OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1881 Commits
13 Branches
0 Tags
45 MiB
Tree: a7b224afcf
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a7b224afcf'
${ noResults }
server-tools/keychain/tests/test_keychain.py

242 lines
8.3 KiB
Raw Normal View History

Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[FIX] split keychain backend model and test into 2 files
7 years ago
[FIX] add name to keychain.backend & add test
7 years ago
Mig V10
8 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
set test
8 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[FIX] keychain: Avoid crash upon warning (#1225)
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
[IMP] keychain: get_password must not be accessible from outside
7 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Keychain: account manager for external systems (#644) * Add keychain module
8 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Add default validation logic The goal was to force developers to write validation logic. Now it's becoming useless with keychain.backend And it adds boilerplate code. In this commit, we set a permissive default validation logic. It will reduce code in consumers module and still allow fine grained validation.
6 years ago
Update tests Use self.fail instead of self.assertTrue(false)
6 years ago
Add default validation logic The goal was to force developers to write validation logic. Now it's becoming useless with keychain.backend And it adds boilerplate code. In this commit, we set a permissive default validation logic. It will reduce code in consumers module and still allow fine grained validation.
6 years ago
  1. # -*- coding: utf-8 -*-
  2. # © 2016 Akretion Raphaël REVERDY
  3. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
  5. from odoo.tests.common import TransactionCase
  6. from odoo.tools.config import config
  7. from odoo.exceptions import ValidationError, UserError
  10. import logging
  12. _logger = logging.getLogger(__name__)
  14. try:
  15. from cryptography.fernet import Fernet
  16. except ImportError as err:
  17. _logger.debug(err)
  20. class TestKeychain(TransactionCase):
  22. def setUp(self):
  23. super(TestKeychain, self).setUp()
  25. self.keychain = self.env['keychain.account']
  26. config['keychain_key'] = Fernet.generate_key()
  28. self.old_running_env = config.get('running_env', '')
  29. config['running_env'] = None
  31. def _init_data(self):
  32. return {
  33. "c": True,
  34. "a": "b",
  35. "d": "",
  36. }
  38. def _validate_data(self, data):
  39. return 'c' in data
  41. keychain_clss = self.keychain.__class__
  42. keychain_clss._keychain_test_init_data = _init_data
  43. keychain_clss._keychain_test_validate_data = _validate_data
  45. self.keychain._fields['namespace'].selection.append(
  46. ('keychain_test', 'test')
  47. )
  49. def tearDown(self):
  50. config['running_env'] = self.old_running_env
  51. return super(TestKeychain, self).tearDown()
  53. def _create_account(self):
  54. vals = {
  55. "name": "test",
  56. "namespace": "keychain_test",
  57. "login": "test",
  58. "technical_name": "keychain.test"
  59. }
  60. return self.keychain.create(vals)
  62. def test_password(self):
  63. """It should encrypt passwords."""
  64. account = self._create_account()
  65. passwords = ('', '12345', 'djkqfljfqm', u""""'(§è!ç""")
  67. for password in passwords:
  68. account.clear_password = password
  69. account._inverse_set_password()
  70. self.assertTrue(account.clear_password != account.password)
  71. self.assertEqual(account._get_password(), password)
  73. def test_wrong_key(self):
  74. """It should raise an exception when encoded key != decoded."""
  75. account = self._create_account()
  76. password = 'urieapocq'
  77. account.clear_password = password
  78. account._inverse_set_password()
  79. config['keychain_key'] = Fernet.generate_key()
  80. try:
  81. account._get_password()
  82. self.fail('It should not work with another key')
  83. except UserError as err:
  84. self.assertTrue(True, 'It should raise a UserError')
  85. self.assertTrue(
  86. 'has been encrypted with a diff' in str(err),
  87. 'It should display the right msg')
  88. else:
  89. self.fail('It should raise a UserError')
  91. def test_no_key(self):
  92. """It should raise an exception when no key is set."""
  93. account = self._create_account()
  94. del config.options['keychain_key']
  96. with self.assertRaises(UserError) as err:
  97. account.clear_password = 'aiuepr'
  98. account._inverse_set_password()
  99. self.fail('It should not work without key')
  100. self.assertTrue(
  101. 'Use a key similar to' in str(err.exception),
  102. 'It should display the right msg')
  104. def test_badly_formatted_key(self):
  105. """It should raise an exception when key is not acceptable format."""
