ading jwt in snapshots

This commit is contained in:
Cayo Puigdefabregas 2021-07-02 15:25:19 +02:00
parent 167f16b641
commit 3d027270cc
6 changed files with 56 additions and 31 deletions

View file

@ -3,12 +3,10 @@
import os import os
import json import json
import shutil import shutil
import hashlib
from datetime import datetime from datetime import datetime
from flask import current_app as app, g from flask import current_app as app, g
from sqlalchemy.util import OrderedSet from sqlalchemy.util import OrderedSet
from teal.marshmallow import ValidationError
from ereuse_devicehub.db import db from ereuse_devicehub.db import db
from ereuse_devicehub.resources.action.models import RateComputer, Snapshot from ereuse_devicehub.resources.action.models import RateComputer, Snapshot
@ -61,15 +59,6 @@ def move_json(tmp_snapshots, path_name, user, live=False):
os.remove(path_name) os.remove(path_name)
def check_hash_snapshot(snapshot_json):
debug = snapshot_json.pop('debug')
data = json.dumps(snapshot_json).encode('utf-8')
hash3 = hashlib.sha3_256(data).hexdigest()
if not hash3 in debug['hwinfo']:
txt = "This Snapshot is not valid"
raise ValidationError(txt)
class SnapshotView(): class SnapshotView():
"""Performs a Snapshot. """Performs a Snapshot.
@ -80,12 +69,12 @@ class SnapshotView():
# snapshot, and we want to wait to flush snapshot at the end # snapshot, and we want to wait to flush snapshot at the end
def __init__(self, snapshot_json: dict, resource_def, schema): def __init__(self, snapshot_json: dict, resource_def, schema):
# import pdb; pdb.set_trace()
self.schema = schema self.schema = schema
self.snapshot_json = snapshot_json
self.resource_def = resource_def self.resource_def = resource_def
self.tmp_snapshots = app.config['TMP_SNAPSHOTS'] self.tmp_snapshots = app.config['TMP_SNAPSHOTS']
self.path_snapshot = save_json(snapshot_json, self.tmp_snapshots, g.user.email) self.path_snapshot = save_json(snapshot_json, self.tmp_snapshots, g.user.email)
check_hash_snapshot(snapshot_json) snapshot_json.pop('debug', None)
self.snapshot_json = resource_def.schema.load(snapshot_json) self.snapshot_json = resource_def.schema.load(snapshot_json)
self.response = self.build() self.response = self.build()
move_json(self.tmp_snapshots, self.path_snapshot, g.user.email) move_json(self.tmp_snapshots, self.path_snapshot, g.user.email)

View file

@ -167,10 +167,22 @@ class LiveView(View):
return live return live
import jwt
import ereuse_utils
def decode_snapshot(data):
p = '7KU4ZzsEfe'
return jwt.decode(data, p, algorithms="HS256", json_encoder=ereuse_utils.JSONEncoder)
class ActionView(View): class ActionView(View):
def post(self): def post(self):
"""Posts an action.""" """Posts an action."""
json = request.get_json(validate=False) json = request.get_json(validate=False)
if not type(json) == dict:
json = decode_snapshot(json)
if not json or 'type' not in json: if not json or 'type' not in json:
raise ValidationError('Post request needs a json.') raise ValidationError('Post request needs a json.')
# todo there should be a way to better get subclassess resource # todo there should be a way to better get subclassess resource

View file

@ -35,4 +35,5 @@ psycopg2-binary==2.8.3
sortedcontainers==2.1.0 sortedcontainers==2.1.0
tqdm==4.32.2 tqdm==4.32.2
python-decouple==3.3 python-decouple==3.3
python-dotenv==0.14.0 python-dotenv==0.14.0
pyjwt==2.1.0

