def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, 'alice', 'atok')
adduser(pdb, 'bob', 'btok')
balance1 = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
## Exercise 6: your code here.
## Detect balance mismatch.
## When detected, call report_balance_mismatch()
pdb = zoobar.zoodb.person_setup()
balancet = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
if balance1 != balancet:
report_balance_mismatch()
## Detect zoobar theft.
## When detected, call report_zoobar_theft()
tdb = zoobar.zoodb.transfer_setup()
for p in pdb.query(zoobar.zoodb.Person).all():
if tdb.query(zoobar.zoodb.Transfer).filter_by(
sender=p.username).first() == None:
report_zoobar_theft()
def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, "alice", "atok")
adduser(pdb, "bob", "btok")
balance1 = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ["wsgi.url_scheme"] = "http"
environ["wsgi.input"] = "xxx"
environ["SERVER_NAME"] = "zoobar"
environ["SERVER_PORT"] = "80"
environ["SCRIPT_NAME"] = "script"
environ["QUERY_STRING"] = "query"
environ["HTTP_REFERER"] = fuzzy.mk_str("referrer")
environ["HTTP_COOKIE"] = fuzzy.mk_str("cookie")
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ["REQUEST_METHOD"] = "GET"
environ["PATH_INFO"] = "trans" + fuzzy.mk_str("path")
if environ["PATH_INFO"].startswith("//"):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
## Exercise 6: your code here.
## Detect balance mismatch.
## When detected, call report_balance_mismatch()
pdb = zoobar.zoodb.person_setup()
balancet = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
if balance1 != balancet:
report_balance_mismatch()
## Detect zoobar theft.
## When detected, call report_zoobar_theft()
tdb = zoobar.zoodb.transfer_setup()
for p in pdb.query(zoobar.zoodb.Person).all():
if tdb.query(zoobar.zoodb.Transfer).filter_by(sender=p.username).first() == None:
report_zoobar_theft()
def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, 'alice', 'atok')
adduser(pdb, 'bob', 'btok')
balance1 = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
def test_zoobar():
time.sleep(0.1)
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
return
try:
resp = zoobar.app(environ, startresp)
except RequireMismatch:
pass
def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, 'alice', 'atok')
adduser(pdb, 'bob', 'btok')
balance1 = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
people1 = sum([1 for p in pdb.query(zoobar.zoodb.Person).all()])
all_balances1 = {
p.username: p.zoobars
for p in pdb.query(zoobar.zoodb.Person).all()
}
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
## Exercise 6: your code here.
## Detect balance mismatch.
## When detected, call report_balance_mismatch()
balanceEnd = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
peopleEnd = sum([1 for p in pdb.query(zoobar.zoodb.Person).all()])
if balanceEnd != balance1 and peopleEnd == people1:
print "balance1=", balance1, "balanceEnd=", balanceEnd, "people1=", people1
report_balance_mismatch()
