netbox-community-netbox/netbox/secrets/tests/test_api.py

import base64

from django.urls import reverse
from rest_framework import status

from dcim.models import Device, DeviceRole, DeviceType, Manufacturer, Site
from secrets.models import Secret, SecretRole, SessionKey, UserKey
from users.models import Token
from utilities.testing import APITestCase, create_test_user
from .constants import PRIVATE_KEY, PUBLIC_KEY


class AppTest(APITestCase):

    def test_root(self):

        url = reverse('secrets-api:api-root')
        response = self.client.get('{}?format=api'.format(url), **self.header)

        self.assertEqual(response.status_code, 200)

    def test_choices(self):

        url = reverse('secrets-api:field-choice-list')
        response = self.client.get(url, **self.header)

        self.assertEqual(response.status_code, 200)


class SecretRoleTest(APITestCase):

    def setUp(self):

        super().setUp()

        self.secretrole1 = SecretRole.objects.create(name='Test Secret Role 1', slug='test-secret-role-1')
        self.secretrole2 = SecretRole.objects.create(name='Test Secret Role 2', slug='test-secret-role-2')
        self.secretrole3 = SecretRole.objects.create(name='Test Secret Role 3', slug='test-secret-role-3')

    def test_get_secretrole(self):

        url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})
        response = self.client.get(url, **self.header)

        self.assertEqual(response.data['name'], self.secretrole1.name)

    def test_list_secretroles(self):

        url = reverse('secrets-api:secretrole-list')
        response = self.client.get(url, **self.header)

        self.assertEqual(response.data['count'], 3)

    def test_list_secretroles_brief(self):

        url = reverse('secrets-api:secretrole-list')
        response = self.client.get('{}?brief=1'.format(url), **self.header)

        self.assertEqual(
            sorted(response.data['results'][0]),
            ['id', 'name', 'secret_count', 'slug', 'url']
        )

    def test_create_secretrole(self):

        data = {
            'name': 'Test Secret Role 4',
            'slug': 'test-secret-role-4',
        }

        url = reverse('secrets-api:secretrole-list')
        response = self.client.post(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_201_CREATED)
        self.assertEqual(SecretRole.objects.count(), 4)
        secretrole4 = SecretRole.objects.get(pk=response.data['id'])
        self.assertEqual(secretrole4.name, data['name'])
        self.assertEqual(secretrole4.slug, data['slug'])

    def test_create_secretrole_bulk(self):

        data = [
            {
                'name': 'Test Secret Role 4',
                'slug': 'test-secret-role-4',
            },
            {
                'name': 'Test Secret Role 5',
                'slug': 'test-secret-role-5',
            },
            {
                'name': 'Test Secret Role 6',
                'slug': 'test-secret-role-6',
            },
        ]

        url = reverse('secrets-api:secretrole-list')
        response = self.client.post(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_201_CREATED)
        self.assertEqual(SecretRole.objects.count(), 6)
        self.assertEqual(response.data[0]['name'], data[0]['name'])
        self.assertEqual(response.data[1]['name'], data[1]['name'])
        self.assertEqual(response.data[2]['name'], data[2]['name'])

    def test_update_secretrole(self):

        data = {
            'name': 'Test SecretRole X',
            'slug': 'test-secretrole-x',
        }

        url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})
        response = self.client.put(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_200_OK)
        self.assertEqual(SecretRole.objects.count(), 3)
        secretrole1 = SecretRole.objects.get(pk=response.data['id'])
        self.assertEqual(secretrole1.name, data['name'])
        self.assertEqual(secretrole1.slug, data['slug'])

    def test_delete_secretrole(self):

        url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})
        response = self.client.delete(url, **self.header)

        self.assertHttpStatus(response, status.HTTP_204_NO_CONTENT)
        self.assertEqual(SecretRole.objects.count(), 2)


class SecretTest(APITestCase):

    def setUp(self):