View file

@ -1,5 +1,7 @@
import io import io
import uuid import uuid
import jwt
import ereuse_utils
from contextlib import redirect_stdout from contextlib import redirect_stdout
from datetime import datetime from datetime import datetime
from pathlib import Path from pathlib import Path
@ -27,6 +29,7 @@ ENDT = datetime(year=2000, month=1, day=1, hour=2)
T = {'start_time': STARTT, 'end_time': ENDT} T = {'start_time': STARTT, 'end_time': ENDT}
"""A dummy start_time/end_time to use as function keywords.""" """A dummy start_time/end_time to use as function keywords."""
P = '7KU4ZzsEfe'
class TestConfig(DevicehubConfig): class TestConfig(DevicehubConfig):
SQLALCHEMY_DATABASE_URI = 'postgresql://dhub:ereuse@localhost/dh_test' SQLALCHEMY_DATABASE_URI = 'postgresql://dhub:ereuse@localhost/dh_test'
@ -137,12 +140,26 @@ def auth_app_context(app: Devicehub):
yield app yield app
def file(name: str) -> dict: def json_encode(dev: str) -> dict:
"""Encode json."""
return jwt.encode(dev,
P,
algorithm="HS256",
json_encoder=ereuse_utils.JSONEncoder
)
def yaml2json(name: str) -> dict:
"""Opens and parses a YAML file from the ``files`` subdir.""" """Opens and parses a YAML file from the ``files`` subdir."""
with Path(__file__).parent.joinpath('files').joinpath(name + '.yaml').open() as f: with Path(__file__).parent.joinpath('files').joinpath(name + '.yaml').open() as f:
return yaml.load(f) return yaml.load(f)
def file(name: str) -> dict:
"""Opens and parses a YAML file from the ``files`` subdir. And decode"""
return json_encode(yaml2json(name))
def file_workbench(name: str) -> dict: def file_workbench(name: str) -> dict:
"""Opens and parses a YAML file from the ``files`` subdir.""" """Opens and parses a YAML file from the ``files`` subdir."""
with Path(__file__).parent.joinpath('workbench_files').joinpath(name + '.json').open() as f: with Path(__file__).parent.joinpath('workbench_files').joinpath(name + '.json').open() as f:

