def test_post___bmp_32kb___returns_status_code_200_protected_file(self): """ 1Test_File submit using file endpoint & less than 6mb with valid x-api key is successful Steps: Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/file' with valid x-api key Expected: The response is returned with the processed file & success code 200 """ # Set variable for file to test with open(self.bmp_32kb, "rb") as test_file: # Send post request response = requests.post( url=self.endpoint, files=[("file", test_file)], headers={ "accept": "application/octet-stream", "x-api-key": self.x_api_key, } ) # Status code should be 200, ok self.assertEqual( response.status_code, HTTPStatus.OK ) # Response content should be identical to the test file input self.assertEqual( response.content, get_file_bytes(self.bmp_32kb) )
def test_post___bmp_32kb___returns_status_code_200_protected_file(self): """ 1Test_File submit using base64 code & less than 6mb with valid jwt token is successful Steps: Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected: The response is returned with the processed file & success code 200 """ # Set variable for file to test test_file = get_file_bytes(self.bmp_32kb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, ok self.assertEqual(response.status_code, HTTPStatus.OK) # Response content should be identical to the test file input self.assertEqual(b64decode(response.content), test_file)
def test_post___jpeg_corrupt_10kb___returns_status_code_422(self): """ 12-Test_upload of files with issues and or malware using base64 code with valid jwt token Execution Steps: Post a payload request with file containing malware to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Post a payload request with file containing structural issues to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Post a payload request with file containing issues and malware to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected Results: The response message returned for file containing malware is:'OK' with success code '200' The response message returned for file containing structural issues is: 'Unprocessable Entity' with error code '422' The response message returned for file containing malware is: 'Unprocessable Entity' with error code '422' """ # Set variable for file to test test_file = get_file_bytes(self.jpeg_corrupt_10kb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 422, Unprocessable Entity self.assertEqual(response.status_code, HTTPStatus.UNPROCESSABLE_ENTITY)
def test_post___xls_malware_macro_48kb___returns_status_code_200_sanitised_file( self): """ 12-Test_upload of files with issues and or malware using base64 code with valid jwt token Execution Steps: Post a payload request with file containing malware to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Post a payload request with file containing structural issues to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Post a payload request with file containing issues and malware to url: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected Results: The response message returned for file containing malware is:'OK' with success code '200' The response message returned for file containing structural issues is: 'Unprocessable Entity' with error code '422' The response message returned for file containing malware is: 'Unprocessable Entity' with error code '422' """ # Set variable for file to test test_file = get_file_bytes(self.xls_malware_macro_48kb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, OK self.assertEqual(response.status_code, HTTPStatus.OK) # Response content as file bytes should match known md5 of expected bytes. response_file_bytes = b64decode(response.content) self.assertEqual(get_md5(response_file_bytes), "4b6ef99d2932fd735a4eed1c1ca236ee")
def test_post___doc_embedded_images_12kb_content_management_policy_sanitise___returns_status_code_200_sanitised_file( self): """ 4-Test_The default cmp policy is applied to submitted file using base64 code Steps: Set cmp policy for file type as 'cmptype' Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected: The response is returned with success code '200' 0) If cmpType is 'Allow', Then the file is allowed & the original file is returned 1) If cmpType is 'Sanitise', Then the file is returned sanitised 2) If cmpType is 'Disallow', Then the file is allowed & the original file is returned """ # Set variable for file to test test_file = get_file_bytes(self.doc_embedded_images_12kb) # Send post request response = requests.post(url=self.endpoint, json={ "Base64": b64encode(test_file).decode(), "ContentManagementFlags": { "WordContentManagement": { "Metadata": 1, "InternalHyperlinks": 1, "ExternalHyperlinks": 1, "EmbeddedFiles": 1, "EmbeddedImages": 1, "DynamicDataExchange": 1, "Macros": 1, "ReviewComments": 1 } } }, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, ok self.assertEqual(response.status_code, HTTPStatus.OK) # Response content as file bytes should match known md5 of expected bytes. response_file_bytes = b64decode(response.content) self.assertEqual(get_md5(response_file_bytes), "665f3d263d7fe25b7491cbeec657abb0")
def test_post___doc_embedded_images_12kb_content_management_policy_disallow___returns_status_code_200_disallowed_json( self): """ 4-Test_The default cmp policy is applied to submitted file using base64 code Steps: Set cmp policy for file type as 'cmptype' Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected: The response is returned with success code '200' 0) If cmpType is 'Allow', Then the file is allowed & the original file is returned 1) If cmpType is 'Sanitise', Then the file is returned sanitised 2) If cmpType is 'Disallow', Then the file is allowed & the original file is returned """ # Set variable for file to test test_file = get_file_bytes(self.doc_embedded_images_12kb) # Send post request response = requests.post(url=self.endpoint, json={ "Base64": b64encode(test_file).decode(), "ContentManagementFlags": { "WordContentManagement": { "EmbeddedImages": 2, } } }, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, ok self.assertEqual(response.status_code, HTTPStatus.OK) # Content-Type should be application/json self.assertTrue( "application/json" in response.headers.get("Content-Type")) # JSON should have an errorMessage key self.assertTrue("errorMessage" in response.json().keys()) # JSON should have isDisallowed key with value True self.assertTrue(response.json().get("isDisallowed"))
