def test_store_and_get(self):
user_id = '1'
user_ik = '2'
encrypted = EncryptedQuestionnaireStorage(user_id, user_ik)
data = "test"
encrypted.add_or_update(data)
# check we can decrypt the data
self.assertEqual("test", encrypted.get_user_data())
class TestEncryptedQuestionnaireStorage(AppContextTestCase):
def setUp(self):
super().setUp()
self.storage = EncryptedQuestionnaireStorage('user_id', 'user_ik', 'pepper')
def test_encrypted_storage_requires_user_id(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(None, 'key', 'pepper')
def test_encrypted_storage_requires_user_ik(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage('1', None, 'pepper')
def test_store_and_get(self):
user_id = '1'
user_ik = '2'
encrypted = EncryptedQuestionnaireStorage(user_id, user_ik, 'pepper')
data = 'test'
encrypted.add_or_update(data, QuestionnaireStore.LATEST_VERSION)
# check we can decrypt the data
self.assertEqual(('test', QuestionnaireStore.LATEST_VERSION), encrypted.get_user_data())
def test_store(self):
data = 'test'
self.assertIsNone(self.storage.add_or_update(data, QuestionnaireStore.LATEST_VERSION))
self.assertIsNotNone(self.storage.get_user_data()) # pylint: disable=protected-access
def test_get(self):
data = 'test'
self.storage.add_or_update(data, QuestionnaireStore.LATEST_VERSION)
self.assertEqual((data, QuestionnaireStore.LATEST_VERSION), self.storage.get_user_data())
def test_delete(self):
data = 'test'
self.storage.add_or_update(data, QuestionnaireStore.LATEST_VERSION)
self.assertEqual((data, QuestionnaireStore.LATEST_VERSION), self.storage.get_user_data())
self.storage.delete()
self.assertEqual((None, None), self.storage.get_user_data()) # pylint: disable=protected-access
def test_stateless_store(self):
data = 'test'
self.storage.stateless_updates_enabled = True
with mock.patch.object(self.storage, '_find_questionnaire_state') as m_find:
self.storage.add_or_update(data, QuestionnaireStore.LATEST_VERSION)
m_find.assert_not_called()
def test_store_and_get(self):
user_id = '1'
user_ik = '2'
encrypted = EncryptedQuestionnaireStorage(user_id, user_ik, 'pepper')
data = 'test'
encrypted.add_or_update(data, QuestionnaireStore.LATEST_VERSION)
# check we can decrypt the data
self.assertEqual(('test', QuestionnaireStore.LATEST_VERSION), encrypted.get_user_data())
def test_store_and_get(self):
user_id = "1"
user_ik = "2"
encrypted = EncryptedQuestionnaireStorage(user_id, user_ik, "pepper")
data = "test"
encrypted.save(data)
# check we can decrypt the data
self.assertEqual(("test", QuestionnaireStore.LATEST_VERSION),
encrypted.get_user_data())
class TestEncryptedQuestionnaireStorage(AppContextTestCase):
def setUp(self):
super().setUp()
self.storage = EncryptedQuestionnaireStorage("user_id", "user_ik",
"pepper")
def test_encrypted_storage_requires_user_id(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(None, "key", "pepper")
def test_encrypted_storage_requires_user_ik(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage("1", None, "pepper")
def test_store_and_get(self):
user_id = "1"
user_ik = "2"
encrypted = EncryptedQuestionnaireStorage(user_id, user_ik, "pepper")
data = "test"
encrypted.save(data)
# check we can decrypt the data
self.assertEqual(("test", QuestionnaireStore.LATEST_VERSION),
encrypted.get_user_data())
def test_store(self):
data = "test"
self.assertIsNone(self.storage.save(data))
self.assertIsNotNone(self.storage.get_user_data()) # pylint: disable=protected-access
def test_get(self):
data = "test"
self.storage.save(data)
self.assertEqual((data, QuestionnaireStore.LATEST_VERSION),
self.storage.get_user_data())
def test_delete(self):
data = "test"
self.storage.save(data)
self.assertEqual((data, QuestionnaireStore.LATEST_VERSION),
self.storage.get_user_data())
self.storage.delete()
self.assertEqual((None, None), self.storage.get_user_data()) # pylint: disable=protected-access
def test_store_and_get_without_submitted_at(self):
encrypted = EncryptedQuestionnaireStorage(user_id="1",
user_ik="2",
pepper="pepper")
encrypted.save(data="test",
collection_exercise_sid="ce_sid",
expires_at=RESPONSE_EXPIRY)
# check we can decrypt the data
self.assertEqual(
("test", "ce_sid", QuestionnaireStore.LATEST_VERSION, None),
encrypted.get_user_data(),
)
def test_store_and_get_with_submitted_at(self):
now = datetime.now(timezone.utc).replace(microsecond=0)
encrypted = EncryptedQuestionnaireStorage(user_id="1",
user_ik="2",
pepper="pepper")
encrypted.save(
data="test",
collection_exercise_sid="ce_sid",
submitted_at=now,
expires_at=RESPONSE_EXPIRY,
)
self.assertEqual(
("test", "ce_sid", QuestionnaireStore.LATEST_VERSION, now),
encrypted.get_user_data(),
)
class TestLegacyEncryptedQuestionnaireStorage(AppContextTestCase):
"""Compression didn't used to be applied to the questionnaire store data. It also
used to be base64-encoded. For performance reasons the base64 encoding was removed
and compression applied using the snappy lib
"""
def setUp(self):
super().setUp()
user_id = 'user_id'
self.storage = EncryptedQuestionnaireStorage(user_id, 'user_ik', 'pepper')
self._save_legacy_state_data(user_id, 'test')
def test_get(self):
"""Tests that the legacy data is correctly decrypted
