rest_result.data)
assert len(json_result) == len(expected_result)
for i in range(0, len(json_result)):
expected_result[i]['timestamp'] = convert_datetime_to_timestamp(expected_result[i]['timestamp'])
show_difference_between_dicts(json_result[i], expected_result[i])
assert json_result == expected_result
def test_modify_inject_check(self):
self.login_user('admin', 'admin')
query_data = [obj for obj in self.data['active_checks'] if obj['type'] == 'inject' and obj['id'] == 'RemovedFiles'][0]
del query_data['type'], query_data['id']
query_data['time_to_check'] = convert_datetime_to_timestamp(query_data['time_to_check'])
query_data['machine'] = 'Redis'
query_data['inject_number'] = '57'
result_data = [query_data]
patch = self.app.patch('/checks/injects/RemovedFiles', data=json.dumps(query_data))
assert patch.status_code == 204
result = self.app.get('/checks/injects/RemovedFiles')
assert result.status_code == 200
assert json.loads(result.data) == result_data
def test_create_inject_check_exists(self):
self.login_user('admin', 'admin')
query_data = [obj for obj in self.data['active_checks'] if obj['type'] == 'inject'][0]
del query_data['type']
query_data['time_to_check'] = convert_datetime_to_timestamp(query_data['time_to_check'])
result_data = {
"type": "Exists",
"reason": "A inject check with the id '{}' already exists".format(query_data['id'])
}
post = self.app.post('/checks/injects', data=json.dumps(query_data), follow_redirects=True)
print post.status_code, post.data
assert post.status_code == 403
assert json.loads(post.data) == result_data
def test_modify_manual_check_for_team(self):
self.login_user('admin', 'admin')
query_data = {
'comments': "This team deserves some points, so we'll let this slide.",
'score': 10
}
result_data = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '1' and obj['id'] == 'BoardPresentation']
result_data[0]['comments'] = query_data['comments']
result_data[0]['score'] = query_data['score']
del result_data[0]['team_id'], result_data[0]['id'], result_data[0]['type']
result_data[0]['timestamp'] = convert_datetime_to_timestamp(result_data[0]['timestamp'])
patch = self.app.patch('/checks/manual/BoardPresentation/teams/1', data=json.dumps(query_data))
print patch.status_code, patch.data
assert patch.status_code == 204
result = self.app.get('/checks/manual/BoardPresentation/teams/1')
assert result.status_code == 200
print result.data
print result_data
assert json.loads(result.data) == result_data
def test_create_manual_check_for_team_invalid_param(self):
self.login_user('admin', 'admin')
query_data = {
"id": "NetworkPolicy",
"description": "Teams had to make a network policy",
"comments": "They did okay on this, but forgot about video sharing sites.",
"inject_number": "109",
"score": 25,
"timestamp": convert_datetime_to_timestamp(datetime.now()),
"failure": "assured"
}
post_data = {
"type": "IllegalParameter",
"reason": "Parameter 'failure' is not valid for this interface."
}
post = self.app.post('/checks/manual/teams/6', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 403
assert json.loads(post.data) == post_data
result = self.app.get('/checks/manual/AnotherSecurityHole/teams/6')
print result.status_code, result.data
assert result.status_code == 404
def test_modify_manual_check_for_team_invalid_param(self):
self.login_user('admin', 'admin')
query_data = {
'id': 'BoardPresentation',
'comments': "This team deserves some points, so we'll let this slide.",
'score': 10
}
patch_data = {
"type": "IllegalParameter",
"reason": "Parameter 'id' is not valid for this interface."
}
result_data = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '1' and obj['id'] == 'BoardPresentation']
for i in result_data:
del i['team_id'], i['type'], i['id']
i['timestamp'] = convert_datetime_to_timestamp(i['timestamp'])
patch = self.app.patch('/checks/manual/BoardPresentation/teams/1', data=json.dumps(query_data))
assert patch.status_code == 403
assert json.loads(patch.data) == patch_data
result = self.app.get('/checks/manual/BoardPresentation/teams/1')
assert result.status_code == 200
assert json.loads(result.data) == result_data
def test_create_inject_check_invalid_param(self):
self.login_user('admin', 'admin')
query_data = {
"id": "FileSystemSetUp",
"description": "Checking if the filesystem was set up on time.",
"machine": "Apache",
"class_name": "SampleInjectCheck",
"inject_number": "66",
"time_to_check": convert_datetime_to_timestamp(datetime.now()),
"failure": "assured"
}
post_data = {
"type": "IllegalParameter",
"reason": "Parameter 'failure' is not valid for this interface."
}
post = self.app.post('/checks/injects', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 403
assert json.loads(post.data) == post_data
result = self.app.get('/checks/injects/FileSystemSetUp')
print result.status_code, result.data
assert result.status_code == 404
def test_create_manual_check_for_team(self):
self.login_user('admin', 'admin')
query_data = {
"id": "NetworkPolicy",
"description": "Teams had to make a network policy",
"comments": "They did okay on this, but forgot about video sharing sites.",
"inject_number": "109",
"score": 25,
"timestamp": convert_datetime_to_timestamp(datetime.now())
}
result_data = [{
"description": "Teams had to make a network policy",
"comments": "They did okay on this, but forgot about video sharing sites.",
"inject_number": "109",
"score": 25,
"timestamp": query_data['timestamp']
}]
post = self.app.post('/checks/manual/teams/2', data=json.dumps(query_data), follow_redirects=True)
assert post.status_code == 201
assert post.headers['Location'] == 'http://localhost/checks/manual/NetworkPolicy/teams/2'
result = self.app.get('/checks/manual/NetworkPolicy/teams/2')
print result.status_code, result.data
assert result.status_code == 200
assert json.loads(result.data) == result_data
