def test_customized_max_body_length(self, mock_log): body = 150 * "0" + "1" request = self.factory.post("/somewhere", data={"file": body}) middleware = LoggingMiddleware(self.get_response) middleware.__call__(request) request_body_str = request.body if isinstance(request.body, str) else request.body.decode() self._assert_logged(mock_log, re.sub(r"\r?\n", "", request_body_str[:150])) self._assert_not_logged(mock_log, body)
class MissingRoutes(BaseLogTestCase): def setUp(self): self.factory = RequestFactory() def get_response(request): response = mock.MagicMock() response.status_code = 200 response.get.return_value = "application/json" headers = {"test_headers": "test_headers"} if IS_DJANGO_VERSION_GTE_3_2_0: response.headers = headers else: response._headers = headers return response self.middleware = LoggingMiddleware(get_response) def test_no_exception_risen(self, mock_log): body = u"some body" request = self.factory.post("/a-missing-route-somewhere", data={"file": body}) self.middleware.__call__(request) self._assert_logged(mock_log, body)
class DjangoDecoratorTestCase(BaseLogTestCase): def setUp(self): self.factory = RequestFactory() def get_response(request): response = mock.MagicMock() response.status_code = 200 response.get.return_value = 'application/json' return response self.middleware = LoggingMiddleware(get_response) # Because django isn't actually processing this test this test stubbed # out the important parts of what it does which is processes a decorator # like @sensitive_post_parameters('pass__word'), which gets added # to the request object, and then I also created the QueryDict that is # the underlying POST data. def test_log_sensitive_post_parameters(self, mock_log): uri = "/dont_log_sensitive_parameter" request = self.factory.post(uri) request.POST = QueryDict('pass_word=foo') request.sensitive_post_parameters = ["pass_word"] self.middleware.__call__(request) self._assert_not_logged(mock_log, "foo")
class LogTestCase(BaseLogTestCase): def setUp(self): self.factory = RequestFactory() def get_response(request): response = mock.MagicMock() response.status_code = 200 response.get.return_value = 'application/json' response._headers = {'test_headers': 'test_headers'} return response self.middleware = LoggingMiddleware(get_response) def test_request_body_logged(self, mock_log): body = u"some body" request = self.factory.post("/somewhere", data={"file": body}) self.middleware.process_request(request) self._assert_logged(mock_log, body) def test_request_binary_logged(self, mock_log): body = u"some body" datafile = io.StringIO(body) request = self.factory.post("/somewhere", data={"file": datafile}) self.middleware.process_request(request) self._assert_logged(mock_log, "(binary data)") @unittest.skipIf(sys.version_info < (3, 0), "This issue won't happen on python 2") def test_request_jpeg_logged(self, mock_log): body = b'--BoUnDaRyStRiNg\r\nContent-Disposition: form-data; name="file"; filename="campaign_carousel_img.jp' \ b'g"\r\nContent-Type: image/jpeg\r\n\r\n\xff\xd8\xff\xe1\x00\x18Exif\x00\x00II*\x00\x08\x00\x00\x00' \ b'\x00\x00\x00\x00\x00\x00\x00\x00\xff\xec\x00\x11Ducky\x00\x01\x00\x04\x00\x00\x00d\x00\x00\xff\xe1' \ b'\x03{http://ns.adobe.com/' datafile = io.BytesIO(body) request = self.factory.post("/somewhere", data={"file": datafile}) self.middleware.process_request(request) self._assert_logged(mock_log, "(multipart/form)") def test_request_headers_logged(self, mock_log): request = self.factory.post("/somewhere", **{'HTTP_USER_AGENT': 'silly-human'}) self.middleware.process_request(request) self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_response_headers_logged(self, mock_log): request = self.factory.post("/somewhere") response = mock.MagicMock() response.get.return_value = 'application/json' response._headers = {'test_headers': 'test_headers'} self.middleware.process_response(request, response) self._assert_logged(mock_log, "test_headers") def test_call_logged(self, mock_log): body = u"some body" request = self.factory.post("/somewhere", data={"file": body}, **{'HTTP_USER_AGENT': 'silly-human'}) self.middleware.__call__(request) self._assert_logged(mock_log, body) self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_call_binary_logged(self, mock_log): body = u"some body" datafile = io.StringIO(body) request = self.factory.post("/somewhere", data={"file": datafile}, **{'HTTP_USER_AGENT': 'silly-human'}) self.middleware.__call__(request) self._assert_logged(mock_log, "(binary data)") self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT") @unittest.skipIf(sys.version_info < (3, 0), "This issue won't happen on python 2") def test_call_jpeg_logged(self, mock_log): body = b'--BoUnDaRyStRiNg\r\nContent-Disposition: form-data; name="file"; filename="campaign_carousel_img.jp' \ b'g"\r\nContent-Type: image/jpeg\r\n\r\n\xff\xd8\xff\xe1\x00\x18Exif\x00\x00II*\x00\x08\x00\x00\x00' \ b'\x00\x00\x00\x00\x00\x00\x00\x00\xff\xec\x00\x11Ducky\x00\x01\x00\x04\x00\x00\x00d\x00\x00\xff\xe1' \ b'\x03{http://ns.adobe.com/' datafile = io.BytesIO(body) request = self.factory.post("/somewhere", data={"file": datafile}, **{'HTTP_USER_AGENT': 'silly-human'}) self.middleware.__call__(request) self._assert_logged(mock_log, "(multipart/form)") self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT")