def test_post___external_files___returns_200_ok_for_all_files(self): # Check that the directory containing test files is not empty external_files = list_file_paths(os.environ["test_files"]) if external_files == []: return unittest.skip("No external files found.") for file_path in external_files: # Set variable for file to test test_file = get_file_bytes(file_path) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, ok self.assertEqual(response.status_code, HTTPStatus.OK)
def test_post___txt_1kb___returns_status_code_422(self): """ 10-Test_unsupported file upload using base64 code & less than 6mb with valid jwt token is unsuccessful Execution Steps: Post a unsupported file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected Results: The response message 'Unprocessable Entity' is returned with error code '422' """ # Set variable for file to test test_file = get_file_bytes(self.txt_1kb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 422, Unprocessable Entity self.assertEqual(response.status_code, HTTPStatus.UNPROCESSABLE_ENTITY)
def test_post___bmp_32kb_invalid_token___returns_status_code_403(self): """ 3-Test_File submit using base64 code & less than 6mb with invalid jwt token is unsuccessful Steps: Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with invalid jwt token Expected: return error code 401 """ # Set variable for file to test test_file = get_file_bytes(self.bmp_32kb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": "" }) # Status code should be 403, forbidden self.assertEqual(response.status_code, HTTPStatus.UNAUTHORIZED)
def test_post___bmp_over_6mb___returns_status_code_413(self): """ 2-Test_Accurate error returned for a over 6mb file submit using base64 code with valid jwt token Steps: Post file over 6mb payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected: The response message '' is returned with error code 400 """ # Set variable for file to test test_file = get_file_bytes(self.bmp_over_6mb) # Send post request response = requests.post( url=self.endpoint, json={"Base64": b64encode(test_file).decode()}, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 413, Payload Too Large self.assertEqual(response.status_code, HTTPStatus.REQUEST_ENTITY_TOO_LARGE)
def test_post___doc_embedded_images_12kb_content_management_policy_allow___returns_status_code_200_identical_file(self): """ 4-Test_The default cmp policy is applied to submitted file using file endpoint Steps: Set cmp policy for file type as 'cmptype' Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/file' with valid x-api key Expected: The response is returned with success code '200' 0) If cmpType is 'Allow', Then the file is allowed & the original file is returned 1) If cmpType is 'Sanitise', Then the file is returned sanitised 2) If cmpType is 'Disallow', Then the file is allowed & the original file is returned """ # Set variable for file to test with open(self.doc_embedded_images_12kb, "rb") as test_file: # Send post request response = requests.post( url=self.endpoint, data={ "contentManagementFlagJson": json.dumps({ "PdfContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "Javascript": 0, "Acroform": 0, "ActionsAll": 0 }, "ExcelContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "DynamicDataExchange": 0, "Macros": 0, "ReviewComments": 0 }, "PowerPointContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "Macros": 0, "ReviewComments": 0 }, "WordContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "DynamicDataExchange": 0, "Macros": 0, "ReviewComments": 0 } }) }, files=[("file", test_file)], headers={ "accept": "application/octet-stream", "x-api-key": self.x_api_key, }, ) # Status code should be 200, ok self.assertEqual( response.status_code, HTTPStatus.OK ) # Response content should be identical to the test file input # This might not be the case for other files as Glasswall may reorganise them structurally. self.assertEqual( response.content, get_file_bytes(self.doc_embedded_images_12kb) )
def test_post___doc_embedded_images_12kb_content_management_policy_allow___returns_status_code_200_identical_file( self): """ 4-Test_The default cmp policy is applied to submitted file using base64 code Steps: Set cmp policy for file type as 'cmptype' Post file payload request to endpoint: '[API GATEWAY URL]/api/Rebuild/base64' with valid jwt token Expected: The response is returned with success code '200' 0) If cmpType is 'Allow', Then the file is allowed & the original file is returned 1) If cmpType is 'Sanitise', Then the file is returned sanitised 2) If cmpType is 'Disallow', Then the file is allowed & the original file is returned """ # Set variable for file to test test_file = get_file_bytes(self.doc_embedded_images_12kb) # Send post request response = requests.post(url=self.endpoint, json={ "Base64": b64encode(test_file).decode(), "ContentManagementFlags": { "PdfContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "Javascript": 0, "Acroform": 0, "ActionsAll": 0 }, "ExcelContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "DynamicDataExchange": 0, "Macros": 0, "ReviewComments": 0 }, "PowerPointContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "Macros": 0, "ReviewComments": 0 }, "WordContentManagement": { "Metadata": 0, "InternalHyperlinks": 0, "ExternalHyperlinks": 0, "EmbeddedFiles": 0, "EmbeddedImages": 0, "DynamicDataExchange": 0, "Macros": 0, "ReviewComments": 0 } } }, headers={ "Content-Type": "application/json", "Authorization": self.jwt_token }) # Status code should be 200, ok self.assertEqual(response.status_code, HTTPStatus.OK) # Response content should be identical to the test file input. # This might not be the case for other files as Glasswall may reorganise them structurally. response_file_bytes = b64decode(response.content) self.assertEqual(response_file_bytes, test_file)