diff options
Diffstat (limited to 'service')
| -rw-r--r-- | service/pixelated/adapter/mailstore/leap_mailstore.py | 1 | ||||
| -rw-r--r-- | service/pixelated/adapter/mailstore/maintenance/__init__.py | 49 | ||||
| -rw-r--r-- | service/pixelated/adapter/search/__init__.py | 3 | ||||
| -rw-r--r-- | service/pixelated/resources/keys_resource.py | 2 | ||||
| -rw-r--r-- | service/pixelated/resources/logout_resource.py | 19 | ||||
| -rw-r--r-- | service/pixelated/resources/root_resource.py | 2 | ||||
| -rw-r--r-- | service/pixelated/resources/sandbox_resource.py | 34 | ||||
| -rw-r--r-- | service/requirements.txt | 16 | ||||
| -rw-r--r-- | service/test/functional/features/steps/attachments.py | 2 | ||||
| -rw-r--r-- | service/test/functional/features/steps/mail_view.py | 13 | ||||
| -rw-r--r-- | service/test/load/locustfile.py | 78 | ||||
| -rw-r--r-- | service/test/unit/adapter/mailstore/maintenance/test_soledad_maintenance.py | 38 | ||||
| -rw-r--r-- | service/test/unit/resources/test_keys_resources.py | 24 | ||||
| -rw-r--r-- | service/test/unit/resources/test_logout_resources.py | 15 | ||||
| -rw-r--r-- | service/test/unit/resources/test_sandbox_resource.py | 38 | ||||
| -rw-r--r-- | service/test_requirements.txt | 3 |
16 files changed, 237 insertions, 100 deletions
diff --git a/service/pixelated/adapter/mailstore/leap_mailstore.py b/service/pixelated/adapter/mailstore/leap_mailstore.py index 975bcc5c..cd4cb5b8 100644 --- a/service/pixelated/adapter/mailstore/leap_mailstore.py +++ b/service/pixelated/adapter/mailstore/leap_mailstore.py @@ -27,6 +27,7 @@ from pixelated.adapter.mailstore.mailstore import MailStore, underscore_uuid from pixelated.adapter.model.mail import Mail, InputMail from pixelated.support import log_time_deferred from pixelated.support.functional import to_unicode +from pixelated.support import date MIME_PGP_KEY = 'application/pgp-keys' diff --git a/service/pixelated/adapter/mailstore/maintenance/__init__.py b/service/pixelated/adapter/mailstore/maintenance/__init__.py index edc442c2..9b6d6023 100644 --- a/service/pixelated/adapter/mailstore/maintenance/__init__.py +++ b/service/pixelated/adapter/mailstore/maintenance/__init__.py @@ -13,7 +13,7 @@ # # You should have received a copy of the GNU Affero General Public License # along with Pixelated. If not, see <http://www.gnu.org/licenses/>. -from leap.keymanager.keys import KEY_TYPE_KEY, KEY_PRIVATE_KEY, KEY_ID_KEY, KEY_ADDRESS_KEY +from leap.keymanager.keys import KEY_TYPE_KEY, KEY_PRIVATE_KEY, KEY_FINGERPRINT_KEY, KEY_ADDRESS_KEY from leap.keymanager.openpgp import OpenPGPKey from twisted.internet import defer @@ -44,8 +44,8 @@ def _is_public_key(doc): return _is_key_doc(doc) and not doc.content.get(KEY_PRIVATE_KEY, False) -def _key_id(doc): - return doc.content.get(KEY_ID_KEY, None) +def _key_fingerprint(doc): + return doc.content.get(KEY_FINGERPRINT_KEY, None) def _address(doc): @@ -60,40 +60,41 @@ class SoledadMaintenance(object): def repair(self): _, docs = yield self._soledad.get_all_docs() - private_key_ids = self._key_ids_with_private_key(docs) + private_key_fingerprints = self._key_fingerprints_with_private_key(docs) for doc in docs: - if _is_key_doc(doc) and _key_id(doc) not in private_key_ids: - logger.warn('Deleting doc %s for key %s of <%s>' % (doc.doc_id, _key_id(doc), _address(doc))) + if _is_key_doc(doc) and _key_fingerprint(doc) not in private_key_fingerprints: + logger.warn('Deleting doc %s for key %s of <%s>' % (doc.doc_id, _key_fingerprint(doc), _address(doc))) yield self._soledad.delete_doc(doc) - yield