diff options
author | drebs <drebs@leap.se> | 2013-06-06 15:04:16 -0300 |
---|---|---|
committer | drebs <drebs@leap.se> | 2013-06-06 15:08:12 -0300 |
commit | c4908dc0d530be00a26cfbfe3af2d639f9c4eea9 (patch) | |
tree | 40ad3bd374d2d9958046e3dc8f6caad741c5727f | |
parent | 72ed38dcf7b0180e261fa0937e01f6767ffa30ec (diff) |
Add encrypted sync test case.
-rw-r--r-- | src/leap/soledad/tests/test_server.py | 148 |
1 files changed, 145 insertions, 3 deletions
diff --git a/src/leap/soledad/tests/test_server.py b/src/leap/soledad/tests/test_server.py index ec3f636b..02276d87 100644 --- a/src/leap/soledad/tests/test_server.py +++ b/src/leap/soledad/tests/test_server.py @@ -25,15 +25,40 @@ import shutil import tempfile import simplejson as json import hashlib +import mock + + +from leap.soledad import Soledad +from leap.soledad.server import ( + SoledadApp, + SoledadAuthMiddleware, + URLToAuth, +) +from leap.soledad.backends.couch import ( + CouchServerState, + CouchDatabase, +) +from leap.soledad.backends import leap_backend -from leap.soledad.server import URLToAuth from leap.common.testing.basetest import BaseLeapTest +from leap.soledad.tests import ADDRESS +from leap.soledad.tests.u1db_tests import ( + TestCaseWithServer, + simple_doc, + nested_doc, +) +from leap.soledad.tests.test_couch import CouchDBTestCase +from leap.soledad.tests.test_leap_backend import ( + make_token_soledad_app, + make_leap_document_for_test, + token_leap_sync_target, +) -class SoledadServerTestCase(BaseLeapTest): +class ServerAuthorizationTestCase(BaseLeapTest): """ - Tests that guarantee that data will always be encrypted when syncing. + Tests related to Soledad server authorization. """ def setUp(self): @@ -237,3 +262,120 @@ class SoledadServerTestCase(BaseLeapTest): self.assertFalse( authmap.is_authorized( self._make_environ('/%s/sync-from/x' % dbname, 'POST'))) + + +class EncryptedSyncTestCase( + CouchDBTestCase, TestCaseWithServer): + """ + Tests for encrypted sync using Soledad server backed by a couch database. + """ + + @staticmethod + def make_app_with_state(state): + return make_token_soledad_app(state) + + make_document_for_test = make_leap_document_for_test + + sync_target = token_leap_sync_target + + def _soledad_instance(self, user='user-uuid', passphrase='123', + prefix='', + secrets_path=Soledad.STORAGE_SECRETS_FILE_NAME, + local_db_path='soledad.u1db', server_url='', + cert_file=None, auth_token=None, secret_id=None): + """ + Instantiate Soledad. + """ + + # this callback ensures we save a document which is sent to the shared + # db. + def _put_doc_side_effect(doc): + self._doc_put = doc + + # we need a mocked shared db or else Soledad will try to access the + # network to find if there are uploaded secrets. + class MockSharedDB(object): + + get_doc = mock.Mock(return_value=None) + put_doc = mock.Mock(side_effect=_put_doc_side_effect) + + def __call__(self): + return self + + Soledad._shared_db = MockSharedDB() + return Soledad( + user, + passphrase, + secrets_path=os.path.join(self.tempdir, prefix, secrets_path), + local_db_path=os.path.join( + self.tempdir, prefix, local_db_path), + server_url=server_url, + cert_file=cert_file, + auth_token=auth_token, + secret_id=secret_id) + + def make_app(self): + self.request_state = CouchServerState(self._couch_url) + return self.make_app_with_state(self.request_state) + + def setUp(self): + TestCaseWithServer.setUp(self) + CouchDBTestCase.setUp(self) + self.tempdir = tempfile.mkdtemp(prefix="leap_tests-") + self._couch_url = 'http://localhost:' + str(self.wrapper.port) + + def tearDown(self): + CouchDBTestCase.tearDown(self) + TestCaseWithServer.tearDown(self) + + def test_encrypted_sym_sync(self): + """ + Test the complete syncing chain between two soledad dbs using a + Soledad server backed by a couch database. + """ + self.startServer() + # instantiate soledad and create a document + sol1 = self._soledad_instance( + # token is verified in test_leap_backend.make_token_soledad_app + auth_token='auth-token' + ) + _, doclist = sol1.get_all_docs() + self.assertEqual([], doclist) + doc1 = sol1.create_doc(json.loads(simple_doc)) + # sync with server + sol1._server_url = self.getURL() + sol1.sync() + # assert doc was sent to couch db + db = CouchDatabase( + self._couch_url, + # the name of the user database is "user-<uuid>". + 'user-user-uuid', + ) + _, doclist = db.get_all_docs() + self.assertEqual(1, len(doclist)) + couchdoc = doclist[0] + # assert document structure in couch server + self.assertEqual(doc1.doc_id, couchdoc.doc_id) + self.assertEqual(doc1.rev, couchdoc.rev) + self.assertEqual(6, len(couchdoc.content)) + self.assertTrue(leap_backend.ENC_JSON_KEY in couchdoc.content) + self.assertTrue(leap_backend.ENC_SCHEME_KEY in couchdoc.content) + self.assertTrue(leap_backend.ENC_METHOD_KEY in couchdoc.content) + self.assertTrue(leap_backend.ENC_IV_KEY in couchdoc.content) + self.assertTrue(leap_backend.MAC_KEY in couchdoc.content) + self.assertTrue(leap_backend.MAC_METHOD_KEY in couchdoc.content) + # instantiate soledad with empty db, but with same secrets path + sol2 = self._soledad_instance(prefix='x', auth_token='auth-token') + _, doclist = sol2.get_all_docs() + self.assertEqual([], doclist) + sol2._secrets_path = sol1.secrets_path + sol2._load_secrets() + sol2._set_secret_id(sol1._secret_id) + # sync the new instance + sol2._server_url = self.getURL() + sol2.sync() + _, doclist = sol2.get_all_docs() + self.assertEqual(1, len(doclist)) + doc2 = doclist[0] + # assert incoming doc is equal to the first sent doc + self.assertEqual(doc1, doc2) |