class BaseSoledadDeferredEncTest(SoledadWithCouchServerMixin):
"""
Another base class for testing the deferred encryption/decryption during
the syncs, using the intermediate database.
"""
defer_sync_encryption = True
def setUp(self):
SoledadWithCouchServerMixin.setUp(self)
# config info
self.db1_file = os.path.join(self.tempdir, "db1.u1db")
os.unlink(self.db1_file)
self.db_pass = DBPASS
self.email = ADDRESS
# get a random prefix for each test, so we do not mess with
# concurrency during initialization and shutting down of
# each local db.
self.rand_prefix = ''.join(
map(lambda x: random.choice(string.ascii_letters), range(6)))
# open test dbs: db1 will be the local sqlcipher db (which
# instantiates a syncdb). We use the self._soledad instance that was
# already created on some setUp method.
import binascii
tohex = binascii.b2a_hex
key = tohex(self._soledad.secrets.get_local_storage_key())
sync_db_key = tohex(self._soledad.secrets.get_sync_db_key())
dbpath = self._soledad._local_db_path
self.opts = SQLCipherOptions(dbpath,
key,
is_raw_key=True,
create=False,
defer_encryption=True,
sync_db_key=sync_db_key)
self.db1 = SQLCipherDatabase(self.opts)
self.db2 = couch.CouchDatabase.open_database(urljoin(
'http://localhost:' + str(self.wrapper.port), 'test'),
create=True,
ensure_ddocs=True)
def tearDown(self):
self.db1.close()
self.db2.close()
self._soledad.close()
# XXX should not access "private" attrs
shutil.rmtree(os.path.dirname(self._soledad._local_db_path))
SoledadWithCouchServerMixin.tearDown(self)
class BaseSoledadDeferredEncTest(SoledadWithCouchServerMixin):
"""
Another base class for testing the deferred encryption/decryption during
the syncs, using the intermediate database.
"""
defer_sync_encryption = True
def setUp(self):
SoledadWithCouchServerMixin.setUp(self)
# config info
self.db1_file = os.path.join(self.tempdir, "db1.u1db")
os.unlink(self.db1_file)
self.db_pass = DBPASS
self.email = ADDRESS
# get a random prefix for each test, so we do not mess with
# concurrency during initialization and shutting down of
# each local db.
self.rand_prefix = ''.join(
map(lambda x: random.choice(string.ascii_letters), range(6)))
# open test dbs: db1 will be the local sqlcipher db (which
# instantiates a syncdb). We use the self._soledad instance that was
# already created on some setUp method.
import binascii
tohex = binascii.b2a_hex
key = tohex(self._soledad.secrets.get_local_storage_key())
sync_db_key = tohex(self._soledad.secrets.get_sync_db_key())
dbpath = self._soledad._local_db_path
self.opts = SQLCipherOptions(
dbpath, key, is_raw_key=True, create=False,
defer_encryption=True, sync_db_key=sync_db_key)
self.db1 = SQLCipherDatabase(self.opts)
self.db2 = couch.CouchDatabase.open_database(
urljoin(
'http://localhost:' + str(self.wrapper.port), 'test'),
create=True,
ensure_ddocs=True)
def tearDown(self):
self.db1.close()
self.db2.close()
self._soledad.close()
# XXX should not access "private" attrs
shutil.rmtree(os.path.dirname(self._soledad._local_db_path))
SoledadWithCouchServerMixin.tearDown(self)
def test_try_to_open_encrypted_db_with_sqlite_backend(self):
"""
SQLite backend should not succeed to open SQLCipher databases.
"""
db = SQLCipherDatabase(self.DB_FILE, PASSWORD)
doc = db.create_doc_from_json(tests.simple_doc)
db.close()
try:
# trying to open an encrypted database with the regular u1db
# backend should raise a DatabaseError exception.
SQLitePartialExpandDatabase(self.DB_FILE,
document_factory=SoledadDocument)
raise DatabaseIsNotEncrypted()
except dbapi2.DatabaseError:
# at this point we know that the regular U1DB sqlcipher backend
# did not succeed on opening the database, so it was indeed
# encrypted.
db = SQLCipherDatabase(self.DB_FILE, PASSWORD)
doc = db.get_doc(doc.doc_id)
self.assertEqual(tests.simple_doc, doc.get_json(),
'decrypted content mismatch')
class TestSoledadDbSync(TestWithScenarios, SoledadWithCouchServerMixin,
tests.TestCaseWithServer):
"""Test db.sync remote sync shortcut"""
scenarios = [
('py-token-http', {
'create_db_and_target': make_local_db_and_token_soledad_target,
'make_app_with_state': make_token_soledad_app,
'make_database_for_test': make_sqlcipher_database_for_test,
'token': True
}),
]
oauth = False
token = False
def setUp(self):
"""
Need to explicitely invoke inicialization on all bases.
