def testOk(self): self.mox.StubOutWithMock(util.mail, 'EmailMessage', True) recipients = ['*****@*****.**', '*****@*****.**'] reply_to = '*****@*****.**' sender = '*****@*****.**' subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' bcc_recipients = ['*****@*****.**'] mock_email = self.mox.CreateMockAnything() util.mail.EmailMessage(to=recipients, reply_to=reply_to, sender=sender, subject=subject, body=body).AndReturn(mock_email) mock_email.send().AndReturn(None) self.mox.ReplayAll() orig_dev = util.settings.DEVELOPMENT util.settings.DEVELOPMENT = False util.SendEmail(recipients, subject, body, sender=sender, reply_to=reply_to, bcc_recipients=bcc_recipients) util.settings.DEVELOPMENT = orig_dev self.mox.VerifyAll()
def SendRetrievalEmail(self, entity, user): """Sends a retrieval notification email to the owner of a Mac. Args: entity: models.FileVaultVolume object that was retrieved. user: models.User object of the user that retrieved the passphrase. """ body = settings.RETRIEVAL_EMAIL_BODY % { 'retrieved_by': user.user.email(), 'hostname': entity.hostname, 'platform_uuid': entity.platform_uuid, 'serial': entity.serial or '', 'hdd_serial': entity.hdd_serial, 'volume_uuid': entity.volume_uuid, 'helpdesk_name': settings.HELPDESK_NAME, } user_email = user.user.email() try: # If the user has access to "silently" retrieve keys without the owner # being notified, email only SILENT_AUDIT_ADDRESSES. self.VerifyPermissions(permissions.SILENT_RETRIEVE, user) to = [user_email] + settings.SILENT_AUDIT_ADDRESSES except models.FileVaultAccessDeniedError: # Otherwise email the owner and RETRIEVE_AUDIT_ADDRESSES. owner_email = '%s@%s' % (entity.owner, settings.DEFAULT_EMAIL_DOMAIN) to = [owner_email, user_email] + settings.RETRIEVE_AUDIT_ADDRESSES # In case of empty owner. to = [x for x in to if x] util.SendEmail(to, settings.RETRIEVAL_EMAIL_SUBJECT, body)
def testByPermReadUserWithNoOwner(self): mock_user = self.mox.CreateMockAnything(models.User) mock_user.user = self.mox.CreateMockAnything(users.User) mock_user.user.email = lambda: '*****@*****.**' mock_entity = models.LuksVolume mock_entity.owner = None self.mox.StubOutWithMock(self.c, 'RenderTemplate') data = self._GetDataDict(mock_entity, mock_user) self.c.RenderTemplate('retrieval_email.txt', data, response_out=False).AndReturn('body') self.mox.StubOutWithMock(util, 'SendEmail') self.mox.StubOutWithMock(settings, 'RETRIEVE_AUDIT_ADDRESSES') settings.RETRIEVE_AUDIT_ADDRESSES = ['*****@*****.**'] self.mox.StubOutWithMock(self.c, 'VerifyPermissions') self.c.VerifyPermissions(permissions.SILENT_RETRIEVE, user=mock_user).AndRaise( models.AccessDeniedError('test')) owner_email = '%s@%s' % (mock_entity.owner, settings.DEFAULT_EMAIL_DOMAIN) user_email = mock_user.user.email() util.SendEmail([user_email] + settings.RETRIEVE_AUDIT_ADDRESSES, settings.LUKS_RETRIEVAL_EMAIL_SUBJECT, 'body') self.mox.ReplayAll() self.c.SendRetrievalEmail(mock_entity, mock_user) self.mox.VerifyAll()
def testByPermSilentRetrieveUser(self): mock_user = self.mox.CreateMockAnything(models.User) mock_user.user = self.mox.CreateMockAnything(users.User) mock_user.user.email = lambda: '*****@*****.**' mock_entity = models.BitLockerVolume() self.mox.StubOutWithMock(self.c, 'RenderTemplate') data = self._GetDataDict(mock_entity, mock_user) self.c.RenderTemplate('retrieval_email.txt', data, response_out=False).AndReturn('body') self.mox.StubOutWithMock(util, 'SendEmail') self.mox.StubOutWithMock(settings, 'RETRIEVE_AUDIT_ADDRESSES') settings.RETRIEVE_AUDIT_ADDRESSES = ['*****@*****.**'] self.mox.StubOutWithMock(self.c, 'VerifyPermissions') self.c.VerifyPermissions(permissions.SILENT_RETRIEVE, user=mock_user) util.SendEmail([mock_user.user.email()] + settings.SILENT_AUDIT_ADDRESSES, settings.BITLOCKER_RETRIEVAL_EMAIL_SUBJECT, 'body') self.mox.ReplayAll() self.c.SendRetrievalEmail(mock_entity, mock_user) self.mox.VerifyAll()
def SendRetrievalEmail(permission_type, entity, user, template='retrieval_email.txt', skip_emails=None): """Sends a retrieval notification email. Args: permission_type: string, one of permission.TYPE_* variables. entity: base.BasePassphrase instance of retrieved object. user: base.User object of the user that retrieved the secret. template: str message template. skip_emails: list filter emails from recipients. """ data = { 'entity': entity, 'helpdesk_email': settings.HELPDESK_EMAIL, 'helpdesk_name': settings.HELPDESK_NAME, 'retrieved_by': user.user.email(), 'user': user, 'server_hostname': app_identity.get_default_version_hostname(), } body = util.RenderTemplate(template, data) user_email = user.user.email() try: base_handler.VerifyPermissions(permissions.SILENT_RETRIEVE, user, permission_type) return except base.AccessDeniedError: pass try: # If the user has access to "silently" retrieve