NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-18 04:56:29 -06:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Fix secrets API tests

Browse Source
This commit is contained in:
Jeremy Stretch 2020-05-28 09:51:02 -04:00
parent 814aff78b5
commit 00ce3588d3
2 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
netbox/secrets/models.py
View File

@ -1,5 +1,4 @@
import os import os
import sys
from Crypto.Cipher import AES from Crypto.Cipher import AES
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA

38
netbox/secrets/tests/test_api.py
View File

@ -5,8 +5,7 @@ from rest_framework import status
from dcim.models import Device, DeviceRole, DeviceType, Manufacturer, Site from dcim.models import Device, DeviceRole, DeviceType, Manufacturer, Site
from secrets.models import Secret, SecretRole, SessionKey, UserKey from secrets.models import Secret, SecretRole, SessionKey, UserKey
from users.models import Token from utilities.testing import APITestCase
from utilities.testing import APITestCase, create_test_user
from .constants import PRIVATE_KEY, PUBLIC_KEY from .constants import PRIVATE_KEY, PUBLIC_KEY
@ -122,16 +121,19 @@ class SecretRoleTest(APITestCase):
class SecretTest(APITestCase): class SecretTest(APITestCase):
user_permissions = (
def setUp(self):
super().setUp()
self.user.is_superuser = False
self.user.save()
self.add_permissions(
'secrets.add_secret', 'secrets.add_secret',
'secrets.change_secret', 'secrets.change_secret',
'secrets.delete_secret', 'secrets.delete_secret',
'secrets.view_secret', 'secrets.view_secret',
) )
def setUp(self):
super().setUp()
userkey = UserKey(user=self.user, public_key=PUBLIC_KEY) userkey = UserKey(user=self.user, public_key=PUBLIC_KEY)
userkey.save() userkey.save()
self.master_key = userkey.get_master_key(PRIVATE_KEY) self.master_key = userkey.get_master_key(PRIVATE_KEY)
@ -175,24 +177,25 @@ class SecretTest(APITestCase):
self.secret3.save() self.secret3.save()
def test_get_secret(self): def test_get_secret(self):
url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk}) url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})
# Secret plaintext not be decrypted as the user has not been assigned to the role # Secret plaintext should not be decrypted as the user has not been assigned to the role
response = self.client.get(url, **self.header) response = self.client.get(url, **self.header)
self.assertHttpStatus(response, status.HTTP_200_OK)
self.assertIsNone(response.data['plaintext']) self.assertIsNone(response.data['plaintext'])
# The plaintext should be present once the user has been assigned to the role # The plaintext should be present once the user has been assigned to the role
self.secretrole1.users.add(self.user) self.secretrole1.users.add(self.user)
response = self.client.get(url, **self.header) response = self.client.get(url, **self.header)
self.assertHttpStatus(response, status.HTTP_200_OK)
self.assertEqual(response.data['plaintext'], self.plaintexts[0]) self.assertEqual(response.data['plaintext'], self.plaintexts[0])
def test_list_secrets(self): def test_list_secrets(self):
url = reverse('secrets-api:secret-list') url = reverse('secrets-api:secret-list')
# Secret plaintext not be decrypted as the user has not been assigned to the role # Secret plaintext should not be decrypted as the user has not been assigned to the role
response = self.client.get(url, **self.header) response = self.client.get(url, **self.header)
self.assertHttpStatus(response, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 3) self.assertEqual(response.data['count'], 3)
for secret in response.data['results']: for secret in response.data['results']:
self.assertIsNone(secret['plaintext']) self.assertIsNone(secret['plaintext'])
@ -200,12 +203,12 @@ class SecretTest(APITestCase):
# The plaintext should be present once the user has been assigned to the role # The plaintext should be present once the user has been assigned to the role
self.secretrole1.users.add(self.user) self.secretrole1.users.add(self.user)
response = self.client.get(url, **self.header) response = self.client.get(url, **self.header)
self.assertHttpStatus(response, status.HTTP_200_OK)
self.assertEqual(response.data['count'], 3) self.assertEqual(response.data['count'], 3)
for i, secret in enumerate(response.data['results']): for i, secret in enumerate(response.data['results']):
self.assertEqual(secret['plaintext'], self.plaintexts[i]) self.assertEqual(secret['plaintext'], self.plaintexts[i])
def test_create_secret(self): def test_create_secret(self):
data = { data = {
'device': self.device.pk, 'device': self.device.pk,
'role': self.secretrole1.pk, 'role': self.secretrole1.pk,
@ -213,6 +216,9 @@ class SecretTest(APITestCase):
'plaintext': 'Secret #4 Plaintext', 'plaintext': 'Secret #4 Plaintext',
} }
# Assign test user to secret role
self.secretrole1.users.add(self.user)
url = reverse('secrets-api:secret-list') url = reverse('secrets-api:secret-list')
response = self.client.post(url, data, format='json', **self.header) response = self.client.post(url, data, format='json', **self.header)
@ -225,7 +231,6 @@ class SecretTest(APITestCase):
self.assertEqual(secret4.plaintext, data['plaintext']) self.assertEqual(secret4.plaintext, data['plaintext'])
def test_create_secret_bulk(self): def test_create_secret_bulk(self):
data = [ data = [
{ {
'device': self.device.pk, 'device': self.device.pk,
@ -247,6 +252,9 @@ class SecretTest(APITestCase):
}, },
] ]
# Assign test user to secret role
self.secretrole1.users.add(self.user)
url = reverse('secrets-api:secret-list') url = reverse('secrets-api:secret-list')
response = self.client.post(url, data, format='json', **self.header) response = self.client.post(url, data, format='json', **self.header)
@ -257,13 +265,15 @@ class SecretTest(APITestCase):
self.assertEqual(response.data[2]['plaintext'], data[2]['plaintext']) self.assertEqual(response.data[2]['plaintext'], data[2]['plaintext'])
def test_update_secret(self): def test_update_secret(self):
data = { data = {
'device': self.device.pk, 'device': self.device.pk,
'role': self.secretrole2.pk, 'role': self.secretrole2.pk,
'plaintext': 'NewPlaintext', 'plaintext': 'NewPlaintext',
} }
# Assign test user to secret role
self.secretrole1.users.add(self.user)
url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk}) url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})
response = self.client.put(url, data, format='json', **self.header) response = self.client.put(url, data, format='json', **self.header)
@ -276,6 +286,8 @@ class SecretTest(APITestCase):
self.assertEqual(secret1.plaintext, data['plaintext']) self.assertEqual(secret1.plaintext, data['plaintext'])
def test_delete_secret(self): def test_delete_secret(self):
# Assign test user to secret role
self.secretrole1.users.add(self.user)
url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk}) url = reverse('secrets-api:secret-detail', kwargs={'pk': self.secret1.pk})
response = self.client.delete(url, **self.header) response = self.client.delete(url, **self.header)