class LogTestCase(BaseLogTestCase): def setUp(self): self.factory = RequestFactory() def get_response(request): response = mock.MagicMock() response.status_code = 200 response.get.return_value = "application/json" response._headers = {"test_headers": "test_headers"} return response self.middleware = LoggingMiddleware(get_response) def test_request_body_logged(self, mock_log): body = u"some body" request = self.factory.post("/somewhere", data={"file": body}) self.middleware.process_request(request) self._assert_logged(mock_log, body) def test_request_binary_logged(self, mock_log): body = u"some body" datafile = io.StringIO(body) request = self.factory.post("/somewhere", data={"file": datafile}) self.middleware.process_request(request) self._assert_logged(mock_log, "(binary data)") def test_request_jpeg_logged(self, mock_log): body = ( b'--BoUnDaRyStRiNg\r\nContent-Disposition: form-data; name="file"; filename="campaign_carousel_img.jp' b'g"\r\nContent-Type: image/jpeg\r\n\r\n\xff\xd8\xff\xe1\x00\x18Exif\x00\x00II*\x00\x08\x00\x00\x00' b"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xec\x00\x11Ducky\x00\x01\x00\x04\x00\x00\x00d\x00\x00\xff\xe1" b"\x03{http://ns.adobe.com/") datafile = io.BytesIO(body) request = self.factory.post("/somewhere", data={"file": datafile}) self.middleware.process_request(request) self._assert_logged(mock_log, "(multipart/form)") def test_request_headers_logged(self, mock_log): request = self.factory.post("/somewhere", **{"HTTP_USER_AGENT": "silly-human"}) self.middleware.process_request(request) self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_request_headers_sensitive_logged_default(self, mock_log): request = self.factory.post( "/somewhere", **{ "HTTP_AUTHORIZATION": "sensitive-token", "HTTP_PROXY_AUTHORIZATION": "proxy-token" }) middleware = LoggingMiddleware() middleware.process_request(request) self._assert_logged(mock_log, "HTTP_AUTHORIZATION") self._assert_logged(mock_log, "HTTP_PROXY_AUTHORIZATION") self._assert_logged_with_key_value(mock_log, "HTTP_AUTHORIZATION", "*****") self._assert_logged_with_key_value(mock_log, "HTTP_PROXY_AUTHORIZATION", "*****") @override_settings( REQUEST_LOGGING_SENSITIVE_HEADERS=["HTTP_AUTHORIZATION"]) def test_request_headers_sensitive_logged(self, mock_log): request = self.factory.post( "/somewhere", **{ "HTTP_AUTHORIZATION": "sensitive-token", "HTTP_USER_AGENT": "silly-human", "HTTP_PROXY_AUTHORIZATION": "proxy-token", }) middleware = LoggingMiddleware() middleware.process_request(request) self._assert_logged(mock_log, "HTTP_AUTHORIZATION") self._assert_logged(mock_log, "HTTP_USER_AGENT") self._assert_logged(mock_log, "HTTP_PROXY_AUTHORIZATION") self._assert_logged_with_key_value(mock_log, "HTTP_AUTHORIZATION", "*****") self._assert_logged_with_key_value(mock_log, "HTTP_USER_AGENT", "silly-human") self._assert_logged_with_key_value(mock_log, "HTTP_PROXY_AUTHORIZATION", "proxy-token") def test_response_headers_logged(self, mock_log): request = self.factory.post("/somewhere") response = mock.MagicMock() response.get.return_value = "application/json" response._headers = {"test_headers": "test_headers"} self.middleware.process_response(request, response) self._assert_logged(mock_log, "test_headers") def test_call_logged(self, mock_log): body = u"some body" request = self.factory.post("/somewhere", data={"file": body}, **{"HTTP_USER_AGENT": "silly-human"}) self.middleware.__call__(request) self._assert_logged(mock_log, body) self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_call_binary_logged(self, mock_log): body = u"some body" datafile = io.StringIO(body) request = self.factory.post("/somewhere", data={"file": datafile}, **{"HTTP_USER_AGENT": "silly-human"}) self.middleware.__call__(request) self._assert_logged(mock_log, "(binary data)") self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_call_jpeg_logged(self, mock_log): body = ( b'--BoUnDaRyStRiNg\r\nContent-Disposition: form-data; name="file"; filename="campaign_carousel_img.jp' b'g"\r\nContent-Type: image/jpeg\r\n\r\n\xff\xd8\xff\xe1\x00\x18Exif\x00\x00II*\x00\x08\x00\x00\x00' b"\x00\x00\x00\x00\x00\x00\x00\x00\xff\xec\x00\x11Ducky\x00\x01\x00\x04\x00\x00\x00d\x00\x00\xff\xe1" b"\x03{http://ns.adobe.com/") datafile = io.BytesIO(body) request = self.factory.post("/somewhere", data={"file": datafile}, **{"HTTP_USER_AGENT": "silly-human"}) self.middleware.__call__(request) self._assert_logged(mock_log, "(multipart/form)") self._assert_logged(mock_log, "test_headers") self._assert_logged(mock_log, "HTTP_USER_AGENT") def test_minimal_logging_when_streaming(self, mock_log): uri = "/somewhere" request = self.factory.get(uri) response = StreamingHttpResponse(status=200, streaming_content=b"OK", content_type="application/json") self.middleware.process_response(request, response=response) self._assert_logged(mock_log, "(data_stream)")