Exemplo n.º 1
0
    def setUpBasicData(self):
        self.tag = Tag(name='tag')
        self.tag.save()

        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 2
0
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()
Exemplo n.º 3
0
    def setUp(self):
        g = Group(name='h')
        g.save()

        c = Cred(title='testcred', password='******', group=g)
        c.save()

        self.c = c
Exemplo n.º 4
0
class StaffChangeAdviceTest(TestCase):
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

    def test_disable_user(self):
        resp = self.staff.get(reverse("staff.views.change_advice_by_user", args=(self.unorm.id,)))
        self.assertEqual(resp.status_code, 200)
        credlist = resp.context["creds"]
        self.assertIn(self.viewedcred, credlist)
        self.assertNotIn(self.changedcred, credlist)

    def test_remove_group(self):
        resp = self.staff.get(
            reverse("staff.views.change_advice_by_user_and_group", args=(self.unorm.id, self.group.id))
        )
        self.assertEqual(resp.status_code, 200)
        credlist = resp.context["creds"]
        self.assertIn(self.viewedcred, credlist)
        self.assertNotIn(self.changedcred, credlist)
Exemplo n.º 5
0
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.tag = Tag(name="tag")
        self.tag.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")
        self.nobody = Client()
        self.nobody.login(username="******", password="******")

        self.cred = Cred(title="secret", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 6
0
    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 7
0
class ApiTest(TestCase):
    def setUp(self):
        self.data = TestData()
        self.cred = Cred(title="one", username="******", password="******", group=self.data.group)
        self.cred.save()
        self.detail_url = reverse("api_dispatch_detail", kwargs={"resource_name": "cred", "api_name": "v1", "pk": self.cred.pk})

    def test_cant_use_expired_key(self):
        res = self.data.norm.get(self.detail_url)
        data = json.loads(res.content)
        for key, val in [("title", "one"), ("username", "two"), ("password", "three")]:
            self.assertEqual(data[key], val)

    def test_can_post_ssh_key_into_cred(self):
        self.cred.ssh_key = None
        self.cred.save()

        res = self.data.norm.get(self.detail_url)
        data = json.loads(res.content)
        assert 'ssh_key' not in data

        with open(os.path.join(ssh_keys, "1.pem")) as fle:
            res = self.data.norm.post(self.detail_url, {'ssh_key': fle})

        data = json.loads(res.content)
        with open(os.path.join(ssh_keys, "1.pem")) as fle:
            self.assertEqual(data['ssh_key'], fle.read())

        res = self.data.norm.get(self.detail_url)
        data = json.loads(res.content)
        with open(os.path.join(ssh_keys, "1.pem")) as fle:
            self.assertEqual(data['ssh_key'], fle.read())

    def test_it_complains_if_given_something_that_isnt_an_ssh_key(self):
        with a_temp_file() as filename:
            with open(filename, 'w') as fle:
                fle.write("blah")
            res = self.data.norm.post(self.detail_url, {"ssh_key": open(filename)})
        self.assertEqual(res.status_code, 500)
        self.assertEqual(res.content, "not a valid RSA private key file")
Exemplo n.º 8
0
def import_from_keepass(request):
    if request.method == 'POST':
        form = KeepassImportForm(request.user, request.POST, request.FILES)
        if form.is_valid():
            group = form.cleaned_data['group']
            for e in form.cleaned_data['db']['entries']:
                cred = Cred(
                    title=e['title'],
                    username=e['username'],
                    password=e['password'],
                    description=e['description'],
                    group=group,
                )
                cred.save()
                CredAudit(audittype=CredAudit.CREDADD, cred=cred, user=request.user).save()
                for t in e['tags']:
                    (tag, create) = Tag.objects.get_or_create(name=t)
                    cred.tags.add(tag)

            return HttpResponseRedirect(reverse('staff.views.home'))
    else:
        form = KeepassImportForm(request.user)
    return render(request, 'staff_keepassimport.html', {'form': form})
Exemplo n.º 9
0
    def setUpBasicData(self):
        self.tag = Tag(name="tag")
        self.tag.save()

