def test_change_secret_changes_hmac(self):
message = 'Mary had a little lamb. Her doctors were astounded'
secret = 'skoodlydoodah'
h1 = crypto.hmac_sha_2_256_transform(secret, message)
h2 = crypto.hmac_sha_2_256_transform(secret + '.', message)
self.assertNotEquals(h1, h2)
self.assertNotEquals(h1, message)
def test_change_secret_changes_hmac(self):
message = 'Mary had a little lamb. Her doctors were astounded'
secret = 'skoodlydoodah'
h1 = crypto.hmac_sha_2_256_transform(secret, message)
h2 = crypto.hmac_sha_2_256_transform(secret + '.', message)
self.assertNotEquals(h1, h2)
self.assertNotEquals(h1, message)
def test_consistent(self):
message = 'Mary had a little lamb. Her doctors were astounded'
secret = 'skoodlydoodah'
h1 = crypto.hmac_sha_2_256_transform(secret, message)
h2 = crypto.hmac_sha_2_256_transform(secret, message)
self.assertEquals(h1, h2)
self.assertNotEquals(h1, message)
h1 = crypto.hmac_sha_2_256_transform_b64(secret, message)
h2 = crypto.hmac_sha_2_256_transform_b64(secret, message)
self.assertEquals(h1, h2)
self.assertNotEquals(h1, message)
def _postprocess_rows(cls, app_context, source_context, schema, log,
page_number, rows):
items = super(AnswersDataSource, cls)._postprocess_rows(
app_context, source_context, schema, log, page_number, rows)
for item in items:
item.pop('user_name')
item['user_id'] = crypto.hmac_sha_2_256_transform(
source_context.pii_secret, item['user_id'])
return items
def _postprocess_rows(cls, app_context, source_context, schema, log,
page_number, rows):
items = super(AnswersDataSource, cls)._postprocess_rows(
app_context, source_context, schema, log, page_number, rows)
for item in items:
item.pop('user_name')
item['user_id'] = crypto.hmac_sha_2_256_transform(
source_context.pii_secret, item['user_id'])
return items
def test_data_extraction(self):
# Register a student and save some form values for that student
student = self.register()
entity = StudentFormEntity.load_or_default(student, 'form-0')
entity.value = transforms.dumps({
u'form_data': self.FORM_0_DATA})
entity.put()
entity = StudentFormEntity.load_or_default(student, u'form-1')
entity.value = transforms.dumps({
u'form_data': self.FORM_1_DATA})
entity.put()
entity = StudentFormEntity.load_or_default(student, u'form-2')
entity.value = transforms.dumps({
u'form_data': self.FORM_2_DATA})
entity.put()
# Log in as admin for the data query
actions.logout()
actions.login(ADMIN_EMAIL, is_admin=True)
xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
pii_secret = crypto.generate_transform_secret_from_xsrf_token(
xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
safe_user_id = crypto.hmac_sha_2_256_transform(
pii_secret, student.user_id)
response = self.get(
'rest/data/questionnaire_responses/items?'
'data_source_token=%s&page_number=0' % xsrf_token)
data = transforms.loads(response.body)['data']
self.assertEqual(3, len(data))
for index in range(3):
self.assertIn(safe_user_id, data[index]['user_id'])
self.assertEqual('form-%s' % index, data[index]['questionnaire_id'])
self.assertEqual(self.FORM_0_DATA, data[0]['form_data'])
self.assertEqual(self.FORM_1_DATA, data[1]['form_data'])
self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
def test_data_extraction(self):
# Register a student and save some form values for that student
student = self.register()
entity = StudentFormEntity.load_or_create(student, 'form-0')
entity.value = transforms.dumps({u'form_data': self.FORM_0_DATA})
entity.put()
entity = StudentFormEntity.load_or_create(student, u'form-1')
entity.value = transforms.dumps({u'form_data': self.FORM_1_DATA})
entity.put()
entity = StudentFormEntity.load_or_create(student, u'form-2')
entity.value = transforms.dumps({u'form_data': self.FORM_2_DATA})
entity.put()
# Log in as admin for the data query
actions.logout()
actions.login(ADMIN_EMAIL, is_admin=True)
xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
pii_secret = crypto.generate_transform_secret_from_xsrf_token(
xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
safe_user_id = crypto.hmac_sha_2_256_transform(pii_secret,
student.user_id)
response = self.get('rest/data/questionnaire_responses/items?'