self._repair_missing_active_docs(docs, private_key_ids) + yield self._repair_missing_active_docs(docs, private_key_fingerprints) @defer.inlineCallbacks - def _repair_missing_active_docs(self, docs, private_key_ids): - missing = self._missing_active_docs(docs, private_key_ids) - for key_id in missing: - emails = self._emails_for_key_id(docs, key_id) + def _repair_missing_active_docs(self, docs, private_key_fingerprints): + missing = self._missing_active_docs(docs, private_key_fingerprints) + for fingerprint in missing: + emails = self._emails_for_key_fingerprint(docs, fingerprint) for email in emails: - logger.warn('Re-creating active doc for key %s, email %s' % (key_id, email)) - yield self._soledad.create_doc_from_json(OpenPGPKey(email, key_id=key_id, private=False).get_active_json(email)) + logger.warn('Re-creating active doc for key %s, email %s' % (fingerprint, email)) + yield self._soledad.create_doc_from_json(OpenPGPKey(email, fingerprint=fingerprint, private=False).get_active_json()) - def _key_ids_with_private_key(self, docs): - return [doc.content[KEY_ID_KEY] for doc in docs if _is_private_key_doc(doc)] + def _key_fingerprints_with_private_key(self, docs): + return [doc.content[KEY_FINGERPRINT_KEY] for doc in docs if _is_private_key_doc(doc)] - def _missing_active_docs(self, docs, private_key_ids): - active_doc_ids = self._active_docs_for_key_id(docs) + def _missing_active_docs(self, docs, private_key_fingerprints): + active_doc_ids = self._active_docs_for_key_fingerprint(docs) - return set([private_key_id for private_key_id in private_key_ids if private_key_id not in active_doc_ids]) + return set([private_key_fingerprint for private_key_fingerprint in private_key_fingerprints if private_key_fingerprint not in active_doc_ids]) - def _emails_for_key_id(self, docs, key_id): + def _emails_for_key_fingerprint(self, docs, fingerprint): for doc in docs: - if _is_private_key_doc(doc) and _key_id(doc) == key_id: + if _is_private_key_doc(doc) and _key_fingerprint(doc) == fingerprint: email = _address(doc) + if email is None: + return [] if isinstance(email, list): return email - else: - return [email] + return [email] - def _active_docs_for_key_id(self, docs): - return [doc.content[KEY_ID_KEY] for doc in docs if _is_active_key_doc(doc) and _is_public_key(doc)] + def _active_docs_for_key_fingerprint(self, docs): + return [doc.content[KEY_FINGERPRINT_KEY] for doc in docs if _is_active_key_doc(doc) and _is_public_key(doc)] diff --git a/service/pixelated/adapter/search/__init__.py b/service/pixelated/adapter/search/__init__.py index e137b392..3ec6532b 100644 --- a/service/pixelated/adapter/search/__init__.py +++ b/service/pixelated/adapter/search/__init__.py @@ -30,6 +30,7 @@ from whoosh.writing import AsyncWriter from whoosh import sorting from pixelated.support.functional import unique, to_unicode import traceback +from pixelated.support import date class SearchEngine(object): @@ -128,7 +129,7 @@ class SearchEngine(object): index_data = { 'sender': self._empty_string_to_none(header.get('from', '')), 'subject': self._empty_string_to_none(header.get('subject', '')), - 'date': self._format_utc_integer(header.get('date', '')), + 'date': self._format_utc_integer(header.get('date', date.mail_date_now())), 'to': self._format_recipient(header, 'to'), 'cc': self._format_recipient(header, 'cc'), 'bcc': self._format_recipient(header, 'bcc'), diff --git a/service/pixelated/resources/keys_resource.py b/service/pixelated/resources/keys_resource.py index d6f469fe..9075ab9e 100644 --- a/service/pixelated/resources/keys_resource.py +++ b/service/pixelated/resources/keys_resource.py @@ -17,7 +17,7 @@ class KeysResource(BaseResource): if key.private: respond_json_deferred(None, request, status_code=401) else: - respond_json_deferred(key.get_json(), request) + respond_json_deferred(key.get_active_json(), request) def key_not_found(_): respond_json_deferred(None, request, status_code=404) diff --git a/service/pixelated/resources/logout_resource.py b/service/pixelated/resources/logout_resource.py index 344ad2e9..01092b05 100644 --- a/service/pixelated/resources/logout_resource.py +++ b/service/pixelated/resources/logout_resource.py @@ -1,5 +1,8 @@ +from twisted.web.server import NOT_DONE_YET + from pixelated.resources import BaseResource from twisted.web import util +from twisted.internet import defer from pixelated.resources.login_resource import LoginResource @@ -8,9 +11,19 @@ class LogoutResource(BaseResource): BASE_URL = "logout" isLeaf = True - def render_POST(self, request): + @defer.inlineCallbacks + def _execute_logout(self, request): session = self.get_session(request) - self._services_factory.log_out_user(session.user_uuid) + yield self._services_factory.log_out_user(session.user_uuid) session.expire() - return util.redirectTo("/%s" % LoginResource.BASE_URL, request) + def render_POST(self, request): + def _redirect_to_login(_): + content = util.redirectTo("/%s" % LoginResource.BASE_URL, request) + request.write(content) + request.finish() + + d = self._execute_logout(request) + d.addCallback(_redirect_to_login) + + return NOT_DONE_YET diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py index 86435d89..109dc08e 100644 --- a/service/pixelated/resources/root_resource.py +++ b/service/pixelated/resources/root_resource.py @@ -20,6 +20,7 @@ from string import Template from pixelated.resources import BaseResource, UnAuthorizedResource from pixelated.resources.attachments_resource import AttachmentsResource +from pixelated.resources.sandbox_resource import SandboxResource from pixelated.resources.contacts_resource import ContactsResource from pixelated.resources.features_resource import FeaturesResource from pixelated.resources.feedback_resource import FeedbackResource @@ -75,6 +76,7 @@ class RootResource(BaseResource): return csrf_input and csrf_input == xsrf_token def initialize(self, portal=None, disclaimer_banner=None): + self._child_resources.add('sandbox', SandboxResource(self._static_folder)) self._child_resources.add('assets', File(self._static_folder)) self._child_resources.add('keys', KeysResource(self._services_factory)) self._child_resources.add(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory)) diff --git a/service/pixelated/resources/sandbox_resource.py b/service/pixelated/resources/sandbox_resource.py new file mode 100644 index 00000000..28e8c9be --- /dev/null +++ b/service/pixelated/resources/sandbox_resource.py @@ -0,0 +1,34 @@ +# +# Copyright (c) 2016 ThoughtWorks, Inc. +# +# Pixelated is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Pixelated is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with Pixelated. If not, see <http://www.gnu.org/licenses/>. + +from twisted.web.static import File + + +class SandboxResource(File): + CSP_HEADER_VALUES = "sandbox allow-popups allow-scripts;" \ + "default-src 'self';" \ + "style-src *;" \ + "script-src *;" \ + "font-src *;" \ + "img-src *;" \ + "object-src 'none';" \ + "connect-src 'none';" + + def render_GET(self, request): + request.setHeader('Content-Security-Policy', self.CSP_HEADER_VALUES) + request.setHeader('X-Content-Security-Policy', self.CSP_HEADER_VALUES) + request.setHeader('X-Webkit-CSP', self.CSP_HEADER_VALUES) + return