Пример #1
0
    def test__download_file__s3(self, __generate_s3_url):
        account = Account()
        account.username = "******"
        account.endpoint__amazon_s3_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        file1 = File()
        file1.filename = "filename1.png"
        file1.id = "id1"
        file1.storage_engine = "s3"
        file1.account = new_token.account
        file1.authenticated_user = "******"
        file1.time = datetime.datetime.now()

        self.persist([account, new_token, file1])

        __generate_s3_url.return_value = "http://fakeurl"

        rv = self.app.get("/manage/files/id1/download?token=token1")
        assert rv.status_code == 200

        response = json.loads(rv.data)
        assert response["url"] == "http://fakeurl"
Пример #2
0
    def test__list_credentials(self):
        # Create a token and Matching User

        account = Account()
        account.username = "******"

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = account.username
        new_token.token = "token1"
        new_token.admin = True

        credentials = TempCredentials()
        credentials.account = account.username
        credentials.username = "******"
        credentials.password = "******"

        self.persist([account, new_token, credentials])

        rv = self.app.get("/manage/credentials?token=token1", data={})

        assert rv.status_code == 200
        response = json.loads(rv.data)
        assert response["credentials"] == [{
            "password": "******",
            "username": "******"
        }]
Пример #3
0
    def test_manage_account_delete(self):
        account = Account()
        account.username = "******"
        account.endpoint__dropbox_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        storage = Storage()
        storage.id = "id1"
        storage.account = "michael"
        storage.path = "/"
        storage.endpoint__amazon_s3_access_key_id = "endpoint__amazon_s3_access_key_id"
        storage.endpoint__amazon_s3_access_secret_key = "endpoint__amazon_s3_access_secret_key"
        storage.endpoint__dropbox_access_token = "endpoint__dropbox_access_token"
        storage.endpoint__dropbox_user_id = "endpoint__dropbox_user_id"
        storage.store_type = "dropbox"

        self.persist([account, new_token, storage])

        self.app.delete(
            "/manage/account/storage?token=token1", data=json.dumps({"id": "id1"})
        )

        rv = self.app.get(
            "/manage/account/storage?token=token1",
        )

        assert len(json.loads(rv.data)["storage"]) == 0
Пример #4
0
    def test__get_files(self):
        # Create a token
        new_token = PushToken()
        new_token.account = "user1"
        new_token.token = "token1"
        new_token.admin = True

        file1 = File()
        file1.filename = "filename1.png"
        file1.id = "id1"
        file1.account = new_token.account
        file1.authenticated_user = "******"
        file1.time = datetime.datetime.now()

        self.persist([new_token, file1])

        rv = self.app.get("/manage/files?token=token1", data={})

        assert rv.status_code == 200

        files = json.loads(rv.data)
        assert len(files["files"]) == 1

        assert files["files"][0]["uploader"] == "uploader"
        assert files["files"][0]["filename"] == "filename1.png"
        assert files["files"][0]["id"] == "id1"
Пример #5
0
    def test__download_file__missing(self):
        account = Account()
        account.username = "******"
        account.endpoint__amazon_s3_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        self.persist([account, new_token])

        rv = self.app.get("/manage/files/id1/download?token=token1")
        assert rv.status_code == 404
Пример #6
0
def push_authenticate():
    username = request.form.get("username")
    password = request.form.get("password")

    account = flask.g.db_session.query(Account).filter(
        Account.username == username).scalar()
    if account:
        if not __internal_check_password_matches(account, password):
            return flask.jsonify(err="Account was invalid"), 403

        if not account.email_confirmation_code_accepted:
            return flask.jsonify(
                err="Account email address has not been registered"), 403

