def test_valid_trusted(self):
"""
Chain of trust:
1. Zone created by this device
2. Another device joins (no central server) through an invitation
"""
own_device = Device.get_own_device()
zone = Zone(name="test_zone")
zone.save()
new_device = Device(name="new_device") # make a new device
new_device.set_key(Key())
new_device.save() # get an ID
new_device.get_metadata().save()
# Now create an invitation, and claim that invitation for the new device.
invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device)
invitation.claim(used_by=new_device)
self.assertEqual(invitation.used_by, new_device, "Invitation should now be used by device %s" % new_device)
self.assertEqual(DeviceZone.objects.filter(device=new_device).count(), 1, "There should be a DeviceZone for device %s" % new_device)
self.assertEqual(DeviceZone.objects.get(device=new_device).zone, zone, "DeviceZone for device %s should be zone %s" % (new_device, zone))
# Now get a chain of trust establishing the new device on the zone
chain = ChainOfTrust(zone=zone, device=new_device)
self.assertTrue(chain.verify(), "Chain of trust should verify.")
def test_valid_trusted(self):
"""
Chain of trust:
1. Zone created by this device
2. Another device joins (no central server) through an invitation
"""
own_device = Device.get_own_device()
zone = Zone(name="test_zone")
zone.save()
new_device = Device(name="new_device") # make a new device
new_device.set_key(Key())
new_device.save() # get an ID
new_device.get_metadata().save()
# Now create an invitation, and claim that invitation for the new device.
invitation = ZoneInvitation.generate(zone=zone, invited_by=own_device)
invitation.claim(used_by=new_device)
self.assertEqual(
invitation.used_by, new_device,
"Invitation should now be used by device %s" % new_device)
self.assertEqual(
DeviceZone.objects.filter(device=new_device).count(), 1,
"There should be a DeviceZone for device %s" % new_device)
self.assertEqual(
DeviceZone.objects.get(device=new_device).zone, zone,
"DeviceZone for device %s should be zone %s" % (new_device, zone))
# Now get a chain of trust establishing the new device on the zone
chain = ChainOfTrust(zone=zone, device=new_device)
self.assertTrue(chain.verify(), "Chain of trust should verify.")
def create_json_file(include_data):
central_server = Device.get_central_server()
if not zone_id:
models = [central_server] if central_server else []
else:
# Get a chain of trust to the zone owner.
# Because we're on the central server, this will
# simply be the central server, but in the future
# this would return an actual chain.
logging.debug("Generating a zone invitation...")
zone = Zone.objects.get(id=zone_id)
chain = ChainOfTrust(zone=zone)
assert chain.validate()
new_invitation = ZoneInvitation.generate(
zone=zone, invited_by=Device.get_own_device())
new_invitation.save(
) # keep a record of the invitation, for future revocation. Also, signs the thing
# This ordering of objects is a bit be hokey, but OK--invitation usually must be
# inserted before devicezones--but because it's not pointing to any devices,
# it's OK to be at the end.
# Note that the central server will always be at the front of the chain of trust,
# so no need to explicitly include.
models = chain.objects() + [new_invitation]
#
if include_data:
logging.debug("Serializing entire dataset...")
devices = Device.objects.by_zone(zone)
devicezones = DeviceZone.objects.filter(zone=zone)
models += list(devices) + list(devicezones)
models += engine.get_models(
zone=zone, limit=None) # get all models on this zone
models_file = tempfile.mkstemp()[1]
with open(models_file, "w") as fp:
fp.write(engine.serialize(models))
return models_file
def create_json_file(include_data):
central_server = Device.get_central_server()
if not zone_id:
models = [central_server] if central_server else []
else:
# Get a chain of trust to the zone owner.
# Because we're on the central server, this will
# simply be the central server, but in the future
# this would return an actual chain.
logging.debug("Generating a zone invitation...")
zone = Zone.objects.get(id=zone_id)
chain = ChainOfTrust(zone=zone)
assert chain.validate()
new_invitation = ZoneInvitation.generate(zone=zone, invited_by=Device.get_own_device())
new_invitation.save() # keep a record of the invitation, for future revocation. Also, signs the thing
# This ordering of objects is a bit be hokey, but OK--invitation usually must be
# inserted before devicezones--but because it's not pointing to any devices,
# it's OK to be at the end.
# Note that the central server will always be at the front of the chain of trust,
# so no need to explicitly include.
models = chain.objects() + [new_invitation]
#
if include_data:
logging.debug("Serializing entire dataset...")
devices = Device.objects.by_zone(zone)
devicezones = DeviceZone.objects.filter(zone=zone)
models += list(devices) + list(devicezones)
models += engine.get_models(zone=zone, limit=None) # get all models on this zone
models_file = tempfile.mkstemp()[1]
with open(models_file, "w") as fp:
fp.write(engine.serialize(models))
return models_file
