def testSignBlank(self):
"""Test round-trip sign, verify"""
k = UserKey(active=True)
k.save()
sig = k.sign('', 'yyy')
self.assertEqual(len(sig), 32)
self.assert_(k.verify('', 'yyy', sig))
def testSign(self):
"""Test round-trip sign, verify"""
k = UserKey(active=True)
k.save()
sig = k.sign('testing testing testing', 'xxx')
self.assertEqual(len(sig), 32)
self.assert_(k.verify('testing testing testing', 'xxx', sig))
def create_key():
from nova import api
name = request.form.get("key_name")
oper = api()
ua = get_user_account(g.current_login_id)
tn = get_user_tenant(g.current_login_id)
key_pair = oper.gen_key(ua, tn.tenant_name, key_name=name)
userkey = UserKey(key_content=key_pair)
userkey.user_id = g.current_login_id
g.db.add(userkey)
g.db.flush()
g.db.commit()
return redirect(url_for("product.show_key_manage"))
def testSignUrlAnonymous(self):
"""Test round-trip sign, verify"""
k = UserKey(active=True, user=None)
k.save()
url = 'http://localhost/test/'
signed = k.sign_url(url, 'zzz')
parsed = urlparse.urlsplit(signed)
qs = parse_qs(parsed.query)
self.assert_('seed' in qs)
self.assert_('user' not in qs)
self.assert_('sig' in qs)
self.assertEqual(qs['seed'][0], 'zzz')
self.assert_(k.verify_url(signed)[0])
def create_key():
from nova import api
name = request.form.get("key_name")
oper = api()
ua = get_user_account(g.current_login_id)
tn = get_user_tenant(g.current_login_id)
key_pair = oper.gen_key(ua, tn.tenant_name, key_name = name)
userkey = UserKey(key_content=key_pair)
userkey.user_id = g.current_login_id
g.db.add(userkey)
g.db.flush()
g.db.commit()
return redirect(url_for("product.show_key_manage"))
def testSignUrlBadUser(self):
"""Test signature roundtrip with a real user"""
user = User.objects.create(username='******', is_active=True)
k = UserKey(active=True, user=user)
url = 'http://localhost/test/'
signed = k.sign_url(url, 'uuu')
# bad username
bad = signed.replace('joe', 'bob')
self.assertFalse(k.verify_url(bad)[0])
# bad seed
bad = signed.replace('uuu','badseed')
self.assertFalse(k.verify_url(bad)[0])
def testSignUrlUser(self):
"""Test signature roundtrip with a real user"""
user = User.objects.create(username='******', is_active=True)
k = UserKey(active=True, user=user)
url = 'http://localhost/test/'
signed = k.sign_url(url, 'uuu')
parsed = urlparse.urlsplit(signed)
qs = urlparse.parse_qs(parsed.query)
self.assert_('seed' in qs)
self.assert_('user' in qs)
self.assertEqual(qs['user'][0], 'joe')
self.assert_('sig' in qs)
self.assertEqual(qs['seed'][0], 'uuu')
self.assert_(k.verify_url(signed)[0])
def testSignUrlAnonymousQuery(self):
"""Test round-trip sign, verify with GET params"""
k = UserKey(active=True, user=None)
k.save()
url = 'http://localhost/test/?arg=this&arg2=that'
signed = k.sign_url(url, '123')
parsed = urlparse.urlsplit(signed)
qs = parse_qs(parsed.query)
self.assert_('seed' in qs)
self.assert_('user' not in qs)
self.assert_('sig' in qs)
self.assertEqual(qs['seed'][0], '123')
self.assert_('arg' in qs)
self.assert_('arg2' in qs)
self.assert_(k.verify_url(signed)[0])
def finish_order(order):
import nova
from user import serv
from json import dumps
order.status = 2
useraccount = serv.get_user_account(order.user_id)
user = serv.get_user_login(order.user_id)
if not useraccount.tenant_id:
tenant = nova.api().get_tenent(useraccount)
useraccount.tenant_id = tenant['id']
usertenant = UserTenant(user)
usertenant.tenant_id = tenant['id']
usertenant.tenant_name = tenant['name']
usertenant.admin_user_id = tenant['user_id']
key_pair = nova.api().gen_key(useraccount, tenant["name"])
usertenant.keypair = dumps(key_pair)
uk = UserKey(key_content=key_pair)
g.db.add(uk)
g.db.add(usertenant)
orderproducts = g.db.query(OrderProduct).filter(
OrderProduct.order_id == order.id).all()
for orderproduct in orderproducts:
userproduct = UserProduct(user, orderproduct)
g.db.add(userproduct)
g.db.flush()
g.db.commit()
def testAnonymousSeedReuse(self):
"""Test invalid reuse of seed"""
k = UserKey(active=True, user=None)
k.save()
url = 'http://localhost/test/'
signed = k.sign_url(url, 'reusemenot')
self.assert_(k.verify_url(signed)[0])
# seed shouldn't work twice
self.assertFalse(k.verify_url(signed)[0])