View file

@ -29,7 +29,7 @@ from ereuse_devicehub.resources.device.models import Desktop, Device, GraphicCar
RamModule, SolidStateDrive RamModule, SolidStateDrive
from ereuse_devicehub.resources.enums import ComputerChassis, Severity, TestDataStorageLength from ereuse_devicehub.resources.enums import ComputerChassis, Severity, TestDataStorageLength
from tests import conftest from tests import conftest
from tests.conftest import create_user, file from tests.conftest import create_user, file, yaml2json, json_encode
@pytest.mark.mvp @pytest.mark.mvp
@ -260,6 +260,7 @@ def test_live(user: UserClient, client: Client, app: Devicehub):
"""Tests inserting a Live into the database and GETting it.""" """Tests inserting a Live into the database and GETting it."""
acer = file('acer.happy.battery.snapshot') acer = file('acer.happy.battery.snapshot')
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(acer, res=models.Snapshot)
acer = yaml2json('acer.happy.battery.snapshot')
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']
post_request = {"transaction": "ccc", "name": "John", "endUsers": 1, post_request = {"transaction": "ccc", "name": "John", "endUsers": 1,
"devices": [device_id], "description": "aaa", "devices": [device_id], "description": "aaa",
@ -292,6 +293,7 @@ def test_live(user: UserClient, client: Client, app: Devicehub):
@pytest.mark.usefixtures(conftest.app_context.__name__) @pytest.mark.usefixtures(conftest.app_context.__name__)
def test_live_example(user: UserClient, client: Client, app: Devicehub): def test_live_example(user: UserClient, client: Client, app: Devicehub):
"""Tests inserting a Live into the database and GETting it.""" """Tests inserting a Live into the database and GETting it."""
# import pdb; pdb.set_trace()
acer = file('snapshotLive') acer = file('snapshotLive')
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(acer, res=models.Snapshot)
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']
@ -304,7 +306,7 @@ def test_live_example(user: UserClient, client: Client, app: Devicehub):
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = file('live') acer = yaml2json('live')
live, _ = client.post(acer, res=models.Live) live, _ = client.post(acer, res=models.Live)
db_device = Device.query.filter_by(id=device_id).one() db_device = Device.query.filter_by(id=device_id).one()
action_live = [a for a in db_device.actions if a.type == 'Live'] action_live = [a for a in db_device.actions if a.type == 'Live']
@ -320,9 +322,9 @@ def test_live_two_users(user: UserClient, user2: UserClient, client: Client, app
"""Tests inserting a Live into the database and GETting it.""" """Tests inserting a Live into the database and GETting it."""
acer = file('snapshotLive') acer = file('snapshotLive')
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(acer, res=models.Snapshot)
acer2 = file('snapshotLive') acer2 = yaml2json('snapshotLive')
acer2['uuid'] = '3b6a9288-0ba6-4bdd-862a-2b1f660e7115' acer2['uuid'] = '3b6a9288-0ba6-4bdd-862a-2b1f660e7115'
snapshot2, _ = user2.post(acer2, res=models.Snapshot) snapshot2, _ = user2.post(json_encode(acer2), res=models.Snapshot)
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']
post_request = {"transaction": "ccc", "name": "John", "endUsers": 1, post_request = {"transaction": "ccc", "name": "John", "endUsers": 1,
"devices": [device_id], "description": "aaa", "devices": [device_id], "description": "aaa",
@ -333,7 +335,7 @@ def test_live_two_users(user: UserClient, user2: UserClient, client: Client, app
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = file('live') acer = yaml2json('live')
live, _ = client.post(acer, res=models.Live) live, _ = client.post(acer, res=models.Live)
db_device = Device.query.filter_by(id=device_id).one() db_device = Device.query.filter_by(id=device_id).one()
action_live = [a for a in db_device.actions if a.type == 'Live'] action_live = [a for a in db_device.actions if a.type == 'Live']
@ -349,9 +351,9 @@ def test_live_two_allocated(user: UserClient, user2: UserClient, client: Client,
"""Tests inserting a Live into the database and GETting it.""" """Tests inserting a Live into the database and GETting it."""
acer = file('snapshotLive') acer = file('snapshotLive')
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(acer, res=models.Snapshot)
acer2 = file('snapshotLive') acer2 = yaml2json('snapshotLive')
acer2['uuid'] = '3b6a9288-0ba6-4bdd-862a-2b1f660e7115' acer2['uuid'] = '3b6a9288-0ba6-4bdd-862a-2b1f660e7115'
snapshot2, _ = user2.post(acer2, res=models.Snapshot) snapshot2, _ = user2.post(json_encode(acer2), res=models.Snapshot)
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']
device_id2 = snapshot2['device']['id'] device_id2 = snapshot2['device']['id']
post_request = {"transaction": "ccc", "name": "John", "endUsers": 1, post_request = {"transaction": "ccc", "name": "John", "endUsers": 1,
@ -370,7 +372,7 @@ def test_live_two_allocated(user: UserClient, user2: UserClient, client: Client,
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
user2.post(res=models.Allocate, data=post_request2) user2.post(res=models.Allocate, data=post_request2)
acer = file('live') acer = yaml2json('live')
live, _ = client.post(acer, res=models.Live, status=422) live, _ = client.post(acer, res=models.Live, status=422)
message = 'Expected only one Device but multiple where found' message = 'Expected only one Device but multiple where found'
assert live['message'] == message assert live['message'] == message
@ -396,6 +398,7 @@ def test_live_without_TestDataStorage(user: UserClient, client: Client, app: Dev
} }