        self.cred = Cred(title="secret", username="******", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group,
        )
        self.injectcred.save()
        self.markdowncred = Cred(
            title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
        )
        self.markdowncred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 10
0
    def setUp(self):
        g = Group(name='h')
        g.save()

        c = Cred(title='testcred', password='******', group=g)
        c.save()

        d = Cred(title='todelete', password='******', group=g)
        d.save()
        d.delete()

        md = Cred(title='Markdown Cred', password='******', group=g, description='# Test')
        md.save()

        u = User(username='******')
        u.save()
        u.groups.add(g)
        u.save()

        f = User(username='******')
        f.save()

        s = User(username='******', is_staff=True)
        s.save()
        s.groups.add(g)
        s.save()

        self.c = c
        self.d = d
        self.u = u
        self.f = f
        self.s = s
Exemplo n.º 11
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def loginLDAP(self, username, password):
        c = Client()
        loginurl = reverse('django.contrib.auth.views.login')
        c.post(loginurl, {'username': username, 'password': password})

        return c

    def getLDAPAuthData(self):
        self.norm = self.loginLDAP(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.loginLDAP(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.loginLDAP(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username='******', password='******')
        self.staff = Client()
        self.staff.login(username='******', password='******')
        self.nobody = Client()
        self.nobody.login(username='******', password='******')

    def setUpBasicData(self):
        self.tag = Tag(name='tag')
        self.tag.save()

        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 12
0
class StaffViewTests(TestCase):
    def setUp(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.tag = Tag(name="tag")
        self.tag.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.group)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = Client()
        self.norm.login(username="******", password="******")
        self.staff = Client()
        self.staff.login(username="******", password="******")
        self.nobody = Client()
        self.nobody.login(username="******", password="******")

        self.cred = Cred(title="secret", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()

    def test_home(self):
        resp = self.staff.get(reverse("staff.views.home"))
        self.assertEqual(resp.status_code, 200)
        userlist = resp.context["userlist"]
        grouplist = resp.context["grouplist"]
        self.assertIn(self.unorm, userlist)
        self.assertIn(self.ustaff, userlist)
        self.assertIn(self.unobody, userlist)
        self.assertIn(self.group, grouplist)
        self.assertIn(self.othergroup, grouplist)

    def test_view_trash(self):
        self.cred.is_deleted = True
        self.cred.save()
        resp = self.staff.get(reverse("staff.views.view_trash"))
        self.assertEqual(resp.status_code, 200)
        credlist = resp.context["credlist"].object_list
        self.assertIn(self.cred, credlist)
        self.assertNotIn(self.tagcred, credlist)

    def test_userdetail(self):
        resp = self.staff.get(reverse("staff.views.userdetail", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["viewuser"]
        self.assertEqual(self.unobody.id, user.id)

    def test_groupadd(self):
        resp = self.staff.get(reverse("staff.views.groupadd"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["name"] = "Test Group"
        resp = self.staff.post(reverse("staff.views.groupadd"), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newgroup = Group.objects.get(name="Test Group")

    def test_groupdetail(self):
        resp = self.staff.get(reverse("staff.views.groupdetail", args=(self.group.id,)))
        self.assertEqual(resp.status_code, 200)
        group = resp.context["group"]
        self.assertEqual(self.group.id, group.id)

    def test_groupdelete(self):
        resp = self.staff.get(reverse("staff.views.groupdelete", args=(self.othergroup.id,)))
        self.assertEqual(resp.status_code, 200)
        group = resp.context["group"]
        self.assertEqual(self.othergroup.id, group.id)
        resp = self.staff.post(reverse("staff.views.groupdelete", args=(self.othergroup.id,)), follow=True)
        with self.assertRaises(Group.DoesNotExist):
            delgroup = Group.objects.get(id=self.othergroup.id)