#return
## Detect zoobar theft.
## When detected, call report_zoobar_theft()
all_balancesEnd = {
p.username: p.zoobars
for p in pdb.query(zoobar.zoodb.Person).all()
}
if len(all_balancesEnd.keys()) == len(all_balances1.keys()) and set(
all_balancesEnd.keys()) == set(all_balances1.keys()):
# same number and set of users
diff_balance_users = []
for user in all_balances1:
if all_balances1[user] != all_balancesEnd[user]:
diff_balance_users.append(user)
# check all the users with different balances that they have entries in the Tranfer table
tdb = zoobar.zoodb.transfer_setup()
for user in diff_balance_users:
net_balance_change = 0
user_transfer = tdb.query(zoobar.zoodb.Transfer).filter_by(sender=user)
for transfer in user_transfer:
net_balance_change -= transfer.amount
user_transfer = tdb.query(
zoobar.zoodb.Transfer).filter_by(recipient=user)
for transfer in user_transfer:
net_balance_change += transfer.amount
if all_balancesEnd[user] != all_balances1[user] + net_balance_change:
print "user="******",berfore=", all_balances1[
user], ",after=", all_balancesEnd[
user], ",net_balance_change=", net_balance_change
report_zoobar_theft()
def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, 'alice', 'atok')
adduser(pdb, 'bob', 'btok')
balance1 = sum([p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
after_balance = sum(
[p.zoobars for p in pdb.query(zoobar.zoodb.Person).all()])
if after_balance != balance1:
debug_out = 'balance_mismatch: '
for p in pdb.query(zoobar.zoodb.Person).all():
debug_out += '%s: %d, ' % (p.username, p.zoobars)
print debug_out
report_balance_mismatch()
check_user = ['alice', 'bob']
for idx, user in enumerate(['alice', 'bob']):
if environ['HTTP_COOKIE'].startswith('PyZoobarLogin=%s' % user):
del check_user[idx]
for user in check_user:
user_row = pdb.query(zoobar.zoodb.Person).get(user)
if user_row != None and user_row.zoobars < 10:
debug_out = 'zoobar_theft: '
for t in tdb.query(zoobar.zoodb.Transfer).all():
debug_out += '%s ,' % vars(t)
print debug_out
report_zoobar_theft()
def test_stuff():
pdb = zoobar.zoodb.person_setup()
pdb.query(zoobar.zoodb.Person).delete()
adduser(pdb, 'alice', 'atok')
adduser(pdb, 'bob', 'btok')
user1 = pdb.query(zoobar.zoodb.Person).all()
nuser1 = len(user1)
balance1 = sum([p.zoobars for p in user1])
pdb.commit()
tdb = zoobar.zoodb.transfer_setup()
tdb.query(zoobar.zoodb.Transfer).delete()
tdb.commit()
environ = {}
environ['wsgi.url_scheme'] = 'http'
environ['wsgi.input'] = 'xxx'
environ['SERVER_NAME'] = 'zoobar'
environ['SERVER_PORT'] = '80'
environ['SCRIPT_NAME'] = 'script'
environ['QUERY_STRING'] = 'query'
environ['HTTP_REFERER'] = fuzzy.mk_str('referrer')
environ['HTTP_COOKIE'] = fuzzy.mk_str('cookie')
## In two cases, we over-restrict the inputs in order to reduce the
## number of paths that "make check" explores, so that it finishes
## in a reasonable amount of time. You could pass unconstrained
## concolic values for both REQUEST_METHOD and PATH_INFO, but then
## zoobar generates around 2000 distinct paths, and that takes many
## minutes to check.
# environ['REQUEST_METHOD'] = fuzzy.mk_str('method')
# environ['PATH_INFO'] = fuzzy.mk_str('path')
environ['REQUEST_METHOD'] = 'GET'
environ['PATH_INFO'] = 'trans' + fuzzy.mk_str('path')
if environ['PATH_INFO'].startswith('//'):
## Don't bother trying to construct paths with lots of slashes;
## otherwise, the lstrip() code generates lots of paths..
return
resp = zoobar.app(environ, startresp)
if verbose:
for x in resp:
print x
## Detect balance mismatch.
## When detected, call report_balance_mismatch()
user2 = pdb.query(zoobar.zoodb.Person).all()
nuser2 = len(user2)
balance2 = sum([p.zoobars for p in user2])
if nuser1 == nuser2 and balance1 != balance2:
report_balance_mismatch()
## Detect zoobar theft.
## When detected, call report_zoobar_theft()
transfers = tdb.query(zoobar.zoodb.Transfer).all()
alice_balance = [
alice.zoobars for alice in user2 if alice.username == 'alice'
][0]
bob_balance = [bob.zoobars for bob in user2 if bob.username == 'bob'][0]
for user, zoobars in zip(['alice', 'bob'], [alice_balance, bob_balance]):
did = len([t for t in transfers if t.sender == user]) != 0
if not did and zoobars < 10:
report_zoobar_theft()