"""
data = 'test'
self.assertEqual((data, QuestionnaireStore.LATEST_VERSION), self.storage.get_user_data())
def _save_legacy_state_data(self, user_id, data):
protected_header = {
'alg': 'dir',
'enc': 'A256GCM',
'kid': '1,1',
}
jwe_token = jwe.JWE(
plaintext=base64url_encode(data),
protected=protected_header,
recipient=self.storage.encrypter.key
)
legacy_state_data = json.dumps({'data': jwe_token.serialize(compact=True)})
questionnaire_state = QuestionnaireState(
user_id,
legacy_state_data,
QuestionnaireStore.LATEST_VERSION
)
data_access.put(questionnaire_state)
class TestEncryptedQuestionnaireStorage(unittest.TestCase):
def setUp(self):
self.database = Database("sqlite://", 1, 0)
self.storage = EncryptedQuestionnaireStorage(self.database, "user_id", "user_ik", "pepper")
def test_encrypted_storage_requires_user_id(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(self.database, None, "key", "pepper")
def test_encrypted_storage_requires_user_ik(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(self.database, "1", None, "pepper")
def test_encrypted_storage_requires_pepper(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(self.database, "1", "key", None)
def test_generate_cek(self):
cek1 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek2 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek3 = EncryptedQuestionnaireStorage(self.database, "user2", "user_ik_2", "pepper")._cek
self.assertEqual(cek1, cek2)
self.assertNotEqual(cek1, cek3)
self.assertNotEqual(cek2, cek3)
def test_generate_cek_different_user_ids(self):
cek1 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek2 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek3 = EncryptedQuestionnaireStorage(self.database, "user2", "user_ik_1", "pepper")._cek
self.assertEqual(cek1, cek2)
self.assertNotEqual(cek1, cek3)
self.assertNotEqual(cek2, cek3)
def test_generate_cek_different_user_iks(self):
cek1 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek2 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek3 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_2", "pepper")._cek
self.assertEqual(cek1, cek2)
self.assertNotEqual(cek1, cek3)
self.assertNotEqual(cek2, cek3)
def test_generate_cek_different_pepper(self):
cek1 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "pepper")._cek
cek2 = EncryptedQuestionnaireStorage(self.database, "user1", "user_ik_1", "test")._cek
self.assertNotEqual(cek1, cek2)
def test_store_and_get(self):
user_id = '1'
user_ik = '2'
encrypted = EncryptedQuestionnaireStorage(self.database, user_id, user_ik, "pepper")
data = "test"
encrypted.add_or_update(data)
# check we can decrypt the data
self.assertEqual("test", encrypted.get_user_data())
def test_store(self):
data = 'test'
self.assertIsNone(self.storage.add_or_update(data))
self.assertIsNotNone(self.storage.get_user_data()) # pylint: disable=protected-access
def test_get(self):
data = 'test'
self.storage.add_or_update(data)
self.assertEqual(data, self.storage.get_user_data())
def test_delete(self):
data = 'test'
self.storage.add_or_update(data)
self.assertEqual(data, self.storage.get_user_data())
self.storage.delete()
self.assertIsNone(self.storage.get_user_data()) # pylint: disable=protected-access
class TestEncryptedQuestionnaireStorage(AppContextTestCase):
def setUp(self):
super().setUp()
self.storage = EncryptedQuestionnaireStorage("user_id", "user_ik",
"pepper")
def test_encrypted_storage_requires_user_id(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage(None, "key", "pepper")
def test_encrypted_storage_requires_user_ik(self):
with self.assertRaises(ValueError):
EncryptedQuestionnaireStorage("1", None, "pepper")
def test_store_and_get_without_submitted_at(self):
encrypted = EncryptedQuestionnaireStorage(user_id="1",
user_ik="2",
pepper="pepper")
encrypted.save(data="test",
collection_exercise_sid="ce_sid",
expires_at=RESPONSE_EXPIRY)
# check we can decrypt the data
self.assertEqual(
("test", "ce_sid", QuestionnaireStore.LATEST_VERSION, None),
encrypted.get_user_data(),
)
def test_store_and_get_with_submitted_at(self):
now = datetime.now(timezone.utc).replace(microsecond=0)
encrypted = EncryptedQuestionnaireStorage(user_id="1",
user_ik="2",
pepper="pepper")
encrypted.save(
data="test",
collection_exercise_sid="ce_sid",
submitted_at=now,
expires_at=RESPONSE_EXPIRY,
)
self.assertEqual(
("test", "ce_sid", QuestionnaireStore.LATEST_VERSION, now),
encrypted.get_user_data(),
)
def test_store(self):
data = "test"
self.assertIsNone(self.storage.save(data, "ce_sid"))
self.assertIsNotNone(self.storage.get_user_data()) # pylint: disable=protected-access
def test_get(self):
data = "test"
self.storage.save(data, "ce_sid", expires_at=RESPONSE_EXPIRY)
self.assertEqual(
(data, "ce_sid", QuestionnaireStore.LATEST_VERSION, None),
self.storage.get_user_data(),
)
def test_delete(self):
data = "test"
self.storage.save(data, "ce_sid", expires_at=RESPONSE_EXPIRY)
self.assertEqual(
(data, "ce_sid", QuestionnaireStore.LATEST_VERSION, None),
self.storage.get_user_data(),
)
self.storage.delete()
self.assertEqual((None, None, None, None),
self.storage.get_user_data()) # pylint: disable=protected-access