    def test_userdelete(self):
        resp = self.staff.get(reverse("staff.views.userdelete", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["viewuser"]
        self.assertEqual(self.unobody.id, user.id)
        resp = self.staff.post(reverse("staff.views.userdelete", args=(self.unobody.id,)), follow=True)
        self.assertEqual(resp.status_code, 200)
        with self.assertRaises(User.DoesNotExist):
            deluser = User.objects.get(id=self.unobody.id)

    def test_audit_by_cred(self):
        resp = self.staff.get(reverse("staff.views.audit_by_cred", args=(self.cred.id,)))
        self.assertEqual(resp.status_code, 200)
        cred = resp.context["cred"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(self.cred.id, cred.id)
        self.assertEqual(resp.context["type"], "cred")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_audit_by_user(self):
        resp = self.staff.get(reverse("staff.views.audit_by_user", args=(self.ustaff.id,)))
        self.assertEqual(resp.status_code, 200)
        user = resp.context["loguser"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(self.ustaff.id, user.id)
        self.assertEqual(resp.context["type"], "user")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_audit_by_days(self):
        resp = self.staff.get(reverse("staff.views.audit_by_days", args=(2,)))
        self.assertEqual(resp.status_code, 200)
        days_ago = resp.context["days_ago"]
        loglist = resp.context["logs"].object_list
        self.assertEqual(int(days_ago), 2)
        self.assertEqual(resp.context["type"], "time")
        self.assertIn(self.logadd, loglist)
        self.assertIn(self.logview, loglist)

    def test_NewUser(self):
        resp = self.staff.get(reverse("user_add"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["username"] = "******"
        post["email"] = "*****@*****.**"
        post["groups"] = self.othergroup.id
        post["newpass"] = "******"
        post["confirmpass"] = "******"
        resp = self.staff.post(reverse("user_add"), post, follow=True)
        with self.assertRaises(KeyError):
            print resp.context["form"].errors
        self.assertEqual(resp.status_code, 200)
        newuser = User.objects.get(username="******")
        self.assertEqual(newuser.email, "*****@*****.**")
        self.assertTrue(newuser.check_password("crazypass"))
        self.assertIn(self.othergroup, newuser.groups.all())
        self.assertNotIn(self.group, newuser.groups.all())

    def test_UpdateUser(self):
        resp = self.staff.get(reverse("user_edit", args=(self.unobody.id,)))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["email"] = "*****@*****.**"
        post["newpass"] = "******"
        post["confirmpass"] = "******"
        resp = self.staff.post(reverse("user_edit", args=(self.unobody.id,)), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newuser = User.objects.get(id=self.unobody.id)
        self.assertEqual(newuser.email, "*****@*****.**")
        self.assertTrue(newuser.check_password("differentpass"))

    def test_import_from_keepass(self):
        gp = Group(name="KeepassImportTest")
        gp.save()
        self.ustaff.groups.add(gp)
        self.ustaff.save()

        resp = self.staff.get(reverse("staff.views.import_from_keepass"))
        self.assertEqual(resp.status_code, 200)
        form = resp.context["form"]
        post = {}
        for i in form:
            if i.value() is not None:
                post[i.name] = i.value()
        post["password"] = "******"
        post["group"] = gp.id
        with open("docs/keepass/test2.kdb") as fp:
            post["file"] = fp
            resp = self.staff.post(reverse("staff.views.import_from_keepass"), post, follow=True)
        self.assertEqual(resp.status_code, 200)
        newcred = Cred.objects.get(title="Google", group=gp)
        self.assertEqual(newcred.password, "Q5CLQhLqI3CtKgK")
        self.assertEqual(newcred.tags.all()[0].name, "Internet")

