def setUpBasicData(self):
self.tag = Tag(name='tag')
self.tag.save()
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def credundelete(request, cred_id):
cred = get_object_or_404(Cred, pk=cred_id)
try:
lastchange = CredAudit.objects.filter(
cred=cred,
audittype__in=[CredAudit.CREDCHANGE, CredAudit.CREDADD],
).latest().time
except CredAudit.DoesNotExist:
lastchange = _("Unknown (Logs deleted)")
# Check user has perms
if not cred.is_accessible_by(request.user):
raise Http404
if request.method == 'POST':
CredAudit(audittype=CredAudit.CREDADD, cred=cred,
user=request.user).save()
cred.is_deleted = False
cred.save()
return HttpResponseRedirect(
reverse('cred.views.list', args=('special', 'trash')))
CredAudit(audittype=CredAudit.CREDVIEW, cred=cred,
user=request.user).save()
return render(
request, 'cred_detail.html', {
'cred': cred,
'lastchange': lastchange,
'action': reverse('cred.views.delete', args=(cred_id, )),
'undelete': True
})
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.tag = Tag(name="tag")
self.tag.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.nobody = Client()
self.nobody.login(username="******", password="******")
self.cred = Cred(title="secret", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def update_detail(self, object_list, bundle):
# Check user has perms
if not bundle.obj.is_owned_by(bundle.request.user):
return False
CredAudit(audittype=CredAudit.CREDCHANGE,
cred=bundle.obj,
user=bundle.request.user).save()
return True
def read_detail(self, object_list, bundle):
# Check user has perms
if not bundle.obj.is_visible_by(bundle.request.user):
return False
# This audit should go somewhere else, is there a detail list function we can override?
CredAudit(audittype=CredAudit.CREDPASSVIEW,
cred=bundle.obj,
user=bundle.request.user).save()
return True
def setUpBasicData(self):
self.tag = Tag(name="tag")
self.tag.save()
self.cred = Cred(title="secret", username="******", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group,
)
self.injectcred.save()
self.markdowncred = Cred(
title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
)
self.markdowncred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def import_process(request, import_id):
# If there was no session data, return 404
if 'imported_data' not in request.session.keys():
raise Http404
# Get the entry we are concerned with
try:
entry = request.session['imported_data']['entries'][int(import_id)]
except IndexError:
raise Http404
# Get the group
groupid = request.session['imported_data']['group']
try:
group = Group.objects.get(pk=groupid)
except Group.DoesNotExist:
del request.session['imported_data']
raise Http404
if request.method == 'POST':
# Try and import what we have now
# Did the user upload a new attachment
if entry['filename'] and 'attachment' not in request.FILES.keys():
sfile = SimpleUploadedFile(entry['filename'],
bytes(entry['filecontent']))
request.FILES['attachment'] = sfile
# Build the form
form = CredForm(request.user, request.POST, request.FILES)
# Do we have enough data to save?
if form.is_valid():
# Save the credential
form.save()
# Write the audit log
CredAudit(
audittype=CredAudit.CREDADD,
cred=form.instance,
user=request.user,
).save()
# Remove the entry we're importing
del request.session['imported_data']['entries'][int(import_id)]
request.session.save()
# Go back to the overview
return HttpResponseRedirect(reverse('staff.views.import_overview'))
else:
# Init the cred, and create the form
processed = dict(entry)
# Create all the tags
tlist = []
for t in processed['tags']:
(tag, create) = Tag.objects.get_or_create(name=t)
tlist.append(tag)
processed['tags'] = tlist
# Setup the group
processed['group'] = group
# If the icon is empty set it
if 'iconname' not in processed.keys():
processed['iconname'] = 'Key.png'
# Remove the attachment
if processed['filename']:
del processed['filename']
del processed['filecontent']
# Create the form
form = CredForm(request.user, processed, {})
return render(request, 'staff_import_process.html', {
'form': form,
'icons': get_icon_list(),
})
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def loginLDAP(self, username, password):
c = Client()
loginurl = reverse('django.contrib.auth.views.login')
c.post(loginurl, {'username': username, 'password': password})
return c
def getLDAPAuthData(self):
self.norm = self.loginLDAP(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.loginLDAP(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.loginLDAP(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = Client()
self.norm.login(username='******', password='******')
self.staff = Client()
self.staff.login(username='******', password='******')
self.nobody = Client()
self.nobody.login(username='******', password='******')
def setUpBasicData(self):
self.tag = Tag(name='tag')
self.tag.save()
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse('login')
c.post(loginurl, {
'auth-username': username,
'auth-password': password,
'rattic_tfa_login_view-current_step': 'auth',
})
return c
def getLDAPAuthData(self):
self.norm = self.login(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.login(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.login(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = self.login(username='******', password='******')
self.staff = self.login(username='******', password='******')
self.nobody = self.login(username='******', password='******')
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def read_detail(self, object_list, bundle):
