示例#1
0
    def test_obfuscate_insert(self):
        config = {
            "tables": {
                "users": {
                    "title": { "type": "fixed", "value": ["Mr", "Mrs", "Miss"] },
                    "name": { "type": "name" },
                    "email": { "type": "email" },
                    "phone": { "type": "mobile" },
                    "password": { "type": "fixed", "value": "some known hash" },
                }
            }
        }
        insrt = ("INSERT INTO `users` (`title`,`name`,`password`,`email`,`phone`,`account_no`) VALUES "
                + "('Mr','Adam Smith','Secret','*****@*****.**','01784123456','9999999999'),"
                + "('Mrs','Julie Jones','Password','*****@*****.**','01784123456','1111111111');")

        obfuscate = py_obfuscator.Obfuscator(config)
        mysqlInsert = mysql.InsertStatement(insrt)
        
        obfuscate.obfuscate_insert_statement(mysqlInsert)

        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("name"), "Adam Smith")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("password"), "Secret")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("email"), "*****@*****.**")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("phone"), " 01784123456")
        self.assertEqual(mysqlInsert.get_inserts()[0].get("account_no"), "9999999999")

        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("name"), "Julie Jones")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("password"), "Password")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("email"), "*****@*****.**")
        self.assertNotEqual(mysqlInsert.get_inserts()[0].get("phone"), " 01784123456")
        self.assertEqual(mysqlInsert.get_inserts()[1].get("account_no"), "1111111111")
示例#2
0
    def test_unless_row_matches(self):
        config = {
            "tables": {
                "users": {
                    "password": { 
                        "type": "fixed", 
                        "value": "replaced",
                        "unless": {"username": "******"}
                    },
                }
            }
        }
        insrt = ("INSERT INTO `users` (`username`,`password`) VALUES "
                + "('asmith','$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy'),"
                + "('admin','$2a$04$Lzns3sQdgXKaDIguDlqX4uqemS4rZHabwQnNAIra.MXpcIX.1N3Yy'),"
                + "('jjulie','$2a$04$m9bdaJ1.aArg0YwK5oIP4ewoSFIlaVtIOVOoVapKx4F4.Dpt0KnGK');")

        obfuscate = py_obfuscator.Obfuscator(config)
        mysqlInsert = mysql.InsertStatement(insrt)
        
        obfuscate.obfuscate_insert_statement(mysqlInsert)

        self.assertEqual(mysqlInsert.get_inserts()[0].get("password"), 'replaced')
        self.assertEqual(mysqlInsert.get_inserts()[1].get("password"), '$2a$04$Lzns3sQdgXKaDIguDlqX4uqemS4rZHabwQnNAIra.MXpcIX.1N3Yy')
        self.assertEqual(mysqlInsert.get_inserts()[2].get("password"), 'replaced')
示例#3
0
 def test_with_empty_values(self):
     fixture = "INSERT INTO `some_table` (thing1,thing2) VALUES (0, NULL), ('',' ');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.get_inserts(), [{
         'thing1': '0',
         'thing2': None
     }, {
         'thing1': '',
         'thing2': ' '
     }])
示例#4
0
 def test_with_null_values(self):
     fixture = "INSERT INTO `some_table` (thing1,thing2) VALUES ('NULL', NULL), (NULL,NULL);"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.get_inserts(), [{
         'thing1': 'NULL',
         'thing2': None
     }, {
         'thing1': None,
         'thing2': None
     }])
示例#5
0
 def test_with_quoted_parenthesis(self):
     fixture = "INSERT INTO `some_table` (thing1,thing2) VALUES ('(()()())', 'something'), (')(', '()');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.get_inserts(), [{
         'thing1': '(()()())',
         'thing2': "something"
     }, {
         'thing1': ')(',
         'thing2': "()"
     }])
示例#6
0
 def test_extract_inserts(self):
     fixture = "INSERT INTO `foo` (`bar`, `baz`, `qux`) VALUES (1, 'one','one'),(2, 'two','two');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.get_inserts(), [{
         'bar': '1',
         'baz': 'one',
         'qux': 'one'
     }, {
         'bar': '2',
         'baz': 'two',
         'qux': 'two'
     }])
示例#7
0
 def test_with_escaped_characters(self):
     fixture = "INSERT INTO `some_table` (thing1,thing2) VALUES ('bob,@bob.c  , om', 'bo\\', b'),    ('hi', 5)  ;"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.get_inserts(), [
         {
             'thing1': 'bob,@bob.c  , om',
             'thing2': "bo', b"
         },
         {
             'thing1': 'hi',
             'thing2': '5'
         },
     ])
示例#8
0
    def test_table_truncated(self):
        config = {
            "tables": {
                "users": {"truncate": True}
            }
        }
        insrt = ("INSERT INTO `users` (`username`,`password`) VALUES "
                + "('asmith','$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy'),"
                + "('admin','$2a$04$Lzns3sQdgXKaDIguDlqX4uqemS4rZHabwQnNAIra.MXpcIX.1N3Yy'),"
                + "('jjulie','$2a$04$m9bdaJ1.aArg0YwK5oIP4ewoSFIlaVtIOVOoVapKx4F4.Dpt0KnGK');")