        # Create a non-superuser test user
        self.user = create_test_user('testuser', permissions=(
            'secrets.add_secret',
            'secrets.change_secret',
            'secrets.delete_secret',
            'secrets.view_secret',
        ))
        self.token = Token.objects.create(user=self.user)
        self.header = {'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key)}

        userkey = UserKey(user=self.user, public_key=PUBLIC_KEY)
        userkey.save()
        self.master_key = userkey.get_master_key(PRIVATE_KEY)
        session_key = SessionKey(userkey=userkey)
        session_key.save(self.master_key)

        self.header = {
            'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key),
            'HTTP_X_SESSION_KEY': base64.b64encode(session_key.key),
        }

        self.plaintexts = (
            'Secret #1 Plaintext',
            'Secret #2 Plaintext',
            'Secret #3 Plaintext',
        )

        site = Site.objects.create(name='Test Site 1', slug='test-site-1')
        manufacturer = Manufacturer.objects.create(name='Test Manufacturer 1', slug='test-manufacturer-1')
        devicetype = DeviceType.objects.create(manufacturer=manufacturer, model='Test Device Type 1')
        devicerole = DeviceRole.objects.create(name='Test Device Role 1', slug='test-device-role-1')
        self.device = Device.objects.create(
            name='Test Device 1', site=site, device_type=devicetype, device_role=devicerole
        )
        self.secretrole1 = SecretRole.objects.create(name='Test Secret Role 1', slug='test-secret-role-1')
        self.secretrole2 = SecretRole.objects.create(name='Test Secret Role 2', slug='test-secret-role-2')
        self.secret1 = Secret(
            device=self.device, role=self.secretrole1, name='Test Secret 1', plaintext=self.plaintexts[0]
        )
        self.secret1.encrypt(self.master_key)
        self.secret1.save()
        self.secret2 = Secret(
            device=self.device, role=self.secretrole1, name='Test Secret 2', plaintext=self.plaintexts[1]
        )
        self.secret2.encrypt(self.master_key)
        self.secret2.save()
        self.secret3 = Secret(
            device=self.device, role=self.secretrole1, name='Test Secret 3', plaintext=self.plaintexts[2]
        )
        self.secret3.encrypt(self.master_key)
        self.secret3.save()

    def test_get_secret(self):

        url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})

        # Secret plaintext not be decrypted as the user has not been assigned to the role
        response = self.client.get(url, **self.header)
        self.assertIsNone(response.data['plaintext'])

        # The plaintext should be present once the user has been assigned to the role
        self.secretrole1.users.add(self.user)
        response = self.client.get(url, **self.header)
        self.assertEqual(response.data['plaintext'], self.plaintexts[0])

    def test_list_secrets(self):

        url = reverse('secrets-api:secret-list')

        # Secret plaintext not be decrypted as the user has not been assigned to the role
        response = self.client.get(url, **self.header)
        self.assertEqual(response.data['count'], 3)
        for secret in response.data['results']:
            self.assertIsNone(secret['plaintext'])

        # The plaintext should be present once the user has been assigned to the role
        self.secretrole1.users.add(self.user)
        response = self.client.get(url, **self.header)
        self.assertEqual(response.data['count'], 3)
        for i, secret in enumerate(response.data['results']):
            self.assertEqual(secret['plaintext'], self.plaintexts[i])

    def test_create_secret(self):

        data = {
            'device': self.device.pk,
            'role': self.secretrole1.pk,
            'name': 'Test Secret 4',
            'plaintext': 'Secret #4 Plaintext',
        }

        url = reverse('secrets-api:secret-list')
        response = self.client.post(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_201_CREATED)
        self.assertEqual(response.data['plaintext'], data['plaintext'])
        self.assertEqual(Secret.objects.count(), 4)
        secret4 = Secret.objects.get(pk=response.data['id'])
        secret4.decrypt(self.master_key)
        self.assertEqual(secret4.role_id, data['role'])
        self.assertEqual(secret4.plaintext, data['plaintext'])

    def test_create_secret_bulk(self):

        data = [
            {
                'device': self.device.pk,
                'role': self.secretrole1.pk,
                'name': 'Test Secret 4',
                'plaintext': 'Secret #4 Plaintext',
            },
            {
                'device': self.device.pk,
                'role': self.secretrole1.pk,
                'name': 'Test Secret 5',
                'plaintext': 'Secret #5 Plaintext',
            },
            {
                'device': self.device.pk,
                'role': self.secretrole1.pk,
                'name': 'Test Secret 6',
                'plaintext': 'Secret #6 Plaintext',
            },
        ]