    def test_credundelete(self):
        self.cred.delete()
        resp = self.staff.get(reverse("staff.views.credundelete", args=(self.cred.id,)))
        self.assertEqual(resp.status_code, 200)
        self.assertEqual(resp.context["cred"], self.cred)
        resp = self.staff.post(reverse("staff.views.credundelete", args=(self.cred.id,)), follow=True)
        self.assertEqual(resp.status_code, 200)
        cred = Cred.objects.get(id=self.cred.id)
        self.assertFalse(cred.is_deleted)
Exemplo n.º 13
0
 def setUp(self):
     self.data = TestData()
     self.cred = Cred(title="one", username="******", password="******", group=self.data.group)
     self.cred.save()
     self.detail_url = reverse("api_dispatch_detail", kwargs={"resource_name": "cred", "api_name": "v1", "pk": self.cred.pk})
Exemplo n.º 14
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse('login')
        c.post(loginurl, {
            'auth-username': username,
            'auth-password': password,
            'rattic_tfa_login_view-current_step': 'auth',
        })

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.login(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.login(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = self.login(username='******', password='******')
        self.staff = self.login(username='******', password='******')
        self.nobody = self.login(username='******', password='******')

    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 15
0
    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 16
0
    def setUp(self):
        g = Group(name='h')
        g.save()

        c = Cred(title='testcred', password='******', group=g)
        c.save()

        d = Cred(title='todelete', password='******', group=g)
        d.save()
        d.delete()

        md = Cred(title='Markdown Cred',
                  password='******',
                  group=g,
                  description='# Test')
        md.save()

        u = User(username='******')
        u.save()
        u.groups.add(g)
        u.save()

        f = User(username='******')
        f.save()

        s = User(username='******', is_staff=True)
        s.save()
        s.groups.add(g)
        s.save()

        self.c = c
        self.d = d
        self.u = u
        self.f = f
        self.s = s
Exemplo n.º 17
0
    except Exception as e:
        print(tag_name, e)

print("=> import Entry")
for entry in res.get("entries", []):
    try:
        kwargs = {}
        tags = []
        for k, v in entry.items():
            if k == "tags":
                tags = v
                continue
            if k in ["filename", "filecontent"]:
                continue
            kwargs[k] = v

        kwargs["group"] = owner_group

        cred = Cred(**kwargs)
        cred.save()
        for tag_name in tags:
            cred.tags.add(Tag.objects.get(name=tag_name))
        cred.save()
    except IntegrityError as e:
        if e.message.endswith(" is not unique"):
            pass
        else:
            print(entry.get("title"), entry.get("name"), e)
    except Exception as e:
        print(entry.get("title"), entry.get("name"), e)
Exemplo n.º 18
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse("django.contrib.auth.views.login")
        c.post(loginurl, {"username": username, "password": password})

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username="******", password="******")
        self.unorm = User.objects.get(username="******")
        self.normpass = "******"

        self.staff = self.login(username="******", password="******")
        self.ustaff = User.objects.get(username="******")

        self.nobody = self.login(username="******", password="******")
        self.unobody = User.objects.get(username="******")

        self.group = Group.objects.get(name="testgroup")
        self.othergroup = Group.objects.get(name="othergroup")

    def setUpAuthData(self):
        self.group = Group(name="testgroup")
        self.group.save()

        self.othergroup = Group(name="othergroup")
        self.othergroup.save()

        self.unorm = User(username="******", email="*****@*****.**")
        self.unorm.set_password("password")
        self.normpass = "******"
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username="******", email="*****@*****.**", is_staff=True)
        self.ustaff.set_password("password")
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username="******", email="*****@*****.**")
        self.unobody.set_password("password")
        self.unobody.save()

        self.norm = self.login(username="******", password="******")
        self.staff = self.login(username="******", password="******")
        self.nobody = self.login(username="******", password="******")

    def setUpBasicData(self):
        self.tag = Tag(name="tag")
        self.tag.save()

        self.cred = Cred(title="secret", username="******", password="******", group=self.group)
        self.cred.save()
        self.tagcred = Cred(title="tagged", password="******", group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group,
        )
        self.injectcred.save()
        self.markdowncred = Cred(
            title="Markdown Cred", password="******", group=self.group, description="# Test", descriptionmarkdown=True
        )
        self.markdowncred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title="Viewed", password="******", group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title="Changed", password="******", group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()
Exemplo n.º 19
0
class TestData:
    def __init__(self):
        if settings.LDAP_ENABLED:
            self.getLDAPAuthData()
        else:
            self.setUpAuthData()
        self.setUpBasicData()

