def migrate_datahub_accounts(*args, **kwargs):
old_users = DataHubLegacyUser.objects.all()
apps = App.objects.exclude(legacy_user=None)
users = User.objects.all()
print("Old model users: {0} New model users: {1}".format(
len(old_users), len(users)))
print("Apps: {0}".format(len(apps)))
new_users = []
# Throw out all of these changes if it fails somehow
with transaction.atomic():
for old_user in old_users:
try:
User.objects.get(username=old_user.username)
except User.DoesNotExist:
new_user = User.objects.create_user(
username=old_user.username,
email=old_user.email)
new_users.append(new_user)
DataHubManager.create_user_data_folder(
repo_base=old_user.username)
for app in apps:
username = app.legacy_user.username
print("{0} legacy_user is {1}".format(
app.app_id,
username))
if app.user is None:
new_user = User.objects.get(username=username)
app.user = new_user
app.save(update_fields=['user'])
print(" user is {0}".format(app.user.username))
print("Migrated Users: {0}".format(new_users))
# grant existing users access to the dh_public role,
# which is used to share select-only repos
superuser_username = settings.DATABASES['default']['USER']
superuser_password = settings.DATABASES['default']['PASSWORD']
users = User.objects.exclude(username__in=[settings.PUBLIC_ROLE,
settings.OAUTH2_APP_OWNER])
pg = PGBackend(superuser_username, superuser_password)
for user in users:
query = 'GRANT %s to %s' % (settings.PUBLIC_ROLE, user.username)
print(query)
try:
pg.execute_sql(query)
except ValueError:
print('Skipped %s due to missing role.' % user.username)
pass
pg.close_connection()
print 'grants complete'
class HelperMethods(TestCase):
"""Tests connections, validation and execution methods in PGBackend."""
def setUp(self):
# some words to test out
self.good_nouns = ["good", "good_noun", "good-noun"]
# some words that shoudl throw validation errors
self.bad_nouns = ["_foo", "foo_", "-foo", "foo-", "foo bar", "injection;attack", ";injection", "injection;"]
self.username = "******"
self.password = "******"
# mock open connection,
# or else it will try to create a real db connection
self.mock_psychopg = self.create_patch("core.db.backend.pg.psycopg2")
# open mocked connection
self.backend = PGBackend(self.username, self.password, repo_base=self.username)
def create_patch(self, name):
# helper method for creating patches
patcher = patch(name)
thing = patcher.start()
self.addCleanup(patcher.stop)
return thing
def test_check_for_injections(self):
"""Tests validation against some sql injection attacks."""
for noun in self.bad_nouns:
with self.assertRaises(ValueError):
self.backend._check_for_injections(noun)
for noun in self.good_nouns:
try:
self.backend._check_for_injections(noun)
except ValueError:
self.fail("check_for_injections failed to verify a good name")
def test_check_open_connections(self):
self.assertTrue(self.mock_psychopg.connect.called)
def test_execute_sql_strips_queries(self):
query = " This query needs stripping; "
params = ("param1", "param2")
mock_cursor = self.mock_psychopg.connect.return_value.cursor
mock_execute = mock_cursor.return_value.execute
mock_cursor.return_value.fetchall.return_value = "sometuples"
mock_cursor.return_value.rowcount = 1000
res = self.backend.execute_sql(query, params)
self.assertTrue(mock_cursor.called)
self.assertTrue(mock_execute.called)
self.assertEqual(mock_execute.call_args[0][1], params)
self.assertEqual(res["tuples"], "sometuples")
self.assertEqual(res["status"], True)
self.assertEqual(res["row_count"], 1000)
class PGBackendHelperMethods(MockingMixin, TestCase):
"""Tests connections, validation and execution methods in PGBackend."""