super(SandboxResource, self).render_GET(request) diff --git a/service/requirements.txt b/service/requirements.txt index 1966f09a..b74b7f94 100644 --- a/service/requirements.txt +++ b/service/requirements.txt @@ -4,15 +4,15 @@ https://launchpad.net/dirspec/stable-13-10/13.10/+download/dirspec-13.10.tar.gz --allow-external dirspec --allow-unverified dirspec https://launchpad.net/u1db/stable-13-10/13.10/+download/u1db-13.10.tar.bz2 pyasn1==0.1.8 -requests==2.0.0 +requests==2.9.1 srp==1.0.4 whoosh==2.5.7 pycryptopp --e 'git+https://github.com/pixelated-project/leap_pycommon.git@develop#egg=leap.common' --e 'git+https://github.com/pixelated-project/leap_auth.git#egg=leap.auth' --e 'git+https://github.com/pixelated-project/soledad.git@develop#egg=leap.soledad.common&subdirectory=common/' --e 'git+https://github.com/pixelated-project/soledad.git@develop#egg=leap.soledad.client&subdirectory=client/' --e 'git+https://github.com/pixelated-project/soledad.git@develop#egg=leap.soledad.server&subdirectory=server/' --e 'git+https://github.com/pixelated-project/keymanager.git@develop#egg=leap.keymanager' --e 'git+https://github.com/pixelated-project/leap_mail.git@develop#egg=leap.mail' +-e 'git+https://github.com/pixelated/leap_pycommon.git@develop#egg=leap.common' +-e 'git+https://github.com/pixelated/leap_auth.git#egg=leap.auth' +-e 'git+https://github.com/pixelated/soledad.git@develop#egg=leap.soledad.common&subdirectory=common/' +-e 'git+https://github.com/pixelated/soledad.git@develop#egg=leap.soledad.client&subdirectory=client/' +-e 'git+https://github.com/pixelated/soledad.git@develop#egg=leap.soledad.server&subdirectory=server/' +-e 'git+https://github.com/pixelated/keymanager.git@develop#egg=leap.keymanager' +-e 'git+https://github.com/pixelated/leap_mail.git@develop#egg=leap.mail' -e . diff --git a/service/test/functional/features/steps/attachments.py b/service/test/functional/features/steps/attachments.py index 76e42177..8fa032df 100644 --- a/service/test/functional/features/steps/attachments.py +++ b/service/test/functional/features/steps/attachments.py @@ -51,7 +51,7 @@ def load_mail_into_soledad(context, mail): @then(u'I see the mail has an attachment') def step_impl(context): - attachments_list = find_elements_by_css_selector(context, '.attachmentsArea li') + attachments_list = find_elements_by_css_selector(context, '.mail-read-view__attachments-item') assert len(attachments_list) == 1 diff --git a/service/test/functional/features/steps/mail_view.py b/service/test/functional/features/steps/mail_view.py index 82fc28af..565031b5 100644 --- a/service/test/functional/features/steps/mail_view.py +++ b/service/test/functional/features/steps/mail_view.py @@ -19,14 +19,17 @@ from common import * @then('I see that the subject reads \'{subject}\'') def impl(context, subject): - e = find_element_by_css_selector(context, '#mail-view .subject') + e = find_element_by_css_selector(context, '#mail-view .mail-read-view__header-subject') assert e.text == subject @then('I see that the body reads \'{expected_body}\'') def impl(context, expected_body): - e = find_element_by_css_selector(context, '#mail-view .bodyArea') + find_element_by_css_selector(context, '#read-sandbox') + context.browser.switch_to_frame('read-sandbox') + e = find_element_by_css_selector(context, 'body') assert e.text == expected_body + context.browser.switch_to_default_content() @then('that email has the \'{tag}\' tag') @@ -97,13 +100,13 @@ def impl(context): @when('I