Changeset - 9996f5fcde31
[Not reviewed]
0 1 1
Branko Majic (branko) - 11 years ago 2013-06-30 17:23:48
Added tests for utility functions. Optimised some view tests. Added tests for entity view, entity iptables view, and project iptables view.
2 files changed with 292 insertions and 3 deletions:
0 comments (0 inline, 0 general)
Show inline comments
new file 100644
# Django imports.
from django.test import TestCase

# Application imports.
from conntrackt.models import Entity
from conntrackt import utils


class GenerateEntityIptablesTest(TestCase):

    fixtures = ['test-data.json']

    def test_generated_iptables(self):
        Tests if the entity's iptables are generated properly or not.

        entity = Entity.objects.get(pk=1)
        generated = utils.generate_entity_iptables(entity)

        expected = """*filter
# Accept all incoming related traffic.

# Accept all incoming traffic on loopback interface.
-A INPUT -i lo -j ACCEPT

# MySQL.
-A INPUT -s -d -p tcp -m tcp --dport 3306 -j ACCEPT

# Ping.
-A INPUT -s -d -p icmp -m icmp --icmp-type 8 -j ACCEPT

# SSH.
-A INPUT -s -d -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s -d -p tcp -m tcp --dport 22 -j ACCEPT

        self.assertEqual(generated, expected)

Show inline comments
# Standard library imports.
from StringIO import StringIO
from zipfile import ZipFile, ZIP_DEFLATED

# Django imports.
from django.core.urlresolvers import reverse
from django.test import TestCase
from django.test.client import Client
from django.contrib.auth.models import User, Permission

@@ -35,13 +39,12 @@ class IndexViewTest(ViewTest):

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("index"))

        self.assertEqual(response.status_code, 403)
        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
@@ -59,13 +62,12 @@ class IndexViewTest(ViewTest):


        self.client.login(username="fullperms", password="fullperms")
        response = self.client.get(reverse("index"))

        self.assertEqual(response.status_code, 200)
        self.assertContains(response, "Currently there are no projects defined in the database. Use the administration pages in order to add a new project.")

    def test_projects_available(self):
        Tests if projects are shown or not.
@@ -87,13 +89,12 @@ class ProjectViewTest(ViewTest):

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project", args=(1,)))

        self.assertEqual(response.status_code, 403)
        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.
@@ -125,6 +126,244 @@ class ProjectViewTest(ViewTest):

        self.assertEqual(str(response.context["project"]), "Test Project 1")
        self.assertContains(response, "Test Project 1")
        self.assertContains(response, "Test Location 1")
        self.assertContains(response, "Test Location 2")


class EntityView(ViewTest):
    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_entity_show(self):
        Tests if the entity information is shown properly.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity", args=(1,)))

        self.assertEqual(str(response.context["entity"]), "Test Entity 1 (Test Project 1 - Test Location 1)")
        self.assertContains(response, "Test Entity 1")
        self.assertContains(response, ":INPUT")
        self.assertContains(response, ":OUTPUT")
        self.assertContains(response, ":FORWARD")


class EntityIptablesTest(ViewTest):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_no_entity(self):
        Tests if a 404 is returned if no entity was found (invalid ID).

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(200,)))

        self.assertEqual(response.status_code, 404)

    def test_content_type(self):
        Test if correct content type is being returned by the response.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertEqual(response['Content-Type'], "text/plain")

    def test_content_disposition(self):
        Test if the correct content disposition has been set.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertEqual(response['Content-Disposition'], "attachment; filename=test_entity_1-iptables.conf")

    def test_entity_iptables_show(self):
        Test if the entity's iptables are being show or not.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("entity_iptables", args=(1,)))

        self.assertContains(response, ":INPUT")
        self.assertContains(response, ":OUTPUT")
        self.assertContains(response, ":FORWARD")

class ProjectIptablesTest(ViewTest):

    def test_permission_denied(self):
        Tests if permission will be denied for client without sufficient privileges.

        self.client.login(username="noperms", password="noperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))

        self.assertContains(response, "You have insufficient privileges to access this resource. Please contact your local system administrator if you believe you should have been granted access.", status_code=403)

    def test_permission_granted(self):
        Tests if permission will be granted for user with correct privileges.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))

        self.assertEqual(response.status_code, 200)

    def test_invalid_project(self):
        Tests if a 404 is returned if invalid project is specified.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(200,)))
        self.assertEqual(response.status_code, 404)

        response = self.client.get(reverse("project_location_iptables", args=(200,1)))
        self.assertEqual(response.status_code, 404)


    def test_invalid_location(self):
        Tests if a 404 is returned if invalid location is specified.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_location_iptables", args=(1,200)))
        self.assertEqual(response.status_code, 404)

    def test_content_type(self):
        Test if correct content type is being returned by the response.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))

        self.assertEqual(response['Content-Type'], "application/zip")

    def test_content_disposition(self):
        Test if the correct content disposition has been set.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))
        self.assertEqual(response['Content-Disposition'], 'attachment; filename=""')

        response = self.client.get(reverse("project_location_iptables", args=(1,1)))
        self.assertEqual(response['Content-Disposition'], 'attachment; filename=""')

    def test_project_entities_show(self):
        Test if the project's iptables are being shown or not.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_iptables", args=(1,)))

        buff = StringIO(response.content)

        zipped_iptables = ZipFile(buff, "r", ZIP_DEFLATED)
        expected_zip_files = ["test_entity_1-iptables.conf",
                              "test_subnet-iptables.conf" ]

        self.assertEqual(len(zipped_iptables.namelist()), 4)
        self.assertEqual(zipped_iptables.namelist(), expected_zip_files)

        for filename in expected_zip_files:
            iptables_file =
            self.assertIn(":INPUT", iptables_file)
            self.assertIn(":OUTPUT", iptables_file)
            self.assertIn(":FORWARD", iptables_file)


    def test_project_location_entities_show(self):
        Test if the project location's iptables are being shown or not.

        self.client.login(username="fullperms", password="fullperms")

        response = self.client.get(reverse("project_location_iptables", args=(1,1)))

        buff = StringIO(response.content)

        zipped_iptables = ZipFile(buff, "r", ZIP_DEFLATED)
        expected_zip_files = ["test_entity_1-iptables.conf",

        self.assertEqual(len(zipped_iptables.namelist()), 2)
        self.assertEqual(zipped_iptables.namelist(), expected_zip_files)

        for filename in expected_zip_files:
            iptables_file =
            self.assertIn(":INPUT", iptables_file)
            self.assertIn(":OUTPUT", iptables_file)
            self.assertIn(":FORWARD", iptables_file)


0 comments (0 inline, 0 general)