  106. account = self._create_account()
  108. config['keychain_key'] = ""
  109. with self.assertRaises(UserError):
  110. account.clear_password = 'aiuepr'
  111. account._inverse_set_password()
  112. self.fail('It should not work missing formated key')
  114. self.assertTrue(True, 'It shoud raise a ValueError')
  116. def test_retrieve_env(self):
  117. """Retrieve env should always return False at the end"""
  118. config['running_env'] = False
  119. self.assertListEqual(self.keychain._retrieve_env(), [False])
  121. config['running_env'] = 'dev'
  122. self.assertListEqual(self.keychain._retrieve_env(), ['dev', False])
  124. config['running_env'] = 'prod'
  125. self.assertListEqual(self.keychain._retrieve_env(), ['prod', False])
  127. def test_multienv(self):
  128. """Encrypt with dev, decrypt with dev."""
  129. account = self._create_account()
  130. config['keychain_key_dev'] = Fernet.generate_key()
  131. config['keychain_key_prod'] = Fernet.generate_key()
  132. config['running_env'] = 'dev'
  134. account.clear_password = 'abc'
  135. account._inverse_set_password()
  136. self.assertEqual(
  137. account._get_password(),
  138. 'abc', 'Should work with dev')
  140. config['running_env'] = 'prod'
  141. with self.assertRaises(UserError):
  142. self.assertEqual(
  143. account._get_password(),
  144. 'abc', 'Should not work with prod key')
  146. def test_multienv_blank(self):
  147. """Encrypt with blank, decrypt for all."""
  148. account = self._create_account()
  149. config['keychain_key'] = Fernet.generate_key()
  150. config['keychain_key_dev'] = Fernet.generate_key()
  151. config['keychain_key_prod'] = Fernet.generate_key()
  152. config['running_env'] = ''
  154. account.clear_password = 'abc'
  155. account._inverse_set_password()
  156. self.assertEqual(
  157. account._get_password(),
  158. 'abc', 'Should work with dev')
  160. config['running_env'] = 'prod'
  161. self.assertEqual(
  162. account._get_password(),
  163. 'abc', 'Should work with prod')
  165. def test_multienv_force(self):
  166. """Set the env on the record"""
  168. account = self._create_account()
  169. account.environment = 'prod'
  171. config['keychain_key'] = Fernet.generate_key()
  172. config['keychain_key_dev'] = Fernet.generate_key()
  173. config['keychain_key_prod'] = Fernet.generate_key()
  174. config['running_env'] = ''
  176. account.clear_password = 'abc'
  177. account._inverse_set_password()
  179. with self.assertRaises(UserError):
  180. self.assertEqual(
  181. account._get_password(),
  182. 'abc', 'Should not work with dev')
  184. config['running_env'] = 'prod'
  185. self.assertEqual(
  186. account._get_password(),
  187. 'abc', 'Should work with prod')
  189. def test_wrong_json(self):
  190. """It should raise an exception when data is not valid json."""
  191. account = self._create_account()
  192. wrong_jsons = ("{'hi':'o'}", "{'oq", '[>}')
  193. for json in wrong_jsons:
  194. with self.assertRaises(ValidationError) as err:
  195. account.write({"data": json})
  196. self.fail('Should not validate baddly formatted json')
  197. self.assertTrue(
  198. 'Data should be a valid JSON' in str(err.exception),
  199. 'It should raise a ValidationError')
  201. def test_invalid_json(self):
  202. """It should raise an exception when data don't pass _validate_data."""
  203. account = self._create_account()
  204. invalid_jsons = ('{}', '{"hi": 1}')
  205. for json in invalid_jsons:
  206. with self.assertRaises(ValidationError) as err:
  207. account.write({"data": json})
  208. self.assertTrue(
  209. 'Data not valid' in str(err.exception),
  210. 'It should raise a ValidationError')
  212. def test_valid_json(self):
  213. """It should work with valid data."""
  214. account = self._create_account()
  215. valid_jsons = ('{"c": true}', '{"c": 1}', '{"a": "o", "c": "b"}')
  216. for json in valid_jsons:
  217. try:
  218. account.write({"data": json})
  219. self.assertTrue(True, 'Should validate json')
  220. except:
  221. self.fail('It should validate a good json')
  223. def test_default_init_and_valid(self):
  224. """."""
  225. self.keychain._fields['namespace'].selection.append(
  226. ('keychain_test_default', 'test')
  227. )
  228. account = self.keychain.create({
  229. "name": "test",
  230. "namespace": "keychain_test_default",
  231. "login": "test",
  232. "technical_name": "keychain.test"
  233. })
  234. try:
  235. account.write({"login": "test default"})
  236. except ValidationError:
  237. self.fail('It should validate any json in default')
  239. self.assertEqual(
  240. account.data, account._serialize_data(
  241. account._default_init_data()),
  242. 'Data should be default value')