def test_update_phrase(self):
config = opp_config.OppConfig(self.conf_filepath)
# Add user
utils.execute("opp-db --config_file %s add-user -uu -pp "
"--phrase=123456" % self.conf_filepath)
old = aescipher.AESCipher("123456")
new = aescipher.AESCipher("654321")
# Add category and item using old passphrase
session = api.get_scoped_session(config)
category = models.Category(name=old.encrypt("cat1"))
item = models.Item(name=old.encrypt("item1"),
url=old.encrypt("url1"),
account=old.encrypt("account1"),
username=old.encrypt("username1"),
password=old.encrypt("password1"),
blob=old.encrypt("blob1"))
with session.begin():
user = api.user_get_by_username(session, 'u')
category.user = user
item.user = user
api.category_create(session, [category])
api.item_create(session, [item])
# Update passphrase
utils.execute("opp-db --config_file %s update-phrase -uu -pp "
"--old_phrase=123456 --new_phrase=654321" %
self.conf_filepath)
# Check data using new passphrase
session = api.get_scoped_session(config)
with session.begin():
user = api.user_get_by_username(session, 'u')
category = api.category_getall(session, user)[0]
self.assertEqual(new.decrypt(category.name), "cat1")
item = api.item_getall(session, user)[0]
self.assertEqual(new.decrypt(item.name), "item1")
self.assertEqual(new.decrypt(item.url), "url1")
self.assertEqual(new.decrypt(item.account), "account1")
self.assertEqual(new.decrypt(item.username), "username1")
self.assertEqual(new.decrypt(item.password), "password1")
self.assertEqual(new.decrypt(item.blob), "blob1")
# Cleanup
utils.execute("opp-db --config_file %s del-user -uu -pp"
" --remove_data" % self.conf_filepath)
self._assert_user_does_not_exist('u')
def update_user(config, u, p, new_username, new_password):
if not (new_username or new_password):
sys.exit("Error: at least one of: [--new_username, --new_password]"
" options must be specified!")
try:
s = api.get_scoped_session(config.conf)
with s.begin():
user = api.user_get_by_username(s, u)
if not user:
sys.exit("Error: user does not exist!")
if not utils.checkpw(p, user.password):
sys.exit("Error: incorrect password!")
if new_username:
new_user = api.user_get_by_username(s, new_username)
if new_user:
sys.exit("Username: '******' already exists!" % new_username)
printv(config, "Updating user information")
if new_username:
user.username = new_username
if new_password:
user.password = utils.hashpw(new_password)
api.user_update(s, user)
print("Successfully updated user %s" % user.username)
except Exception as e:
sys.exit("Error: %s" % str(e))
def del_user(config, u, p, remove_data):
try:
s = api.get_scoped_session(config.conf)
with s.begin():
user = api.user_get_by_username(s, u)
if not user:
sys.exit("Error: user does not exist!")
if not utils.checkpw(p, user.password):
sys.exit("Error: incorrect password!")
if remove_data:
printv(config, "Removing user's categories data ...")
api.category_delete_all(s, user, True)
printv(config, "Removing user's items data ...")
api.item_delete_all(s, user)
printv(config, "Removing user ...")
api.user_delete(s, user)
user = api.user_get_by_username(s, u)
if user:
print("Error: unable to delete user: '******'" % u)
else:
print("Successfully deleted user: '******'" % u)
except Exception as e:
sys.exit("Error: %s" % str(e))
def backup(config): # pragma: no cover
session = api.get_scoped_session(config.conf)
for table in models.Base.metadata.sorted_tables:
with open("%s.pickle" % table, "wb") as f:
query = session.query(table)
for row in query.all():
dump(row, f)
files = ["%s.pickle" % x.name for x in models.Base.metadata.sorted_tables]
code, out, err = utils.execute("tar zcf opp.db.tz %s" % " ".join(files),
propagate=False)
if code != 0:
sys.exit("Error creating database archive file: %s" % err)
code, out, err = utils.execute("rm %s" % " ".join(files), propagate=False)
if code != 0:
print("Unable to remove .pickle files: %s" % err)
print("Created database backup file: opp.db.tz")
def add_user(config, u, p, phrase):
if len(phrase) < 6:
sys.exit("Error: passphrase must be at least 6 characters long!")
try:
cipher = aescipher.AESCipher(phrase)
ok = cipher.encrypt("OK")
s = api.get_scoped_session(config.conf)
with s.begin():
user = api.user_get_by_username(s, u)
if user:
sys.exit("Error: user already exists!")
hashed = utils.hashpw(p)
user = models.User(username=u, password=hashed, phrase_check=ok)
api.user_create(s, user)
user = api.user_get_by_username(s, u)
if user:
print("Successfully added new user: '******'" % u)
else:
print("Error: unable to add user: '******'" % u)
except Exception as e:
sys.exit("Error: %s" % str(e))
def update_phrase(config, u, p, old_phrase, new_phrase):
if len(new_phrase) < 6:
sys.exit("Error: passphrase must be at least 6 characters long!")
try:
old_cipher = aescipher.AESCipher(old_phrase)
new_cipher = aescipher.AESCipher(new_phrase)
s = api.get_scoped_session(config.conf)
with s.begin():
user = api.user_get_by_username(s, u)
if not user:
sys.exit("Error: user does not exist!")
if not utils.checkpw(p, user.password):
sys.exit("Error: incorrect password!")
try:
if old_cipher.decrypt(user.phrase_check) != "OK":
sys.exit("Error: incorrect old passphrase supplied!")
except UnicodeDecodeError:
sys.exit("Error: incorrect old passphrase supplied!")
printv(config, "Updating user information")
user.phrase_check = new_cipher.encrypt("OK")
api.user_update(s, user)
printv(config, "Updating user's categories")
categories = api.category_getall(s, user)
for category in categories:
category.recrypt(old_cipher, new_cipher)
api.category_update(s, categories)
printv(config, "Updating user's items")
items = api.item_getall(s, user)
for item in items:
item.recrypt(old_cipher, new_cipher)
api.item_update(s, items)
print("All of user's data has been successfuly "
"re-encrypted with the new passphrase.")
except Exception as e:
sys.exit("Error: %s" % str(e))
def setUp(self):
conf = opp_config.OppConfig(self.conf_filepath)
self.s = api.get_scoped_session(conf)
self.u = api.user_get_by_username(self.s, "u")
def setUp(self):
conf = opp_config.OppConfig(self.conf_filepath)
self.s = api.get_scoped_session(conf)