choose to trash') def impl(context): context.browser.execute_script("$('button#view-more-actions').click()") - click_button(context, 'Delete this message', 'span') + click_button(context, 'Delete this message', 'li') @then('I see the mail has a cc and a bcc recipient') def impl(context): - cc = find_element_by_css_selector(context, '.msg-header .cc') - bcc = find_element_by_css_selector(context, '.msg-header .bcc') + cc = find_element_by_css_selector(context, '.mail-read-view__header-recipients .cc') + bcc = find_element_by_css_selector(context, '.mail-read-view__header-recipients .bcc') assert cc is not None assert bcc is not None diff --git a/service/test/load/locustfile.py b/service/test/load/locustfile.py index 68e39433..0c2ed518 100644 --- a/service/test/load/locustfile.py +++ b/service/test/load/locustfile.py @@ -1,6 +1,5 @@ import os import json -import time from random import randint from leap.auth import SRPAuth @@ -9,9 +8,13 @@ from locust import HttpLocust, TaskSet, task from pixelated.resources.login_resource import LoginResource LEAP_PROVIDER = os.environ.get('LEAP_PROVIDER', 'dev.pixelated-project.org') -LEAP_SERVER_HOST = os.environ.get('LEAP_SERVER_HOST', 'https://api.%s:4430' % LEAP_PROVIDER) -LEAP_VERIFY_CERTIFICATE = os.environ.get('LEAP_VERIFY_CERTIFICATE', '~/.leap/ca.crt') -MAX_NUMBER_USER = os.environ.get('MAX_NUMBER_USER', 10000) +LEAP_SERVER_HOST = os.environ.get( + 'LEAP_SERVER_HOST', + 'https://api.%s:4430' % LEAP_PROVIDER) +LEAP_VERIFY_CERTIFICATE = os.environ.get( + 'LEAP_VERIFY_CERTIFICATE', + '~/.leap/ca.crt') +MAX_NUMBER_USER = os.environ.get('MAX_NUMBER_USER', 100) INVITES_FILENAME = os.environ.get('INVITES_FILENAME', '/tmp/invite_codes.txt') INVITES_ENABLED = os.environ.get('INVITES_ENABLED', 'true') == 'true' @@ -23,53 +26,94 @@ def load_invite_from_number(number): class UserBehavior(TaskSet): + def __init__(self, *args, **kwargs): + super(UserBehavior, self).__init__(*args, **kwargs) + self.cookies = {} + def on_start(self): - """ on_start is called when a Locust start before any task is scheduled """ self.login() def _get_or_create_user(self, number): - srp_auth = SRPAuth(LEAP_SERVER_HOST, os.path.expanduser(LEAP_VERIFY_CERTIFICATE)) + srp_auth = SRPAuth( + LEAP_SERVER_HOST, + os.path.expanduser(LEAP_VERIFY_CERTIFICATE)) username, password = ('loadtest%d' % number), ('password_%d' % number) try: srp_auth.authenticate(username, password) except SRPAuthenticationError: - invite_code = load_invite_from_number(number) if INVITES_ENABLED else None + invite_code = None + if INVITES_ENABLED: + invite_code = load_invite_from_number(number) + srp_auth.register(username, password, invite_code) return username, password def login(self): number = randint(1, int(MAX_NUMBER_USER)) username, password = self._get_or_create_user(number) - self.client.post("/%s" % LoginResource.BASE_URL, {"username": username, "password": password}) + response = self.client.post( + "/%s" % LoginResource.BASE_URL, + {"username": username, "password": password}, + verify=False) + self.cookies.update(response.cookies.get_dict()) + resp = self.client.get("/", verify=False) + self.cookies.update(resp.cookies.get_dict()) self.username = username - time.sleep(5) @task(1) def index(self): - self.client.get("/") + self.client.get("/", verify=False) @task(2) def mail_box(self): - self.client.get("/mails?q=tag:'inbox'&p=1&w=25") + self.client.get("/mails?q=tag:'inbox'&p=1&w=25", verify=False) @task(3) def send_mail(self): - payload = {"tags": ["drafts"], "body": "some text lorem