"""
SoledadWithCouchServerMixin.setUp(self)
self.server = self.server_thread = None
self.startTwistedServer()
self.syncer = None
# config info
self.db1_file = os.path.join(self.tempdir, "db1.u1db")
os.unlink(self.db1_file)
self.db_pass = DBPASS
self.email = ADDRESS
# get a random prefix for each test, so we do not mess with
# concurrency during initialization and shutting down of
# each local db.
self.rand_prefix = ''.join(
map(lambda x: random.choice(string.ascii_letters), range(6)))
# open test dbs: db1 will be the local sqlcipher db (which
# instantiates a syncdb). We use the self._soledad instance that was
# already created on some setUp method.
import binascii
tohex = binascii.b2a_hex
key = tohex(self._soledad.secrets.local_key)
dbpath = self._soledad._local_db_path
self.opts = SQLCipherOptions(dbpath,
key,
is_raw_key=True,
create=False)
self.db1 = SQLCipherDatabase(self.opts)
self.db2 = self.request_state._create_database(replica_uid='test')
def tearDown(self):
"""
Need to explicitely invoke destruction on all bases.
"""
dbsyncer = getattr(self, 'dbsyncer', None)
if dbsyncer:
dbsyncer.close()
self.db1.close()
self.db2.close()
self._soledad.close()
# XXX should not access "private" attrs
shutil.rmtree(os.path.dirname(self._soledad._local_db_path))
SoledadWithCouchServerMixin.tearDown(self)
def do_sync(self, target_name):
"""
Perform sync using SoledadSynchronizer, SoledadSyncTarget
and Token auth.
"""
if self.token:
creds = {
'token': {
'uuid': 'user-uuid',
'token': 'auth-token',
}
}
target_url = self.getURL(self.db2._dbname)
# get a u1db syncer
crypto = self._soledad._crypto
replica_uid = self.db1._replica_uid
dbsyncer = SQLCipherU1DBSync(self.opts, crypto, replica_uid, None)
self.dbsyncer = dbsyncer
return dbsyncer.sync(target_url, creds=creds)
else:
return self._do_sync(self, target_name)
def _do_sync(self, target_name):
if self.oauth:
path = '~/' + target_name
extra = dict(
creds={
'oauth': {
'consumer_key': tests.consumer1.key,
'consumer_secret': tests.consumer1.secret,
'token_key': tests.token1.key,
'token_secret': tests.token1.secret,
}
})
else:
path = target_name
extra = {}
target_url = self.getURL(path)
return self.db.sync(target_url, **extra)
def wait_for_sync(self):
"""
Wait for sync to finish.
"""
wait = 0
syncer = self.syncer
if syncer is not None:
while syncer.syncing:
time.sleep(WAIT_STEP)
wait += WAIT_STEP
if wait >= MAX_WAIT:
raise SyncTimeoutError
def test_db_sync(self):
"""
Test sync.
Adapted to check for encrypted content.
"""
doc1 = self.db1.create_doc_from_json(tests.simple_doc)
doc2 = self.db2.create_doc_from_json(tests.nested_doc)
d = self.do_sync('test')
def _assert_successful_sync(results):
import time
# need to give time to the encryption to proceed
# TODO should implement a defer list to subscribe to the
# all-decrypted event
time.sleep(2)
local_gen_before_sync = results
self.wait_for_sync()
gen, _, changes = self.db1.whats_changed(local_gen_before_sync)
self.assertEqual(1, len(changes))
self.assertEqual(doc2.doc_id, changes[0][0])
self.assertEqual(1, gen - local_gen_before_sync)
self.assertGetEncryptedDoc(self.db2, doc1.doc_id, doc1.rev,
tests.simple_doc, False)
self.assertGetEncryptedDoc(self.db1, doc2.doc_id, doc2.rev,
tests.nested_doc, False)
d.addCallback(_assert_successful_sync)
return d
class TestSoledadDbSync(
TestWithScenarios,
SoledadWithCouchServerMixin,
tests.TestCaseWithServer):
"""Test db.sync remote sync shortcut"""
scenarios = [
('py-token-http', {
'create_db_and_target': make_local_db_and_token_soledad_target,
'make_app_with_state': make_token_soledad_app,
'make_database_for_test': make_sqlcipher_database_for_test,
'token': True
}),
]
oauth = False
token = False
def setUp(self):
"""
Need to explicitely invoke inicialization on all bases.
