def test_gen_crypto_key(self): message = 'Mary had a little lamb. Her doctors were astounded' action = 'lob_cheese' t = crypto.XsrfTokenManager.create_xsrf_token(message) secret = crypto.generate_transform_secret_from_xsrf_token(t, action) self.assertNotEqual(secret, message) self.assertNotEqual(secret, action) self.assertNotEqual(secret, t)
def test_use_crypto_key(self): action = 'lob_cheese' t = crypto.XsrfTokenManager.create_xsrf_token(action) secret = crypto.generate_transform_secret_from_xsrf_token(t, action) message = 'Mary had a little lamb. Her doctors were astounded' e = crypto.EncryptionManager.encrypt(message, secret) d = crypto.EncryptionManager.decrypt(e, secret) self.assertEquals(d, message) self.assertNotEquals(e, d) self.assertNotEquals(e, secret)
def test_data_extraction(self): # Register a student and save some form values for that student student = self.register() entity = StudentFormEntity.load_or_default(student, 'form-0') entity.value = transforms.dumps({ u'form_data': self.FORM_0_DATA}) entity.put() entity = StudentFormEntity.load_or_default(student, u'form-1') entity.value = transforms.dumps({ u'form_data': self.FORM_1_DATA}) entity.put() entity = StudentFormEntity.load_or_default(student, u'form-2') entity.value = transforms.dumps({ u'form_data': self.FORM_2_DATA}) entity.put() # Log in as admin for the data query actions.logout() actions.login(ADMIN_EMAIL, is_admin=True) xsrf_token = crypto.XsrfTokenManager.create_xsrf_token( data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) pii_secret = crypto.generate_transform_secret_from_xsrf_token( xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) safe_user_id = crypto.hmac_sha_2_256_transform( pii_secret, student.user_id) response = self.get( 'rest/data/questionnaire_responses/items?' 'data_source_token=%s&page_number=0' % xsrf_token) data = transforms.loads(response.body)['data'] self.assertEqual(3, len(data)) for index in range(3): self.assertIn(safe_user_id, data[index]['user_id']) self.assertEqual('form-%s' % index, data[index]['questionnaire_id']) self.assertEqual(self.FORM_0_DATA, data[0]['form_data']) self.assertEqual(self.FORM_1_DATA, data[1]['form_data']) self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
def test_data_extraction(self): # Register a student and save some form values for that student student = self.register() entity = StudentFormEntity.load_or_create(student, 'form-0') entity.value = transforms.dumps({u'form_data': self.FORM_0_DATA}) entity.put() entity = StudentFormEntity.load_or_create(student, u'form-1') entity.value = transforms.dumps({u'form_data': self.FORM_1_DATA}) entity.put() entity = StudentFormEntity.load_or_create(student, u'form-2') entity.value = transforms.dumps({u'form_data': self.FORM_2_DATA}) entity.put() # Log in as admin for the data query actions.logout() actions.login(ADMIN_EMAIL, is_admin=True) xsrf_token = crypto.XsrfTokenManager.create_xsrf_token( data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) pii_secret = crypto.generate_transform_secret_from_xsrf_token( xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) safe_user_id = crypto.hmac_sha_2_256_transform(pii_secret, student.user_id) response = self.get('rest/data/questionnaire_responses/items?' 'data_source_token=%s&page_number=0' % xsrf_token) data = transforms.loads(response.body)['data'] self.assertEqual(3, len(data)) for index in range(3): self.assertIn(safe_user_id, data[index]['user_id']) self.assertEqual('form-%s' % index, data[index]['questionnaire_id']) self.assertEqual(self.FORM_0_DATA, data[0]['form_data']) self.assertEqual(self.FORM_1_DATA, data[1]['form_data']) self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
def test_data_source(self): # Register a student and give some feedback self.register_student() student = models.Student.get_enrolled_student_by_user( self.make_test_user(STUDENT_EMAIL)) response = self.post_data( rating_int=2, additional_comments='Good lesson') self.assertEquals(200, response['status']) self.assertIn('Thank you for your feedback', response['message']) # Log in as admin for the data query actions.logout() actions.login(ADMIN_EMAIL, is_admin=True) xsrf_token = crypto.XsrfTokenManager.create_xsrf_token( data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) pii_secret = crypto.generate_transform_secret_from_xsrf_token( xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) safe_user_id = crypto.hmac_sha_2_256_transform( pii_secret, student.user_id) response = self.get( 'rest/data/rating_events/items?' 'data_source_token=%s&page_number=0' % xsrf_token) data = transforms.loads(response.body)['data'] self.assertEqual(1, len(data)) record = data[0] self.assertEqual(7, len(record)) self.assertEqual(safe_user_id, record['user_id']) self.assertEqual('2', record['rating']) self.assertEqual('Good lesson', record['additional_comments']) self.assertEqual( '/rating_course/unit?unit=%s&lesson=%s' % ( self.unit.unit_id, self.lesson.lesson_id), record['content_url']) self.assertEqual(str(self.unit.unit_id), record['unit_id']) self.assertEqual(str(self.lesson.lesson_id), record['lesson_id']) self.assertIn('recorded_on', record)
def test_data_source(self): # Register a student and give some feedback user = self.register_student() student = models.Student.get_enrolled_student_by_user(user) response = self.post_data( rating_int=2, additional_comments='Good lesson') self.assertEquals(200, response['status']) self.assertIn('Thank you for your feedback', response['message']) # Log in as admin for the data query actions.logout() actions.login(ADMIN_EMAIL, is_admin=True) xsrf_token = crypto.XsrfTokenManager.create_xsrf_token( data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) pii_secret = crypto.generate_transform_secret_from_xsrf_token( xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION) safe_user_id = crypto.hmac_sha_2_256_transform( pii_secret, student.user_id) response = self.get( 'rest/data/rating_events/items?' 'data_source_token=%s&page_number=0' % xsrf_token) data = transforms.loads(response.body)['data'] self.assertEqual(1, len(data)) record = data[0] self.assertEqual(7, len(record)) self.assertEqual(safe_user_id, record['user_id']) self.assertEqual('2', record['rating']) self.assertEqual('Good lesson', record['additional_comments']) self.assertEqual( '/rating_course/unit?unit=%s&lesson=%s' % ( self.unit.unit_id, self.lesson.lesson_id), record['content_url']) self.assertEqual(str(self.unit.unit_id), record['unit_id']) self.assertEqual(str(self.lesson.lesson_id), record['lesson_id']) self.assertIn('recorded_on', record)
def _build_secret(cls, params): data_source_token = params.get('data_source_token') return crypto.generate_transform_secret_from_xsrf_token( data_source_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)