        url = reverse('secrets-api:secret-list')
        response = self.client.post(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_201_CREATED)
        self.assertEqual(Secret.objects.count(), 6)
        self.assertEqual(response.data[0]['plaintext'], data[0]['plaintext'])
        self.assertEqual(response.data[1]['plaintext'], data[1]['plaintext'])
        self.assertEqual(response.data[2]['plaintext'], data[2]['plaintext'])

    def test_update_secret(self):

        data = {
            'device': self.device.pk,
            'role': self.secretrole2.pk,
            'plaintext': 'NewPlaintext',
        }

        url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})
        response = self.client.put(url, data, format='json', **self.header)

        self.assertHttpStatus(response, status.HTTP_200_OK)
        self.assertEqual(response.data['plaintext'], data['plaintext'])
        self.assertEqual(Secret.objects.count(), 3)
        secret1 = Secret.objects.get(pk=response.data['id'])
        secret1.decrypt(self.master_key)
        self.assertEqual(secret1.role_id, data['role'])
        self.assertEqual(secret1.plaintext, data['plaintext'])

    def test_delete_secret(self):

        url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})
        response = self.client.delete(url, **self.header)

        self.assertHttpStatus(response, status.HTTP_204_NO_CONTENT)
        self.assertEqual(Secret.objects.count(), 2)


class GetSessionKeyTest(APITestCase):

    def setUp(self):

        super().setUp()

        userkey = UserKey(user=self.user, public_key=PUBLIC_KEY)
        userkey.save()
        master_key = userkey.get_master_key(PRIVATE_KEY)
        self.session_key = SessionKey(userkey=userkey)
        self.session_key.save(master_key)

        self.header = {
            'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key),
        }

    def test_get_session_key(self):

        encoded_session_key = base64.b64encode(self.session_key.key).decode()

        url = reverse('secrets-api:get-session-key-list')
        data = {
            'private_key': PRIVATE_KEY,
        }
        response = self.client.post(url, data, **self.header)

        self.assertHttpStatus(response, status.HTTP_200_OK)
        self.assertIsNotNone(response.data.get('session_key'))
        self.assertNotEqual(response.data.get('session_key'), encoded_session_key)

    def test_get_session_key_preserved(self):

        encoded_session_key = base64.b64encode(self.session_key.key).decode()

        url = reverse('secrets-api:get-session-key-list') + '?preserve_key=True'
        data = {
            'private_key': PRIVATE_KEY,
        }
        response = self.client.post(url, data, **self.header)

        self.assertHttpStatus(response, status.HTTP_200_OK)
        self.assertEqual(response.data.get('session_key'), encoded_session_key)
Closes #1691: Cleaned up and reorganized import statements 2017-11-07 11:08:23 -05:00			`import base64`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`from django.urls import reverse`
Closes #1691: Cleaned up and reorganized import statements 2017-11-07 11:08:23 -05:00			`from rest_framework import status`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`from dcim.models import Device, DeviceRole, DeviceType, Manufacturer, Site`
			`from secrets.models import Secret, SecretRole, SessionKey, UserKey`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`from users.models import Token`
			`from utilities.testing import APITestCase, create_test_user`
Add secrets CSV import tests 2019-12-12 11:26:48 -05:00			`from .constants import PRIVATE_KEY, PUBLIC_KEY`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00

Add tests for browsable API endpoints 2020-01-15 17:47:55 -05:00			`class AppTest(APITestCase):`

			`def test_root(self):`

			`url = reverse('secrets-api:api-root')`
			`response = self.client.get('{}?format=api'.format(url), **self.header)`

			`self.assertEqual(response.status_code, 200)`
Add _choices endpoint tests for all apps 2020-01-14 15:50:32 -05:00
			`def test_choices(self):`

			`url = reverse('secrets-api:field-choice-list')`
			`response = self.client.get(url, **self.header)`

			`self.assertEqual(response.status_code, 200)`


Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`class SecretRoleTest(APITestCase):`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`def setUp(self):`

Closes #2614: Simplify calls of super() for Python 3 2018-11-27 10:52:24 -05:00			`super().setUp()`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`self.secretrole1 = SecretRole.objects.create(name='Test Secret Role 1', slug='test-secret-role-1')`
			`self.secretrole2 = SecretRole.objects.create(name='Test Secret Role 2', slug='test-secret-role-2')`
			`self.secretrole3 = SecretRole.objects.create(name='Test Secret Role 3', slug='test-secret-role-3')`