"""
SoledadWithCouchServerMixin.setUp(self)
self.server = self.server_thread = None
self.startTwistedServer()
self.syncer = None
# config info
self.db1_file = os.path.join(self.tempdir, "db1.u1db")
os.unlink(self.db1_file)
self.db_pass = DBPASS
self.email = ADDRESS
# get a random prefix for each test, so we do not mess with
# concurrency during initialization and shutting down of
# each local db.
self.rand_prefix = ''.join(
map(lambda x: random.choice(string.ascii_letters), range(6)))
# open test dbs: db1 will be the local sqlcipher db (which
# instantiates a syncdb). We use the self._soledad instance that was
# already created on some setUp method.
import binascii
tohex = binascii.b2a_hex
key = tohex(self._soledad.secrets.get_local_storage_key())
sync_db_key = tohex(self._soledad.secrets.get_sync_db_key())
dbpath = self._soledad._local_db_path
self.opts = SQLCipherOptions(
dbpath, key, is_raw_key=True, create=False,
defer_encryption=True, sync_db_key=sync_db_key)
self.db1 = SQLCipherDatabase(self.opts)
self.db2 = self.request_state._create_database(replica_uid='test')
def tearDown(self):
"""
Need to explicitely invoke destruction on all bases.
"""
dbsyncer = getattr(self, 'dbsyncer', None)
if dbsyncer:
dbsyncer.close()
self.db1.close()
self.db2.close()
self._soledad.close()
# XXX should not access "private" attrs
shutil.rmtree(os.path.dirname(self._soledad._local_db_path))
SoledadWithCouchServerMixin.tearDown(self)
def do_sync(self, target_name):
"""
Perform sync using SoledadSynchronizer, SoledadSyncTarget
and Token auth.
"""
if self.token:
creds = {'token': {
'uuid': 'user-uuid',
'token': 'auth-token',
}}
target_url = self.getURL(self.db2._dbname)
# get a u1db syncer
crypto = self._soledad._crypto
replica_uid = self.db1._replica_uid
dbsyncer = SQLCipherU1DBSync(
self.opts,
crypto,
replica_uid,
None,
defer_encryption=True)
self.dbsyncer = dbsyncer
return dbsyncer.sync(target_url,
creds=creds,
defer_decryption=DEFER_DECRYPTION)
else:
return self._do_sync(self, target_name)
def _do_sync(self, target_name):
if self.oauth:
path = '~/' + target_name
extra = dict(creds={'oauth': {
'consumer_key': tests.consumer1.key,
'consumer_secret': tests.consumer1.secret,
'token_key': tests.token1.key,
'token_secret': tests.token1.secret,
}})
else:
path = target_name
extra = {}
target_url = self.getURL(path)
return self.db.sync(target_url, **extra)
def wait_for_sync(self):
"""
Wait for sync to finish.
"""
wait = 0
syncer = self.syncer
if syncer is not None:
while syncer.syncing:
time.sleep(WAIT_STEP)
wait += WAIT_STEP
if wait >= MAX_WAIT:
raise SyncTimeoutError
def test_db_sync(self):
"""
Test sync.
Adapted to check for encrypted content.
"""
doc1 = self.db1.create_doc_from_json(tests.simple_doc)
doc2 = self.db2.create_doc_from_json(tests.nested_doc)
d = self.do_sync('test')
def _assert_successful_sync(results):
import time
# need to give time to the encryption to proceed
# TODO should implement a defer list to subscribe to the
# all-decrypted event
time.sleep(2)
local_gen_before_sync = results
self.wait_for_sync()
gen, _, changes = self.db1.whats_changed(local_gen_before_sync)
self.assertEqual(1, len(changes))
self.assertEqual(doc2.doc_id, changes[0][0])
self.assertEqual(1, gen - local_gen_before_sync)
self.assertGetEncryptedDoc(
self.db2, doc1.doc_id, doc1.rev, tests.simple_doc, False)
self.assertGetEncryptedDoc(
self.db1, doc2.doc_id, doc2.rev, tests.nested_doc, False)
d.addCallback(_assert_successful_sync)
return d