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = username
        new_token.token = str(uuid.uuid4())
        new_token.admin = True
        flask.g.db_session.add(new_token)
        return flask.jsonify(token=new_token.token)

    temp_account = flask.g.db_session.query(TempCredentials).filter(
        TempCredentials.username == username).scalar()
    if temp_account:
        if temp_account.password != password:
            return flask.jsonify(err="Account was invalid"), 403

        new_token = PushToken()
        new_token.account = temp_account.account
        new_token.token = str(uuid.uuid4())
        new_token.authenticated_user = username
        new_token.admin = False
        flask.g.db_session.add(new_token)
        return flask.jsonify(token=new_token.token)

    return flask.jsonify(err="Account was invalid"), 403
Пример #7
0
    def test_manage_account_storage_save(self):
        account = Account()
        account.username = "******"
        account.endpoint__dropbox_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        storage = Storage()
        storage.id = "id1"
        storage.account = "michael"
        storage.path = ""
        storage.endpoint__amazon_s3_access_key_id = ""
        storage.endpoint__amazon_s3_access_secret_key = ""
        storage.endpoint__dropbox_access_token = ""
        storage.endpoint__dropbox_user_id = ""
        storage.store_type = ""

        self.persist([account, new_token, storage])

        rv = self.app.post(
            "/manage/account/storage?token=token1",
            data=json.dumps({
                "id": "id1",
                "path": "/path",
                "store_type": "dropbox"
            })
        )

        rv = self.app.get(
            "/manage/account/storage?token=token1",
        )

        assert json.loads(rv.data) == {
            "storage": [
                {
                    "account": "michael",
                    "endpoint__amazon_s3_access_key_id": "",
                    "endpoint__amazon_s3_access_secret_key": "",
                    "endpoint__dropbox_access_token": "",
                    "endpoint__dropbox_user_id": "",
                    "id": "id1",
                    "path": "/path",
                    "store_type": "dropbox"
                }
            ]
        }
Пример #8
0
    def test__upload_file__choose_path(self, __upload_s3, __upload_dropbox):
        account = Account()
        account.username = "******"
        account.endpoint__dropbox_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        storage = Storage()
        storage.id = "id1"
        storage.account = "michael"
        storage.path = "/dropbox/path"
        storage.store_type = "dropbox"
        storage.permissions = "rw"

        storage2 = Storage()
        storage2.id = "id2"
        storage2.account = "michael"
        storage2.path = "/s3/path"
        storage2.store_type = "s3"
        storage2.permissions = "rw"

        storage3 = Storage()
        storage3.id = "id3"
        storage3.account = "michael"
        storage3.path = "/"
        storage3.store_type = "dropbox"
        storage3.permissions = "rw"

        self.persist([account, new_token, storage, storage2, storage3])

        resp = self.app.post('/push/upload/token1',
                             data={
                                 'file': (StringIO('my file contents'),
                                          'hello world.txt'),
                                 'path':
                                 "/s3/path/hello world.txt"
                             })

        assert resp.status_code == 200
        assert len(self.session.query(File).all()) == 1
        assert __upload_s3.called == 1
        __upload_s3.assert_called_with(mock.ANY, mock.ANY, '/hello world.txt')
Пример #9
0
    def test__upload_file__dropbox__temp_user(self, __upload_dropbox):
        account = Account()
        account.username = "******"
        account.endpoint__dropbox_enabled = True

        credentials = TempCredentials()
        credentials.account = "michael"
        credentials.username = "******"
        credentials.permissions_mode = "w"
        credentials.permissions_path = "/"

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = False
        new_token.authenticated_user = "******"

        storage = Storage()
        storage.id = "id1"
        storage.account = "michael"
        storage.path = "/"
        storage.endpoint__amazon_s3_access_key_id = ""
        storage.endpoint__amazon_s3_access_secret_key = ""
        storage.endpoint__dropbox_access_token = ""
        storage.endpoint__dropbox_user_id = ""
        storage.store_type = "dropbox"
        storage.permissions = "rw"

        self.persist([account, new_token, storage, credentials])

        resp = self.app.post('/push/upload/token1',
                             data={
                                 'file': (StringIO('my file contents'),
                                          'hello world.txt'),
                                 'path':
                                 "/hello world.txt"
                             })

        assert resp.status_code == 200
        assert len(self.session.query(File).all()) == 1
        assert __upload_dropbox.called == 1
        __upload_dropbox.assert_called_with(mock.ANY, mock.ANY,
                                            '/hello world.txt')
Пример #10
0
def push_authenticate_get_token():
    username = request.form.get("username")
    service_token = request.form.get("service_token")

    if service_token != config__get("COUCHDROP_SERVICE__SERVICE_TOKEN"):
        return flask.jsonify(err="This route requires a service token"), 403

    account = flask.g.db_session.query(Account).filter(
        Account.username == username).scalar()
    if account:
        if not account.email_confirmation_code_accepted:
            return flask.jsonify(
                err="Account email address has not been registered"), 403