			`def test_get_secretrole(self):`

			`url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})`
			`response = self.client.get(url, **self.header)`

			`self.assertEqual(response.data['name'], self.secretrole1.name)`

			`def test_list_secretroles(self):`

			`url = reverse('secrets-api:secretrole-list')`
			`response = self.client.get(url, **self.header)`

			`self.assertEqual(response.data['count'], 3)`

#2487: Added API tests 2018-10-04 16:20:01 -04:00			`def test_list_secretroles_brief(self):`

			`url = reverse('secrets-api:secretrole-list')`
			`response = self.client.get('{}?brief=1'.format(url), **self.header)`

			`self.assertEqual(`
			`sorted(response.data['results'][0]),`
Added child counts to API serializers (WIP) 2019-04-12 17:07:56 -04:00			`['id', 'name', 'secret_count', 'slug', 'url']`
#2487: Added API tests 2018-10-04 16:20:01 -04:00			`)`

Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`def test_create_secretrole(self):`

			`data = {`
Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`'name': 'Test Secret Role 4',`
			`'slug': 'test-secret-role-4',`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`}`

			`url = reverse('secrets-api:secretrole-list')`
Standardize on JSON data format for all POST/PUT test client requests 2017-11-08 13:54:35 -05:00			`response = self.client.post(url, data, format='json', **self.header)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_201_CREATED)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(SecretRole.objects.count(), 4)`
			`secretrole4 = SecretRole.objects.get(pk=response.data['id'])`
			`self.assertEqual(secretrole4.name, data['name'])`
			`self.assertEqual(secretrole4.slug, data['slug'])`

Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`def test_create_secretrole_bulk(self):`

			`data = [`
			`{`
			`'name': 'Test Secret Role 4',`
			`'slug': 'test-secret-role-4',`
			`},`
			`{`
			`'name': 'Test Secret Role 5',`
			`'slug': 'test-secret-role-5',`
			`},`
			`{`
			`'name': 'Test Secret Role 6',`
			`'slug': 'test-secret-role-6',`
			`},`
			`]`

			`url = reverse('secrets-api:secretrole-list')`
			`response = self.client.post(url, data, format='json', **self.header)`

			`self.assertHttpStatus(response, status.HTTP_201_CREATED)`
			`self.assertEqual(SecretRole.objects.count(), 6)`
			`self.assertEqual(response.data[0]['name'], data[0]['name'])`
			`self.assertEqual(response.data[1]['name'], data[1]['name'])`
			`self.assertEqual(response.data[2]['name'], data[2]['name'])`

Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`def test_update_secretrole(self):`

			`data = {`
			`'name': 'Test SecretRole X',`
			`'slug': 'test-secretrole-x',`
			`}`

			`url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})`
Standardize on JSON data format for all POST/PUT test client requests 2017-11-08 13:54:35 -05:00			`response = self.client.put(url, data, format='json', **self.header)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_200_OK)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(SecretRole.objects.count(), 3)`
			`secretrole1 = SecretRole.objects.get(pk=response.data['id'])`
			`self.assertEqual(secretrole1.name, data['name'])`
			`self.assertEqual(secretrole1.slug, data['slug'])`

			`def test_delete_secretrole(self):`

			`url = reverse('secrets-api:secretrole-detail', kwargs={'pk': self.secretrole1.pk})`
			`response = self.client.delete(url, **self.header)`

Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_204_NO_CONTENT)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(SecretRole.objects.count(), 2)`


Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`class SecretTest(APITestCase):`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`def setUp(self):`

Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`# Create a non-superuser test user`
			`self.user = create_test_user('testuser', permissions=(`
			`'secrets.add_secret',`
			`'secrets.change_secret',`
			`'secrets.delete_secret',`
			`'secrets.view_secret',`
			`))`
			`self.token = Token.objects.create(user=self.user)`
			`self.header = {'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key)}`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`userkey = UserKey(user=self.user, public_key=PUBLIC_KEY)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`userkey.save()`
			`self.master_key = userkey.get_master_key(PRIVATE_KEY)`
			`session_key = SessionKey(userkey=userkey)`
			`session_key.save(self.master_key)`

			`self.header = {`
Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key),`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`'HTTP_X_SESSION_KEY': base64.b64encode(session_key.key),`
			`}`

Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`self.plaintexts = (`
			`'Secret #1 Plaintext',`
			`'Secret #2 Plaintext',`
			`'Secret #3 Plaintext',`
			`)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`site = Site.objects.create(name='Test Site 1', slug='test-site-1')`
			`manufacturer = Manufacturer.objects.create(name='Test Manufacturer 1', slug='test-manufacturer-1')`
			`devicetype = DeviceType.objects.create(manufacturer=manufacturer, model='Test Device Type 1')`
			`devicerole = DeviceRole.objects.create(name='Test Device Role 1', slug='test-device-role-1')`
			`self.device = Device.objects.create(`
			`name='Test Device 1', site=site, device_type=devicetype, device_role=devicerole`
			`)`
			`self.secretrole1 = SecretRole.objects.create(name='Test Secret Role 1', slug='test-secret-role-1')`
			`self.secretrole2 = SecretRole.objects.create(name='Test Secret Role 2', slug='test-secret-role-2')`
			`self.secret1 = Secret(`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`device=self.device, role=self.secretrole1, name='Test Secret 1', plaintext=self.plaintexts[0]`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`)`
			`self.secret1.encrypt(self.master_key)`
			`self.secret1.save()`
			`self.secret2 = Secret(`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`device=self.device, role=self.secretrole1, name='Test Secret 2', plaintext=self.plaintexts[1]`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`)`
			`self.secret2.encrypt(self.master_key)`
			`self.secret2.save()`
			`self.secret3 = Secret(`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`device=self.device, role=self.secretrole1, name='Test Secret 3', plaintext=self.plaintexts[2]`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`)`
			`self.secret3.encrypt(self.master_key)`
			`self.secret3.save()`

			`def test_get_secret(self):`

			`url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00
			`# Secret plaintext not be decrypted as the user has not been assigned to the role`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`response = self.client.get(url, **self.header)`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`self.assertIsNone(response.data['plaintext'])`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`# The plaintext should be present once the user has been assigned to the role`
			`self.secretrole1.users.add(self.user)`
			`response = self.client.get(url, **self.header)`
			`self.assertEqual(response.data['plaintext'], self.plaintexts[0])`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`def test_list_secrets(self):`

			`url = reverse('secrets-api:secret-list')`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00
			`# Secret plaintext not be decrypted as the user has not been assigned to the role`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`response = self.client.get(url, **self.header)`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`self.assertEqual(response.data['count'], 3)`
			`for secret in response.data['results']:`
			`self.assertIsNone(secret['plaintext'])`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`# The plaintext should be present once the user has been assigned to the role`
			`self.secretrole1.users.add(self.user)`
			`response = self.client.get(url, **self.header)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(response.data['count'], 3)`
Fixes #4146: Fix SecretRole permissions enforcement 2020-02-12 11:13:32 -05:00			`for i, secret in enumerate(response.data['results']):`
			`self.assertEqual(secret['plaintext'], self.plaintexts[i])`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
			`def test_create_secret(self):`

			`data = {`
			`'device': self.device.pk,`
			`'role': self.secretrole1.pk,`
Fix bulk creation of Secrets via API 2018-01-02 17:07:21 -05:00			`'name': 'Test Secret 4',`
			`'plaintext': 'Secret #4 Plaintext',`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`}`

			`url = reverse('secrets-api:secret-list')`
Standardize on JSON data format for all POST/PUT test client requests 2017-11-08 13:54:35 -05:00			`response = self.client.post(url, data, format='json', **self.header)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_201_CREATED)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(response.data['plaintext'], data['plaintext'])`
			`self.assertEqual(Secret.objects.count(), 4)`
			`secret4 = Secret.objects.get(pk=response.data['id'])`
			`secret4.decrypt(self.master_key)`
			`self.assertEqual(secret4.role_id, data['role'])`
			`self.assertEqual(secret4.plaintext, data['plaintext'])`

Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`def test_create_secret_bulk(self):`