keys without the owner # being notified, email only SILENT_AUDIT_ADDRESSES. base_handler.VerifyPermissions( permissions.SILENT_RETRIEVE_WITH_AUDIT_EMAIL, user, permission_type) to = [user_email] + settings.SILENT_AUDIT_ADDRESSES except base.AccessDeniedError: # Otherwise email the owner and RETRIEVE_AUDIT_ADDRESSES. to = [user_email] + settings.RETRIEVE_AUDIT_ADDRESSES if entity.owner: if '@' in entity.owner: owner_email = entity.owner else: owner_email = '%s@%s' % (entity.owner, settings.DEFAULT_EMAIL_DOMAIN) to.append(owner_email) if skip_emails: to = [email for email in to if email not in skip_emails] subject_var = '%s_RETRIEVAL_EMAIL_SUBJECT' % entity.ESCROW_TYPE_NAME.upper( ) subject = getattr(settings, subject_var, 'Escrow secret retrieval notification.') util.SendEmail(to, subject, body)
def testWithDefaults(self): recipients = ['*****@*****.**', '*****@*****.**'] subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' util.SendEmail(recipients, subject, body, defer=False) mail_stub = self.testbed.get_stub('mail') messages = mail_stub.get_sent_messages() self.assertEqual(1, len(messages)) self.assertEquals( messages[0].reply_to, util.settings.DEFAULT_EMAIL_REPLY_TO)
def testOkDefaultIsDefer(self, defer): recipients = ['*****@*****.**', '*****@*****.**'] reply_to = '*****@*****.**' sender = '*****@*****.**' subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' bcc = ['*****@*****.**'] util.SendEmail( recipients, subject, body, sender=sender, reply_to=reply_to, bcc_recipients=bcc) defer.assert_called_once_with( util._Send, recipients, subject, body, sender, reply_to, bcc)
def testOk(self): recipients = ['*****@*****.**', '*****@*****.**'] reply_to = '*****@*****.**' sender = '*****@*****.**' subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' bcc_recipients = ['*****@*****.**'] util.SendEmail( recipients, subject, body, sender=sender, reply_to=reply_to, bcc_recipients=bcc_recipients, defer=False) mail_stub = self.testbed.get_stub('mail') self.assertEqual(1, len(mail_stub.get_sent_messages()))
def SendRetrievalEmail(permission_type, entity, user): """Sends a retrieval notification email. Args: permission_type: string, one of permission.TYPE_* variables. entity: models instance of retrieved object. (E.G. FileVaultVolume, DuplicityKeyPair, BitLockerVolume, etc.) user: models.User object of the user that retrieved the secret. """ data = { 'entity': entity, 'helpdesk_email': settings.HELPDESK_EMAIL, 'helpdesk_name': settings.HELPDESK_NAME, 'retrieved_by': user.user.email(), 'user': user, } body = util.RenderTemplate('retrieval_email.txt', data) user_email = user.user.email() try: # If the user has access to "silently" retrieve keys without the owner # being notified, email only SILENT_AUDIT_ADDRESSES. VerifyPermissions(permissions.SILENT_RETRIEVE, user, permission_type) to = [user_email] + settings.SILENT_AUDIT_ADDRESSES except models.AccessDeniedError: # Otherwise email the owner and RETRIEVE_AUDIT_ADDRESSES. to = [user_email] + settings.RETRIEVE_AUDIT_ADDRESSES if entity.owner: if '@' in entity.owner: owner_email = entity.owner else: owner_email = '%s@%s' % (entity.owner, settings.DEFAULT_EMAIL_DOMAIN) to.append(owner_email) subject_var = '%s_RETRIEVAL_EMAIL_SUBJECT' % entity.ESCROW_TYPE_NAME.upper( ) subject = getattr(settings, subject_var, 'Escrow secret retrieval notification.') util.SendEmail(to, subject, body)
def testWithDefaults(self): self.mox.StubOutWithMock(util.mail, 'EmailMessage', True) recipients = ['*****@*****.**', '*****@*****.**'] subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' mock_email = self.mox.CreateMockAnything() orig_dev = util.settings.DEVELOPMENT util.settings.DEVELOPMENT = False util.mail.EmailMessage(to=recipients, reply_to=util.settings.DEFAULT_EMAIL_REPLY_TO, sender=util.settings.DEFAULT_EMAIL_SENDER, subject=subject, body=body).AndReturn(mock_email) mock_email.send().AndReturn(None) self.mox.ReplayAll() orig_dev = util.settings.DEVELOPMENT util.settings.DEVELOPMENT = False util.SendEmail(recipients, subject, body) util.settings.DEVELOPMENT = orig_dev self.mox.VerifyAll()
def testOkDefaultIsDefer(self): self.mox.StubOutWithMock(util.deferred, 'defer', True) recipients = ['*****@*****.**', '*****@*****.**'] reply_to = '*****@*****.**' sender = '*****@*****.**' subject = 'This is only a test!' body = 'Only a unit test.\nReally.\nNothing to see here.' bcc_recipients = ['*****@*****.**'] util.deferred.defer(util._Send, recipients, subject, body, sender, reply_to, bcc_recipients).AndReturn(None) self.mox.ReplayAll() orig_dev = util.settings.DEVELOPMENT util.settings.DEVELOPMENT = False util.SendEmail(recipients, subject, body, sender=sender, reply_to=reply_to, bcc_recipients=bcc_recipients) util.settings.DEVELOPMENT = orig_dev self.mox.VerifyAll()