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = yaml2json('acer.happy.battery.snapshot')
acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3" acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3"
actions = [a for a in acer['components'][7]['actions'] if a['type'] != 'TestDataStorage'] actions = [a for a in acer['components'][7]['actions'] if a['type'] != 'TestDataStorage']
acer['components'][7]['actions'] = actions acer['components'][7]['actions'] = actions
@ -429,6 +432,7 @@ def test_live_without_hdd_1(user: UserClient, client: Client, app: Devicehub):
} }
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = yaml2json('acer.happy.battery.snapshot')
acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3" acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3"
components = [a for a in acer['components'] if a['type'] != 'HardDrive'] components = [a for a in acer['components'] if a['type'] != 'HardDrive']
acer['components'] = components acer['components'] = components
@ -446,10 +450,10 @@ def test_live_without_hdd_2(user: UserClient, client: Client, app: Devicehub):
"""Tests inserting a Live into the database and GETting it. """Tests inserting a Live into the database and GETting it.
The snapshot haven't hdd and the live neither, and response 404 The snapshot haven't hdd and the live neither, and response 404
""" """
acer = file('acer.happy.battery.snapshot') acer = yaml2json('acer.happy.battery.snapshot')
components = [a for a in acer['components'] if a['type'] != 'HardDrive'] components = [a for a in acer['components'] if a['type'] != 'HardDrive']
acer['components'] = components acer['components'] = components
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(json_encode(acer), res=models.Snapshot)
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']
db_device = Device.query.filter_by(id=device_id).one() db_device = Device.query.filter_by(id=device_id).one()
post_request = {"transaction": "ccc", "name": "John", "endUsers": 1, post_request = {"transaction": "ccc", "name": "John", "endUsers": 1,
@ -476,7 +480,7 @@ def test_live_without_hdd_3(user: UserClient, client: Client, app: Devicehub):
The snapshot haven't hdd and the live have, and save the live The snapshot haven't hdd and the live have, and save the live
with usage_time_allocate == 0 with usage_time_allocate == 0
""" """
acer = file('acer.happy.battery.snapshot') acer = yaml2json('acer.happy.battery.snapshot')
acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3" acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3"
components = [a for a in acer['components'] if a['type'] != 'HardDrive'] components = [a for a in acer['components'] if a['type'] != 'HardDrive']
acer['components'] = components acer['components'] = components
@ -491,7 +495,7 @@ def test_live_without_hdd_3(user: UserClient, client: Client, app: Devicehub):
} }
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = file('acer.happy.battery.snapshot') acer = yaml2json('acer.happy.battery.snapshot')
acer.pop('elapsed') acer.pop('elapsed')
acer['licence_version'] = '1.0.0' acer['licence_version'] = '1.0.0'
live, _ = client.post(acer, res=models.Live) live, _ = client.post(acer, res=models.Live)
@ -524,7 +528,7 @@ def test_live_with_hdd_with_old_time(user: UserClient, client: Client, app: Devi
} }
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = file('acer.happy.battery.snapshot') acer = yaml2json('acer.happy.battery.snapshot')
acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3" acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3"
action = [a for a in acer['components'][7]['actions'] if a['type'] == 'TestDataStorage'] action = [a for a in acer['components'][7]['actions'] if a['type'] == 'TestDataStorage']
action[0]['lifetime'] -= 100 action[0]['lifetime'] -= 100
@ -557,6 +561,7 @@ def test_live_search_last_allocate(user: UserClient, client: Client, app: Device
} }
user.post(res=models.Allocate, data=post_request) user.post(res=models.Allocate, data=post_request)
acer = yaml2json('acer.happy.battery.snapshot')
acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3" acer['uuid'] = "490fb8c0-81a1-42e9-95e0-5e7db7038ec3"
hdd = [c for c in acer['components'] if c['type'] == 'HardDrive'][0] hdd = [c for c in acer['components'] if c['type'] == 'HardDrive'][0]
hdd_action = [a for a in hdd['actions'] if a['type'] == 'TestDataStorage'][0] hdd_action = [a for a in hdd['actions'] if a['type'] == 'TestDataStorage'][0]
@ -576,8 +581,8 @@ def test_live_search_last_allocate(user: UserClient, client: Client, app: Device
@pytest.mark.mvp @pytest.mark.mvp
def test_save_live_json(app: Devicehub, user: UserClient, client: Client): def test_save_live_json(app: Devicehub, user: UserClient, client: Client):
""" This test check if works the function save_snapshot_in_file """ """ This test check if works the function save_snapshot_in_file """
acer = file('acer.happy.battery.snapshot') acer = yaml2json('acer.happy.battery.snapshot')
snapshot, _ = user.post(acer, res=models.Snapshot) snapshot, _ = user.post(json_encode(acer), res=models.Snapshot)
debug = 'AAA' debug = 'AAA'
acer['debug'] = debug acer['debug'] = debug
device_id = snapshot['device']['id'] device_id = snapshot['device']['id']

View file

@ -847,4 +847,5 @@ def test_bug_141(user: UserClient):
with a big number in the parameter command_timeout of the DataStorage with a big number in the parameter command_timeout of the DataStorage
""" """
user.post(file('2021-5-4-13-41_time_out_test_datastorage'), res=Snapshot) dev = file('2021-5-4-13-41_time_out_test_datastorage')
user.post(dev, res=Snapshot)