			`data = [`
			`{`
			`'device': self.device.pk,`
			`'role': self.secretrole1.pk,`
Fix bulk creation of Secrets via API 2018-01-02 17:07:21 -05:00			`'name': 'Test Secret 4',`
Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`'plaintext': 'Secret #4 Plaintext',`
			`},`
			`{`
			`'device': self.device.pk,`
			`'role': self.secretrole1.pk,`
Fix bulk creation of Secrets via API 2018-01-02 17:07:21 -05:00			`'name': 'Test Secret 5',`
Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`'plaintext': 'Secret #5 Plaintext',`
			`},`
			`{`
			`'device': self.device.pk,`
			`'role': self.secretrole1.pk,`
Fix bulk creation of Secrets via API 2018-01-02 17:07:21 -05:00			`'name': 'Test Secret 6',`
Added bulk creation API tests 2018-01-02 16:29:44 -05:00			`'plaintext': 'Secret #6 Plaintext',`
			`},`
			`]`

			`url = reverse('secrets-api:secret-list')`
			`response = self.client.post(url, data, format='json', **self.header)`

			`self.assertHttpStatus(response, status.HTTP_201_CREATED)`
			`self.assertEqual(Secret.objects.count(), 6)`
			`self.assertEqual(response.data[0]['plaintext'], data[0]['plaintext'])`
			`self.assertEqual(response.data[1]['plaintext'], data[1]['plaintext'])`
			`self.assertEqual(response.data[2]['plaintext'], data[2]['plaintext'])`

Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`def test_update_secret(self):`

			`data = {`
			`'device': self.device.pk,`
			`'role': self.secretrole2.pk,`
			`'plaintext': 'NewPlaintext',`
			`}`

			`url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})`
Standardize on JSON data format for all POST/PUT test client requests 2017-11-08 13:54:35 -05:00			`response = self.client.put(url, data, format='json', **self.header)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00
Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_200_OK)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(response.data['plaintext'], data['plaintext'])`
			`self.assertEqual(Secret.objects.count(), 3)`
			`secret1 = Secret.objects.get(pk=response.data['id'])`
			`secret1.decrypt(self.master_key)`
			`self.assertEqual(secret1.role_id, data['role'])`
			`self.assertEqual(secret1.plaintext, data['plaintext'])`

			`def test_delete_secret(self):`

			`url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})`
			`response = self.client.delete(url, **self.header)`

Introduced HttpStatusMixin to provide more detail on HTTP response status test failures 2017-03-20 13:46:47 -04:00			`self.assertHttpStatus(response, status.HTTP_204_NO_CONTENT)`
Wrote tests for secrets API 2017-03-17 16:01:57 -04:00			`self.assertEqual(Secret.objects.count(), 2)`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00

Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`class GetSessionKeyTest(APITestCase):`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00
			`def setUp(self):`

Closes #2614: Simplify calls of super() for Python 3 2018-11-27 10:52:24 -05:00			`super().setUp()`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00
Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`userkey = UserKey(user=self.user, public_key=PUBLIC_KEY)`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00			`userkey.save()`
			`master_key = userkey.get_master_key(PRIVATE_KEY)`
			`self.session_key = SessionKey(userkey=userkey)`
			`self.session_key.save(master_key)`

			`self.header = {`
Refactored the tests to remove a lot of boilerplate 2018-08-03 11:39:26 -04:00			`'HTTP_AUTHORIZATION': 'Token {}'.format(self.token.key),`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00			`}`

			`def test_get_session_key(self):`

Base64 decoding tweaks 2017-03-29 13:39:59 -04:00			`encoded_session_key = base64.b64encode(self.session_key.key).decode()`

Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00			`url = reverse('secrets-api:get-session-key-list')`
			`data = {`
			`'private_key': PRIVATE_KEY,`
			`}`
			`response = self.client.post(url, data, **self.header)`

			`self.assertHttpStatus(response, status.HTTP_200_OK)`
			`self.assertIsNotNone(response.data.get('session_key'))`
Base64 decoding tweaks 2017-03-29 13:39:59 -04:00			`self.assertNotEqual(response.data.get('session_key'), encoded_session_key)`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00
			`def test_get_session_key_preserved(self):`

Base64 decoding tweaks 2017-03-29 13:39:59 -04:00			`encoded_session_key = base64.b64encode(self.session_key.key).decode()`
Added tests for get-session-key API endpoint 2017-03-28 11:30:38 -04:00
			`url = reverse('secrets-api:get-session-key-list') + '?preserve_key=True'`
			`data = {`
			`'private_key': PRIVATE_KEY,`
			`}`
			`response = self.client.post(url, data, **self.header)`

			`self.assertHttpStatus(response, status.HTTP_200_OK)`
			`self.assertEqual(response.data.get('session_key'), encoded_session_key)`