def setUp(self):
# some words to test out
self.good_nouns = ['good', 'good_noun', 'goodNoun', 'good1']
# some words that should throw validation errors
self.bad_nouns = [
'_foo',
'foo_',
'-foo',
'foo-',
'foo bar',
'1foo',
'injection;attack',
';injection',
'injection;',
]
self.username = "******"
self.password = "******"
# mock connection pools so nothing gets a real db connection
self.mock_pool_for_cred = self.create_patch(
'core.db.backend.pg._pool_for_credentials')
# mock open connection, only to check if it ever gets called directly
self.mock_connect = self.create_patch(
'core.db.backend.pg.psycopg2.connect')
# open mocked connection
self.backend = PGBackend(self.username,
self.password,
repo_base=self.username)
def tearDown(self):
# Make sure connections are only ever acquired via pools
self.assertFalse(self.mock_connect.called)
def test_check_for_injections(self):
"""Tests validation against some sql injection attacks."""
for noun in self.bad_nouns:
with self.assertRaises(ValueError):
self.backend._check_for_injections(noun)
for noun in self.good_nouns:
try:
self.backend._check_for_injections(noun)
except ValueError:
self.fail('_check_for_injections failed to verify a good name')
def test_validate_table_names(self):
"""Tests validation against some invalid table names."""
good_tables = [
'table', '_dbwipes_cache', 'my_repo1',
'asdfl_fsdvbrbhg_______jkhadsc'
]
bad_tables = [
' table', '1table', 'table;select * from somewhere', 'table-table'
]
for noun in bad_tables:
with self.assertRaises(ValueError):
self.backend._validate_table_name(noun)
for noun in good_tables:
try:
self.backend._validate_table_name(noun)
except ValueError:
self.fail('_validate_table_name failed to verify a good name')
def test_check_open_connections(self):
mock_get_conn = self.mock_pool_for_cred.return_value.getconn
mock_set_isol_level = mock_get_conn.return_value.set_isolation_level
self.assertTrue(self.mock_pool_for_cred.called)
self.assertTrue(mock_get_conn.called)
self.assertTrue(mock_set_isol_level.called)
def test_execute_sql_strips_queries(self):
query = ' This query needs stripping; '
params = ('param1', 'param2')
mock_cursor = self.backend.connection.cursor
mock_execute = mock_cursor.return_value.execute
mock_cursor.return_value.fetchall.return_value = 'sometuples'
mock_cursor.return_value.rowcount = 1000
mock_query_rewriter = MagicMock()
mock_query_rewriter.apply_row_level_security.side_effect = lambda x: x
self.backend.query_rewriter = mock_query_rewriter
res = self.backend.execute_sql(query, params)
self.assertTrue(mock_query_rewriter.apply_row_level_security.called)
self.assertTrue(mock_cursor.called)
self.assertTrue(mock_execute.called)
self.assertEqual(res['tuples'], 'sometuples')
self.assertEqual(res['status'], True)
self.assertEqual(res['row_count'], 1000)
class PGBackendHelperMethods(MockingMixin, TestCase):
"""Tests connections, validation and execution methods in PGBackend."""
def setUp(self):
# some words to test out
self.good_nouns = ['good', 'good_noun', 'goodNoun', 'good1']
# some words that should throw validation errors
self.bad_nouns = ['_foo', 'foo_', '-foo', 'foo-', 'foo bar', '1foo',
'injection;attack', ';injection', 'injection;',
]
self.username = "******"
self.password = "******"
# mock connection pools so nothing gets a real db connection
self.mock_pool_for_cred = self.create_patch(
'core.db.backend.pg._pool_for_credentials')
# mock open connection, only to check if it ever gets called directly
self.mock_connect = self.create_patch(
'core.db.backend.pg.psycopg2.connect')
# open mocked connection
self.backend = PGBackend(self.username,
self.password,
repo_base=self.username)
def tearDown(self):
# Make sure connections are only ever acquired via pools
self.assertFalse(self.mock_connect.called)
def test_check_for_injections(self):
"""Tests validation against some sql injection attacks."""