    def login(self, username, password):
        c = Client()
        loginurl = reverse('login')
        c.post(loginurl, {
            'auth-username': username,
            'auth-password': password,
            'rattic_tfa_login_view-current_step': 'auth',
        })

        return c

    def getLDAPAuthData(self):
        self.norm = self.login(username='******', password='******')
        self.unorm = User.objects.get(username='******')
        self.normpass = '******'

        self.staff = self.login(username='******', password='******')
        self.ustaff = User.objects.get(username='******')

        self.nobody = self.login(username='******', password='******')
        self.unobody = User.objects.get(username='******')

        self.group = Group.objects.get(name='testgroup')
        self.othergroup = Group.objects.get(name='othergroup')

    def setUpAuthData(self):
        self.group = Group(name='testgroup')
        self.group.save()

        self.othergroup = Group(name='othergroup')
        self.othergroup.save()

        self.unorm = User(username='******', email='*****@*****.**')
        self.unorm.set_password('password')
        self.normpass = '******'
        self.unorm.save()
        self.unorm.groups.add(self.group)
        self.unorm.save()

        self.ustaff = User(username='******', email='*****@*****.**', is_staff=True)
        self.ustaff.set_password('password')
        self.ustaff.save()
        self.ustaff.groups.add(self.othergroup)
        self.ustaff.save()

        self.unobody = User(username='******', email='*****@*****.**')
        self.unobody.set_password('password')
        self.unobody.save()

        self.norm = self.login(username='******', password='******')
        self.staff = self.login(username='******', password='******')
        self.nobody = self.login(username='******', password='******')

    def setUpBasicData(self):
        # Make a tag
        self.tag = Tag(name='tag')
        self.tag.save()

        # Make a simple credential
        self.cred = Cred(title='secret', username='******', password='******', group=self.group)
        self.cred.save()

        # Make a cred that'll be tagged
        self.tagcred = Cred(title='tagged', password='******', group=self.group)
        self.tagcred.save()
        self.tagcred.tags.add(self.tag)
        self.tagcred.save()

        # A cred that attempts script injection
        self.injectcred = Cred(
            title='<script>document.write("BADTITLE!")</script>Bold!',
            username='******',
            password='******',
            group=self.group
        )
        self.injectcred.save()

        # A cred with markdown
        self.markdowncred = Cred(
            title='Markdown Cred',
            password='******',
            group=self.group,
            description='# Test',
            descriptionmarkdown=True,
        )
        self.markdowncred.save()

        # Add a Unicode credential
        self.unicodecred = Cred(
            title='Unicode ‑ Cred',
            password='******',
            group=self.group,
            description='Γαζέες καὶ μυρτιὲς δὲν θὰ βρῶ πιὰ στὸ χρυσαφὶ ξέφωτο',
        )
        self.unicodecred.save()

        CredChangeQ.objects.add_to_changeq(self.cred)

        self.viewedcred = Cred(title='Viewed', password='******', group=self.group)
        self.viewedcred.save()
        self.changedcred = Cred(title='Changed', password='******', group=self.group)
        self.changedcred.save()

        CredAudit(audittype=CredAudit.CREDADD, cred=self.viewedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDADD, cred=self.changedcred, user=self.unobody).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.viewedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDVIEW, cred=self.changedcred, user=self.unorm).save()
        CredAudit(audittype=CredAudit.CREDCHANGE, cred=self.changedcred, user=self.ustaff).save()

        self.logadd = CredAudit(audittype=CredAudit.CREDADD, cred=self.cred, user=self.ustaff)
        self.logview = CredAudit(audittype=CredAudit.CREDVIEW, cred=self.cred, user=self.ustaff)
        self.logadd.save()
        self.logview.save()