ipsum", "attachments": [], "ident": "", - "header": {"to": ["%s@%s" % (self.username, LEAP_PROVIDER)], "cc": [], "bcc": [], "subject": "load testing"}} - with self.client.post('/mails', json=payload, catch_response=True) as email_response: + payload = { + "tags": ["drafts"], + "body": "some text lorem ipsum", + "attachments": [], + "ident": "", + "header": { + "to": ["%s@%s" % (self.username, LEAP_PROVIDER)], + "cc": [], + "bcc": [], + "subject": "load testing"}} + + self.cookies.update( + self.client.get("/", verify=False).cookies.get_dict()) + print(self.cookies) + with self.client.post( + '/mails', + json=payload, + catch_response=True, + cookies=self.cookies, + headers={ + 'X-Requested-With': 'XMLHttpRequest', + 'X-XSRF-TOKEN': self.cookies['XSRF-TOKEN']}) as email_response: if email_response.status_code == 201: email_id = json.loads(email_response.content)['ident'] print email_id self.delete_mail(email_id) else: - email_response.failure('Error: email not Sent, status code: %s' % email_response.status_code) + email_response.failure( + 'Error: email not Sent, status code: %s' % ( + email_response.status_code)) def delete_mail(self, ident): payload = {"idents": [ident]} - self.client.post('/mails/delete', json=payload) + self.client.post( + '/mails/delete', + json=payload, + cookies=self.cookies, + verify=False, + headers={ + 'X-Requested-With': 'XMLHttpRequest', + 'X-XSRF-TOKEN': self.cookies['XSRF-TOKEN']}) class WebsiteUser(HttpLocust): task_set = UserBehavior - min_wait = 3000 + min_wait = 5000 max_wait = 15000 diff --git a/service/test/unit/adapter/mailstore/maintenance/test_soledad_maintenance.py b/service/test/unit/adapter/mailstore/maintenance/test_soledad_maintenance.py index e46d6864..be73af93 100644 --- a/service/test/unit/adapter/mailstore/maintenance/test_soledad_maintenance.py +++ b/service/test/unit/adapter/mailstore/maintenance/test_soledad_maintenance.py @@ -26,7 +26,7 @@ logging.getLogger('pixelated.adapter.mailstore.maintenance').addHandler(logging. SOME_EMAIL_ADDRESS = 'foo@example.tld' -SOME_KEY_ID = '4914254E384E264C' +SOME_FINGERPRINT = '4914254E384E264C' class TestSoledadMaintenance(unittest.TestCase): @@ -42,8 +42,8 @@ class TestSoledadMaintenance(unittest.TestCase): @defer.inlineCallbacks def test_repair_delete_public_key_active_docs(self): soledad = mock() - key = self._public_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json(SOME_EMAIL_ADDRESS)) + key = self._public_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json()) when(soledad).get_all_docs().thenReturn(defer.succeed((1, [active_doc]))) yield SoledadMaintenance(soledad).repair() @@ -53,8 +53,8 @@ class TestSoledadMaintenance(unittest.TestCase): @defer.inlineCallbacks def test_repair_delete_public_key_docs(self): soledad = mock() - key = self._public_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json(SOME_EMAIL_ADDRESS)) + key = self._public_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json()) key_doc = SoledadDocument(doc_id='some_doc', json=key.get_json()) when(soledad).get_all_docs().thenReturn(defer.succeed((1, [key_doc, active_doc]))) @@ -66,9 +66,9 @@ class TestSoledadMaintenance(unittest.TestCase): @defer.inlineCallbacks def test_repair_keeps_active_and_key_doc_if_private_key_exists(self): soledad = mock() - key = self._public_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - private_key = self._private_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json(SOME_EMAIL_ADDRESS)) + key = self._public_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + private_key = self._private_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + active_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json()) key_doc = SoledadDocument(doc_id='some_doc', json=key.get_json()) private_key_doc = SoledadDocument(doc_id='some_doc', json=private_key.get_json()) when(soledad).get_all_docs().thenReturn(defer.succeed((1, [key_doc, active_doc, private_key_doc]))) @@ -82,8 +82,8 @@ class TestSoledadMaintenance(unittest.TestCase): @defer.inlineCallbacks def test_repair_only_deletes_key_docs(self): soledad = mock() - key = self._public_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - key_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json(SOME_EMAIL_ADDRESS)) + key = self._public_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + key_doc = SoledadDocument(doc_id='some_doc', json=key.get_active_json()) other_doc = SoledadDocument(doc_id='something', json='{}') when(soledad).get_all_docs().thenReturn(defer.succeed((1, [key_doc, other_doc]))) @@ -95,19 +95,19 @@ class TestSoledadMaintenance(unittest.TestCase): def test_repair_recreates_public_key_active_doc_if_necessary(self): soledad = mock() - private_key = self._private_key(SOME_EMAIL_ADDRESS, SOME_KEY_ID) - private_key_doc = SoledadDocument(doc_id='some_doc', json=private_key.get_json()) + private_key = self._private_key(SOME_EMAIL_ADDRESS, SOME_FINGERPRINT) + private_key_doc = SoledadDocument(doc_id='some_doc', json=private_key.get_active_json()) when(soledad).get_all_docs().thenReturn(defer.succeed((1, [private_key_doc]))) yield SoledadMaintenance(soledad).repair() - verify(soledad).create_doc_from_json('{"key_id": "4914254E384E264C", "tags": ["keymanager-active"], "type": "OpenPGPKey-active", "private": false, "address": "foo@example.tld"}') + verify(soledad).create_doc_from_json('{"encr_used": false, "sign_used": false, "validation": "Weak_Chain", "version": 1, "address": "foo@example.tld", "last_audited_at": 0, "fingerprint": "4914254E384E264C", "type": "OpenPGPKey-active", "private": false, "tags": ["keymanager-active"]}') - def _public_key(self, address, keyid): - return self._gpgkey(address, keyid, private=False) + def _public_key(self, address, fingerprint): + return self._gpgkey(address, fingerprint, private=False) - def _private_key(self, address, keyid): - return self._gpgkey(address, keyid, private=True) + def _private_key(self, address, fingerprint): + return self._gpgkey(address, fingerprint, private=True) - def _gpgkey(self, address, keyid, private=False): - return OpenPGPKey(address, key_id=keyid, private=private) + def _gpgkey(self, address, fingerprint, private=False): + return OpenPGPKey(address, fingerprint=fingerprint, private=private) diff --git a/service/test/unit/resources/test_keys_resources.py b/service/test/unit/resources/test_keys_resources.py index 6aa822e1..2bf53cb4 100644 --- a/service/test/unit/resources/test_keys_resources.py +++ b/service/test/unit/resources/test_keys_resources.py @@ -44,20 +44,16 @@ class TestKeysResource(unittest.TestCase): d = self.web.get(request) expected = { - "tags": ["keymanager-key"], - "fingerprint": '', - "private": False, - 'sign_used': False, - 'refreshed_at': 0, - "expiry_date": 0, - "address": 'some@key', - 'encr_used': False, - 'last_audited_at': 0, - 'key_data': '', - 'length': 0, - 'key_id': '', - 'validation': 'Weak_Chain', - 'type': 'OpenPGPKey', + u'address': u'some@key', + u'encr_used': False, + u'fingerprint': u'', + u'last_audited_at': 0, + u'private': False, + u'sign_used': False, + u'tags': [u'keymanager-active'], + u'type': u'OpenPGPKey-active', + u'validation': u'Weak_Chain', + u'version': 