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = username
        new_token.token = str(uuid.uuid4())
        new_token.admin = True
        flask.g.db_session.add(new_token)
        return flask.jsonify(token=new_token.token)
    return flask.jsonify(err="Account was invalid"), 403
Пример #11
0
    def test_manage_account_storage_put(self):
        account = Account()
        account.username = "******"
        account.endpoint__dropbox_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        self.persist([account, new_token])

        rv = self.app.put(
            "/manage/account/storage?token=token1",
        )

        rv = self.app.get(
            "/manage/account/storage?token=token1",
        )

        elem = json.loads(rv.data)["storage"]
        assert elem[0]["account"] == "michael"
Пример #12
0
    def test__download_file__invalid_permissions(self):
        account = Account()
        account.username = "******"
        account.endpoint__amazon_s3_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        file1 = File()
        file1.filename = "filename1.png"
        file1.id = "id1"
        file1.account = "random_account"
        file1.authenticated_user = "******"
        file1.time = datetime.datetime.now()

        self.persist([account, new_token, file1])

        rv = self.app.get("/manage/files/id1/download?token=token1")
        print rv.data
        assert rv.status_code == 404
Пример #13
0
    def test__delete_credentials__invalid_account(self):
        # Create a token and Matching User

        account = Account()
        account.username = "******"

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = account.username
        new_token.token = "token1"
        new_token.admin = True

        credentials = TempCredentials()
        credentials.account = "someotheruser"
        credentials.username = "******"
        credentials.password = "******"

        self.persist([account, new_token, credentials])

        rv = self.app.delete("/manage/credentials/user1/delete?token=token1",
                             data={})

        # No delete operation performed
        assert len(self.session.query(TempCredentials).all()) == 1
Пример #14
0
    def test__create_credentials(self):
        # Create a token and Matching User

        account = Account()
        account.username = "******"

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = account.username
        new_token.token = "token1"
        new_token.admin = True

        self.persist([account, new_token])

        rv = self.app.put("/manage/credentials?token=token1", data={})

        assert rv.status_code == 200
        assert len(self.session.query(TempCredentials).all()) == 1

        created_credentials = self.session.query(TempCredentials).all()[0]
        assert created_credentials
        assert created_credentials.account == "michael"
        assert created_credentials.username
        assert created_credentials.password
Пример #15
0
    def test__delete_credentials(self):
        # Create a token and Matching User

        account = Account()
        account.username = "******"

        new_token = PushToken()
        new_token.account = account.username
        new_token.authenticated_user = account.username
        new_token.token = "token1"
        new_token.admin = True

        credentials = TempCredentials()
        credentials.account = account.username
        credentials.username = "******"
        credentials.password = "******"

        self.persist([account, new_token, credentials])

        rv = self.app.delete("/manage/credentials/user1/delete?token=token1",
                             data={})

        assert rv.status_code == 200
        assert len(self.session.query(TempCredentials).all()) == 0
Пример #16
0
    def test__upload_file__s3(self, __upload_s3):
        account = Account()
        account.username = "******"
        account.endpoint__amazon_s3_enabled = True

        new_token = PushToken()
        new_token.account = "michael"
        new_token.token = "token1"
        new_token.admin = True

        storage = Storage()
        storage.id = "id1"
        storage.account = "michael"
        storage.path = "/"
        storage.endpoint__amazon_s3_access_key_id = ""
        storage.endpoint__amazon_s3_access_secret_key = ""
        storage.endpoint__dropbox_access_token = ""
        storage.endpoint__dropbox_user_id = ""
        storage.store_type = "s3"
        storage.permissions = "rw"

        self.persist([account, new_token, storage])

        resp = self.app.post('/push/upload/token1',
                             data={
                                 'file': (StringIO('my file contents'),
                                          'hello world.txt'),
                                 'path':
                                 '/dudes/path/hello world.txt'
                             })

        assert resp.status_code == 200
        assert len(self.session.query(File).all()) == 1
        assert __upload_s3.called == 1
        __upload_s3.assert_called_with(mock.ANY, mock.ANY,
                                       '/dudes/path/hello world.txt')