'data_source_token=%s&page_number=0' % xsrf_token)
data = transforms.loads(response.body)['data']
self.assertEqual(3, len(data))
for index in range(3):
self.assertIn(safe_user_id, data[index]['user_id'])
self.assertEqual('form-%s' % index,
data[index]['questionnaire_id'])
self.assertEqual(self.FORM_0_DATA, data[0]['form_data'])
self.assertEqual(self.FORM_1_DATA, data[1]['form_data'])
self.assertEqual(self.FORM_2_DATA_OUT, data[2]['form_data'])
def test_data_source(self):
# Register a student and give some feedback
self.register_student()
student = models.Student.get_enrolled_student_by_user(
self.make_test_user(STUDENT_EMAIL))
response = self.post_data(
rating_int=2, additional_comments='Good lesson')
self.assertEquals(200, response['status'])
self.assertIn('Thank you for your feedback', response['message'])
# Log in as admin for the data query
actions.logout()
actions.login(ADMIN_EMAIL, is_admin=True)
xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
pii_secret = crypto.generate_transform_secret_from_xsrf_token(
xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
safe_user_id = crypto.hmac_sha_2_256_transform(
pii_secret, student.user_id)
response = self.get(
'rest/data/rating_events/items?'
'data_source_token=%s&page_number=0' % xsrf_token)
data = transforms.loads(response.body)['data']
self.assertEqual(1, len(data))
record = data[0]
self.assertEqual(7, len(record))
self.assertEqual(safe_user_id, record['user_id'])
self.assertEqual('2', record['rating'])
self.assertEqual('Good lesson', record['additional_comments'])
self.assertEqual(
'/rating_course/unit?unit=%s&lesson=%s' % (
self.unit.unit_id, self.lesson.lesson_id),
record['content_url'])
self.assertEqual(str(self.unit.unit_id), record['unit_id'])
self.assertEqual(str(self.lesson.lesson_id), record['lesson_id'])
self.assertIn('recorded_on', record)
def test_data_source(self):
# Register a student and give some feedback
user = self.register_student()
student = models.Student.get_enrolled_student_by_user(user)
response = self.post_data(
rating_int=2, additional_comments='Good lesson')
self.assertEquals(200, response['status'])
self.assertIn('Thank you for your feedback', response['message'])
# Log in as admin for the data query
actions.logout()
actions.login(ADMIN_EMAIL, is_admin=True)
xsrf_token = crypto.XsrfTokenManager.create_xsrf_token(
data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
pii_secret = crypto.generate_transform_secret_from_xsrf_token(
xsrf_token, data_sources_utils.DATA_SOURCE_ACCESS_XSRF_ACTION)
safe_user_id = crypto.hmac_sha_2_256_transform(
pii_secret, student.user_id)
response = self.get(
'rest/data/rating_events/items?'
'data_source_token=%s&page_number=0' % xsrf_token)
data = transforms.loads(response.body)['data']
self.assertEqual(1, len(data))
record = data[0]
self.assertEqual(7, len(record))
self.assertEqual(safe_user_id, record['user_id'])
self.assertEqual('2', record['rating'])
self.assertEqual('Good lesson', record['additional_comments'])
self.assertEqual(
'/rating_course/unit?unit=%s&lesson=%s' % (
self.unit.unit_id, self.lesson.lesson_id),
record['content_url'])
self.assertEqual(str(self.unit.unit_id), record['unit_id'])
self.assertEqual(str(self.lesson.lesson_id), record['lesson_id'])
self.assertIn('recorded_on', record)