# This audit should go somewhere else, is there a detail list function we can override?
CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=bundle.obj, user=bundle.request.user).save()
return True
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse("django.contrib.auth.views.login")
c.post(loginurl, {"username": username, "password": password})
return c
def getLDAPAuthData(self):
self.norm = self.login(username="******", password="******")
self.unorm = User.objects.get(username="******")
self.normpass = "******"
self.staff = self.login(username="******", password="******")
self.ustaff = User.objects.get(username="******")
self.nobody = self.login(username="******", password="******")
self.unobody = User.objects.get(username="******")
self.group = Group.objects.get(name="testgroup")
self.othergroup = Group.objects.get(name="othergroup")
def setUpAuthData(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.normpass = "******"
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = self.login(username="******", password="******")
self.staff = self.login(username="******", password="******")
self.nobody = self.login(username="******", password="******")
def setUpBasicData(self):
self.tag = Tag(name="tag")
self.tag.save()
self.cred = Cred(title="secret", username="******", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group,
)
self.injectcred.save()
self.markdowncred = Cred(
title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
)
self.markdowncred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title="Changed", password="******", group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class TestData:
def __init__(self):
if settings.LDAP_ENABLED:
self.getLDAPAuthData()
else:
self.setUpAuthData()
self.setUpBasicData()
def login(self, username, password):
c = Client()
loginurl = reverse('login')
c.post(loginurl, {
'auth-username': username,
'auth-password': password,
'rattic_tfa_login_view-current_step': 'auth',
})
return c
def getLDAPAuthData(self):
self.norm = self.login(username='******', password='******')
self.unorm = User.objects.get(username='******')
self.normpass = '******'
self.staff = self.login(username='******', password='******')
self.ustaff = User.objects.get(username='******')
self.nobody = self.login(username='******', password='******')
self.unobody = User.objects.get(username='******')
self.group = Group.objects.get(name='testgroup')
self.othergroup = Group.objects.get(name='othergroup')
def setUpAuthData(self):
self.group = Group(name='testgroup')
self.group.save()
self.othergroup = Group(name='othergroup')
self.othergroup.save()
self.unorm = User(username='******', email='*****@*****.**')
self.unorm.set_password('password')
self.normpass = '******'
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
self.ustaff.set_password('password')
self.ustaff.save()
self.ustaff.groups.add(self.othergroup)
self.ustaff.save()
self.unobody = User(username='******', email='*****@*****.**')
self.unobody.set_password('password')
self.unobody.save()
self.norm = self.login(username='******', password='******')
self.staff = self.login(username='******', password='******')
self.nobody = self.login(username='******', password='******')
def setUpBasicData(self):
# Make a tag
self.tag = Tag(name='tag')
self.tag.save()
# Make a simple credential
self.cred = Cred(title='secret', username='******', password='******', group=self.group)
self.cred.save()
# Make a cred that'll be tagged
self.tagcred = Cred(title='tagged', password='******', group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
# A cred that attempts script injection
self.injectcred = Cred(
title='<script>document.write("BADTITLE!")</script>Bold!',
username='******',
password='******',
group=self.group
)
self.injectcred.save()
# A cred with markdown
self.markdowncred = Cred(
title='Markdown Cred',
password='******',
group=self.group,
description='# Test',
descriptionmarkdown=True,
)
self.markdowncred.save()
# Add a Unicode credential
self.unicodecred = Cred(
title='Unicode ‑ Cred',
password='******',
group=self.group,
description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
)
self.unicodecred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
self.viewedcred.save()
self.changedcred = Cred(title='Changed', password='******', group=self.group)
self.changedcred.save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
class StaffViewTests(TestCase):
def setUp(self):
self.group = Group(name="testgroup")
self.group.save()
self.othergroup = Group(name="othergroup")
self.othergroup.save()
self.tag = Tag(name="tag")
self.tag.save()
self.unorm = User(username="******", email="*****@*****.**")
self.unorm.set_password("password")
self.unorm.save()
self.unorm.groups.add(self.group)
self.unorm.save()
self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
self.ustaff.set_password("password")
self.ustaff.save()
self.ustaff.groups.add(self.group)
self.ustaff.save()
self.unobody = User(username="******", email="*****@*****.**")
self.unobody.set_password("password")
self.unobody.save()
self.norm = Client()
self.norm.login(username="******", password="******")
self.staff = Client()
self.staff.login(username="******", password="******")
self.nobody = Client()
self.nobody.login(username="******", password="******")
self.cred = Cred(title="secret", password="******", group=self.group)
self.cred.save()
self.tagcred = Cred(title="tagged", password="******", group=self.group)
self.tagcred.save()
self.tagcred.tags.add(self.tag)