1, } def assert_response(_): diff --git a/service/test/unit/resources/test_logout_resources.py b/service/test/unit/resources/test_logout_resources.py index 6246eeb9..312d2ba4 100644 --- a/service/test/unit/resources/test_logout_resources.py +++ b/service/test/unit/resources/test_logout_resources.py @@ -1,6 +1,6 @@ -from mock import patch -from mockito import mock, verify +from mock import patch, MagicMock from twisted.trial import unittest +from twisted.internet import defer from twisted.web.error import UnsupportedMethod from twisted.web.test.requesthelper import DummyRequest @@ -10,8 +10,9 @@ from test.unit.resources import DummySite class TestLogoutResource(unittest.TestCase): def setUp(self): - self.services_factory = mock() + self.services_factory = MagicMock() self.resource = LogoutResource(self.services_factory) + self.services_factory.log_out_user.return_value = defer.succeed(None) self.web = DummySite(self.resource) @patch('twisted.web.util.redirectTo') @@ -19,14 +20,16 @@ class TestLogoutResource(unittest.TestCase): request = DummyRequest(['/logout']) request.method = 'POST' - mock_redirect.return_value = 'haha' + session = self.resource.get_session(request) + session.expire = MagicMock() + mock_redirect.return_value = 'some redirect response' d = self.web.get(request) def expire_session_and_redirect(_): session = self.resource.get_session(request) - self.assertFalse(session.is_logged_in()) - verify(self.services_factory).log_out_user(session.user_uuid) + self.services_factory.log_out_user.assert_called_once_with(session.user_uuid) + session.expire.assert_called_once_with() mock_redirect.assert_called_once_with('/login', request) d.addCallback(expire_session_and_redirect) diff --git a/service/test/unit/resources/test_sandbox_resource.py b/service/test/unit/resources/test_sandbox_resource.py new file mode 100644 index 00000000..3db43e12 --- /dev/null +++ b/service/test/unit/resources/test_sandbox_resource.py @@ -0,0 +1,38 @@ +import os +import unittest + +from twisted.internet import defer +from twisted.web.test.requesthelper import DummyRequest + +from pixelated.resources.sandbox_resource import SandboxResource +from test.unit.resources import DummySite + + +class TestSandBoxResource(unittest.TestCase): + def setUp(self): + static_folder = os.path.dirname(os.path.abspath(__file__)) + self.resource = SandboxResource(static_folder) + self.resource.isLeaf = True + self.web = DummySite(self.resource) + + @defer.inlineCallbacks + def test_render_GET_should_set_sandbox_csp_header(self): + request = DummyRequest(['/sandbox']) + request.method = 'GET' + request.isSecure = lambda: True + request.redirect = lambda _: 'irrelevant' + + expected_csp_headers = "sandbox allow-popups allow-scripts;" \ + "default-src 'self';" \ + "style-src *;" \ + "script-src *;" \ + "font-src *;" \ + "img-src *;" \ + "object-src 'none';" \ + "connect-src 'none';" + + yield self.web.get(request) + + self.assertEquals(expected_csp_headers, request.outgoingHeaders.get('X-Content-Security-Policy'.lower())) + self.assertEquals(expected_csp_headers, request.outgoingHeaders.get('Content-Security-Policy'.lower())) + self.assertEquals(expected_csp_headers, request.outgoingHeaders.get('X-Webkit-CSP'.lower())) diff --git a/service/test_requirements.txt b/service/test_requirements.txt index 3d4c73cb..52278140 100644 --- a/service/test_requirements.txt +++ b/service/test_requirements.txt @@ -10,4 +10,5 @@ tempdir==0.6 coverage crochet==1.4.0 poster==0.8.1 -locustio==0.7.3
\ No newline at end of file +locustio==0.7.3 +Twisted==15.5.0 |