Mercurial > p > roundup > code
annotate test/test_hypothesis.py @ 8218:32aaf5dc562b
fix(REST): issue2551383; improve errors for bad json, fix PUT docs
While adding fuzz testing for email addresses via REST
/rest/data/user/1/address, I had an error when setting the address to
the same value it currently had. Traced this to a bug in
userauditor.py. Fixed the bug. Documented in upgrading.txt.
While trying to track down issue, I realized invalid json was being
accepted without error. So I fixed the code that parses the json and
have it return an error. Also modified some tests that broke (used
invalid json, or passed body (e.g. DELETE) but shouldn't have. Add
tests for bad json to verify new code.
Fixed test that wasn't initializing the body_file in each loop, so the
test wasn't actually supplying a body.
Also realised PUT documentation was not correct. Output format isn't
quite like GET.
Fuss tests for email address also added.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 17 Dec 2024 19:42:46 -0500 |
| parents | 2c6d66819475 |
| children |
| rev | line source |
|---|---|
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
1 import unittest |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
2 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
3 import pytest |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
4 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
5 pytest.importorskip("hypothesis") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
6 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
7 # ruff: noqa: E402 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
8 from hypothesis import example, given, settings |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
9 from hypothesis.strategies import binary, none, one_of, sampled_from, text |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
10 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
11 from roundup.anypy.strings import b2s, s2b, s2u, u2s |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
12 # ruff: noqa: I001 - yes I know I am using \ to continue the line... |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
13 from roundup.password import PasswordValueError, encodePassword, \ |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
14 h64decode, h64encode |
|
7901
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
15 from roundup.password import crypt as crypt_method |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
16 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
17 def Identity(x): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
18 return x |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
19 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
20 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
21 _max_examples = 1000 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
22 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
23 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
24 class HypoTestStrings(unittest.TestCase): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
25 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
26 @given(text()) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
27 @settings(max_examples=_max_examples) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
28 def test_b2s(self, utf8_bytes): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
29 self.assertEqual(b2s(utf8_bytes.encode("utf-8")), utf8_bytes) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
30 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
31 @given(text()) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
32 @settings(max_examples=_max_examples) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
33 def test_s2b(self, s): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
34 self.assertTrue(isinstance(s2b(s), bytes)) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
35 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
36 @given(text()) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
37 @settings(max_examples=_max_examples) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
38 @example("\U0001F600 hi there") # smiley face emoji |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
39 def test_s2u_u2s_invertable(self, s): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
40 self.assertEqual(u2s(s2u(s)), s) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
41 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
42 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
43 class HypoTestPassword(unittest.TestCase): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
44 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
45 @given(binary()) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
46 @example(b"") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
47 @settings(max_examples=_max_examples) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
48 def test_h64encode_h64decode(self, s): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
49 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
50 self.assertEqual(h64decode(h64encode(s)), s) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
51 |
|
7902
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
52 crypt_modes = ["PBKDF2S5", "PBKDF2", "SSHA", "SHA", "MD5", |
|
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
53 "plaintext", "zot"] |
|
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
54 if crypt_method: |
|
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
55 crypt_modes.append("crypt") |
|
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
56 |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
57 @given(one_of(none(), text()), |
|
7902
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
58 sampled_from(crypt_modes)) |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
59 @example("asd\x00df", "crypt") |
|
7902
2c6d66819475
fix: missing crypt in python with hypothesis testing.
John Rouillard <rouilj@ieee.org>
parents:
7901
diff
changeset
|
60 @settings(max_examples=_max_examples) # deadline=None for debugging |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
61 def test_encodePassword(self, password, scheme): |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
62 |
|
7901
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
63 if scheme == "crypt" and password and "\x00" in password: |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
64 with self.assertRaises(ValueError) as e: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
65 encodePassword(password, scheme) |
|
7901
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
66 if crypt_method: |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
67 self.assertEqual(e.exception.args[0], |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
68 "embedded null character") |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
69 else: |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
70 self.assertEqual(e.exception.args[0], |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
71 "Unsupported encryption scheme 'crypt'") |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
72 elif scheme == "plaintext": |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
73 if password is not None: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
74 self.assertEqual(encodePassword(password, scheme), password) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
75 else: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
76 self.assertEqual(encodePassword(password, scheme), "") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
77 elif scheme == "zot": |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
78 with self.assertRaises(PasswordValueError) as e: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
79 encodePassword(password, scheme) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
80 self.assertEqual(e.exception.args[0], |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
81 "Unknown encryption scheme 'zot'") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
82 else: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
83 # it shouldn't throw anything. |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
84 pw = encodePassword(password, scheme) |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
85 |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
86 # verify format |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
87 if scheme in ["PBKDF2S5", "PBKDF2"]: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
88 # 1000$XbSsijELEQbZZb1LlD7CFuotF/8$DdtssSlm.e |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
89 self.assertRegex(pw, r"^\d{4,8}\$.{27}\$.*") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
90 elif scheme == "SSHA": |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
91 # vqDbjvs8rhrS1AJxHYEGGXQW3x7STAPgo7uCtnw4GYgU7FN5VYbZxccQYCC0eXOxSipLbtgBudH1vDRMNlG0uw== |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
92 self.assertRegex(pw, r"^[^=]*={0,3}$") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
93 elif scheme == "SHA": |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
94 # da39a3ee5e6b4b0d3255bfef95601890afd80709' |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
95 self.assertRegex(pw, r"^[a-z0-9]{40}$") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
96 elif scheme == "MD5": |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
97 # d41d8cd98f00b204e9800998ecf8427e' |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
98 self.assertRegex(pw, r"^[a-z0-9]{32}$") |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
99 elif scheme == "crypt": |
|
7901
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
100 # crypt_method is None if crypt is unknown |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
101 if crypt_method: |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
102 # WqzFDzhi8MmoU |
|
9ff94a2e8c82
test: update to handle crypt not available
John Rouillard <rouilj@ieee.org>
parents:
7840
diff
changeset
|
103 self.assertRegex(pw, r"^[A-Za-z0-9./]{13}$") |
|
7827
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
104 else: |
|
604da0650797
test: add basic tests using hypothesis
John Rouillard <rouilj@ieee.org>
parents:
diff
changeset
|
105 self.assertFalse("Unknown scheme: %s, val: %s" % (scheme, pw)) |