for noun in self.bad_nouns:
with self.assertRaises(ValueError):
self.backend._check_for_injections(noun)
for noun in self.good_nouns:
try:
self.backend._check_for_injections(noun)
except ValueError:
self.fail('_check_for_injections failed to verify a good name')
def test_validate_table_names(self):
"""Tests validation against some invalid table names."""
good_tables = ['table', '_dbwipes_cache', 'my_repo1',
'asdfl_fsdvbrbhg_______jkhadsc']
bad_tables = [' table', '1table', 'table;select * from somewhere',
'table-table']
for noun in bad_tables:
with self.assertRaises(ValueError):
self.backend._validate_table_name(noun)
for noun in good_tables:
try:
self.backend._validate_table_name(noun)
except ValueError:
self.fail('_validate_table_name failed to verify a good name')
def test_check_open_connections(self):
mock_get_conn = self.mock_pool_for_cred.return_value.getconn
mock_set_isol_level = mock_get_conn.return_value.set_isolation_level
self.assertTrue(self.mock_pool_for_cred.called)
self.assertTrue(mock_get_conn.called)
self.assertTrue(mock_set_isol_level.called)
def test_execute_sql_strips_queries(self):
query = ' This query needs stripping; '
params = ('param1', 'param2')
mock_cursor = self.backend.connection.cursor
mock_execute = mock_cursor.return_value.execute
mock_cursor.return_value.fetchall.return_value = 'sometuples'
mock_cursor.return_value.rowcount = 1000
mock_query_rewriter = MagicMock()
mock_query_rewriter.apply_row_level_security.side_effect = lambda x: x
self.backend.query_rewriter = mock_query_rewriter
res = self.backend.execute_sql(query, params)
self.assertTrue(mock_query_rewriter.apply_row_level_security.called)
self.assertTrue(mock_cursor.called)
self.assertTrue(mock_execute.called)
self.assertEqual(res['tuples'], 'sometuples')
self.assertEqual(res['status'], True)
self.assertEqual(res['row_count'], 1000)
class HelperMethods(TestCase):
"""Tests connections, validation and execution methods in PGBackend."""
def setUp(self):
# some words to test out
self.good_nouns = ['good', 'good_noun', 'good-noun']
# some words that shoudl throw validation errors
self.bad_nouns = [
'_foo',
'foo_',
'-foo',
'foo-',
'foo bar',
'injection;attack',
';injection',
'injection;',
]
self.username = "******"
self.password = "******"
# mock open connection,
# or else it will try to create a real db connection
self.mock_psychopg = self.create_patch('core.db.backend.pg.psycopg2')
# open mocked connection
self.backend = PGBackend(self.username,
self.password,
repo_base=self.username)
def create_patch(self, name):
# helper method for creating patches
patcher = patch(name)
thing = patcher.start()
self.addCleanup(patcher.stop)
return thing
def test_check_for_injections(self):
"""Tests validation against some sql injection attacks."""
for noun in self.bad_nouns:
with self.assertRaises(ValueError):
self.backend._check_for_injections(noun)
for noun in self.good_nouns:
try:
self.backend._check_for_injections(noun)
except ValueError:
self.fail('check_for_injections failed to verify a good name')
def test_check_open_connections(self):
self.assertTrue(self.mock_psychopg.connect.called)
def test_execute_sql_strips_queries(self):
query = ' This query needs stripping; '
params = ('param1', 'param2')
mock_cursor = self.mock_psychopg.connect.return_value.cursor
mock_execute = mock_cursor.return_value.execute
mock_cursor.return_value.fetchall.return_value = 'sometuples'
mock_cursor.return_value.rowcount = 1000
res = self.backend.execute_sql(query, params)
self.assertTrue(mock_cursor.called)
self.assertTrue(mock_execute.called)
self.assertEqual(mock_execute.call_args[0][1], params)
self.assertEqual(res['tuples'], 'sometuples')
self.assertEqual(res['status'], True)
self.assertEqual(res['row_count'], 1000)