self.tagcred.save()
CredChangeQ.objects.add_to_changeq(self.cred)
self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
self.logadd.save()
self.logview.save()
def test_home(self):
resp = self.staff.get(reverse("staff.views.home"))
self.assertEqual(resp.status_code, 200)
userlist = resp.context["userlist"]
grouplist = resp.context["grouplist"]
self.assertIn(self.unorm, userlist)
self.assertIn(self.ustaff, userlist)
self.assertIn(self.unobody, userlist)
self.assertIn(self.group, grouplist)
self.assertIn(self.othergroup, grouplist)
def test_view_trash(self):
self.cred.is_deleted = True
self.cred.save()
resp = self.staff.get(reverse("staff.views.view_trash"))
self.assertEqual(resp.status_code, 200)
credlist = resp.context["credlist"].object_list
self.assertIn(self.cred, credlist)
self.assertNotIn(self.tagcred, credlist)
def test_userdetail(self):
resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["viewuser"]
self.assertEqual(self.unobody.id, user.id)
def test_groupadd(self):
resp = self.staff.get(reverse("staff.views.groupadd"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["name"] = "Test Group"
resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True)
self.assertEqual(resp.status_code, 200)
newgroup = Group.objects.get(name="Test Group")
def test_groupdetail(self):
resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,)))
self.assertEqual(resp.status_code, 200)
group = resp.context["group"]
self.assertEqual(self.group.id, group.id)
def test_groupdelete(self):
resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,)))
self.assertEqual(resp.status_code, 200)
group = resp.context["group"]
self.assertEqual(self.othergroup.id, group.id)
resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True)
with self.assertRaises(Group.DoesNotExist):
delgroup = Group.objects.get(id=self.othergroup.id)
def test_userdelete(self):
resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["viewuser"]
self.assertEqual(self.unobody.id, user.id)
resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True)
self.assertEqual(resp.status_code, 200)
with self.assertRaises(User.DoesNotExist):
deluser = User.objects.get(id=self.unobody.id)
def test_audit_by_cred(self):
resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,)))
self.assertEqual(resp.status_code, 200)
cred = resp.context["cred"]
loglist = resp.context["logs"].object_list
self.assertEqual(self.cred.id, cred.id)
self.assertEqual(resp.context["type"], "cred")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_audit_by_user(self):
resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,)))
self.assertEqual(resp.status_code, 200)
user = resp.context["loguser"]
loglist = resp.context["logs"].object_list
self.assertEqual(self.ustaff.id, user.id)
self.assertEqual(resp.context["type"], "user")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_audit_by_days(self):
resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,)))
self.assertEqual(resp.status_code, 200)
days_ago = resp.context["days_ago"]
loglist = resp.context["logs"].object_list
self.assertEqual(int(days_ago), 2)
self.assertEqual(resp.context["type"], "time")
self.assertIn(self.logadd, loglist)
self.assertIn(self.logview, loglist)
def test_NewUser(self):
resp = self.staff.get(reverse("user_add"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["username"] = "******"
post["email"] = "*****@*****.**"
post["groups"] = self.othergroup.id
post["newpass"] = "******"
post["confirmpass"] = "******"
resp = self.staff.post(reverse("user_add"), post, follow=True)
with self.assertRaises(KeyError):
print resp.context["form"].errors
self.assertEqual(resp.status_code, 200)
newuser = User.objects.get(username="******")
self.assertEqual(newuser.email, "*****@*****.**")
self.assertTrue(newuser.check_password("crazypass"))
self.assertIn(self.othergroup, newuser.groups.all())
self.assertNotIn(self.group, newuser.groups.all())
def test_UpdateUser(self):
resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,)))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["email"] = "*****@*****.**"
post["newpass"] = "******"
post["confirmpass"] = "******"
resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True)
self.assertEqual(resp.status_code, 200)
newuser = User.objects.get(id=self.unobody.id)
self.assertEqual(newuser.email, "*****@*****.**")
self.assertTrue(newuser.check_password("differentpass"))
def test_import_from_keepass(self):
gp = Group(name="KeepassImportTest")
gp.save()
self.ustaff.groups.add(gp)
self.ustaff.save()
resp = self.staff.get(reverse("staff.views.import_from_keepass"))
self.assertEqual(resp.status_code, 200)
form = resp.context["form"]
post = {}
for i in form:
if i.value() is not None:
post[i.name] = i.value()
post["password"] = "******"
post["group"] = gp.id
with open("docs/keepass/test2.kdb") as fp:
post["file"] = fp
resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True)
self.assertEqual(resp.status_code, 200)
newcred = Cred.objects.get(title="Google", group=gp)
self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK")
self.assertEqual(newcred.tags.all()[0].name, "Internet")
def test_credundelete(self):
self.cred.delete()
resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,)))
self.assertEqual(resp.status_code, 200)
self.assertEqual(resp.context["cred"], self.cred)
resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True)
self.assertEqual(resp.status_code, 200)
cred = Cred.objects.get(id=self.cred.id)
self.assertFalse(cred.is_deleted)