        obfuscate = py_obfuscator.Obfuscator(config)
        mysqlInsert = mysql.InsertStatement(insrt)
        
        obfuscate.obfuscate_insert_statement(mysqlInsert)

        self.assertEqual(mysqlInsert.to_string(), "")
示例#9
0
    def test_order_preserved(self):
        config = {
            "tables": {
                "foo": {
                    "postcode": {"type":"fixed","value":"postcode"},
                    "name": {"type":"fixed","value":"name"},
                    "phone": {"type":"fixed","value":"phone"},
                    "email": {"type":"fixed","value":"email"},
                    "accountno": {"type":"fixed","value":"accountno"}
                }
            }
        }
        insrt = "INSERT INTO `foo` (`oo_id`, `name`, `postcode`, `phone`, `email`, `accountno`, `formtype`) VALUES (1124793,NULL,NULL,NULL,NULL,NULL,NULL);"
        
        obfuscate = py_obfuscator.Obfuscator(config)
        mysqlInsert = mysql.InsertStatement(insrt)
        
        obfuscate.obfuscate_insert_statement(mysqlInsert)

        self.assertEqual(
            mysqlInsert.to_string(), 
            "INSERT INTO `foo` (`oo_id`,`name`,`postcode`,`phone`,`email`,`accountno`,`formtype`) VALUES ('1124793','name','postcode','phone','email','accountno',NULL);"
        )
示例#10
0
 def test_to_string_handles_null(self):
     fixture = "INSERT INTO `some_table` (`thing1`,`thing2`) VALUES ('NULL',NULL),(NULL,NULL),('',' ');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.to_string(), fixture)
示例#11
0
 def test_to_string_tidies_up_sql(self):
     fixture = "INSERT INTO `some_table` (thing1,thing2) VALUES ('bob,@bob.c  , om', 'bo\\', b'),    ('hi', 5)  ;"
     expected = "INSERT INTO `some_table` (`thing1`,`thing2`) VALUES ('bob,@bob.c  , om','bo\\', b'),('hi','5');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.to_string(), expected)
示例#12
0
 def test_to_string_with_escaped_characters(self):
     fixture = fixture = "INSERT INTO `foo` (`bar`,`baz`,`qux`) VALUES ('o\\'brien','one','one'),('2','two','two');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.to_string(), fixture)
示例#13
0
 def test_to_string(self):
     fixture = fixture = "INSERT INTO `foo` (`bar`,`baz`,`qux`) VALUES ('1','one','one'),('2','two','two');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.to_string(), fixture)
示例#14
0
 def test_extrac_insert_details(self):
     fixture = "INSERT INTO `foo` (`bar`, `baz`, `qux`) VALUES (1, 'one','one'),(2, 'two','two');"
     #self.assertEqual(mysql.is_insert(fixture), False)
     mysqlInsert = mysql.InsertStatement(fixture)
示例#15
0
 def test_to_string_handles_parenthesis(self):
     fixture = "INSERT INTO `some_table` (`thing1`,`thing2`) VALUES ('(()()())','something'),(')(','()');"
     mysqlInsert = mysql.InsertStatement(fixture)
     self.assertEqual(mysqlInsert.to_string(), fixture)